last executing test programs:

5.174142542s ago: executing program 2 (id=4542):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
sendmsg$nl_crypto(r5, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000940)=@delrng={0x10, 0x14, 0x1, 0x70bd25, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x4040000}, 0x4004010)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)=@newtclass={0x3c, 0x28, 0x100, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x6, 0xc}, {0x6, 0x2}, {0xc, 0x3}}, [@TCA_RATE={0x6, 0x5, {0x8, 0xf1}}, @TCA_RATE={0x6, 0x5, {0x1b, 0x4}}, @tclass_kind_options=@c_mq={0x7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000), 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = openat$cgroup_ro(r6, &(0x7f00000002c0)='freezer.self_freezing\x00', 0x0, 0x0)
preadv(r9, &(0x7f00000000c0)=[{&(0x7f0000000300)=""/144, 0x90}], 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x20000000, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x3, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8)
close(r0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x1, 0x0, 0x0, 0x4, 0x0, 0x4}]}}, 0x0, 0x26, 0x0, 0x1, 0x7}, 0x28)
r10 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r10, &(0x7f0000000040)={0xa, 0x4e22, 0xb8, @dev={0xfe, 0x80, '\x00', 0x42}, 0x7fffffff}, 0x1c)

4.904573428s ago: executing program 2 (id=4546):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) (async)
r1 = accept4(r0, 0x0, 0x0, 0x0)
accept$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000100)=0x6e) (async)
sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x890}, 0x0) (async, rerun: 64)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000680)=""/234, 0xea}], 0x1}, 0x101}], 0x1, 0x60, 0x0) (rerun: 64)

4.850407125s ago: executing program 2 (id=4547):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'wg0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r2, @ANYBLOB="0a0001000000648a63ff"], 0x48}}, 0x0)

4.700592419s ago: executing program 2 (id=4550):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000480)={r2}, &(0x7f00000004c0)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={r2, 0xffff}, 0x8)
close(0x3)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000180)=[@in={0x2, 0x4e24, @private=0xa010101}, @in6={0xa, 0x4e24, 0x34, @dev={0xfe, 0x80, '\x00', 0x29}, 0x1}, @in={0x2, 0x4e20, @multicast1}, @in6={0xa, 0x4e24, 0x2, @mcast2, 0x8}, @in={0x2, 0x4e21, @local}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xe}}, @in={0x2, 0x4e24, @loopback}], 0x88)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0x35f, @private1, 0xfffffffe}], 0x1c)
setsockopt(r4, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x1c, &(0x7f0000000140)=[@in6={0xa, 0x4e20, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000080)={r5, 0x2}, &(0x7f0000000100)=0x8)

3.783733295s ago: executing program 2 (id=4572):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x1000001, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x102, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
close(0x4) (async)
close(0x4)
unshare(0x6a040000)
socket(0x8, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000240)="eb7e976aa6f4bbb5", 0x8}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x1) (async)
r2 = socket$netlink(0x10, 0x3, 0x1)
socket$inet6_icmp(0xa, 0x2, 0x3a) (async)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
getsockopt$inet6_mreq(r3, 0x29, 0x31, 0x0, &(0x7f0000002280)) (async)
getsockopt$inet6_mreq(r3, 0x29, 0x31, 0x0, &(0x7f0000002280))
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

3.055421754s ago: executing program 3 (id=4581):
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close(0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2, r2, 0x1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000002010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x20044004)

3.054903288s ago: executing program 0 (id=4582):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000380)={'ip6gre0\x00', &(0x7f0000000400)={'syztnl2\x00', <r1=>0x0, 0x2d, 0x5, 0x5, 0xfffffff8, 0x19, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote, 0x8078, 0x20, 0x800, 0xfffffff7}})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=@newtclass={0x40, 0x28, 0x2, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xfff1, 0xffe3}, {0x9, 0xe}, {0x5, 0x1}}, [@tclass_kind_options=@c_cake={0x9}, @TCA_RATE={0x6, 0x5, {0x5, 0x1}}, @TCA_RATE={0x6, 0x5, {0x1, 0x8}}]}, 0x40}}, 0x0)
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f00000001c0)={'virt_wifi0\x00', 0x8})
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_LOOPBACK(r2, 0x65, 0x3, 0x0, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000500))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000b40), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)=ANY=[@ANYBLOB="14040000", @ANYRES16=r4, @ANYBLOB="0100000000000000000004000000"], 0x14}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newtaction={0x4c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x38, 0x1, [@m_tunnel_key={0x34, 0x1, 0x0, 0x0, {{0xf}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x4c}}, 0x8000)
r6 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMGETDEVINFO(r6, 0x80044944, &(0x7f0000000180)={0x2})
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000001e80)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f00000005c0)="4b3a23d943f5e2800122245096ac0acbe1b78712732756069c0b2264598de142a4f76d6c924481b1659665b4f1d178b7e6622037cc947a2ec0ab20877e71254216e1fe6db4fe5d42432b2650bd0e38af9dc8f1d535ea26f30cafb06f44fcde3cc50922fc518599dc1413327c90b0fde3aeb88eeea7eac3be1af81c94af22b7fe76aeed4aa288b674f046b8c12be1cf0e5da19768351c1a912100faf3876d7f526bd9286a2c40885b28e6b00f1f0108ee84607130fbdfe2873a251b9a3a6d75ea43194b20d2579bf90da97c6a5ae690d6add627282f5ccc01000000403e5af320467cc64cccf720ef5310bb68df0a9c7866dbb8029f24966aa8d9c93bef12b699d2a4b6587a926e979361cf1aa25305bbcc7baeba49b7e8cdb6e726b9ceb016a81c0f60f1e190a44af03eef4e622d94ee4c21e526354d6d060aa74d66ea3164c521aa3af78960ffe95b606f011d89dbc1764298320bbe6c792de80fd62db97345aecaee7ddc324ccd7d11ca00b0779d9f9158735cd902002a630e8ff7bceb478a0ee7ff0066cc5cf8b1f63d3b77597abf6bfe80604115d8e3", 0x198)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$alg(r8, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x800}, 0x4000010)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_tcp_buf(r9, 0x6, 0x1a, 0x0, &(0x7f0000000180))
recvfrom$inet(r8, &(0x7f0000000000)=""/8, 0xfffffffffffffd21, 0x100ca, 0x0, 0xfffffffffffffd25)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000b80)=ANY=[@ANYBLOB="9feb01005ffc000000000000ff07000000000000020000000000"], 0x0, 0xfc5f}, 0x20)
r10 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
getsockopt$bt_BT_POWER(r10, 0x112, 0x9, &(0x7f0000000480)=0x6, &(0x7f00000004c0)=0x1)
sendmmsg(r0, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000100)="26b7f77d1d6f78c261d431ec8031", 0xe}, {&(0x7f0000000800)="43df54268845bc25b69d785eb7a26b72cadf69e40d222c2867e46124322fb7d77a170a95553a", 0x26}, {&(0x7f0000000900)="230bfc23e6219e3f82c16049e8b72873266dc6baca27a63b7d8a16c59eadddff1e60f68cc689502ac19bfed24af65e2f4f334ebd02f35c829b68a4947975efff0833b0c8e730d0d1cfc3b357570678c5f70be382309ca5cab7855f63061ba2d3188798", 0x63}, {&(0x7f00000008c0)="95e4159ffde5b4a069d09d70a3917d2841ec6bf17ece90c94596e93f05c4dd979e8b05fd90fc65130d0dc688e0f8e6ff2e8dc0c71d8ff64e", 0x38}, {&(0x7f0000001f00)="fa35287376890679af422dde445e72ee1d2de9d1437696a2163126291cb171095b64f50d15ad42ee6a84349628402d35d01a0dfc4a8b02d1434a9b8142c3124cce8b1289ad8c0045df7e8997d5b4e1a2e5036c9ea16cd8963c6295036068a0c05f209030b0171990efed1630c3c9bf12e5240e6beea1579d1bdd0e78405864f674f83e531f60109d47b5dacdc09b34a7d78bb31246c7325759cde543f0afdd84720564fd14d54afd", 0xa8}, {&(0x7f00000009c0)="33ea118e7bd9aef83ea3c551a9bc8484cfbb0ee483c451abb63b1e50", 0x1c}], 0x6, &(0x7f0000002080)=[{0x38, 0x115, 0x40, "d848eedc49d57a96b68e84c5c1c6d694a2b91b0e276785f9000674cc42744aea9cf28f5d7684d6"}, {0x110, 0x29, 0x2, "ea84a8a2c7208ece535dcab82486e77faae4d274ff1b81fffbdd474f6ff133b95b26ee5e776c0cb3b1b788bc175b78c10533e87188d43eb36611a7b94aa87badd671fba95d13be295828201c765bd8cf3b6817758120926c49aeb40cebabe3832061050f4557dfe8433f299d0a67e01623979d0681304026947117811c918d98d5bb8b56d1da15895077a6326e7a623f65c3d0fb97f27739ad068e2d1f8410a69c3b67f0126c57943ea8a5341bd58fec5493b5bb95cc4d349a78fc951adce248130a066c3bf82e3552497e1bd35c769cdb14ba8794046b1ef54a47d093fa15e97447c1263f34a9e5e9dd42c8b42358300b5daf879c57840133b73c"}, {0x120, 0x10a, 0x81, "f2696c5755f8ca15938049e8aebe6af3a655ec01acf1b96bfd1ea7c9871568ec1e6f9e6ec477b1dd9faad9f57e28bc03f5f2b67b6554b6e67dbe952f4d8496e2043c460a8eb879353b74f300f2f86e0966238d5194930061517f7e96f6b9df93818a7698854f6242859a51882f2bf6c8e943a73437b3b7a9ce81a7cb332ec25e76f6af7e14cca7935edc20560c9994ec6158dc8a30dffb7aa81fe44da0033e63f247b1a7bc38f8a048184c7442cc0b136c2572cc049c79b6f9bd9fb68131b140deb15f3b2180a2c48a8cf1a96b5bc5298913b79d49a2eb43e95038043333604f6c560170b4cbda3f8c4b5dd36f987e36675d896026e78049805f536c0996fb57e59f6c8735d4e3a52b"}, {0xe0, 0x10d, 0x7, "8b5da7e2fed16b507b0c17f35f38d5e533ee1fdc42a9e57f5f8c601abe866783bb348063f1187ead945c25a94b88d23b336d14e390ef88482f3912f580fd59165a2c6d42412c0517ef112d58ee413fdd8a6d558f8c79e371aee500dae1b07b563796c576e42bb66f8be11fb6ba170d90161b13896a300e1abeff47615ff5aa981892b3ecfbf19f01ab1e7ba3355f359b0c5496bab9015c0421bc0a6abef9f0af3e53d90d1b0cb4247ff56ad961a32fd9947420c01d96c812863c5cc4ed45761b7b7f0c3551f296113ade8e5fd1c607"}, {0x48, 0x117, 0x8, "a979a0cb644c922b79ae02691854086d75c4889e68c9bc47556acfd8cab32057bd458a79f9018bb8cab6113659cf8863b81ec8d2bd5ed9b2"}, {0x30, 0x116, 0x1000, "fd433cc54911b779492a15bf8521d1313fa3f91153093bee47e959c21d"}, {0x98, 0x111, 0x2, "7bbf69e61884ae1cdd2700c8a9aa313f716e8450d6fd235d146c76c2e945470fafbfe28078d777ca58397faad07d5067ae9ec0346935d6ea6a07b3f62843f1c51385ddf591a82f88a4ae0106fbae2231d3ab900859e5fd1458f33c5ff36a409eb38823efc1a7726b35ccf8b37ff3d089b1c1725ed730b69bfaee27f569a8cc5533062d9248c59a"}, {0x70, 0x88, 0xa, "4e2ccd953db85423c677a108d9bc9f2e9c301c31b80378a9384332b79debea71b10b922d2142f282ca5ed0cac22229bee0d2dc0d8c01ec0a4934a82d13ae1be4439461570dc11b37a9cf91173a0c8b19a6f78b54b0fbe694ca"}], 0x4c8}}, {{&(0x7f0000000a80)=@ll={0x11, 0x17, r1, 0x1, 0x2, 0x6, @remote}, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001100)="b6251b5dd350da87978bb17da83bcee3c77a1581ba7d8578b00fd20890038c5205922ac66f3c1ffc3eff3efb858cbae39be8fcfefb0bc36a80f107111ed71b968718cc3af54c98d2768f0246e2d01c444827b33921e5d8e8f69a25db9ec649cbeb6d4db24c9988fdd17222c9a3cc926f97aaaa401593e02819ee3e47b21501b05f9ab7e614334e8ff23e6f334fc33a6599a5", 0x92}, {&(0x7f00000011c0)="1e7afd838c0330490ceadd7f78fd0cfa78a9985b2a0de1f75651b75450e6dc1de0554b13aec206b5b71343e8f499dd495e8682ce1853280780f8409b263f3e4e8da943145a69cd90ddb9e3328090b372b605ba725bd8e6dc74949734d1d7b6e56238be1b39190253a0f73f08f4451b383b8aafef83290c16bc7d58c910f4a3c08c6ea25a54ea8a2fb7b8d7cbd691d7b21dcddc95ad520fceda1543cc4fbd4086f55ef12e7ea2370cd996f6d1e3d255c018b8", 0xb2}, {&(0x7f0000000280)="064f35af8f31fcd2c7b71f1027e90952f2e62b9bc122d59fcb96294fa10b028d865e677785f0f7cc55002127ee909bde67fdbcbabdde0eb46809f231ba630b1c77d6e704328af76a95ae5e163fd5ed10ef37958877a95ed69a33d4fc3a88ad8d9f2700c621f4b4e8437dc8147acbdfe6fc1c4c6b2aa4b54c11798e5d660a5c2dd6a2fe2f239839050703aee4d598c6452f26cd64bfd8d1144487342390b42bb85cd2f343461b3ba4c772f6cb2cc705e31fb40026981375ac5247ccaf4ab98fd15e1972920d770aca1e1ceb4606e88acb2c69a9b97d82", 0xd6}, {&(0x7f0000001c00)="27880bc177779225af16cd0856b1cf81dfe935e035204e91971046e7bccfb7f39a74391d998756a322725febfcbc281424fe2757e1597722483a626f76265133aad602570735829f985bba0ffd46f7ac6fb7c0eaf63b9d7a50764b2bd5e10596ac5a316886cac114387a6fcbeb135d0ec0cfd65dd6cb8c567b4c863db43b35079a9cb7151eb0130da3f53638df787ff3c52ec7b97b9e8e27567e661f5905acdb2c5da76eb02c1b667177501a072c9b63e876d92fe9957b32c2579ec6d5805ca50b9a1a46faba47750bb3f28f5a126a67e6c490bd09a90f1a4b35457cecf0", 0xde}, {&(0x7f0000001d00)="77cb8f3f8416ced594583863bcade2149ba211f09f0a963d6636d6aaedd2eb9f0aec7e9021f8afa4644a2ce15e146106e7ea468caa64cfd6c84c494aa79d7379785a10b5c9b4614776e45e1bfafafc7a905f023300b15cefd3d4e2e57be984af163ee0435d6dc78b4106be51a35bc36015aff8a87339f6eb5f026ec2bb7faf280a71520704b48b0feb6763f7db0a906a289a587c843b0c45dd672eb8ad95003fa9126fbdadd1dc8c2bdcb83a8702ec26aac3a11f70a3fa393eb7590d7e44151d15cfd3bc0825ec8fce045716265bacfd534b38098e9418232b342e29bb9418bbcf91a2046f5d511ac68928bd40160b0422daf0340aa97e0b942b9bed31", 0xfd}, {&(0x7f0000000040)="e2fe186b9649371b12573a31d533de7912f2976e2580321b40befdedb0ce26707202ad6e1e75ad956d8acf10b0f5d69984e08545d5511f7d092323fd", 0x3c}], 0x6}}, {{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000001280)="a9f34a139f48fa5e33b15624ace06de399c5ee7a6624a7a536aee61af83a4715893210337dfd722f1901d5483c7a02227762ece81158ded6c7495ef0d9a84e650b2af4515fca6cf128e03822c614e151ca3513bcd773864326d3e381a05c24866cde48c017b1941d686b3fcd9543adf00ad1ab24d9979d8f3f2c7bc94abcf4ddad7debb44acce377f1cf47694f83af80", 0x90}, {&(0x7f0000000b40)="752e3f3da8dbd611aa982121b3a330843a594c53a15336d6a314dc5f86add8c9ec6fc3a156134351485a5cf5d56a5510d2b76844f61b5d8bfd102af92006b100", 0x40}, {&(0x7f0000000c40)="bfa5cf0204b162aba667608868e3109e63e1c4c468ea5e4df563a5cec679c7aab4bc712e41748aedc4b481aa61dd6c7c0ac088ccc4509ae58f43893c5cda1bf62f3abc719f23601866707298d4e6cb3c08a2541b3bc6613f04fc21a12d1ee6bdb923893e7b678f213bf9ec3a922b58001343c207bd06124ae8e60c63a241483a6601f78069fc9342c08b541604c39e6f3a68a8e4fd96125dc6f5f8595f2c1d6e095c3f236e51574c", 0xa8}, {&(0x7f0000001400)="9639103f5fa17b5564ef2b7eb8581bba11fcd2f68d0c17a39b5eff3106e30db79c9f47e9e5b852df50e05db7a55f6215dbe22e0c9123a9824753c5fd39af60e4840b32b03d0128b0c98ca3f6a226f2134e10140818524aa9af00c6cb79ea76df2617", 0x62}, {&(0x7f0000001fc0)="a1d84035713068e9e35d6d7ff2885f4a9308f997835468853720416b025a0655c6fabc30ac0ced7b8d685b77dd8dbcbc12b5cee7fc8c25947ec6b2487297984eec700c0a31fe0677401f2692d20cd3139237d0dcae3e6e09b49410c8f163531752de8bbaacc32902cbd6a1103b55f34eb5a0052ab3ccde00c60e59837562daf9d9381cbc07072ebcd102cba2cd9393f6", 0x90}], 0x5, &(0x7f0000001580)=ANY=[@ANYBLOB="60000000000000009841721505000000509c9eb3d8f61d3ea7251c02fc4622bab188295c47a6e20985b249b51ac31c1ad58b7ec2858cc4ea9c9e8f0e12376644a354aca1628ac993e593631ff0821adc995c87a14c8a8dad43c5f20000000000980000000000000006000000020000005e766d074f28123f06d3cb7df1111ff8742953d723848b89e00271ff689aebdae4c033db712d68797c3d82e8260248671ce3231ef03cd043edc186040794769378b89ac053c663d598ca9ea016067f721a0c3efb8df68fa1a62c90cfce6145ea24a89e5cdb341d30c16f63c4c60f61d1032031ccd6c3b86cb3f811cce56c000000000000b00000000000000009010000050000004a4fe293b0c9d6ce097bf281d239396c5b7b75476e3f790333729ef35ebe550921deada52d303c53c6c5ce619010cca65f3ca5bb6ed98cb45f8c38a2fdd5a7ab8a75ae1754a1599915f2226570351152e0028989e58ccabc76cccb5aef8278bc3c669e84b6cd77bebc027c4aece2c95f716343eacb840c13c781796e7cb07b88237cbe6921ac364fa2f9933c42000000a00000000000000002010000feffffff6746db132f37715bdefe3d8af173e5d43b3ed80138a3397bcd9da7a2f375c57e9ca777ef65aabe7d82f18067e7dc2ac06ba01069d9bdae384f395215b50ae75d57fe41603f50e1fe708c748f9c05c8a54723df25d3cc75cc4b5b76951805e032bfb167e872745a98840064750ccac3a7ff3a53b36f2e204850e3c17dde52000000c8000000000000000a01000001000100140a8cb7fafe2133263e8114946ef698fa82b94853a7d0d93418b5387c0925e417d3653724fbd4700bdc944c53d590f01ae91a049765fb1893c3501679830b3a900a7418c02ee803812537fc750c25a618454c6f7ecec12e8a9d9444082e3e0eb040a906c03c4462da5fd7e096410f1d7d01033cb7e2187dea60b8ad8bbe12a8698bebceb766acea84333a619b815afd2c1415aa439ed7bea27b426d57bbdd76f71ad33e0b61b5494ba3816842589a1233fa86f1273850d600"/780], 0x310}}, {{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f00000018c0)="63e7978ebcf6b8e8ebc3375fb068c18dfbd052f0ec29e4b5922de5bf62778652d39256290e8b20ed70ba3f5d77141b862854cfc5baf7ef6c455c1588d09fef90ab14a9d1deaf55594f84b6f2d9b2f316de559e8040b9aba28141aefd1bc3a631b8457b8e32831f22b04ccbb6eaee71e965a15a5f42a5b1272e460ffe3a52a25cf76e9ec0164b41ea2cc0e7f454", 0x8d}, {&(0x7f0000001980)="e247df4b784da5748e743c23220da421969a55309aedc917e3b350f00eca56", 0x1f}, {&(0x7f00000019c0)="983a2635d17db3112d354f5a58527d76bb02b8d0b4769e3982b03d9c04ed58ffdeda26fdb3bea1af67cf201d2afaf2bd4016e099b65765593711f7f3e9dfdf5a", 0x40}, {&(0x7f0000001a00)="80755b03aedd87e516d7fd4bd2828b1e05ebb4a096b2e823a003976c612421802fdb8c242a9b399853a23c5b9978f5e462ee635239a5d5250d3604d4", 0x3c}], 0x4, &(0x7f0000001a80)}}], 0x4, 0x48800)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r8, 0x28, 0x6, &(0x7f0000000780)={0x77359400}, 0x10)
socket$inet_icmp(0x2, 0x2, 0x1)

3.051317444s ago: executing program 0 (id=4584):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x0, 0x0, [{{r0}, 0x4}, {{r1}, 0x129}]})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r4, @ANYBLOB="0000000a010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, r5, 0x3, 0x71061}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_PREFIXLEN={0x6, 0xd, 0x800}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @private=0xa010102}]}}}]}, 0x40}}, 0x24008044)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_KEY={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000)

2.965969149s ago: executing program 1 (id=4585):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000fc07ffff00000000000000008500000041000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f00000002c0)="ae24a21f9a824666f9acf0e0163f", 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x3}, 0x50)
setsockopt$sock_int(r0, 0x1, 0x26, &(0x7f00000004c0), 0x4)
r4 = socket$rds(0x15, 0x5, 0x0)
getsockopt$IP_VS_SO_GET_INFO(r4, 0x0, 0x481, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
read(r6, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000000)={@in={{0x2, 0x4e20, @rand_addr=0x64010100}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f00000001c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "aeb81d8ee3a82d67eea9e5bdf2247481041a5b9cddbc936efc471c56ae3d5f6945d296a285858a891a3b4e7bff572ef69992da867f406182d70f47773434b8349435f2ad628d62a3b45bb98872fb1900"}, 0xd8)
sendmmsg$inet6(r5, &(0x7f0000000040)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x7fe}, 0x1c, 0x0}}], 0x1, 0x20048000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x80}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)

2.864232914s ago: executing program 0 (id=4587):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b4307000001", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xfffffffe, @local}, @echo_reply={0xe0, 0x0, 0x0, 0xfffd}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f900ffff0000000004000000850000003600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x38, r2, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x40040)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x84000000, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x1, 0x1}}}}}}]}, 0x48}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_queued\x00', 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b4307000001", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xfffffffe, @local}, @echo_reply={0xe0, 0x0, 0x0, 0xfffd}}}}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f900ffff0000000004000000850000003600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$fou(&(0x7f00000002c0), 0xffffffffffffffff) (async)
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x38, r2, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x40040) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x84000000, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x1, 0x1}}}}}}]}, 0x48}}, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_queued\x00', 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)

2.855994463s ago: executing program 1 (id=4588):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x20, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x90)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r2, 0x0, 0x4000000)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, r2)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r2, 0x0, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), r0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000006c0), r3)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40084}, 0x0)

2.78785186s ago: executing program 3 (id=4589):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000003c0)={"4be60690322cd8e959862acab8e2ab8d", <r1=>0x0, 0x0, {0x0, 0x2}, {0x23, 0x77}, 0x7, [0x3, 0x5, 0x8, 0x2, 0xe, 0x9, 0xffff, 0x5, 0x18, 0x1, 0x401, 0x11a9506c, 0x3, 0x0, 0x8, 0x7]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000640)={"d9ba05562a248ca1da87afa6d6e6e181", r1, 0x0, {0xffff, 0xb}, {0x6, 0xfffffffd}, 0xff, [0x4, 0x2f40, 0x8, 0x9bb6, 0x0, 0x4cc, 0x4, 0x2, 0x10001, 0x6, 0x1, 0x4, 0x6, 0x4fd, 0x4, 0x700]}) (async)
r2 = socket(0x2b, 0x80002, 0x0) (async)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) (async)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
ioctl$sock_FIOSETOWN(r5, 0x8901, &(0x7f0000000040)) (async)
ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f00000000c0)) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfffa, 0x2}, {}, {0xffe0, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x6}]}}]}, 0x44}}, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', <r6=>0x0, 0x29, 0x8, 0xd4, 0x9, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, 0x7800, 0x8, 0xfffffff2, 0xffff7fea}})
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000180)={'team0\x00', <r7=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=@RTM_DELMDB={0xb8, 0x55, 0x200, 0x70bd25, 0x25dfdbfe, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x1, 0x2, 0x0, {@ip4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x0, 0x3, 0x2, {@ip4=@empty, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x0, 0x2, 0x2, {@in6_addr=@empty, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x1, 0x4, {@in6_addr=@private2={0xfc, 0x2, '\x00', 0x1}, 0x1000}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x3, 0x0, {@in6_addr=@dev={0xfe, 0x80, '\x00', 0x4}}}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20008080}, 0x40040) (async)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c0000001800010280000000fcdbdf250a148000ff01fd07"], 0x1c}}, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f00000002c0)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58) (async, rerun: 32)
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) (async, rerun: 32)
r10 = accept4(r9, 0x0, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r10, 0x0, 0x44004) (async)
sendmsg$IPSET_CMD_HEADER(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x40, 0xc, 0x6, 0x600, 0x0, 0x0, {0x3, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x8004}, 0x20044800) (async, rerun: 32)
sendmmsg$alg(r2, &(0x7f00000000c0), 0x492492492492627, 0x0) (rerun: 32)

2.723689969s ago: executing program 4 (id=4590):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xe315}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8014}, 0x0) (async)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), r0)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x40, r1, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@L2TP_ATTR_DATA_SEQ={0x5}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0xffffffffffffffff}]}, 0x40}, 0x1, 0x0, 0x0, 0x20048040}, 0x8000)

2.66866757s ago: executing program 1 (id=4591):
getpeername$llc(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90) (async)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) (async)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@multicast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0xfffd, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0x1, 0x9}}}}}}, 0x0) (async)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x8ae3, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x4]}}, 0x5c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.665091499s ago: executing program 3 (id=4592):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 64)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000800), 0x8) (rerun: 64)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000840)={0x0, 0x25, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="c000000000010104000000000000000002000000080007d5b3541b4e65f54000000000240002800c00028005000100000000001400018008000100ac1414bb080002007f000001240001801400018008000100e000000208000200ac1414000c00028005000100000000005c00068008000100ff"], 0xc0}, 0x1, 0x0, 0x0, 0x10}, 0x80) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x110}, 0x1, 0x0, 0x0, 0x24000054}, 0xc800) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003900000008000300407c736824e795dac5583e8337715955f51b29a59360ab26de3070d7638e964a90a528cf5a3a6adfd8b885f3f98e9357a8b380f9747a19f297901889122b93ab44caa7e3a5789124d557cfa50ed98eb502350be518d273f1c64f2d718e2b2f4b22274d1fac64649e097d3385a2ebbe456b1c8c92c4a8f73694f55ee80ba40ae2d07f22b70af58728c26073aa6018ae30952185518528bb6185c73383045a60b8907fb7d4383a950b3b54d8a5c0c61b5256fde1357fbd8b2e8730263c3aa9fcc0d9f7ca0b7aed2e5a7f0d7dcff43afa047ab043a9574b9c0023b703bfb171e9c612df84f31d12d329a758f31cc5636dd74249b414202f03f94f3837b64b9a85cab0ef4d14bb3e20f3321683b8471be7230a0c28773c75368963786d6752dec18c922a62244806377da8cbd9edcde4b22327df805a5ab6972500f5fd3f617e135f4a8ab2fde94940158d76056fb6310df461efeaa2677b74afe50cb4fedbbd4bf7377c10844687ab7f184595c787a37fb1a06a34d7a53a", @ANYRES32=r5, @ANYBLOB="10005a800c0001800500060000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x20008840)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000100)={'syztnl1\x00', <r7=>0x0, 0x29, 0x7, 0xa1, 0x1ff, 0x4, @remote, @empty, 0x718, 0x10, 0x9, 0xac}})
getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) (async, rerun: 32)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000240)=<r9=>0x0, &(0x7f0000000280)=0x4) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r10=>0x0}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000300)={'gretap0\x00', &(0x7f00000003c0)={'gre0\x00', <r11=>0x0, 0x700, 0x7, 0x40, 0x3, {{0x21, 0x4, 0x2, 0x14, 0x84, 0x66, 0x0, 0xa8, 0x2f, 0x0, @multicast1, @rand_addr=0x64010101, {[@timestamp={0x44, 0x1c, 0x36, 0x0, 0xa, [0xc016, 0xffff, 0x3, 0x2, 0xda33, 0x1fffc00]}, @lsrr={0x83, 0x23, 0x43, [@empty, @dev={0xac, 0x14, 0x14, 0x29}, @loopback, @dev={0xac, 0x14, 0x14, 0x2b}, @loopback, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xf}, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @ssrr={0x89, 0xb, 0xe8, [@broadcast, @local]}, @generic={0x1, 0x12, "d3be51fa86597a4f090631e4d21ec3ca"}, @timestamp_prespec={0x44, 0x14, 0x17, 0x3, 0x0, [{@private=0xa010101, 0x101}, {@dev={0xac, 0x14, 0x14, 0xc}, 0x5}]}]}}}}}) (async)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'bond_slave_0\x00', <r13=>0x0})
sendmsg$nl_route(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@bridge_delneigh={0x30, 0x1c, 0x1, 0xfffffffd, 0x0, {0x7, 0x0, 0x0, r13, 0x80, 0xbb}, [@NDA_LLADDR={0xa, 0x2, @dev}, @NDA_VLAN={0x6, 0x5, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x44014}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000480)={0x10c, r6, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x24000040}, 0x8884)

2.663964156s ago: executing program 0 (id=4593):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0xba98575a95aeb70d)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f0000000880))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x40)
r3 = socket$inet6(0xa, 0x800, 0xc503)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x1, 0x4, &(0x7f00000010c0)=ANY=[@ANYBLOB="8500000008000000350000008400000085000000070000009500000000000000fed023d1d405000000c7d4012507000000c71adb05d72768b8242dd90d17e4c52505750482b009546a5f3f00573f31b53fd3e52bd87184446d165ae2939bbca322a415a98c885faad395f3e4e0635559362ed862ce7c69ad133037af3a000000000000000000000058c122dff93c54caec3751652d11fd4f66711918d3604b92666d60c88b658fe57bb5d365c5b89625385f230ba21f570635837c7bc74be573bfd68aaaf06d842085f84b96c4709e2c9449f0818f6fc5657572fb3e5bb8ff6f643e52f4964c62a70a011ede8b504c8a30381b8eff01d7615e1789bb4b3b7ef3668a98a785a80aa2d1ab149b9316091fb3025f0716799d8280acb3880a882f28dd3111e02c3b0b2818bf5bb902cc9c1666f5fdd2e43901ca4796f04db25c3df35cdfc17c54936202b45b7a09816aa76e8b9bbe24022007aae367025040e8b2255ced48a4b2db3f280dc6fd2f5374548c499ae74631f3be04e28d601369f9488fb074eb35540df5e053376ea29125d6bb916496b04b8e359c1edef91677414729967cffa736d7789c14e918b77518ee8e5d5aff9148be69267fff35"], &(0x7f0000000140)='GPL\x00', 0x0, 0x94, &(0x7f0000000180)=""/148}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000280)=@raw={'raw\x00', 0x3c1, 0x3, 0x570, 0x0, 0x8, 0x7f02ae, 0x0, 0x200, 0x4a0, 0x2e8, 0x2e8, 0x4a0, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x340, 0x368, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @fd={0x2, 0x0, r4}}, @common=@inet=@iprange={{0x68}, {@ipv4, @ipv4=@remote, @ipv6=@mcast2, @ipv4=@remote}}]}, @common=@unspec=@CLASSIFY={0x28}}, {{@ipv6={@private2, @private2, [], [], 'veth0_to_team\x00', 'netdevsim0\x00', {}, {0xff}, 0x0, 0x0, 0x1}, 0x0, 0xd0, 0x138, 0x0, {}, [@common=@mh={{0x28}, {"a27d"}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x13, 0xec, 0x5, 0x400, 'snmp\x00', 'syz0\x00', {0xffffffff8cdbbefd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5d0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000005e0001"], 0x20}}, 0x0)
sendto$ax25(r5, &(0x7f0000000180)="cd74cf25512b066bb0319469cc70b95301682e9704893ec2cf4546092ada2f4e6d0ca4617e2bbc0178e234423391ba0898f3cee1673ca9e0a3e05aca96d04e4ded53aa768a805faf6a41785edf6bb64507379ba904dd16cc547ece2436ae69b59e9a8696e7645d3ecf92774b9c2a1141f47d264ffb2699b2f5", 0x79, 0x4040090, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001a0001000000000000000a0080"], 0x38}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000000)='dctcp', 0x5)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x23)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30a)
r8 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r8, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x0, @dev}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c)

2.175851654s ago: executing program 4 (id=4594):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x74}]}, 0x0, 0x4}, 0x94)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @loopback, 0x80200008}, 0x1c)
connect(r0, &(0x7f0000000080)=@can, 0x80)
listen(r1, 0x0)
listen(r0, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f00000001c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x40000)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x4c, 0x2c, 0xd27, 0x0, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x5, 0xfff3}, {0x0, 0xffe0}, {0xe, 0x7}}, [@filter_kind_options=@f_fw={{0x7}, {0x20, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xb, 0xffe0}}, @TCA_FW_INDEV={0x14, 0x3, 'veth0_to_batadv\x00'}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
getsockopt$nfc_llcp(r2, 0x118, 0x3, &(0x7f00000003c0)=""/222, 0xde)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})

2.167678132s ago: executing program 1 (id=4595):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_emit_ethernet(0x56, &(0x7f0000000000)={@local, @random="6cf6566994c6", @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x2d, 0x44, 0x0, 0x0, 0xa3, 0x6, 0x0, @remote, @local, {[@timestamp_prespec={0x44, 0x1c, 0xa2, 0x3, 0x4, [{@empty, 0x7}, {@multicast2, 0x6}, {@multicast2, 0x1}]}]}}, {{0x4e22, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newlink={0x40, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bond={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x9}, @IFLA_BOND_ARP_IP_TARGET={0x4}]}}}]}, 0x40}}, 0x8004)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000080), &(0x7f00000000c0)='%pS    \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x4}}]}, &(0x7f0000000300)='GPL\x00', 0x3, 0x408, &(0x7f0000001e00)=""/4087}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x401, 0x0, 0x0, {0x5, 0x0, 0xa}, @NFT_OBJECT_CT_HELPER=@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}}, @NFT_MSG_DELRULE={0x78, 0x8, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT={0x1c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8906}]}, @NFTA_RULE_COMPAT={0x3c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x32}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x3b}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x62}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x29}]}]}, @NFT_MSG_NEWRULE={0xec, 0x6, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_RULE_EXPRESSIONS={0xac, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @dup={{0x8}, @void}}, {0xc, 0x1, 0x0, 0x1, @fib={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}, {0x14, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @target={{0xb}, @void}}, {0x30, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0xd}]}}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}]}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x1ac}, 0x1, 0x0, 0x0, 0x20000000}, 0x404c811)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000280)=0x14)
r5 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r3, &(0x7f00000003c0)={0x2c, 0xa, r4, 0x1e, r5}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@initr0, @alu={0x7, 0x1, 0xb}]}, &(0x7f0000000000)='GPL\x00', 0x8}, 0x90)

2.104901113s ago: executing program 3 (id=4596):
r0 = socket(0x18, 0x3, 0x16)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="84000000", @ANYRES16=r3, @ANYBLOB="010026bd7000fedbdf253b00000008000300", @ANYRES32=r2, @ANYBLOB="68003300802409000802110000000802140000"], 0x84}, 0x1, 0x0, 0x0, 0xe0}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r0, 0x0, 0x0)

1.956303658s ago: executing program 3 (id=4597):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xac}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xac}}, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e23, @empty}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x4a, {0x2, 0x0, @rand_addr=0x64010101}, 'lo\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x8}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x4, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x52, 0x0, 0x1}, 0x28)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r2, &(0x7f0000000240)={@val={0x2f3a, 0x800}, @val={0x0, 0x3, 0x3, 0x1}, @ipv4=@tcp={{0x5, 0x4, 0x2, 0x2, 0xfc0, 0x68, 0x0, 0x5, 0x6, 0x0, @empty, @broadcast}, {{0x4e20, 0x4e21, 0x41424344, 0x41424344, 0x1, 0x0, 0x8, 0x40, 0x141a, 0x0, 0x15f1, {[@mptcp=@syn={0x1e, 0xc, 0x2, 0x1, 0x9, 0x4}]}}, {"b898f48a5203aec1c20360cd2ef7d58da55b659aa6992f305f3fb5d188f517abf96e559cce7d2282a54862bc80a51035e81c9f2d030a6cd6e7c83ed735fe91a467f79be2c7d85f7529eff6f03e92199b12eae0ad8d098f78165de6ccd711c6be47076c700a8a74e5b91a9355bb250b70cc5af2c4219f1cf2fa23910722a02956f3612fc9f024e77b9d745b22dacc05c41e125d6487e6ffd4ca8db7a1f2befb5708d551a43ad989dc418b24f8fefc9febd72b8504db532be5759ec8a0e4e48662c5f29dd566101c64946a9c9b8e12fd22f56093a80f345a106dc2b95ccb043f0131602e6ef13caddcc9fcfa2e40ab3b603ff5881f4fba3c8bbfffd05510a5952a6335b6e02fe85927bd050bfc265b2afd2735345a9380f5af87e6a3d2479fc06afc9252d7d28710570837daa46d2b942be5433f46ca6cc0efe65e5b874fede589d6026c20e28749a857eb0b9bd9157a247cde360572592da40909d903ef6c4c10cc06f59b45d0e0991bc820bfef700ca4e2b6aad5c32d2a8a807e9333e0eddec1c0ed393deb690e1b827db9f5da75dbc32874e5fcc5c76c05c0ec2fb1e8d5918cd09023865e9008cca311ed9672237bcf925fa09ae410683726998bf0ef51937e764e55a09e009429c8eeae288eda500541b7a33d29d492493084ba2c0a89dc61126d3fae08440bb57473adfdeadb98bdada889ebc36ae25649e5b7187e0d2dd011b39e037f3cad6e0e2161ab344173e125545945b1debe71f24213f581df639d486bf77ccc6da56997708b76eb6cbde470ad004fbfb84e8d1495a2d7bb544f282dad56316b50472015c74847e3209ef4a6edbff327ec99dd0288214d9329f433bc71698808201bf0a769d608fac5faf16c32a09c34750040d9d19aa8b4071c051338527952e5afcfd2e33a14d9f123c6dd5f1a3c47583ff6e3c154eff46c1942bbc357add5253d96f5b6dc6e440271a377b03db190ed081e2989dec4a839e1c2d7fecfaa2459f62151b9ef4716fbc15fd86812763fbaf38e4d5af6d0c8b830436770819361104f30bd8ba795f9104dfb7370d1c6940819d6432b159fbbe633a093ff4dc3c44c4623e16eddb6151ef904fc96b87957ab22230dd6c2458fbaa438d3c222c055ce4253db8fdda2077f0159fddc1306b0277d122c51cc577b2b6dee459f1bf28c6d94178a0fc3e382f6b58e1db6cda5eca7dc0720e61d59ec794a02295ccdeedc811457e30e8548a8be271c69f0cbfd08fdcfa281ec3b1ea7bb2ff784be0a732344cc0978b37507d448330149537f1de512d4952e2d6a8901be7bf9c8497ffdc3910096e2ef5c2d056f909621f1c8c90702c9469fcfb9ccda91123da96c4c8381718624e74948ce35b4ddc47982d392d84fe377a0e4edcf34f4bc814d12a5fee04ed6750b074fd046a47c59b84c6d465bce16101ced3d8f6b8a9d1d8b96f730569dd4bce831c188c236b5c600349932d42d846dbd6d5ecd07a89c6f535237567aebd4eb12bbfe5120e0c0e5f077005394e71772d796bbe82be4e014c63c8a1c4bbbddf186d94eb73313e91a97ce8ade5c6ec3defd412842f1afc7c642bbb94ce29a16ea298291519a5f5a6f5782a17fcd9af20699f70307270c5b6f88606c986aae6766130d63278b64a09fa4850ec92b72d2e19f1b8a305c237061af9f85ea6d2d33ea5c77754eaaa0b221e7883da6e95d6f031f033df057faa24c078a7ad1e922f371b076d7b492d5837f6f4a0980f882b160f581f2fdd551baf1fdccfb2677871eb55bdaf8c6c158bb9ae0684fec562045ba365ff7443c60e7381d0ffa426b98640bc6f95b8191dc2e14cec948871d5fbbfe46c6f669c1a4f98dc4cfdebe8bca4fd627acb475c9c80875d766c976116e7a2245088cc70a51242756710a6164e417d4fe7f2bb4f878df548598021f246492211d9c780a9d66b47c19e4924f2ba392a54ddbf73d61eab4c45dfa3510f705bd23c0ecc7210b3f982e328142f74e10edce9677990b862965594b9c671dc0e7c193b7df65de53f953e53ec0789a36c0895cf063ff0d2711b28e177d457192493454d07ad162c8f4a2db7db5761928fdb45311a44be6af7e170b3dd38783ceb9c5745deb957f6fc1cc073d7abe2cc5c58c29136b89c745085304457ce9e1394b1c4de3c664fa843c5183e45f65137e57b627a9938dfcb3cdf60829e5d8014534df04da80c53613a419d8811a4cc9f8a483a3488f942b1e9f69730f9861b70d6e42efbb147ce969854a56877c64a9c5e7e3852994d8d36b86aadc74c3b765307af433c23b0e963f95966beb7cc859bcf9217a52df243a41532cb4b0b316677db0104f12aca9fee6fd5908169451b0fcccf0cfdfbf3de802cc2488a532d5d7de6582c5645160c5ef673d2c95d5b8b2d99ed9486c069798f13c14eab4c99fd509fa9f879d18a5f0bdefd8f44ad0c9280ca9335ed661cb6cc22264f95e1f3443b41a044e4a15ab73f20bed9f6caa6bf231351fd882c11320e40f61718d4c43e99f98a72b459e9ce6eab66903a4ca67560e6c3579c558140e9a035d380b21064f70ed5ad62be784e4f75619fe92a4b6c22438a5907bb234570b962389228a9a454caa0579253a8d697dd890663f0bbed83e2c249dcab4db3d4124202abed769bbc90aa21ae521d9153352bec7eb6e0623fe9486bb2c1dbda0726daa64343304e6b878f768404848e5df3be0f1838f71a232cc8737fbc62172c7ee73306edf0b621e76ef35d76c86473926f47bfaaf943abcf63a81449006583ecfbbc3c498f5dd176bbff6e4e51134ffa5b92dcf4719cb789c9fec63955607da72b335ef7fe1c12dc9cdf44a9e83d7ab5a51977ba1168354a1e89bc5e420329c5864393bd3c72cd9f2c9d7b8e79f661a37f4a03105e77aaa28f4978f44abc4f89c458080e93cfaa043c105f396badc033d12dbed823a2e4d24406c7b77cd33630e6257d21a27857beaad037c1031a319d79e6103e1b7600ad9d418e5af02d372d0ddd5e328edf7245b7907632eae607992a8048a24721e8ce32a5be8adc4704c58de99613bf254d0448c452b7e81fdfd8b3c1b3ff8d573678448aef089e5477e1174bc424c77b08bf81144faadd289d04a02fc19cab03ff2cee402693fb215c4b4b12afcbc532646eed43aa6408df1b2d738e611d5082053882b5a69e0e6ae967c89ebb2980c933c04337acac94130de8e1e99acb3878685a4d0e3f7c95179f4e8d6674ced26a91099da84fa0ff485a0cab23b35de4f8091a22e22a969d1daf17549b092b0353468b3d0918f514a1248a3d4a19767bf037cff673771fa22c6ee4952728a8126eac03e50aece013d0c59bb9bc230c48f3115b37a482bae47ca56f8b10419f78195ec89dbd381a04a7ffb645ad53f60783d4997d7cab42591735ad56d565d33325715e2fc29ed8c64869485fd6e14136f4a5f66681668b519c749a790b6417a853ef04015aeeefc48bd85aa351186f728b5f1b0183c03d2168d52dbed1ce13aa3c673458dabeed746d513593b6c561a79f399b498396fd94473aa2acea127591eeeff8f691dddf95288e06203c1e779ba7f5b2b7764e8aad4a44e547d5470193acfbfac984bdda75d8b35eb2258abdcf47ee7df549d499204d19c0b89a91f1aef847f375b5cf1f0829d538d14361327073c0edb6605810f330c401270c8eb35eb97aed751feb21211a51a9031ed386fa1598618a38ae9a1c86ae64c84727b1864f64b4da71a7a3195c2757fed49945d63458d89cf5c536bdd441f3f265fc9d61a554087a9b2b83660c0c17e15d9d1d40065ba244453fb08b4ea027e3301ea254513633704ca1a496c7ad2227ca99cf07c58b1c11deb9216e940e2e1243d75b4a6882e84581cc727bcfea0d20d39cb545830a99da07659b347922df1f29ca7496e493826fac4b8f1d641fee7460e99fccd8672473e59a6c240d09a541e460e5f2945776c707212bb33a5ee5051961f21592d9ea3ae018b8fbc2140e6151f14ff033a6dbb1afbddd684b6a9d5f29b7f273b430dab91c53cd89e191adc78c7ce20bb4340425531cfc23f119a5eab1d7c73bc703b7fba48c8038c068df1f77eda5e18b2f2609d9d99de2768349987ba51cb98f698797051844c0c8637bf2f7ffac991ccf95e1b5eae9d7d25e7f3e0bdc788d99754a8be1baddafc4f0914f1a05bf8bec1a40bd2135539150da59d4163c67a575bc6dd7f2f786114c372842795601e8569e28c949e8bdc96e5a43cb6639dedf1ef1f054e0d42589a16d30e296b6dfdac6e13a6c68e03bd39dc172b6007b01793ceafa13c6379d2b820e98e9e87891e3bbdc688f62c56ef80c67ad066a53e36141af58fa9734429498580dc6d32d1c2e8cc722b4f9dd9d165d07b7b536c398df39dee06f48ad422492fe1777619f49e153ad276c86fbf8f607e7b1e9d6040889f166eb8a73ddba4668d6618b31c36b6427b1cd3cb97ef268ec1f1b049a35bceddff9147fde7309db0c474be42a6d54150172df4d5614106ea5f134cf543a70105a0a75f649d6de1a9bd3858bcccf3b220886ea6a7702dbe7f17e03a022a0ffc5145da4895bcb41da3fc5a2a10bc7b2a70a3a86ef8fa600d24894260cdbbf3c36313f3b1e9e8096921b625cb9c7f3ab8423277c9b80743a2185c95e9e7fb3f6d63669257fac197b7a73c5a4a2c4a2df52af705b46b56ade64c8a4265373a770676ec7fe3738843402f63a79f0ddb59e4bf439e4eac709a0127e9588e1538872af3916a12a1a850206392c16e17fab5a7d72bc3e9caad7bab64481728861016c124888210d06e31005ffbd39a65abbf69ce1683de2bb9f90e4955deb7afd23e90e3e11fcbd55627ab48cea806cf5da35e094bbaab42dbbdb454599a6659c2ce10845dc2beba123ae01f043c8c13c463634546e3fc913360adf2441ce3753840af235b0828ee6f74bac40d08d7b8dd8828af44a577e52e9adc86d895e1e561881320091c18bf7c466c945c4872dfc884858f5d710e0f9786878e09a906896308135097da35e465e140f22171878a42f3fe2f0872656b4ffbacc54dd99baef3c58450f1d585e3e3b8c1a9bf0f6afb9858fd6f58791382ff65d926d49f5e02abc84bd4df49ed5beec83517fbf782f983353398063831a1a4668afd7bbe2275c712497686ccff4c447f34cb4dd6b5af0f2e517fea11783d265db2c6dacb393fa3e2d484c3a62c516fe24294ca324bea8095265d560c6f68ae278c7bc34afb7309eb96fbf851af3616fd07e335d010804e60e44a57d38a2d79a19a5f9b22daec534d0379b3fe8a3a6cd8c63b585dcf00abef832b402fd3c0dd95037bb5be517b14ac6627408ba35f15cc4aa0fa96d888baa2d82b4efdf27a018330cca8a83eb587ca8a2536bdd5ab7d783044c76166d27c15299cbe3d82a612236157d25c73b19a3f454309500822206d9ea91f77ea58291d3527f85fcd7f44f1dd4bec1fdd26ee5bbc11620a62fc8c6887904b9f3bde3c640b7e4ba801f49f90e191ade5df7d39f0999a2b5e32f3385c0ec657c6ea6da3bc3d417b3b3856f92bcbbf0eb30ef02715a53dfece840180678d156e79d8149987a1172212529cec710a2bed59478371ab88b8c769ae17b8cf8b1f3d"}}}}, 0xfce)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x5c}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000002c0)={{0x2, 0x0, @empty}, {0x7, @random="dfcecc33858b"}, 0x8, {0x2, 0x4e21, @multicast2}, 'team_slave_0\x00'})

1.908815727s ago: executing program 4 (id=4598):
r0 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80000)
r1 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0, @val=@iter={&(0x7f0000000080)=@cgroup={0x0, 0xffffffffffffffff, 0x8}, 0x10}}, 0x20)
r2 = socket$inet(0x2, 0x0, 0x2)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x32, 0x0, @val=@tracing={0xffffffffffffffff, 0x7}}, 0x20)
r4 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000140)='ns/net\x00')
clock_gettime(0x0, &(0x7f00000001c0)={<r5=>0x0, <r6=>0x0})
ppoll(&(0x7f0000000180)=[{r0, 0x5001}, {r1}, {r2, 0xa000}, {r3, 0x3a0}, {r4}], 0x5, &(0x7f0000000200)={r5, r6+60000000}, &(0x7f0000000240)={[0xa]}, 0x8)
setsockopt$sock_void(r0, 0x1, 0x12, 0x0, 0x0)
ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8)
shutdown(r0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'syztnl2\x00', <r9=>0x0, 0x4, 0x8, 0x1, 0x81, 0x1, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1, 0x7, 0xf38, 0x7}})
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, r8, 0x2, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x24000840)
socketpair(0x9, 0x5, 0x1, &(0x7f0000000480)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
bind$vsock_stream(r10, &(0x7f00000004c0)={0x28, 0x0, 0x2711, @hyper}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000580)=@nat={'nat\x00', 0x1b, 0x5, 0x460, 0xe0, 0x0, 0xffffffff, 0x1d0, 0xe0, 0x3c8, 0x3c8, 0xffffffff, 0x3c8, 0x3c8, 0x5, &(0x7f0000000500), {[{{@ip={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0xffffffff, 'veth0_to_bond\x00', 'veth0_virt_wifi\x00', {0xff}, {}, 0x2f, 0x3, 0x24}, 0x0, 0x98, 0xe0, 0x0, {}, [@common=@ttl={{0x28}, {0x1, 0x9}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x14, @ipv4=@multicast2, @ipv6=@mcast1, @port=0x4e20, @gre_key=0xfff1}}}, {{@ip={@local, @broadcast, 0xffffff00, 0xffffffff, 'ip6gretap0\x00', 'veth1_to_bridge\x00', {0xff}, {0xff}, 0x1, 0x3, 0x12}, 0x0, 0xb8, 0xf0, 0x0, {}, [@common=@icmp={{0x28}, {0x4, "0fae"}}, @common=@socket0={{0x20}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x1a, @remote, @dev={0xac, 0x14, 0x14, 0x37}, @icmp_id=0x66, @gre_key=0x8}}}}, {{@ip={@private=0xa010100, @empty, 0x0, 0x1fffffe00, 'ip6gretap0\x00', 'vcan0\x00', {0xff}, {0xff}, 0x67, 0x0, 0x18}, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@dev={'\xaa\xaa\xaa\xaa\xaa', 0xd}}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0x4, 0x1}, {0x3, 0x4, 0x7}, {0x0, 0x6, 0x2}, 0x6, 0x3}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x41}, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffffff, 0x0, 'wlan1\x00', 'wg1\x00', {0xff}, {0xff}, 0x2f, 0x1, 0x41}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@ttl={{0x28}, {0x3, 0x1}}, @common=@ttl={{0x28}, {0x2, 0x7}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @empty, 0x4, 0x6, [0x28, 0x2c, 0x21, 0x14, 0x3f, 0x27, 0x23, 0x3e, 0x0, 0x1b, 0x10, 0x3d, 0x15, 0x7, 0x1b, 0x3a], 0x1, 0x1, 0x4}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4c0)
socket$unix(0x1, 0x1, 0x0)
r12 = accept$unix(r11, &(0x7f0000000a40), &(0x7f0000000ac0)=0x6e)
r13 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000cc0)=@bpf_ext={0x1c, 0xf, &(0x7f0000000b00)=@raw=[@map_idx_val={0x18, 0xa, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0xcfe}, @tail_call, @tail_call, @initr0={0x18, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x7}, @ldst={0x3, 0x2, 0x4, 0x7, 0x9, 0xffffffffffffffb0, 0x8}], &(0x7f0000000b80)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x4, '\x00', r9, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000c00)={0x4, 0x9, 0x9, 0x5}, 0x10, 0x286a7, 0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000c40)=[{0x3, 0x1, 0x8, 0x1}, {0x4, 0x2, 0x8, 0x5}, {0x0, 0x5, 0x8, 0x5}, {0x3, 0x5, 0xd, 0x4}, {0x1, 0x1, 0x8, 0x6}, {0x0, 0x1, 0xe, 0x5}, {0x2, 0x1, 0x9, 0x9}], 0x10, 0xfffffff8}, 0x94)
setsockopt$sock_attach_bpf(r12, 0x1, 0x32, &(0x7f0000000d80)=r13, 0x4)
socket$vsock_stream(0x28, 0x1, 0x0)
connect$unix(r13, &(0x7f0000000dc0)=@file={0x1, './file0\x00'}, 0x6e)
socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000e40)={<r14=>0x0, 0x7, 0x8}, &(0x7f0000000e80)=0x8)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r11, 0x84, 0x71, &(0x7f0000000ec0)={r14, 0x8}, &(0x7f0000000f00)=0x8)
r15 = syz_genetlink_get_family_id$fou(&(0x7f0000000f80), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r10, &(0x7f0000001080)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x1080}, 0xc, &(0x7f0000001040)={&(0x7f0000000fc0)={0x54, r15, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast2}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @private1}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @remote}]}, 0x54}, 0x1, 0x0, 0x0, 0x40484}, 0x98)
setsockopt$inet6_IPV6_HOPOPTS(r10, 0x29, 0x36, &(0x7f00000010c0)={0x2c, 0x2a, '\x00', [@ra={0x5, 0x2, 0x7}, @generic={0xe0, 0x51, "bd53985603934d4067972d316f003a9937e116ce3683b6503c8559b62a83e0ba0ec87660c32b1d7327ad2679a7902420a2fee5a273a61b259284a0f65a6862bdf346a20c5943d2a5cfee027b01d4e55972"}, @generic={0x3, 0xb8, "b55fabddbe1360d5132bd5075215e7cb5cd85e3414e32ccac1d243034e95dc791d8b98f4f4c6de77fe0e146f9999ce086aceb7d3740e2cb9b9f1cf69deea810da12589dc83f84e9deecf091ff32e066b0ef9eba63d5ed28d16542ed685e7444cffa0b11b5c730258387e9b48eeeb18fc6291e3a7df20ce2d02ec7442068a341ed3b4a65f2ab1b947101919f5d629f927464f9549506a356c789987c06a05082b400c298fdb7b4e0e0d659a3b0c76b459dbfd8c2eb74474ab"}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x5}, @calipso={0x7, 0x10, {0x2, 0x2, 0x4, 0x990, [0x9]}}, @hao={0xc9, 0x10, @mcast2}, @hao={0xc9, 0x10, @private2}, @pad1]}, 0x160)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001300)=@o_path={&(0x7f0000001240)='./file0/../file0\x00', 0xffffffffffffffff, 0x4000, r12}, 0x18)

1.692872156s ago: executing program 1 (id=4599):
r0 = socket(0x18, 0x3, 0x16)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x4c, 0x0, &(0x7f0000001000))
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r4, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010026bd7000fedbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="68003300802409000802110000000802110000"], 0x84}, 0x1, 0x0, 0x0, 0xe0}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r0, 0x0, 0x0)

1.022023296s ago: executing program 4 (id=4600):
r0 = socket$inet6(0xa, 0x80000, 0x20003a)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000040)={@dev, @dev, <r2=>0x0}, &(0x7f0000000140)=0xc)
r3 = socket$phonet(0x23, 0x2, 0x1)
r4 = socket$netlink(0x10, 0x3, 0xc)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000002840)={0x0, <r5=>0x0}, &(0x7f0000002880)=0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r6, &(0x7f0000010480)={0x0, 0x0, &(0x7f0000010440)={&(0x7f00000102c0)={0x2c, 0x2, 0x1, 0x3, 0x0, 0x0, {0xa}, [@CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x2}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x3}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1406}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x88c0)
sendmsg$netlink(r4, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000000980)={0x10, 0x32, 0x4, 0x70bd25, 0x25dfdbff}, 0x10}], 0x1, &(0x7f0000002900)=[@cred={{0x1c, 0x1, 0x2, {0x0, r5}}}], 0x20, 0x50}, 0x40880)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={&(0x7f00000006c0)=""/159, 0x9f, 0x0, &(0x7f00000001c0)=""/7, 0x7}}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@ipmr_newroute={0xc8, 0x18, 0x100, 0x70bd26, 0x25dfdbfd, {0x80, 0x14, 0x80, 0x5, 0xff, 0x4, 0x0, 0x0, 0x2000}, [@RTA_UID={0x8, 0x19, r5}, @RTA_IP_PROTO={0x5, 0x1b, 0x3a}, @RTA_DPORT={0x6, 0x1d, 0x4e22}, @RTA_MULTIPATH={0xc, 0x9, {0x1, 0x1, 0x7, r2}}, @RTA_MARK={0x8, 0x10, 0xffff0000}, @RTA_SPORT={0x6, 0x1c, 0x4e23}, @RTA_PRIORITY={0x8, 0x6, 0x3}, @RTA_PREFSRC={0x8, 0x7, @private=0xa010100}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}, @RTA_METRICS={0x5d, 0x8, 0x0, 0x1, "3a783e99cb509f20cacf443d5a664592da4b8e1d7d5b271705923fc2de7fb5a1d17267657245d741214155a1f2cd27e9d26bf123934b8720c25d8f82bee5fbe94d9a38a0a623b5f6825bdd95ef16e5c97f1b1c448fc9f182a1"}]}, 0xc8}, 0x1, 0x0, 0x0, 0x8000}, 0x400c0c4)
setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000100)=0xffff, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r7, &(0x7f0000000000)="3f000000010040", 0x7)
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f0000000000)={0xa, 0x0, @remote}, 0x10)
r9 = socket(0x2a, 0x2, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r11=>0x0})
sendto$packet(r10, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r11, 0x1, 0x0, 0x6, @link_local}, 0x14)
socket(0x1d, 0x4, 0x1)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r11, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0)
ioctl$SIOCSIFMTU(r9, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

225.097624ms ago: executing program 1 (id=4601):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x45, 0x9, 0x4, 0x25dfdbfd, {0x2}}, 0x14}}, 0x0) (async)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x45, 0x9, 0x4, 0x25dfdbfd, {0x2}}, 0x14}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) (async)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x7fffd, 0x8, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000280)={r2, 0x0, 0x0}, 0x20)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000001940)={@multicast1, @initdev}, &(0x7f0000001980)=0xc) (async)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000001940)={@multicast1, @initdev, <r3=>0x0}, &(0x7f0000001980)=0xc)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r4, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r4, 0x0)
mmap(&(0x7f00009c5000/0x1000)=nil, 0x1000, 0x3, 0x28012, r4, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001a40)={0x1b, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x5}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b40)={0x11, 0x6, &(0x7f0000001840)=@raw=[@map_idx_val={0x18, 0x9, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x4}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @alu={0x4, 0x1, 0x9, 0x4, 0xa, 0x80, 0x19}, @ldst={0x0, 0x1, 0x6, 0xb, 0x8, 0x8, 0x8}], &(0x7f0000001880)='syzkaller\x00', 0x10000, 0x42, &(0x7f00000018c0)=""/66, 0x41000, 0x0, '\x00', r3, 0x0, r4, 0x8, &(0x7f00000019c0)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000001a00)={0x5, 0xc, 0x5, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000001ac0)=[r1, r1, r1, r1, r5], &(0x7f0000001b00)=[{0x1, 0x3, 0x7, 0x6}]}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xba}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x76}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xba}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x76}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xb, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xe, 0x19, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x90}, @call={0x85, 0x0, 0x0, 0xc4}, @jmp={0x5, 0x1, 0x2, 0xa, 0xb, 0xffffffffffffffff, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @jmp={0x5, 0x1, 0x9, 0x6, 0x0, 0x100, 0x10}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x18, &(0x7f0000000180)=""/24, 0x41000, 0x28, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000200)={0x5, 0x3, 0x101, 0x1a}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x7, &(0x7f0000000240)=[r1, r1, r1, r1], &(0x7f0000000280)=[{0x2, 0x4, 0x5}, {0x2, 0x4, 0x8, 0x1}, {0x5, 0x3, 0x1, 0x6}, {0x3, 0x3, 0xe, 0x7}, {0x1, 0x3, 0x4, 0x7}, {0x2, 0x2, 0xc, 0x3}, {0x3, 0x3, 0xc, 0x5}], 0x10, 0x3}, 0x94)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r8, &(0x7f0000000300)="a0", 0x1, 0x0, &(0x7f00000002c0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r8, 0x21)
r9 = accept4(r8, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x5}, &(0x7f0000000240)=0x8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001680)={r7, 0x0, 0xb, 0x1000, &(0x7f0000000300)="5239d62828d0b5a9f750e5", &(0x7f0000000600)=""/4096, 0x60, 0x0, 0x62, 0x13, &(0x7f0000001600)="0b9c66407fb7f01a6ec68088de09e47d6c0467c727d13e2128618b6d3c39e441a4e15f60b8d9fde8e3d518d81a655a373f7a5e470d4980386bae1472aafe0de43ad5aaa03688a3adbdd53d24cb8e2b8007ef38f5697f8787a19414c29f300fcf0c06", &(0x7f0000000480)="5c51df959360da10bb5e786d6ecbb88a194e0c", 0x0, 0x0, 0x8}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001780)={{r6}, &(0x7f0000001700), &(0x7f0000001740)=r7}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001780)={{r6, <r10=>0xffffffffffffffff}, &(0x7f0000001700), &(0x7f0000001740)=r7}, 0x20)
ioctl$EXT4_IOC_GET_ES_CACHE(r10, 0xc020662a, &(0x7f00000017c0)={0x6, 0x5, 0x2, 0xfbc, 0x1, 0x0, [{0x7fffffff, 0x4, 0x2f2, '\x00', 0x1a86}]}) (async)
ioctl$EXT4_IOC_GET_ES_CACHE(r10, 0xc020662a, &(0x7f00000017c0)={0x6, 0x5, 0x2, 0xfbc, 0x1, 0x0, [{0x7fffffff, 0x4, 0x2f2, '\x00', 0x1a86}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x8}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0x5, 0x4}, {0x85, 0x0, 0x0, 0x1c}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x8}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0x5, 0x4}, {0x85, 0x0, 0x0, 0x1c}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

150.108879ms ago: executing program 0 (id=4602):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendto$inet6(r1, &(0x7f0000000000)="de8e87ae1908756bf703245fe17a71ad8d3a61af5dcbf01c79ce796fe95205", 0x1f, 0x4000, &(0x7f0000000040)={0xa, 0x4e22, 0x9, @remote, 0x401}, 0x1c)
socketpair(0x11, 0x2, 0x7, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_inet6_udp_SIOCINQ(r3, 0x541b, &(0x7f00000000c0))
setsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000100)=0x9, 0x4)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
sendfile(r0, r4, &(0x7f0000000140)=0x6, 0xb)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz1\x00', 0x200002, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r4, 0xf504, 0x0)
r6 = syz_init_net_socket$ax25(0x3, 0x5, 0xc7)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r6, 0x6612)
ioctl$AUTOFS_IOC_FAIL(r5, 0x9361, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r3)
bind$qrtr(0xffffffffffffffff, &(0x7f0000000200)={0x2a, 0x2, 0x3fff}, 0xc)
getsockopt$inet_sctp_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000240), &(0x7f0000000280)=0x8)
r7 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000002c0)='ns/ipc\x00')
ioctl$NS_GET_PARENT(r7, 0xb702, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r2, 0x8934, &(0x7f0000000300)={'ipvlan1\x00', 0x6})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000000340)={0x0, 0x0, {0x0, @struct}, {0x0, @usage, <r8=>0x0}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, &(0x7f0000000740)={r8, 0x1022ad87, 0x80, 0x1})
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000c00)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x1c, 0x1, 0x4, 0x201, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x40000c0)
r9 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r9, &(0x7f0000000c40)={0x2a, 0x0, 0x7fff}, 0xc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000c80)=[@in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e23, 0x3, @remote, 0x5}, @in6={0xa, 0x4e22, 0x7, @local, 0x9}, @in6={0xa, 0x4e22, 0xf1, @remote, 0x8b}], 0x64)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{0x1, <r10=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000dc0)=r10, 0x4)
r11 = socket$caif_seqpacket(0x25, 0x5, 0x0)
ioctl$sock_SIOCGIFCONF(r11, 0x8912, &(0x7f0000001e00)=@buf={0x1000, &(0x7f0000000e00)="38c6886f72c278075b7d6ef3d5c76c84e2b261939c464c0034c7762124e58f9fbe3ca2eecb227c03fc7c8bb52d407b00a09bf1e70cf682ab06432cc6764fcdbeda05567098fb93677795a894c235533590d32d3c0e1bf6549088d30f0c55dfd23f6449679a604604add5a731d1895401c76d97725f20adcc2e71d7829bd2988f298a3250c66163170e9c58b8207a1b70f9e5a9f2171d8961a7291d3a6caca54f68530ec0eeec0fa063ae0f00dfe58f23a40fa6d74ee7ec8ce9f72dc9816ca81d1c90488d1863929e2e0d085fd2e2c78f31639fba3551126050f9d9993db00a47d61196d1baae900ce5acc5412e207440dec7499601f49eb218d2da959b5455d0ac08415c6ff8705e5af6c4198cb3e4424cf38814fbf07dbaba6e66f60f622323254581bb7bc6f454039e24f674d2e201a7243d4a60179b3aa68764d918a61a472db9c4930520dd61c608d126a9834c734ef9fe9a0c2f938225b39e099bd15779e695498d37e34cbdea6670524662d25f3317a350e37b661894962eecabff3da6e1c77f5c57fb992daafbea606892730535dd84d20772c1b9668380ff83a8f2e528cafcc2c40ccc97c30aa738b98f8e3ea8b474a18e83b191425c4d1c52a08960ffd5bacf41c11eab114416b8742e51fe9c1c6f87cabbe5e1a0bbaaa1aac830ceda94bc8888074067da5672b521d6ed727e1db6cb11b0b4d82acbba69ff3529d9f5366260400a0ccaea1d2d6c44703a15ccdb17cb89ad4ec8fbc81742abb1d2e9ba98a341925be1060b724ab650aa36ec65fefff8ec860363fe22d1f82341cfb6e583d717c899f9e6b8b97666f7e0123416d2f138288d2437e211a80ceb100d853ad768715c8436ee0094a673d10855392b4728e6d483e3818460889538d501909bd5066e72607f62951f4c5b2c26ffde42d3ae8b52d9a79f71d7c160b036514e0a8b4e1dce9ad9384e0e184235d6de82b855060bdebb605c209619b48e9961cda2f21b0e01d4875e67ea8d1fa6a6a150cd97481aefee8d4d1de9c6b18a0cbe7a89ce6c35e82ed3f37ef873cb1cc53829b48387d4a51268e790f890de61c62656c58cdea5b72051178639cc9a4f8e59cde99b0eb1482c97f5c218e7afd8ec8e56a514692f2f1b4b7dd60427e9247240034d5a52d993a4bb3100e50c87675bf10dfefbd0b9a77d93e810c463ff189882ae7e2e1ad90c674c11b9924e12bb4db1be3c582e603199eb7f2ea62b34bfd0535979c2eb6361da3ef05c668bb6d6f42b7b7fad03a4adc9d7e71fa857fc671ad7a9b5d91f66850d9b26eaf9f86402476e2c970767b3ac303a6da843fd6be3fca9a04709255a4d611dfeeced18b4138d50c41802e33eee2a784bc391e8601660f894e54542fe8a68ed1bf595d7391ee34d83184df39f15891c384807492f44fe11f3580ea173a7a9e73977fef8f7730fab60f3b0454ce171a92bf23831496df004cf0a3a2d6c2969b29374d4561f3ad9ef58a3a36b4f7267d8a83ad8d05cde29eb2a72149b34eb14fdec3981a5d1b255411a970ae2dae0d30b9687729a2d5e55cd6f2ab5c6e1695b55bdb4ca2e6234417277e4e08e5ae31832362fe6fe9283f5627d9a5424b80e8062e74745e8d7e592ba0ef21c047dbf42e14a63a61cdb610de1917a7ea6ef2ab12dd609f1a07b3e37d1bc2c8cf0e8007ff353e06060f045147b85fe89409041d0681d7f504fe97bf182e477b07a82de834f1d939360e9bc69c77c0b41e9b8c1d2acfcac4b26203618f19469ebb3b45f0aca833b41f1045f1dc19056c6d94678bd298e0f0a67fa65964d1c7ea62c6f0e81e236488f412ece519163b5fabc230742cec9c10becbfe2cebda7c126492f40b0c7197e01f3fcc6db29bdf0ebbe5a3effb4f691008a5a689ca475f9df4a8463be087ce4ac4cc297ea7ef59e1fdf88ec49bb9c8f1751fcf484ac93fc085b7e02ba73dbf681647df18e0f5b13f391d6877b0ef44e1796d77f114c0892038353d359fd39eb6f2f0d492695076844f697227a74e230702e8436521adf8c4b374d6dbe9a3d9a6cf1b913c0e54fea4766fc504c90ace62e731b3df6d3b8dd2dea722a2d5096c3ab840fb9cf4bfba76313dc5d1d74ab831e4937dde7e4462a0fe6968199b9cca503488e3a0dc1a66e895239c1fa31b57c33a6f44bce4a5997bd7a8577b32ad2d10d764bf60f369425a40079d02b80ce23614454bc1e15aa669938ab4e7f8d925baa6c0320db62a3ec0325d3972eccbdaf563a12e0135e420ae48ad4e45b38fdfedb30ce597a8ffc839a53f22d4af87f7bdda3c0d1424b72a6e36bc0fa9674add4c161bfecf854b6cd2a7484e7b44ee7b04da09e56e0e7b2ff7e42033d5f2348cd1e7375016b3bbf1d2e386f68d14536bb9141e1628a412d124b1fd66a2e11fc55ca9e8dda04c24595532ca1a9c27b4e08c8cf25fb8638ca3079a14a158282bf93e5c1f611a0746d0c01e5f8f28c1598dcac826aa174dd3d18abe0d21f3f68d852a0faaa44bf785ec5d0fe1147ae70c3bd457f86c50ccaee335e7152b8b54e1115dc23ec08c65348e2d84dbb56dfd0aa2221f7f23c78f3ae459f27dffc20481362844a00bd839b21eb4f51fa7dfa7c39dd81caa21b126fcc8fa0b784de62b107ffa05a9a30a1a4b409e42a02910ee9480766d59565a6960ea3af0a61731081410fbc0c721163a6006d62077202c96036b9c081438daa9f15dd165ab535afcecde9a44a6679809dd79dbdd98103f256b5495779db11a6e0359f67b29b2d704d2ae30754d9cce17fdf4cf1d30c2025caa013a6c792128698bf4df0d22f5c1c9e72d06c46c0b40be14bbdc24f28c52477d1d72abc40075ea807719055b951f0c600070bb9cc90377b45820e42034d93219848812431fd5e9e05a9fd1e6bcfe2ec0a30aeff9346ab5bb4359a5bc29e4962344088f860e2dc7f3176cc4a78e8a7769356a730b0c187749b11587b85fd71cccb32abbb28e8a2cac530d2e6d39437c7213d251005afddb9dd55e1da787f10172e3ba594a6687afb3b728369a1b6bce0bb567eb1cca59c3bbbb2a328db8cf3dfa4a25311c890270e0d9aa60d56f2905bbbe025c3a21ff04d8c1802eaf2e4016d7d2323b62a7ad8c2a8bb2891bddc3cef54917926d356a0a263cff25ae0e626f0c90887c8261b175426c3b8b1cea294d39e617565b38a663d66eac274bae3aa044ebf700b9ca19bbde0c900c68d88e96c44f04a9fbeac431dc535a9ffbd8b9726819249ed1c57d2648d91a1e5ad315e8f7663e60efe36c0a33358d69ec72e4a31f4d3ffd4fb197e758b2ed7e470442109f519017f0a0157498b325bc43c04fd3f533fd912d2249ec58c46f22b9ac465491e6b2d5600e760008f962fe32e8104fa8467bcacd6117acced3cc734932dcd212d0b5e919d6dbbc3dd14c03fc081866702dc4d70ee45994b805bda8325fbd4074128ed54ce4c2c49f95deba18b506ec9383dabc7dfb48ebddc2dcf87c95596096c1d7ebee6cc1e8ccb8ce62a23cbc685f7ba670f8b79edaf4613d954cdf06768008514f9da89c218c188ca2bb49703cb8c5fe2b9f35d2a7b1a7c4477a96ab178edf209d6851d3e725b9ea281c97fde9eb69b6a26b1648c78bc2de7452d2dd9c10a89e722b9fed7b1b17f64ad05d3fbfea31d2a792085ce80f1242b05fae4ccbc016119c08806faca334d7effa994bcf3e020d6428668a95eba1c8814162ccbfe465ef9a5a309a0e4479a89f5792ee6fe92a0905e545f8666aa8db49bb2106e0f2b33664ff3816d2f02889889d3dc900261b604bf7479ecec39aa5e382867f81abdaa0dfd3176b9345cd9d65f8096c7a03aede4153c7116f17acb43be36c31890075e4db177bd6e6c13be074806d96dc44412b2242661c75afe4ff688e0dfab81db756b33b428b5a861ea3bb4e0c1cf0c0a5496dd8a0297d0b26896201d44f2beacb12384d8e4abb7931d67375cabd72e9b11a934505ddfe62e832f605d066e32302fc23d7c5207f048af87c72b531ea2ca91510d3ed052fd746a3133509aa69a601882dd0487c2346ab398e5e9a5e91a7b716db56224c3db9333130b88920101e32ac094eeca866f94641b459fad534c918f4b16fc756e2e75e87f3727d7bd5d6179ae8f951503babf812b7ccafc4163e22b08616872f7f85dd96c08cef5e5851c62350ec0ccc3781f956f9b3d26a64b5996bcdf22cf3b467b4f047123e5e0e60c6744e5fd9d72a687aaaf72403abe9cf7c30b23c2f18a5ca9dbf39a76d4fb9acfa3a45091e224a46ebf8eb60a6746ae5e28e55a794e7335043c6d61b0b5c91135f8a86529b64b912d9d0922718c0e2bfc5778023967a287e463a4308cf2b4444c19cf90006feaab7314ae522c238b66ed973f4db769014d03220355b893bc1f27de8a2c9700e814863f95e5ca546532f942d1763b2e02ddb1af2b414f9b1ed60d8548f2d2a0961f7935b4dd8b6731b79c4e5171f87b42429d7baa4973796f5dd679b10415d42620adda96850a22d6617a8cf2cf146395f4deea86266096b843c4fbeb9068633c2b46dbd9169d8be8c6a6f3a5bc766a2b7e94a7aa85c80825edaa533b60e9c3b482e005457d9f0ae372869dc6984484031c333c466183af4ae9d05d13fea52f208ce44165c67706d65c51d36218ca7dcf5d4ecdf7b61e028103596b2617d03283d00fdb9bedf7775603fe1a0de5d640a7c65d715c3fe6891d168a4908f0c0a7d3b546ebacab0af9b6f956ff3df6f1c7c9e9fa699d8e32d8a566db59caf4756c1263373fd7e417889fc673bdbc152e2fd19a7c1c60b32abc1312e31cc7aa5be6e596fa18e687ec27cab9e8b7b99950b287c5a2a99512e4fa9a61e75e8bcdc3ff6b8bf12443d59d911b39ef2886efd567d19b8ade0de71fb1bd3679fd6af656d798ffa877cf70cc4ab134b432b14db52b3ecf5e5ae762a99f8cccf166879386fcdabfe3b0ec49331c55b67df66a38d557f1296b603c6c555d6745ec342d5bae473ec29d5fb8105dc4122c14d8bf7c709d287d66514a33bb5d8cf2bf87e223e58df5eff2be6934dcc54edb9a164a49e70b78fe1f144cbfd3d85d626a42ff0b8248e62f710ce39d7aa42614d9956dcbe14a037d903986227f0594869cfa4fcfd9156b37a8891fa7f67986038fc1b34342e8a2179fa4a08799e099d5be1c23e5cb7ac1fe38853fd24039e80f695c1f0011fd6ec9fa9e497279a16b16d3b847b9083a5efada50fcc1366f6087f827ac4337c54d6fadf57afc6959b042187a541df0bd7c57da1fc4d73b85e3b6794b73a52558b449afd4b91f0bea20bfbafc2484ee4b4bb705133872c9db57291a42d8800ec93f773b8df960c2a27a2c2f2ffb7f0dfc779f0302e5478e2bbee1d1de0442be433c1dad248518a71608d727006927dfadc86f594067e8bfa42332e56443588d100c8a969c43313d01b2f92ed676330c9b8e59046491ecc9b64be40030db438f85651a6bb76e664cc48ef772ed9413fb02d7e8bef500fd295562e55afe131a4ca873ba059f3f3eaa777de06eb5d88376c5b9b1f23b9198ffefe397efcc01f92673401e7095c5255c5d4f7259724cdfa8e5b2b4b5a649536b309ac21611ae3981d123596377df2e99dcd63be0c31b22af4a2884ae84d99184091f2400d48f824dc257f8743bd3ef944f97c7d340f6ce8b0aefae62955ba647d5a40976749675367611ed619b261c6c633c3f88a6109b807a54319c7e6396f1dedb6954b61fd0e7de97027e10e905f94c6237de3bd55a195643e4947d945262584bbc09d94e1e531e7c27ca"})

149.413447ms ago: executing program 4 (id=4603):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x1412, 0x4, 0x70bd2c, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x4}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x3}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000004}, 0x20040000)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x19, &(0x7f0000000340), 0x8)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r2, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x989680}, 0x0)

118.060414ms ago: executing program 3 (id=4604):
r0 = socket$netlink(0x10, 0x3, 0xc)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/cgroup\x00')
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x8, 0x0, 0x8000)
ioctl$sock_netrom_SIOCADDRT(r1, 0x6180, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000040))
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000002a00)={&(0x7f00000029c0)=ANY=[@ANYBLOB="140000000d0603"], 0x14}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000010000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="340000002e0003050000000000000000200000f8ffffffffffffff0008000000", @ANYRES32, @ANYBLOB="0c000f"], 0x34}], 0x1}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r6)
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x20, r7, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x4c000)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r8, &(0x7f0000003f40)=[{&(0x7f0000000000)=@in={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000040)="1c", 0x1}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"], 0x18, 0x48060}], 0x1, 0x200000d0)
pselect6(0x40, &(0x7f0000000540)={0x9, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r8, 0x84, 0x74, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc831e2fa37", 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000100)='vm_unmapped_area\x00', r2}, 0x18)
setsockopt$inet_tcp_int(r1, 0x6, 0x12, &(0x7f0000000080)=0x7f, 0x4)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000100)='vm_unmapped_area\x00', r9}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)

9.151723ms ago: executing program 4 (id=4605):
socket$inet6(0xa, 0x2, 0x0) (async)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4) (async)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2) (async)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
recvmmsg(r0, &(0x7f00000039c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40010020, 0x0)
write$tun(r1, &(0x7f0000000340)={@val={0xa}, @void, @eth={@multicast, @remote, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \x00', 0x10, 0x11, 0xff, @empty, @mcast2, {[], {0x4f19, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x3, 0x5, 0x100}}}}}}}}}, 0x4a)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x79}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e}, 0x90)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0x8)
r4 = accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f00000003c0)={0x0, 0x2}, &(0x7f0000000400)=0x8) (async)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f00000003c0)={0x0, 0x2}, &(0x7f0000000400)=0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x3}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

8.492224ms ago: executing program 2 (id=4606):
syz_emit_ethernet(0x46, &(0x7f00000007c0)=ANY=[@ANYBLOB="2f094301cbe5aaaaaaaaaabb86dd7f12109b0007000000000000000000000000000000000000ff0200000000000000000000000000018c009078bb09e0c8dbf800040024000093f58906549e8e54b03654ee25ea0d1602396a0a9c69956cf1366c4f445422e38f83db5d0a2c019b16ff039476c0261173c7c29195757ac7fbda030000000000000062cc7175fde8d322479dc0c0845ddb9e1fe5b1f2aba128f6e92d61d900fb100630edb43c1b9be89c890ed492a8e6f744d5e15ebba9d4fa9aae5a8e20aacb47ede2f03974e90b250de739e910924e10f295d83c2af85763992e8b5ddb9790bd86d8978ad7ebb5fb7dd3d3bbee4670083f203d3f0857bfc0fd99c029640472f85e7ec364ce11c27ebf3af8c8d97526370faac2a60b946e"], 0x0)
r0 = socket$isdn(0x22, 0x3, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={0x1, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0xffff, 'syz0\x00', @default, 0xfffffdba, 0x80002, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @bcast, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]})
ioctl$sock_netrom_SIOCADDRT(r2, 0x890b, &(0x7f0000000440)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x8, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]})
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000060000008008000640000000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a697000"], 0x50}}, 0x20040000)
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(0xffffffffffffffff, &(0x7f00000002c0)={0x2c, 0x4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan0\x00'})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x14, 0x7}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x18, 0x2, [@TCA_U32_SEL={0xe, 0x5, {0x1, 0x5, 0x7, 0x8, 0x8000, 0x7, 0x0, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x3c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0xc, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x3}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000340)={'syztnl1\x00', &(0x7f0000000280)={'gre0\x00', 0x0, 0x9, 0x7, 0x4, 0x7, {{0x27, 0x4, 0x1, 0x7, 0x9c, 0x65, 0x0, 0x3, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x24}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ssrr={0x89, 0xf, 0x12, [@broadcast, @multicast1, @loopback]}, @cipso={0x86, 0x1e, 0x3, [{0x2, 0x3, "1b"}, {0x0, 0x9, "95b5220da0e5f9"}, {0x1, 0x3, ','}, {0x5, 0x9, "fec0d289a2f2fc"}]}, @end, @ra={0x94, 0x4}, @timestamp={0x44, 0x20, 0xe1, 0x0, 0x4, [0x8, 0x6, 0x4, 0xd, 0x6e3a, 0xae1, 0xfffffffa]}, @ssrr={0x89, 0x1f, 0x7c, [@loopback, @local, @empty, @multicast2, @multicast2, @multicast2, @dev={0xac, 0x14, 0x14, 0x32}]}, @timestamp_prespec={0x44, 0x14, 0xb8, 0x3, 0xd, [{@local}, {@multicast2, 0x2}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000380)={'syztnl0\x00', 0x0, 0x2f, 0x8, 0x28, 0x7, 0x1e, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8000, 0x0, 0xffffff7f, 0x3}})
r9 = socket(0x400000000010, 0x3, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001d40)=@newtfilter={0xe18, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r11, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xde4, 0x2, [@TCA_MATCHALL_ACT={0xde0, 0x2, [@m_police={0xc78, 0x4, 0x0, 0x0, {{0xb}, {0xc4c, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x5, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x85a, 0x3ff, 0x9, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x2, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x12a, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x6, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x80001, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x2007, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0xfffffffb, 0x3, 0xd, 0x3, 0x1, 0x7, 0x2e36, 0xb89b, 0xe8a0, 0x80000000, 0x1, 0x5, 0x1ff, 0x5, 0x4, 0x10, 0x7, 0x1f19, 0x85, 0x6cf6, 0x0, 0x8001, 0x6c0fabf3, 0x8000, 0x3a18, 0x4d7e, 0x3, 0x3, 0xb0a, 0xffff, 0x4, 0x1, 0x3, 0x0, 0x9, 0x71ff, 0x10000, 0x9, 0x6, 0x197, 0x10c, 0x83c2, 0x7, 0x4, 0x5, 0xe, 0x0, 0xcfa, 0xfffffffa, 0x4, 0xbbc, 0x5, 0x4, 0x7, 0x7, 0x9, 0x6, 0xfffffffc, 0x1, 0x9, 0xfff, 0x100, 0x81, 0x6, 0xa7d, 0x63ef, 0x9a90, 0xfffffbe3, 0xffff0001, 0x6, 0x4, 0xbac, 0x2df, 0x4, 0x80000001, 0x3, 0xefb, 0x7, 0x8, 0x4, 0xc6d, 0xf0, 0x5b, 0x2, 0xfffffffd, 0x4, 0xd6bb, 0x4, 0x68000000, 0x37fb, 0x4, 0xef, 0x401, 0xd65, 0xff, 0x4, 0x0, 0x2, 0xd, 0x6, 0x9, 0x3, 0x9, 0x2, 0x7, 0x2, 0xc, 0x3, 0x400, 0x6, 0x4, 0xff, 0x80000001, 0x5, 0x9, 0x8, 0x9, 0x7, 0x8, 0x10000, 0xd, 0x7, 0x1, 0x0, 0x9, 0x3, 0x2, 0x80, 0xb42f, 0x10000, 0x805, 0x8757, 0x2, 0x6, 0xc, 0x8f, 0x0, 0x2, 0xe, 0x4, 0xfffffff7, 0xc, 0x1, 0x3499, 0x3, 0x192, 0x3, 0x4, 0x7, 0x0, 0x200, 0x3f1, 0x5c, 0x3, 0x80000000, 0x2, 0x8, 0x6, 0x7c, 0x81, 0x8, 0x3, 0x400, 0x2, 0x7, 0x2, 0x8, 0x8, 0x87, 0x69d, 0xe, 0x361b, 0x3, 0x7fff, 0x3, 0x101, 0x401, 0x1b, 0x1, 0x5efe, 0x6, 0xfffffffa, 0x2, 0x7, 0x100, 0x3, 0x6, 0x0, 0x35cefded, 0x80000001, 0x40000, 0x401, 0x8, 0x7, 0x80000001, 0x4, 0x48, 0x7fff, 0x2, 0xcdc3, 0x800, 0x364, 0x5, 0xa, 0x3c, 0x1, 0xa, 0x8, 0xf3, 0x4, 0x7, 0x5, 0x2c, 0x2, 0x7, 0x6, 0x9, 0x5, 0x0, 0x5, 0x400, 0x1, 0xf003, 0xff76, 0x8, 0xba6, 0x7fffffff, 0xad4, 0x3ff, 0x5, 0x7, 0x2, 0x7, 0x0, 0x0, 0x7f, 0x7, 0x1, 0x42bbd9b5, 0xff, 0x4, 0x6, 0xff, 0x80, 0x3, 0xff, 0x6, 0x6, 0x5, 0x363c42af, 0x9, 0x92, 0x8001, 0x1, 0xd729]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x30, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x40006, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x400, 0x80003e, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x4, 0x3, 0x9, 0xc, 0x0, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x0, 0x0, 0x9, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x204, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x3, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0xfff, 0x8, 0x7, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x3, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dca, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x4, 0x5, 0x1, 0xdbec, {0x8, 0x2, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_tunnel_key={0x164, 0xa, 0x0, 0x0, {{0xf}, {0x44, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0xffffe44c, 0x3, 0x9, 0x5}, 0x1}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0xff}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @rand_addr=0x64010100}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @mcast2}]}, {0xf2, 0x6, "18e372514439dce632f01c733550ac63faa5462ce5c30abceca0db94b01c897b2622bdf3588f2358adf5788bf3cb3f7da1801b65bc4998fb605d3f86a08a8bde8f36e4d37d3f9553e865df5a491afdf9ed3071c0818dcfc9ca7a563bd5c374cb9777bf0f03760830a28dd5b93a3fd0779a9e36be7a3ca633dc5a897962d0cfeedbfd49d61843e72cbc93a376a470afc6d985a3b3e035c9d6540b8cb2561c83b63d9321668758fcaa9ff2752c0409bdc1e555c5499f7c1d82555472d97f56f36c090deb7e66aa3bcd404eeae35a1c98ff6bd6e0c7b36e8c58bb1df8d6ad239e2bf4a22af1b8041a7b9eb6135be1c7"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0xe18}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000004c0)={'syztnl1\x00', &(0x7f0000000440)={'gre0\x00', 0x0, 0x20, 0x40, 0x9, 0x3, {{0x11, 0x4, 0x3, 0x0, 0x44, 0x67, 0x0, 0xe8, 0x4, 0x0, @local, @remote, {[@ssrr={0x89, 0xb, 0x74, [@private=0xa010102, @loopback]}, @timestamp={0x44, 0x24, 0xf2, 0x0, 0x9, [0x1ffc00, 0xe, 0xff, 0x0, 0x7f, 0x40, 0x3, 0x0]}]}}}}})
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000c80)={'lo\x00', <r14=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r14, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18}}}]}, 0x48}}, 0x0)

0s ago: executing program 0 (id=4607):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x480, @loopback}}) (async)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e20, @empty}}) (async, rerun: 32)
syz_emit_ethernet(0x52, &(0x7f0000000100)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@timestamp_addr={0x44, 0xc, 0x5, 0x3, 0x0, [{@empty=0xe0}]}, @ssrr={0x89, 0xb, 0xce, [@multicast2, @remote]}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) (rerun: 32)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x5, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000956b00000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e21, 0x101, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4b}, 0xfffffeaa) (async)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) (async)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000100)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e22d991000000000000a80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}, {&(0x7f0000000080)="87ef241cf2a240a7d171e28328ac76bb79f8f5293942a755810ffcaebc6d4e27a12b39caa50655f003f9c19401412a3669b9862fca4fab7ce6427324679f4327589d3dc9924bffbca7fa9a201951d58e207e92c157173b13b2b75c16b8874543"}], 0x0)

kernel console output (not intermixed with test programs):

00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.139628][T15856] RSP: 002b:00007fd370107038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  321.139646][T15856] RAX: ffffffffffffffda RBX: 00007fd36f3e5fa0 RCX: 00007fd36f18efc9
[  321.139658][T15856] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000004
[  321.139670][T15856] RBP: 00007fd370107090 R08: 0000000000000000 R09: 0000000000000000
[  321.139681][T15856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.139691][T15856] R13: 00007fd36f3e6038 R14: 00007fd36f3e5fa0 R15: 00007ffe2a5e2558
[  321.139721][T15856]  </TASK>
[  321.679839][ T5829] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  321.690320][ T5829] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  321.714649][ T5829] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  321.726904][ T5829] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  321.744723][ T5829] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  321.852602][T15865] wg1 speed is unknown, defaulting to 1000
[  321.936641][T15880] FAULT_INJECTION: forcing a failure.
[  321.936641][T15880] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.968677][T15880] CPU: 0 UID: 0 PID: 15880 Comm: syz.4.3267 Not tainted syzkaller #0 PREEMPT(full) 
[  321.968704][T15880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  321.968714][T15880] Call Trace:
[  321.968721][T15880]  <TASK>
[  321.968730][T15880]  dump_stack_lvl+0x189/0x250
[  321.968757][T15880]  ? __pfx____ratelimit+0x10/0x10
[  321.968778][T15880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.968801][T15880]  ? __pfx__printk+0x10/0x10
[  321.968819][T15880]  ? __might_fault+0xb0/0x130
[  321.968854][T15880]  should_fail_ex+0x414/0x560
[  321.968884][T15880]  _copy_from_user+0x2d/0xb0
[  321.968906][T15880]  generic_map_update_batch+0x57c/0x7f0
[  321.968942][T15880]  ? __pfx_generic_map_update_batch+0x10/0x10
[  321.968964][T15880]  ? __fget_files+0x2a/0x420
[  321.968988][T15880]  ? __pfx_generic_map_update_batch+0x10/0x10
[  321.969010][T15880]  bpf_map_do_batch+0x39b/0x630
[  321.969035][T15880]  __sys_bpf+0x690/0x860
[  321.969055][T15880]  ? __pfx___sys_bpf+0x10/0x10
[  321.969088][T15880]  ? ksys_write+0x22a/0x250
[  321.969114][T15880]  ? __pfx_ksys_write+0x10/0x10
[  321.969149][T15880]  __x64_sys_bpf+0x7c/0x90
[  321.969173][T15880]  do_syscall_64+0xfa/0xfa0
[  321.969193][T15880]  ? lockdep_hardirqs_on+0x9c/0x150
[  321.969215][T15880]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.969232][T15880]  ? clear_bhb_loop+0x60/0xb0
[  321.969254][T15880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.969271][T15880] RIP: 0033:0x7f50c058efc9
[  321.969287][T15880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.969302][T15880] RSP: 002b:00007f50c1490038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  321.969322][T15880] RAX: ffffffffffffffda RBX: 00007f50c07e5fa0 RCX: 00007f50c058efc9
[  321.969336][T15880] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  321.969348][T15880] RBP: 00007f50c1490090 R08: 0000000000000000 R09: 0000000000000000
[  321.969358][T15880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  321.969368][T15880] R13: 00007f50c07e6038 R14: 00007f50c07e5fa0 R15: 00007ffe19cbc4c8
[  321.969397][T15880]  </TASK>
[  322.589490][T15899] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3273'.
[  322.843847][T15865] chnl_net:caif_netlink_parms(): no params data found
[  323.156196][T15931] FAULT_INJECTION: forcing a failure.
[  323.156196][T15931] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.190620][T15931] CPU: 1 UID: 0 PID: 15931 Comm: syz.0.3280 Not tainted syzkaller #0 PREEMPT(full) 
[  323.190647][T15931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  323.190658][T15931] Call Trace:
[  323.190665][T15931]  <TASK>
[  323.190674][T15931]  dump_stack_lvl+0x189/0x250
[  323.190702][T15931]  ? __pfx____ratelimit+0x10/0x10
[  323.190725][T15931]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.190748][T15931]  ? __pfx__printk+0x10/0x10
[  323.190767][T15931]  ? __might_fault+0xb0/0x130
[  323.190802][T15931]  should_fail_ex+0x414/0x560
[  323.190831][T15931]  _copy_from_user+0x2d/0xb0
[  323.190855][T15931]  generic_map_update_batch+0x525/0x7f0
[  323.190891][T15931]  ? __pfx_generic_map_update_batch+0x10/0x10
[  323.190914][T15931]  ? __fget_files+0x2a/0x420
[  323.190938][T15931]  ? __pfx_generic_map_update_batch+0x10/0x10
[  323.190960][T15931]  bpf_map_do_batch+0x39b/0x630
[  323.190990][T15931]  __sys_bpf+0x690/0x860
[  323.191011][T15931]  ? __pfx___sys_bpf+0x10/0x10
[  323.191044][T15931]  ? ksys_write+0x22a/0x250
[  323.191073][T15931]  ? __pfx_ksys_write+0x10/0x10
[  323.191102][T15931]  __x64_sys_bpf+0x7c/0x90
[  323.191127][T15931]  do_syscall_64+0xfa/0xfa0
[  323.191147][T15931]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.191169][T15931]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.191187][T15931]  ? clear_bhb_loop+0x60/0xb0
[  323.191209][T15931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.191225][T15931] RIP: 0033:0x7fd36f18efc9
[  323.191242][T15931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.191257][T15931] RSP: 002b:00007fd370107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  323.191277][T15931] RAX: ffffffffffffffda RBX: 00007fd36f3e5fa0 RCX: 00007fd36f18efc9
[  323.191290][T15931] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  323.191302][T15931] RBP: 00007fd370107090 R08: 0000000000000000 R09: 0000000000000000
[  323.191313][T15931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  323.191324][T15931] R13: 00007fd36f3e6038 R14: 00007fd36f3e5fa0 R15: 00007ffe2a5e2558
[  323.191355][T15931]  </TASK>
[  323.439158][T15936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3282'.
[  323.439372][T15865] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.456770][T15865] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.464086][T15865] bridge_slave_0: entered allmulticast mode
[  323.471876][T15865] bridge_slave_0: entered promiscuous mode
[  323.481673][T15865] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.488863][T15865] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.496209][T15865] bridge_slave_1: entered allmulticast mode
[  323.503963][T15865] bridge_slave_1: entered promiscuous mode
[  323.604728][T15865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.618701][T15865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.663045][T15938] netlink: 'syz.4.3283': attribute type 4 has an invalid length.
[  323.686153][T15938] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3283'.
[  323.697431][T15938] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3283'.
[  323.700122][T15865] team0: Port device team_slave_0 added
[  323.776961][T15865] team0: Port device team_slave_1 added
[  323.854482][ T5149] Bluetooth: hci1: command tx timeout
[  324.374940][T15971] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3289'.
[  325.420951][T15960] syzkaller0: entered promiscuous mode
[  325.429855][T15960] syzkaller0: entered allmulticast mode
[  325.585623][T15865] batman_adv: batadv0: Adding interface: batadv_slave_0
[  325.600459][T15865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.629732][T15865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  325.647413][T15865] batman_adv: batadv0: Adding interface: batadv_slave_1
[  325.654952][T15865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.683080][T15980] FAULT_INJECTION: forcing a failure.
[  325.683080][T15980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.689832][T15865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  325.698349][T15980] CPU: 1 UID: 0 PID: 15980 Comm: syz.1.3295 Not tainted syzkaller #0 PREEMPT(full) 
[  325.698375][T15980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  325.698385][T15980] Call Trace:
[  325.698392][T15980]  <TASK>
[  325.698400][T15980]  dump_stack_lvl+0x189/0x250
[  325.698428][T15980]  ? __pfx____ratelimit+0x10/0x10
[  325.698450][T15980]  ? __pfx_dump_stack_lvl+0x10/0x10
[  325.698471][T15980]  ? __pfx__printk+0x10/0x10
[  325.698489][T15980]  ? __might_fault+0xb0/0x130
[  325.698523][T15980]  should_fail_ex+0x414/0x560
[  325.698553][T15980]  _copy_from_user+0x2d/0xb0
[  325.698575][T15980]  generic_map_update_batch+0x57c/0x7f0
[  325.698610][T15980]  ? __pfx_generic_map_update_batch+0x10/0x10
[  325.698633][T15980]  ? __fget_files+0x2a/0x420
[  325.698655][T15980]  ? __pfx_generic_map_update_batch+0x10/0x10
[  325.698676][T15980]  bpf_map_do_batch+0x39b/0x630
[  325.698701][T15980]  __sys_bpf+0x690/0x860
[  325.698719][T15980]  ? __pfx___sys_bpf+0x10/0x10
[  325.698751][T15980]  ? ksys_write+0x22a/0x250
[  325.698776][T15980]  ? __pfx_ksys_write+0x10/0x10
[  325.698804][T15980]  __x64_sys_bpf+0x7c/0x90
[  325.698829][T15980]  do_syscall_64+0xfa/0xfa0
[  325.698848][T15980]  ? lockdep_hardirqs_on+0x9c/0x150
[  325.698869][T15980]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.698886][T15980]  ? clear_bhb_loop+0x60/0xb0
[  325.698907][T15980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.698923][T15980] RIP: 0033:0x7fa54e58efc9
[  325.698939][T15980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.698953][T15980] RSP: 002b:00007fa54f380038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  325.698973][T15980] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58efc9
[  325.698985][T15980] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  325.698997][T15980] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  325.699014][T15980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  325.699024][T15980] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  325.699054][T15980]  </TASK>
[  325.934682][ T5149] Bluetooth: hci1: command tx timeout
[  326.035383][T15990] netlink: 'syz.3.3298': attribute type 29 has an invalid length.
[  326.048349][T15991] netlink: 'syz.3.3298': attribute type 29 has an invalid length.
[  326.157751][T15996] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3300'.
[  326.187208][T15865] hsr_slave_0: entered promiscuous mode
[  326.218236][T15865] hsr_slave_1: entered promiscuous mode
[  326.246348][T15865] debugfs: 'hsr0' already exists in 'hsr'
[  326.252143][T15865] Cannot create hsr debugfs directory
[  326.325697][T16003] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3300'.
[  326.792385][T16028] FAULT_INJECTION: forcing a failure.
[  326.792385][T16028] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.815204][T16028] CPU: 1 UID: 0 PID: 16028 Comm: syz.0.3310 Not tainted syzkaller #0 PREEMPT(full) 
[  326.815230][T16028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  326.815241][T16028] Call Trace:
[  326.815248][T16028]  <TASK>
[  326.815256][T16028]  dump_stack_lvl+0x189/0x250
[  326.815285][T16028]  ? __pfx____ratelimit+0x10/0x10
[  326.815307][T16028]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.815329][T16028]  ? __pfx__printk+0x10/0x10
[  326.815348][T16028]  ? __might_fault+0xb0/0x130
[  326.815383][T16028]  should_fail_ex+0x414/0x560
[  326.815413][T16028]  _copy_from_user+0x2d/0xb0
[  326.815436][T16028]  generic_map_update_batch+0x525/0x7f0
[  326.815472][T16028]  ? __pfx_generic_map_update_batch+0x10/0x10
[  326.815495][T16028]  ? __fget_files+0x2a/0x420
[  326.815519][T16028]  ? __pfx_generic_map_update_batch+0x10/0x10
[  326.815541][T16028]  bpf_map_do_batch+0x39b/0x630
[  326.815566][T16028]  __sys_bpf+0x690/0x860
[  326.815584][T16028]  ? __pfx___sys_bpf+0x10/0x10
[  326.815625][T16028]  ? ksys_write+0x22a/0x250
[  326.815650][T16028]  ? __pfx_ksys_write+0x10/0x10
[  326.815678][T16028]  __x64_sys_bpf+0x7c/0x90
[  326.815703][T16028]  do_syscall_64+0xfa/0xfa0
[  326.815723][T16028]  ? lockdep_hardirqs_on+0x9c/0x150
[  326.815744][T16028]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.815761][T16028]  ? clear_bhb_loop+0x60/0xb0
[  326.815781][T16028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.815798][T16028] RIP: 0033:0x7fd36f18efc9
[  326.815814][T16028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.815829][T16028] RSP: 002b:00007fd370107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  326.815847][T16028] RAX: ffffffffffffffda RBX: 00007fd36f3e5fa0 RCX: 00007fd36f18efc9
[  326.815860][T16028] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  326.815871][T16028] RBP: 00007fd370107090 R08: 0000000000000000 R09: 0000000000000000
[  326.815882][T16028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  326.815892][T16028] R13: 00007fd36f3e6038 R14: 00007fd36f3e5fa0 R15: 00007ffe2a5e2558
[  326.815925][T16028]  </TASK>
[  327.051926][T16033] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3308'.
[  328.014335][ T5149] Bluetooth: hci1: command tx timeout
[  328.605869][T16043] netlink: 'syz.0.3314': attribute type 3 has an invalid length.
[  328.696617][T16047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3316'.
[  328.742139][T16047] netlink: 'syz.4.3316': attribute type 12 has an invalid length.
[  328.895367][T16062] FAULT_INJECTION: forcing a failure.
[  328.895367][T16062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.917582][T16062] CPU: 1 UID: 0 PID: 16062 Comm: syz.4.3321 Not tainted syzkaller #0 PREEMPT(full) 
[  328.917607][T16062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  328.917618][T16062] Call Trace:
[  328.917624][T16062]  <TASK>
[  328.917631][T16062]  dump_stack_lvl+0x189/0x250
[  328.917659][T16062]  ? __pfx____ratelimit+0x10/0x10
[  328.917680][T16062]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.917702][T16062]  ? __pfx__printk+0x10/0x10
[  328.917719][T16062]  ? __might_fault+0xb0/0x130
[  328.917753][T16062]  should_fail_ex+0x414/0x560
[  328.917784][T16062]  _copy_from_user+0x2d/0xb0
[  328.917806][T16062]  generic_map_update_batch+0x57c/0x7f0
[  328.917843][T16062]  ? __pfx_generic_map_update_batch+0x10/0x10
[  328.917866][T16062]  ? __fget_files+0x2a/0x420
[  328.917890][T16062]  ? __pfx_generic_map_update_batch+0x10/0x10
[  328.917912][T16062]  bpf_map_do_batch+0x39b/0x630
[  328.917937][T16062]  __sys_bpf+0x690/0x860
[  328.917956][T16062]  ? __pfx___sys_bpf+0x10/0x10
[  328.917990][T16062]  ? ksys_write+0x22a/0x250
[  328.918016][T16062]  ? __pfx_ksys_write+0x10/0x10
[  328.918044][T16062]  __x64_sys_bpf+0x7c/0x90
[  328.918069][T16062]  do_syscall_64+0xfa/0xfa0
[  328.918089][T16062]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.918110][T16062]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.918128][T16062]  ? clear_bhb_loop+0x60/0xb0
[  328.918149][T16062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.918166][T16062] RIP: 0033:0x7f50c058efc9
[  328.918181][T16062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.918197][T16062] RSP: 002b:00007f50c1490038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  328.918217][T16062] RAX: ffffffffffffffda RBX: 00007f50c07e5fa0 RCX: 00007f50c058efc9
[  328.918230][T16062] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  328.918241][T16062] RBP: 00007f50c1490090 R08: 0000000000000000 R09: 0000000000000000
[  328.918252][T16062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.918263][T16062] R13: 00007f50c07e6038 R14: 00007f50c07e5fa0 R15: 00007ffe19cbc4c8
[  328.918294][T16062]  </TASK>
[  329.209667][T16070] netlink: 'syz.1.3323': attribute type 1 has an invalid length.
[  329.231826][T16070] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3323'.
[  329.270173][T15865] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  329.296987][T15865] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  329.300898][T16074] netlink: 'syz.1.3323': attribute type 1 has an invalid length.
[  329.319913][T15865] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  329.322195][T16074] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3323'.
[  329.356793][T15865] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  330.086229][ T5149] Bluetooth: hci1: command tx timeout
[  331.119987][T16110] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3331'.
[  331.197510][T15865] 8021q: adding VLAN 0 to HW filter on device bond0
[  331.233047][T15865] 8021q: adding VLAN 0 to HW filter on device team0
[  331.422313][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.429590][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.492644][T16127] netlink: 'syz.3.3336': attribute type 3 has an invalid length.
[  331.527371][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.534649][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.907471][T16152] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3342'.
[  332.006526][T16155] bond9: (slave bond_slave_1): Device is not bonding slave
[  332.013930][T16155] bond9: option active_slave: invalid value (bond_slave_1)
[  332.023603][T16155] bond9 (unregistering): Released all slaves
[  333.506611][T15865] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.577631][T15865] veth0_vlan: entered promiscuous mode
[  333.612347][T15865] veth1_vlan: entered promiscuous mode
[  333.618639][T16168] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3346'.
[  333.672500][T15865] veth0_macvtap: entered promiscuous mode
[  333.711160][T16170] netlink: 'syz.3.3347': attribute type 3 has an invalid length.
[  333.712303][T15865] veth1_macvtap: entered promiscuous mode
[  333.785620][T15865] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.857315][T15865] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.933903][T16185] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3353'.
[  333.943563][T16185] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  333.952717][   T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.965236][   T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.975464][   T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.987930][   T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.082618][T16190] FAULT_INJECTION: forcing a failure.
[  334.082618][T16190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.097760][T16190] CPU: 0 UID: 0 PID: 16190 Comm: syz.3.3355 Not tainted syzkaller #0 PREEMPT(full) 
[  334.097785][T16190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.097796][T16190] Call Trace:
[  334.097803][T16190]  <TASK>
[  334.097812][T16190]  dump_stack_lvl+0x189/0x250
[  334.097839][T16190]  ? __pfx____ratelimit+0x10/0x10
[  334.097861][T16190]  ? __pfx_dump_stack_lvl+0x10/0x10
[  334.097884][T16190]  ? __pfx__printk+0x10/0x10
[  334.097903][T16190]  ? __might_fault+0xb0/0x130
[  334.097937][T16190]  should_fail_ex+0x414/0x560
[  334.097968][T16190]  _copy_from_user+0x2d/0xb0
[  334.097990][T16190]  generic_map_update_batch+0x57c/0x7f0
[  334.098026][T16190]  ? __pfx_generic_map_update_batch+0x10/0x10
[  334.098049][T16190]  ? __fget_files+0x2a/0x420
[  334.098077][T16190]  ? __pfx_generic_map_update_batch+0x10/0x10
[  334.098104][T16190]  bpf_map_do_batch+0x39b/0x630
[  334.098126][T16190]  __sys_bpf+0x690/0x860
[  334.098142][T16190]  ? __pfx___sys_bpf+0x10/0x10
[  334.098172][T16190]  ? ksys_write+0x22a/0x250
[  334.098195][T16190]  ? __pfx_ksys_write+0x10/0x10
[  334.098224][T16190]  __x64_sys_bpf+0x7c/0x90
[  334.098248][T16190]  do_syscall_64+0xfa/0xfa0
[  334.098268][T16190]  ? lockdep_hardirqs_on+0x9c/0x150
[  334.098290][T16190]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.098307][T16190]  ? clear_bhb_loop+0x60/0xb0
[  334.098329][T16190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.098346][T16190] RIP: 0033:0x7f126e38efc9
[  334.098362][T16190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.098378][T16190] RSP: 002b:00007f126f2cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  334.098398][T16190] RAX: ffffffffffffffda RBX: 00007f126e5e5fa0 RCX: 00007f126e38efc9
[  334.098412][T16190] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  334.098423][T16190] RBP: 00007f126f2cc090 R08: 0000000000000000 R09: 0000000000000000
[  334.098434][T16190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  334.098444][T16190] R13: 00007f126e5e6038 R14: 00007f126e5e5fa0 R15: 00007fffb60342c8
[  334.098475][T16190]  </TASK>
[  334.582663][  T755] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.610694][  T755] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.692958][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.711441][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.729408][T16210] netlink: 'syz.0.3361': attribute type 3 has an invalid length.
[  334.832760][T16214] tipc: Started in network mode
[  334.837811][T16214] tipc: Node identity ee863956d0ed, cluster identity 4711
[  334.868732][T16214] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  334.897262][T16218] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3257'.
[  334.916246][T16214] syzkaller0: entered promiscuous mode
[  334.921749][T16214] syzkaller0: entered allmulticast mode
[  334.967600][T16222] FAULT_INJECTION: forcing a failure.
[  334.967600][T16222] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.985038][T16222] CPU: 1 UID: 0 PID: 16222 Comm: syz.0.3367 Not tainted syzkaller #0 PREEMPT(full) 
[  334.985065][T16222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.985076][T16222] Call Trace:
[  334.985083][T16222]  <TASK>
[  334.985091][T16222]  dump_stack_lvl+0x189/0x250
[  334.985118][T16222]  ? __pfx____ratelimit+0x10/0x10
[  334.985139][T16222]  ? __pfx_dump_stack_lvl+0x10/0x10
[  334.985160][T16222]  ? __pfx__printk+0x10/0x10
[  334.985178][T16222]  ? __might_fault+0xb0/0x130
[  334.985209][T16222]  should_fail_ex+0x414/0x560
[  334.985238][T16222]  _copy_from_user+0x2d/0xb0
[  334.985260][T16222]  generic_map_update_batch+0x525/0x7f0
[  334.985296][T16222]  ? __pfx_generic_map_update_batch+0x10/0x10
[  334.985317][T16222]  ? __fget_files+0x2a/0x420
[  334.985339][T16222]  ? __pfx_generic_map_update_batch+0x10/0x10
[  334.985358][T16222]  bpf_map_do_batch+0x39b/0x630
[  334.985379][T16222]  __sys_bpf+0x690/0x860
[  334.985395][T16222]  ? __pfx___sys_bpf+0x10/0x10
[  334.985426][T16222]  ? ksys_write+0x22a/0x250
[  334.985451][T16222]  ? __pfx_ksys_write+0x10/0x10
[  334.985477][T16222]  __x64_sys_bpf+0x7c/0x90
[  334.985499][T16222]  do_syscall_64+0xfa/0xfa0
[  334.985518][T16222]  ? lockdep_hardirqs_on+0x9c/0x150
[  334.985537][T16222]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.985552][T16222]  ? clear_bhb_loop+0x60/0xb0
[  334.985572][T16222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.985589][T16222] RIP: 0033:0x7fd36f18efc9
[  334.985606][T16222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.985620][T16222] RSP: 002b:00007fd370107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  334.985640][T16222] RAX: ffffffffffffffda RBX: 00007fd36f3e5fa0 RCX: 00007fd36f18efc9
[  334.985652][T16222] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  334.985662][T16222] RBP: 00007fd370107090 R08: 0000000000000000 R09: 0000000000000000
[  334.985673][T16222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  334.985682][T16222] R13: 00007fd36f3e6038 R14: 00007fd36f3e5fa0 R15: 00007ffe2a5e2558
[  334.985712][T16222]  </TASK>
[  335.294546][T16224] tipc: Resetting bearer <eth:syzkaller0>
[  335.329538][T16212] tipc: Resetting bearer <eth:syzkaller0>
[  335.367371][T16212] tipc: Disabling bearer <eth:syzkaller0>
[  335.504820][T16226] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3369'.
[  335.532561][ T5829] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  335.546602][ T5829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  335.555260][ T5829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  335.563364][ T5829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  335.571676][ T5829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  335.611458][T16234] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3372'.
[  335.757583][T16241] netlink: 'syz.1.3374': attribute type 3 has an invalid length.
[  335.938751][T16248] tipc: Started in network mode
[  335.946658][T16248] tipc: Node identity ba039788fb34, cluster identity 4711
[  335.959268][T16253] netlink: 596 bytes leftover after parsing attributes in process `syz.3.3375'.
[  335.995783][T16248] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  336.002502][T16231] wg1 speed is unknown, defaulting to 1000
[  336.025209][T16249] syzkaller0: entered promiscuous mode
[  336.031380][T16249] syzkaller0: entered allmulticast mode
[  336.086405][T16258] FAULT_INJECTION: forcing a failure.
[  336.086405][T16258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.103974][T16249] tipc: Resetting bearer <eth:syzkaller0>
[  336.114208][T16258] CPU: 1 UID: 0 PID: 16258 Comm: syz.1.3379 Not tainted syzkaller #0 PREEMPT(full) 
[  336.114235][T16258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  336.114246][T16258] Call Trace:
[  336.114254][T16258]  <TASK>
[  336.114262][T16258]  dump_stack_lvl+0x189/0x250
[  336.114290][T16258]  ? __pfx____ratelimit+0x10/0x10
[  336.114311][T16258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.114334][T16258]  ? __pfx__printk+0x10/0x10
[  336.114351][T16258]  ? __might_fault+0xb0/0x130
[  336.114383][T16258]  should_fail_ex+0x414/0x560
[  336.114412][T16258]  _copy_from_user+0x2d/0xb0
[  336.114434][T16258]  generic_map_update_batch+0x57c/0x7f0
[  336.114467][T16258]  ? __pfx_generic_map_update_batch+0x10/0x10
[  336.114489][T16258]  ? __fget_files+0x2a/0x420
[  336.114511][T16258]  ? __pfx_generic_map_update_batch+0x10/0x10
[  336.114531][T16258]  bpf_map_do_batch+0x39b/0x630
[  336.114553][T16258]  __sys_bpf+0x690/0x860
[  336.114572][T16258]  ? __pfx___sys_bpf+0x10/0x10
[  336.114606][T16258]  ? ksys_write+0x22a/0x250
[  336.114630][T16258]  ? __pfx_ksys_write+0x10/0x10
[  336.114658][T16258]  __x64_sys_bpf+0x7c/0x90
[  336.114680][T16258]  do_syscall_64+0xfa/0xfa0
[  336.114699][T16258]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.114719][T16258]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.114744][T16258]  ? clear_bhb_loop+0x60/0xb0
[  336.114765][T16258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.114781][T16258] RIP: 0033:0x7fa54e58efc9
[  336.114796][T16258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.114811][T16258] RSP: 002b:00007fa54f380038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  336.114830][T16258] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58efc9
[  336.114843][T16258] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  336.114854][T16258] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  336.114864][T16258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  336.114873][T16258] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  336.114902][T16258]  </TASK>
[  336.358333][T16249] tipc: Disabling bearer <eth:syzkaller0>
[  336.399148][T16262] bond1: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms
[  336.471552][T16270] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3383'.
[  336.481712][T16270] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3383'.
[  336.589101][T16271] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.597399][T16271] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.689312][T16275] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  337.711643][ T5829] Bluetooth: hci2: command tx timeout
[  338.298449][T16279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3386'.
[  338.322799][T16288] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  338.705997][T16231] chnl_net:caif_netlink_parms(): no params data found
[  338.741174][T16318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3394'.
[  338.830241][T16321] netlink: 'syz.2.3399': attribute type 29 has an invalid length.
[  338.853688][T16325] xt_limit: Overflow, try lower: 604147548/4200216962
[  338.923001][T16231] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.931102][T16231] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.941532][T16231] bridge_slave_0: entered allmulticast mode
[  338.950849][T16231] bridge_slave_0: entered promiscuous mode
[  338.959497][T16329] FAULT_INJECTION: forcing a failure.
[  338.959497][T16329] name failslab, interval 1, probability 0, space 0, times 0
[  338.973040][T16329] CPU: 0 UID: 0 PID: 16329 Comm: syz.2.3401 Not tainted syzkaller #0 PREEMPT(full) 
[  338.973063][T16329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  338.973072][T16329] Call Trace:
[  338.973079][T16329]  <TASK>
[  338.973087][T16329]  dump_stack_lvl+0x189/0x250
[  338.973115][T16329]  ? __pfx____ratelimit+0x10/0x10
[  338.973137][T16329]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.973159][T16329]  ? __pfx__printk+0x10/0x10
[  338.973184][T16329]  ? __pfx___might_resched+0x10/0x10
[  338.973207][T16329]  should_fail_ex+0x414/0x560
[  338.973235][T16329]  should_failslab+0xa8/0x100
[  338.973250][T16329]  kmem_cache_alloc_lru_noprof+0x79/0x6d0
[  338.973263][T16329]  ? __d_alloc+0x36/0x7a0
[  338.973278][T16329]  __d_alloc+0x36/0x7a0
[  338.973291][T16329]  d_alloc_parallel+0xe1/0x1610
[  338.973303][T16329]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  338.973318][T16329]  ? rcu_is_watching+0x15/0xb0
[  338.973329][T16329]  ? trace_irq_disable+0x37/0x110
[  338.973342][T16329]  ? rcu_is_watching+0x15/0xb0
[  338.973363][T16329]  ? irqentry_exit+0x74/0x90
[  338.973375][T16329]  ? __pfx_d_alloc_parallel+0x10/0x10
[  338.973390][T16329]  ? __raw_spin_lock_init+0x45/0x100
[  338.973404][T16329]  ? __init_waitqueue_head+0xa9/0x150
[  338.973420][T16329]  __lookup_slow+0x116/0x3d0
[  338.973433][T16329]  ? __pfx___lookup_slow+0x10/0x10
[  338.973454][T16329]  ? d_lookup+0x8a/0xa0
[  338.973465][T16329]  ? lookup_noperm+0x112/0x220
[  338.973478][T16329]  simple_start_creating+0xfd/0x1e0
[  338.973489][T16329]  ? __pfx_simple_start_creating+0x10/0x10
[  338.973499][T16329]  ? do_raw_spin_unlock+0x122/0x240
[  338.973512][T16329]  ? mntput+0x65/0xc0
[  338.973527][T16329]  debugfs_start_creating+0x10f/0x180
[  338.973543][T16329]  debugfs_create_dir+0x28/0x420
[  338.973559][T16329]  ieee80211_debugfs_key_add+0x154/0x530
[  338.973577][T16329]  ? __pfx_ieee80211_debugfs_key_add+0x10/0x10
[  338.973590][T16329]  ? ieee80211_key_enable_hw_accel+0x784/0xbc0
[  338.973620][T16329]  ieee80211_key_link+0x119b/0x16c0
[  338.973640][T16329]  ? __pfx_ieee80211_key_link+0x10/0x10
[  338.973650][T16329]  ? trace_kmalloc+0x1f/0xd0
[  338.973662][T16329]  ? __kmalloc_noprof+0x432/0x7f0
[  338.973674][T16329]  ? ieee80211_key_alloc+0x15ee/0x24a0
[  338.973687][T16329]  ? __asan_memcpy+0x40/0x70
[  338.973700][T16329]  ? ieee80211_key_alloc+0x15ee/0x24a0
[  338.973715][T16329]  ieee80211_add_key+0x8f4/0xbd0
[  338.973732][T16329]  rdev_add_key+0x13e/0x300
[  338.973749][T16329]  cfg80211_set_encryption+0x6d5/0x15c0
[  338.973770][T16329]  cfg80211_wext_siwencode+0x43f/0x740
[  338.973790][T16329]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  338.973812][T16329]  ioctl_standard_iw_point+0x689/0xd40
[  338.973834][T16329]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  338.973847][T16329]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  338.973861][T16329]  ? __pfx___mutex_lock+0x10/0x10
[  338.973877][T16329]  ? full_name_hash+0x92/0xe0
[  338.973888][T16329]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  338.973900][T16329]  ioctl_standard_call+0xaf/0x1b0
[  338.973916][T16329]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  338.973927][T16329]  wext_ioctl_dispatch+0xee/0x410
[  338.973939][T16329]  ? __pfx_ioctl_standard_call+0x10/0x10
[  338.973954][T16329]  wext_handle_ioctl+0x100/0x1c0
[  338.973969][T16329]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  338.973992][T16329]  sock_ioctl+0x15f/0x790
[  338.974006][T16329]  ? __pfx_sock_ioctl+0x10/0x10
[  338.974019][T16329]  ? __fget_files+0x3a0/0x420
[  338.974028][T16329]  ? __fget_files+0x2a/0x420
[  338.974043][T16329]  ? bpf_lsm_file_ioctl+0x9/0x20
[  338.974060][T16329]  ? __pfx_sock_ioctl+0x10/0x10
[  338.974078][T16329]  __se_sys_ioctl+0xfc/0x170
[  338.974101][T16329]  do_syscall_64+0xfa/0xfa0
[  338.974120][T16329]  ? lockdep_hardirqs_on+0x9c/0x150
[  338.974139][T16329]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.974155][T16329]  ? clear_bhb_loop+0x60/0xb0
[  338.974176][T16329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.974192][T16329] RIP: 0033:0x7f984998efc9
[  338.974208][T16329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.974221][T16329] RSP: 002b:00007f984a7cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  338.974239][T16329] RAX: ffffffffffffffda RBX: 00007f9849be5fa0 RCX: 00007f984998efc9
[  338.974252][T16329] RDX: 0000200000000040 RSI: 0000000000008b2a RDI: 0000000000000004
[  338.974263][T16329] RBP: 00007f984a7cd090 R08: 0000000000000000 R09: 0000000000000000
[  338.974274][T16329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.974284][T16329] R13: 00007f9849be6038 R14: 00007f9849be5fa0 R15: 00007ffe5bdc3d48
[  338.974317][T16329]  </TASK>
[  339.440226][T16231] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.451058][T16231] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.458711][T16231] bridge_slave_1: entered allmulticast mode
[  339.466680][T16231] bridge_slave_1: entered promiscuous mode
[  339.510364][T16334] netlink: 'syz.2.3403': attribute type 11 has an invalid length.
[  339.590977][T16337] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3405'.
[  339.623958][T16338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3404'.
[  339.659483][T16231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.720014][T16231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.764761][ T5829] Bluetooth: hci2: command tx timeout
[  339.791126][T16231] team0: Port device team_slave_0 added
[  339.800772][T16231] team0: Port device team_slave_1 added
[  339.900911][T16231] batman_adv: batadv0: Adding interface: batadv_slave_0
[  339.907935][T16231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  339.935842][T16231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  339.974313][T16231] batman_adv: batadv0: Adding interface: batadv_slave_1
[  339.981308][T16231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  340.042589][T16231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.159126][T16231] hsr_slave_0: entered promiscuous mode
[  340.177774][T16231] hsr_slave_1: entered promiscuous mode
[  340.184674][T16231] debugfs: 'hsr0' already exists in 'hsr'
[  340.190570][T16231] Cannot create hsr debugfs directory
[  340.199496][T16368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3415'.
[  340.341978][T16377] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3419'.
[  340.358180][T16375] netlink: 'syz.3.3418': attribute type 24 has an invalid length.
[  340.364221][T16377] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3419'.
[  340.394477][T16377] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3419'.
[  340.409862][T16377] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3419'.
[  340.431173][T16378] bond1: option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  340.434496][T16377] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3419'.
[  340.453218][T16377] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3419'.
[  340.455582][T16378] bond1 (unregistering): Released all slaves
[  340.485834][T16377] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3419'.
[  340.517510][T16381] IPVS: Error connecting to the multicast addr
[  340.618537][T16378] bond1: option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  340.632795][T16378] bond1 (unregistering): Released all slaves
[  340.764674][T16378] bond1: option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  340.780771][T16378] bond1 (unregistering): Released all slaves
[  340.926480][T16378] bond1: option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  340.941404][T16393] Unsupported ieee802154 address type: 0
[  340.951201][T16378] bond1 (unregistering): Released all slaves
[  340.979597][T16396] Unsupported ieee802154 address type: 0
[  341.123086][T16231] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  341.135527][T16231] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.178908][T16378] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  341.367990][T16408] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.388360][T16408] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  341.398831][T16408] bond0 (unregistering): Released all slaves
[  341.440154][T16231] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  341.451065][T16231] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.550519][T16231] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  341.563815][T16231] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.660832][T16231] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  341.694430][T16231] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.844643][ T5829] Bluetooth: hci2: command tx timeout
[  341.949028][T16231] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  342.002252][T16231] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  342.030928][T16231] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  342.060948][T16231] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  342.101795][T16435] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  342.375148][T16231] 8021q: adding VLAN 0 to HW filter on device bond0
[  342.420453][T16231] 8021q: adding VLAN 0 to HW filter on device team0
[  342.453147][ T2986] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.460424][ T2986] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.470547][T16469] Bluetooth: MGMT ver 1.23
[  342.520149][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.527383][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[  342.789343][T16231] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  343.057739][T16491] pimreg: entered allmulticast mode
[  343.152536][T16231] 8021q: adding VLAN 0 to HW filter on device batadv0
[  343.282028][T16505] tipc: Started in network mode
[  343.315082][T16505] tipc: Node identity 7e6a969d648d, cluster identity 4711
[  343.322526][T16505] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  343.350299][T16503] syzkaller0: entered promiscuous mode
[  343.390997][T16503] syzkaller0: entered allmulticast mode
[  343.416792][T16513] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  343.512259][T16505] tipc: Resetting bearer <eth:syzkaller0>
[  343.547541][T16522] netlink: 'syz.0.3453': attribute type 3 has an invalid length.
[  343.601440][T16505] tipc: Resetting bearer <eth:syzkaller0>
[  343.652028][T16505] tipc: Disabling bearer <eth:syzkaller0>
[  343.918431][T16231] veth0_vlan: entered promiscuous mode
[  343.924959][ T5829] Bluetooth: hci2: command tx timeout
[  343.946903][T16538] netlink: 'syz.3.3457': attribute type 10 has an invalid length.
[  343.959463][T16231] veth1_vlan: entered promiscuous mode
[  344.106097][T16231] veth0_macvtap: entered promiscuous mode
[  344.131066][T16231] veth1_macvtap: entered promiscuous mode
[  344.186944][T16231] batman_adv: batadv0: Interface activated: batadv_slave_0
[  344.202754][T16549] FAULT_INJECTION: forcing a failure.
[  344.202754][T16549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.231644][T16549] CPU: 0 UID: 0 PID: 16549 Comm: syz.2.3461 Not tainted syzkaller #0 PREEMPT(full) 
[  344.231671][T16549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  344.231683][T16549] Call Trace:
[  344.231690][T16549]  <TASK>
[  344.231697][T16549]  dump_stack_lvl+0x189/0x250
[  344.231724][T16549]  ? __pfx____ratelimit+0x10/0x10
[  344.231743][T16549]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.231764][T16549]  ? __pfx__printk+0x10/0x10
[  344.231782][T16549]  ? __might_fault+0xb0/0x130
[  344.231814][T16549]  should_fail_ex+0x414/0x560
[  344.231843][T16549]  _copy_from_user+0x2d/0xb0
[  344.231866][T16549]  generic_map_update_batch+0x57c/0x7f0
[  344.231902][T16549]  ? __pfx_generic_map_update_batch+0x10/0x10
[  344.231924][T16549]  ? __fget_files+0x2a/0x420
[  344.231946][T16549]  ? __pfx_generic_map_update_batch+0x10/0x10
[  344.231968][T16549]  bpf_map_do_batch+0x39b/0x630
[  344.231992][T16549]  __sys_bpf+0x690/0x860
[  344.232012][T16549]  ? __pfx___sys_bpf+0x10/0x10
[  344.232042][T16549]  ? ksys_write+0x22a/0x250
[  344.232067][T16549]  ? __pfx_ksys_write+0x10/0x10
[  344.232094][T16549]  __x64_sys_bpf+0x7c/0x90
[  344.232116][T16549]  do_syscall_64+0xfa/0xfa0
[  344.232137][T16549]  ? lockdep_hardirqs_on+0x9c/0x150
[  344.232155][T16549]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.232177][T16549]  ? clear_bhb_loop+0x60/0xb0
[  344.232199][T16549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.232215][T16549] RIP: 0033:0x7f984998efc9
[  344.232231][T16549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.232246][T16549] RSP: 002b:00007f984a7cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  344.232265][T16549] RAX: ffffffffffffffda RBX: 00007f9849be5fa0 RCX: 00007f984998efc9
[  344.232278][T16549] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  344.232289][T16549] RBP: 00007f984a7cd090 R08: 0000000000000000 R09: 0000000000000000
[  344.232299][T16549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  344.232309][T16549] R13: 00007f9849be6038 R14: 00007f9849be5fa0 R15: 00007ffe5bdc3d48
[  344.232338][T16549]  </TASK>
[  344.237569][T16231] batman_adv: batadv0: Interface activated: batadv_slave_1
[  344.491856][T16564] netlink: 'syz.0.3465': attribute type 29 has an invalid length.
[  344.520122][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  344.570155][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  344.584783][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  344.611885][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  344.619633][T16572] netlink: 'syz.1.3468': attribute type 3 has an invalid length.
[  344.764005][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.783575][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.919258][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.944601][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.997138][T16585] wg1 speed is unknown, defaulting to 1000
[  345.028144][T16588] FAULT_INJECTION: forcing a failure.
[  345.028144][T16588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.047183][T16590] __nla_validate_parse: 135 callbacks suppressed
[  345.047203][T16590] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3476'.
[  345.088950][T16588] CPU: 1 UID: 0 PID: 16588 Comm: syz.1.3475 Not tainted syzkaller #0 PREEMPT(full) 
[  345.088975][T16588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  345.088986][T16588] Call Trace:
[  345.088993][T16588]  <TASK>
[  345.089001][T16588]  dump_stack_lvl+0x189/0x250
[  345.089029][T16588]  ? __pfx____ratelimit+0x10/0x10
[  345.089050][T16588]  ? __pfx_dump_stack_lvl+0x10/0x10
[  345.089073][T16588]  ? __pfx__printk+0x10/0x10
[  345.089092][T16588]  ? __might_fault+0xb0/0x130
[  345.089126][T16588]  should_fail_ex+0x414/0x560
[  345.089156][T16588]  _copy_from_user+0x2d/0xb0
[  345.089179][T16588]  generic_map_update_batch+0x525/0x7f0
[  345.089215][T16588]  ? __pfx_generic_map_update_batch+0x10/0x10
[  345.089238][T16588]  ? __fget_files+0x2a/0x420
[  345.089260][T16588]  ? __pfx_generic_map_update_batch+0x10/0x10
[  345.089281][T16588]  bpf_map_do_batch+0x39b/0x630
[  345.089303][T16588]  __sys_bpf+0x690/0x860
[  345.089321][T16588]  ? __pfx___sys_bpf+0x10/0x10
[  345.089352][T16588]  ? ksys_write+0x22a/0x250
[  345.089378][T16588]  ? __pfx_ksys_write+0x10/0x10
[  345.089406][T16588]  __x64_sys_bpf+0x7c/0x90
[  345.089430][T16588]  do_syscall_64+0xfa/0xfa0
[  345.089451][T16588]  ? lockdep_hardirqs_on+0x9c/0x150
[  345.089472][T16588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.089490][T16588]  ? clear_bhb_loop+0x60/0xb0
[  345.089511][T16588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.089528][T16588] RIP: 0033:0x7fa54e58efc9
[  345.089544][T16588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.089559][T16588] RSP: 002b:00007fa54f380038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  345.089578][T16588] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58efc9
[  345.089590][T16588] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  345.089601][T16588] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  345.089613][T16588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  345.089623][T16588] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  345.089655][T16588]  </TASK>
[  345.379804][T16597] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3477'.
[  345.441499][T16600] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3479'.
[  345.452832][T16600] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3479'.
[  345.593210][T16600] netlink: 'syz.3.3479': attribute type 12 has an invalid length.
[  345.671068][T16600] bond2: option primary_reselect: invalid value (255)
[  345.680782][T16600] bond2 (unregistering): Released all slaves
[  345.822422][T16619] netlink: 'syz.0.3483': attribute type 3 has an invalid length.
[  345.944283][T16630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3487'.
[  345.985739][T16630] 8021q: VLANs not supported on ipvlan1
[  346.036369][T16634] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3489'.
[  346.121649][T16636] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3489'.
[  346.202298][T16640] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3491'.
[  346.383311][T16650] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3492'.
[  346.413232][T16654] netlink: 'syz.0.3494': attribute type 1 has an invalid length.
[  346.435204][T16658] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3496'.
[  346.690948][T16671] bond3: Unable to set peer notification delay as MII monitoring is disabled
[  346.702576][T16671] bond3 (unregistering): Released all slaves
[  347.041939][T16687] netlink: 'syz.4.3506': attribute type 1 has an invalid length.
[  347.197243][T16698] FAULT_INJECTION: forcing a failure.
[  347.197243][T16698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.211929][T16698] CPU: 1 UID: 0 PID: 16698 Comm: syz.3.3511 Not tainted syzkaller #0 PREEMPT(full) 
[  347.211955][T16698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  347.211966][T16698] Call Trace:
[  347.211973][T16698]  <TASK>
[  347.211980][T16698]  dump_stack_lvl+0x189/0x250
[  347.212007][T16698]  ? __pfx____ratelimit+0x10/0x10
[  347.212029][T16698]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.212052][T16698]  ? __pfx__printk+0x10/0x10
[  347.212071][T16698]  ? __might_fault+0xb0/0x130
[  347.212105][T16698]  should_fail_ex+0x414/0x560
[  347.212135][T16698]  _copy_from_user+0x2d/0xb0
[  347.212158][T16698]  generic_map_update_batch+0x525/0x7f0
[  347.212194][T16698]  ? __pfx_generic_map_update_batch+0x10/0x10
[  347.212217][T16698]  ? __fget_files+0x2a/0x420
[  347.212241][T16698]  ? __pfx_generic_map_update_batch+0x10/0x10
[  347.212262][T16698]  bpf_map_do_batch+0x39b/0x630
[  347.212287][T16698]  __sys_bpf+0x690/0x860
[  347.212306][T16698]  ? __pfx___sys_bpf+0x10/0x10
[  347.212340][T16698]  ? ksys_write+0x22a/0x250
[  347.212365][T16698]  ? __pfx_ksys_write+0x10/0x10
[  347.212394][T16698]  __x64_sys_bpf+0x7c/0x90
[  347.212419][T16698]  do_syscall_64+0xfa/0xfa0
[  347.212438][T16698]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.212460][T16698]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.212478][T16698]  ? clear_bhb_loop+0x60/0xb0
[  347.212498][T16698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.212516][T16698] RIP: 0033:0x7f126e38efc9
[  347.212532][T16698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.212547][T16698] RSP: 002b:00007f126f2cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  347.212567][T16698] RAX: ffffffffffffffda RBX: 00007f126e5e5fa0 RCX: 00007f126e38efc9
[  347.212580][T16698] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  347.212592][T16698] RBP: 00007f126f2cc090 R08: 0000000000000000 R09: 0000000000000000
[  347.212603][T16698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  347.212613][T16698] R13: 00007f126e5e6038 R14: 00007f126e5e5fa0 R15: 00007fffb60342c8
[  347.212644][T16698]  </TASK>
[  347.502076][T16703] tls_set_device_offload_rx: netdev not found
[  347.738095][T16722] netlink: 'syz.3.3518': attribute type 1 has an invalid length.
[  347.785744][T16724] netlink: 'syz.0.3519': attribute type 4 has an invalid length.
[  347.823850][T16724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  347.836625][T16724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  347.850719][T16724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  347.988936][T16733] netlink: 'syz.2.3522': attribute type 29 has an invalid length.
[  348.119076][T16743] FAULT_INJECTION: forcing a failure.
[  348.119076][T16743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.139153][T16743] CPU: 0 UID: 0 PID: 16743 Comm: syz.3.3523 Not tainted syzkaller #0 PREEMPT(full) 
[  348.139181][T16743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  348.139191][T16743] Call Trace:
[  348.139199][T16743]  <TASK>
[  348.139207][T16743]  dump_stack_lvl+0x189/0x250
[  348.139236][T16743]  ? __pfx____ratelimit+0x10/0x10
[  348.139258][T16743]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.139281][T16743]  ? __pfx__printk+0x10/0x10
[  348.139301][T16743]  ? __might_fault+0xb0/0x130
[  348.139336][T16743]  should_fail_ex+0x414/0x560
[  348.139366][T16743]  _copy_from_user+0x2d/0xb0
[  348.139389][T16743]  generic_map_update_batch+0x57c/0x7f0
[  348.139424][T16743]  ? __pfx_generic_map_update_batch+0x10/0x10
[  348.139447][T16743]  ? __fget_files+0x2a/0x420
[  348.139471][T16743]  ? __pfx_generic_map_update_batch+0x10/0x10
[  348.139498][T16743]  bpf_map_do_batch+0x39b/0x630
[  348.139522][T16743]  __sys_bpf+0x690/0x860
[  348.139541][T16743]  ? __pfx___sys_bpf+0x10/0x10
[  348.139574][T16743]  ? ksys_write+0x22a/0x250
[  348.139599][T16743]  ? __pfx_ksys_write+0x10/0x10
[  348.139625][T16743]  __x64_sys_bpf+0x7c/0x90
[  348.139650][T16743]  do_syscall_64+0xfa/0xfa0
[  348.139670][T16743]  ? lockdep_hardirqs_on+0x9c/0x150
[  348.139692][T16743]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.139710][T16743]  ? clear_bhb_loop+0x60/0xb0
[  348.139732][T16743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.139749][T16743] RIP: 0033:0x7f126e38efc9
[  348.139767][T16743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.139783][T16743] RSP: 002b:00007f126f2cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  348.139804][T16743] RAX: ffffffffffffffda RBX: 00007f126e5e5fa0 RCX: 00007f126e38efc9
[  348.139818][T16743] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  348.139829][T16743] RBP: 00007f126f2cc090 R08: 0000000000000000 R09: 0000000000000000
[  348.139841][T16743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  348.139852][T16743] R13: 00007f126e5e6038 R14: 00007f126e5e5fa0 R15: 00007fffb60342c8
[  348.139883][T16743]  </TASK>
[  348.438022][T16749] netlink: 'syz.4.3528': attribute type 3 has an invalid length.
[  348.718763][T16769] xt_cluster: you have exceeded the maximum number of cluster nodes (37482740 > 32)
[  348.892896][T16781] FAULT_INJECTION: forcing a failure.
[  348.892896][T16781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.916982][T16781] CPU: 0 UID: 0 PID: 16781 Comm: syz.1.3539 Not tainted syzkaller #0 PREEMPT(full) 
[  348.917009][T16781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  348.917020][T16781] Call Trace:
[  348.917027][T16781]  <TASK>
[  348.917036][T16781]  dump_stack_lvl+0x189/0x250
[  348.917064][T16781]  ? __pfx____ratelimit+0x10/0x10
[  348.917085][T16781]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.917108][T16781]  ? __pfx__printk+0x10/0x10
[  348.917127][T16781]  ? __might_fault+0xb0/0x130
[  348.917161][T16781]  should_fail_ex+0x414/0x560
[  348.917192][T16781]  _copy_from_user+0x2d/0xb0
[  348.917215][T16781]  generic_map_update_batch+0x525/0x7f0
[  348.917251][T16781]  ? __pfx_generic_map_update_batch+0x10/0x10
[  348.917275][T16781]  ? __fget_files+0x2a/0x420
[  348.917298][T16781]  ? __pfx_generic_map_update_batch+0x10/0x10
[  348.917320][T16781]  bpf_map_do_batch+0x39b/0x630
[  348.917345][T16781]  __sys_bpf+0x690/0x860
[  348.917365][T16781]  ? __pfx___sys_bpf+0x10/0x10
[  348.917398][T16781]  ? ksys_write+0x22a/0x250
[  348.917424][T16781]  ? __pfx_ksys_write+0x10/0x10
[  348.917453][T16781]  __x64_sys_bpf+0x7c/0x90
[  348.917478][T16781]  do_syscall_64+0xfa/0xfa0
[  348.917499][T16781]  ? lockdep_hardirqs_on+0x9c/0x150
[  348.917520][T16781]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.917538][T16781]  ? clear_bhb_loop+0x60/0xb0
[  348.917560][T16781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.917577][T16781] RIP: 0033:0x7fa54e58efc9
[  348.917593][T16781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.917609][T16781] RSP: 002b:00007fa54f380038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  348.917628][T16781] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58efc9
[  348.917642][T16781] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  348.917653][T16781] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  348.917670][T16781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  348.917681][T16781] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  348.917712][T16781]  </TASK>
[  349.331285][T16796] netlink: 'syz.4.3544': attribute type 3 has an invalid length.
[  349.846235][ T5149] Bluetooth: hci2: command 0x0405 tx timeout
[  349.953407][T16831] netlink: 'syz.1.3555': attribute type 1 has an invalid length.
[  350.103142][T16845] __nla_validate_parse: 7 callbacks suppressed
[  350.103162][T16845] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3560'.
[  350.148034][T16845] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3560'.
[  350.449835][T16841] team0 (unregistering): Port device team_slave_0 removed
[  350.478842][T16841] team0 (unregistering): Port device team_slave_1 removed
[  350.563373][T16854] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3563'.
[  350.888697][T16892] Cannot find set identified by id 65534 to match
[  350.895820][T16890] Cannot find set identified by id 65534 to match
[  352.715125][T16910] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3568'.
[  352.794961][T16924] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3575'.
[  352.879694][T16927] netlink: 11 bytes leftover after parsing attributes in process `syz.1.3575'.
[  352.998846][T16938] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3580'.
[  353.063894][T16944] validate_nla: 4 callbacks suppressed
[  353.063911][T16944] netlink: 'syz.3.3581': attribute type 1 has an invalid length.
[  353.305180][T16964] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3590'.
[  353.490006][T16973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3594'.
[  353.546796][T16980] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3593'.
[  353.558981][T16980] netlink: 'syz.2.3593': attribute type 7 has an invalid length.
[  353.568122][T16980] netlink: 'syz.2.3593': attribute type 8 has an invalid length.
[  353.586173][T16980] dummy0: entered promiscuous mode
[  353.593437][T16980] team0: entered promiscuous mode
[  353.598995][T16980] team_slave_0: entered promiscuous mode
[  353.607512][T16980] team_slave_1: entered promiscuous mode
[  353.619048][T16980] erspan0: entered promiscuous mode
[  353.792462][T16996] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  353.815919][T16997] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  353.921877][T17004] netdevsim netdevsim1: Direct firmware load for 	 failed with error -2
[  353.931762][T17004] netdevsim netdevsim1: Falling back to sysfs fallback for: 	
[  353.975533][T17008] siw: device registration error -23
[  354.519817][T17040] netlink: 'syz.0.3617': attribute type 6 has an invalid length.
[  354.581013][T17044] delete_channel: no stack
[  354.592402][ T9511] IPVS: starting estimator thread 0...
[  354.684701][T17046] IPVS: using max 26 ests per chain, 62400 per kthread
[  355.116605][T17075] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  355.231923][T17086] __nla_validate_parse: 9 callbacks suppressed
[  355.231940][T17086] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3634'.
[  355.251039][T17085] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3637'.
[  355.350879][T17098] FAULT_INJECTION: forcing a failure.
[  355.350879][T17098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.436972][T17098] CPU: 1 UID: 0 PID: 17098 Comm: syz.0.3635 Not tainted syzkaller #0 PREEMPT(full) 
[  355.436998][T17098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  355.437009][T17098] Call Trace:
[  355.437016][T17098]  <TASK>
[  355.437024][T17098]  dump_stack_lvl+0x189/0x250
[  355.437053][T17098]  ? __pfx____ratelimit+0x10/0x10
[  355.437075][T17098]  ? __pfx_dump_stack_lvl+0x10/0x10
[  355.437098][T17098]  ? __pfx__printk+0x10/0x10
[  355.437116][T17098]  ? __might_fault+0xb0/0x130
[  355.437151][T17098]  should_fail_ex+0x414/0x560
[  355.437180][T17098]  _copy_from_user+0x2d/0xb0
[  355.437203][T17098]  generic_map_update_batch+0x525/0x7f0
[  355.437239][T17098]  ? __pfx_generic_map_update_batch+0x10/0x10
[  355.437261][T17098]  ? __fget_files+0x2a/0x420
[  355.437285][T17098]  ? __pfx_generic_map_update_batch+0x10/0x10
[  355.437307][T17098]  bpf_map_do_batch+0x39b/0x630
[  355.437331][T17098]  __sys_bpf+0x690/0x860
[  355.437351][T17098]  ? __pfx___sys_bpf+0x10/0x10
[  355.437384][T17098]  ? ksys_write+0x22a/0x250
[  355.437409][T17098]  ? __pfx_ksys_write+0x10/0x10
[  355.437438][T17098]  __x64_sys_bpf+0x7c/0x90
[  355.437462][T17098]  do_syscall_64+0xfa/0xfa0
[  355.437482][T17098]  ? lockdep_hardirqs_on+0x9c/0x150
[  355.437504][T17098]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.437521][T17098]  ? clear_bhb_loop+0x60/0xb0
[  355.437541][T17098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.437555][T17098] RIP: 0033:0x7fd36f18efc9
[  355.437571][T17098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.437584][T17098] RSP: 002b:00007fd370107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  355.437602][T17098] RAX: ffffffffffffffda RBX: 00007fd36f3e5fa0 RCX: 00007fd36f18efc9
[  355.437614][T17098] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  355.437626][T17098] RBP: 00007fd370107090 R08: 0000000000000000 R09: 0000000000000000
[  355.437636][T17098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  355.437647][T17098] R13: 00007fd36f3e6038 R14: 00007fd36f3e5fa0 R15: 00007ffe2a5e2558
[  355.437674][T17098]  </TASK>
[  355.516636][T17086] bond0: entered promiscuous mode
[  355.667636][T17086] 8021q: adding VLAN 0 to HW filter on device bond0
[  357.436800][T17118] syzkaller1: entered promiscuous mode
[  357.443373][T17118] syzkaller1: entered allmulticast mode
[  357.509321][T17135] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.3646'.
[  357.773961][T17158] syzkaller0: entered promiscuous mode
[  357.786346][T17158] syzkaller0: entered allmulticast mode
[  357.877256][T17161] bond0: (slave rose0): Error: Device can not be enslaved while up
[  358.061053][T17173] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3660'.
[  358.114792][T17173] : entered promiscuous mode
[  358.242107][T17187] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3664'.
[  358.604257][T17219] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3670'.
[  359.126462][T17250] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3680'.
[  359.478787][T17273] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3689'.
[  359.509029][T17273] xfrm1: entered promiscuous mode
[  359.531949][T17273] xfrm1: entered allmulticast mode
[  359.895401][T17297] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3699'.
[  359.938231][T17301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3700'.
[  359.964302][T17301] netlink: 'syz.4.3700': attribute type 12 has an invalid length.
[  359.982440][T17301] netlink: 'syz.4.3700': attribute type 11 has an invalid length.
[  360.302946][T17319] __nla_validate_parse: 4 callbacks suppressed
[  360.302964][T17319] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3705'.
[  360.543763][T17335] netlink: 'syz.3.3713': attribute type 10 has an invalid length.
[  360.566967][T17336] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  360.744321][T17357] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3719'.
[  360.832873][T17366] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3722'.
[  360.839976][T17357] bond1: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-tlb(5)
[  360.854914][T17357] bond1 (unregistering): Released all slaves
[  361.067095][T17386] FAULT_INJECTION: forcing a failure.
[  361.067095][T17386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  361.090888][T17386] CPU: 1 UID: 0 PID: 17386 Comm: syz.0.3729 Not tainted syzkaller #0 PREEMPT(full) 
[  361.090916][T17386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  361.090926][T17386] Call Trace:
[  361.090932][T17386]  <TASK>
[  361.090939][T17386]  dump_stack_lvl+0x189/0x250
[  361.090964][T17386]  ? __pfx____ratelimit+0x10/0x10
[  361.090981][T17386]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.090999][T17386]  ? __pfx__printk+0x10/0x10
[  361.091023][T17386]  should_fail_ex+0x414/0x560
[  361.091049][T17386]  _copy_to_user+0x31/0xb0
[  361.091069][T17386]  simple_read_from_buffer+0xe1/0x170
[  361.091095][T17386]  proc_fail_nth_read+0x1b3/0x220
[  361.091116][T17386]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  361.091134][T17386]  ? rw_verify_area+0x2a6/0x4d0
[  361.091153][T17386]  ? __lock_acquire+0xab9/0xd20
[  361.091166][T17386]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  361.091184][T17386]  vfs_read+0x200/0xa30
[  361.091202][T17386]  ? fdget_pos+0x247/0x320
[  361.091218][T17386]  ? __pfx___mutex_lock+0x10/0x10
[  361.091238][T17386]  ? __pfx_vfs_read+0x10/0x10
[  361.091258][T17386]  ? __fget_files+0x2a/0x420
[  361.091274][T17386]  ? __fget_files+0x3a0/0x420
[  361.091285][T17386]  ? __fget_files+0x2a/0x420
[  361.091305][T17386]  ksys_read+0x145/0x250
[  361.091325][T17386]  ? __pfx_ksys_read+0x10/0x10
[  361.091345][T17386]  ? do_syscall_64+0xbe/0xfa0
[  361.091365][T17386]  do_syscall_64+0xfa/0xfa0
[  361.091381][T17386]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.091397][T17386]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.091411][T17386]  ? clear_bhb_loop+0x60/0xb0
[  361.091428][T17386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.091440][T17386] RIP: 0033:0x7fd36f18d9dc
[  361.091454][T17386] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  361.091466][T17386] RSP: 002b:00007fd370107030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  361.091483][T17386] RAX: ffffffffffffffda RBX: 00007fd36f3e5fa0 RCX: 00007fd36f18d9dc
[  361.091493][T17386] RDX: 000000000000000f RSI: 00007fd3701070a0 RDI: 0000000000000006
[  361.091511][T17386] RBP: 00007fd370107090 R08: 0000000000000000 R09: 0000000000000000
[  361.091520][T17386] R10: 000000000000004e R11: 0000000000000246 R12: 0000000000000001
[  361.091528][T17386] R13: 00007fd36f3e6038 R14: 00007fd36f3e5fa0 R15: 00007ffe2a5e2558
[  361.091553][T17386]  </TASK>
[  361.482485][T17396] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3733'.
[  361.505429][T17400] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3734'.
[  361.595221][T17405] FAULT_INJECTION: forcing a failure.
[  361.595221][T17405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  361.619034][T17405] CPU: 1 UID: 0 PID: 17405 Comm: syz.1.3736 Not tainted syzkaller #0 PREEMPT(full) 
[  361.619062][T17405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  361.619073][T17405] Call Trace:
[  361.619081][T17405]  <TASK>
[  361.619089][T17405]  dump_stack_lvl+0x189/0x250
[  361.619117][T17405]  ? __pfx____ratelimit+0x10/0x10
[  361.619138][T17405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.619158][T17405]  ? __pfx__printk+0x10/0x10
[  361.619185][T17405]  should_fail_ex+0x414/0x560
[  361.619215][T17405]  _copy_to_user+0x31/0xb0
[  361.619238][T17405]  simple_read_from_buffer+0xe1/0x170
[  361.619264][T17405]  proc_fail_nth_read+0x1b3/0x220
[  361.619294][T17405]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  361.619319][T17405]  ? rw_verify_area+0x2a6/0x4d0
[  361.619341][T17405]  ? __lock_acquire+0xab9/0xd20
[  361.619358][T17405]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  361.619381][T17405]  vfs_read+0x200/0xa30
[  361.619400][T17405]  ? fdget_pos+0x247/0x320
[  361.619423][T17405]  ? __pfx___mutex_lock+0x10/0x10
[  361.619446][T17405]  ? __pfx_vfs_read+0x10/0x10
[  361.619473][T17405]  ? __fget_files+0x2a/0x420
[  361.619490][T17405]  ? __fget_files+0x3a0/0x420
[  361.619502][T17405]  ? __fget_files+0x2a/0x420
[  361.619525][T17405]  ksys_read+0x145/0x250
[  361.619548][T17405]  ? __pfx_ksys_read+0x10/0x10
[  361.619572][T17405]  ? do_syscall_64+0xbe/0xfa0
[  361.619594][T17405]  do_syscall_64+0xfa/0xfa0
[  361.619613][T17405]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.619634][T17405]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.619651][T17405]  ? clear_bhb_loop+0x60/0xb0
[  361.619670][T17405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.619685][T17405] RIP: 0033:0x7fa54e58d9dc
[  361.619701][T17405] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  361.619716][T17405] RSP: 002b:00007fa54f380030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  361.619734][T17405] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58d9dc
[  361.619746][T17405] RDX: 000000000000000f RSI: 00007fa54f3800a0 RDI: 0000000000000004
[  361.619757][T17405] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  361.619767][T17405] R10: 000000000000004e R11: 0000000000000246 R12: 0000000000000001
[  361.619776][T17405] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  361.619807][T17405]  </TASK>
[  361.956147][T17411] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3740'.
[  362.166449][T17427] netlink: 88 bytes leftover after parsing attributes in process `syz.0.3745'.
[  362.199453][T17431] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3746'.
[  362.214605][T17427] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3745'.
[  362.275419][T17426] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  362.282859][T17426] batman_adv: batadv0: Removing interface: batadv_slave_0
[  362.298008][T17426] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  362.327209][T17426] batman_adv: batadv0: Removing interface: batadv_slave_1
[  362.426703][T17435] syzkaller0: entered promiscuous mode
[  362.434395][T17435] syzkaller0: entered allmulticast mode
[  362.436627][T17445] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  362.466730][T17427] tipc: Started in network mode
[  362.471637][T17427] tipc: Node identity c2185302fd8a, cluster identity 4711
[  362.499283][T17427] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  362.565634][T17451] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3753'.
[  362.602612][T17426] tipc: Resetting bearer <eth:syzkaller0>
[  362.686479][T17426] tipc: Disabling bearer <eth:syzkaller0>
[  363.003170][T17472] 0: reclassify loop, rule prio 0, protocol 800
[  363.596191][T17505] team0 (uninitialized): Failed to send options change via netlink (err -105)
[  363.633601][T17505] team0: entered promiscuous mode
[  363.646861][T17505] team0: entered allmulticast mode
[  363.889086][T17521] 0: reclassify loop, rule prio 0, protocol 800
[  364.202708][T17538] syzkaller0: entered promiscuous mode
[  364.209690][T17538] syzkaller0: entered allmulticast mode
[  364.225192][T17537] tipc: Started in network mode
[  364.231704][T17537] tipc: Node identity 2ef670e4ff91, cluster identity 4711
[  364.239313][T17537] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  364.281063][T17537] syzkaller0: entered promiscuous mode
[  364.286751][T17537] syzkaller0: entered allmulticast mode
[  364.292916][T17537] tipc: Resetting bearer <eth:syzkaller0>
[  364.362682][T17535] tipc: Resetting bearer <eth:syzkaller0>
[  364.393855][T17547] FAULT_INJECTION: forcing a failure.
[  364.393855][T17547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.423850][T17547] CPU: 0 UID: 0 PID: 17547 Comm: syz.0.3782 Not tainted syzkaller #0 PREEMPT(full) 
[  364.423875][T17547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  364.423889][T17547] Call Trace:
[  364.423895][T17547]  <TASK>
[  364.423902][T17547]  dump_stack_lvl+0x189/0x250
[  364.423930][T17547]  ? __pfx____ratelimit+0x10/0x10
[  364.423949][T17547]  ? __pfx_dump_stack_lvl+0x10/0x10
[  364.423977][T17547]  ? __pfx__printk+0x10/0x10
[  364.423993][T17547]  ? __might_fault+0xb0/0x130
[  364.424031][T17547]  should_fail_ex+0x414/0x560
[  364.424056][T17547]  _copy_from_user+0x2d/0xb0
[  364.424078][T17547]  generic_map_update_batch+0x57c/0x7f0
[  364.424111][T17547]  ? __pfx_generic_map_update_batch+0x10/0x10
[  364.424133][T17547]  ? __fget_files+0x2a/0x420
[  364.424155][T17547]  ? __pfx_generic_map_update_batch+0x10/0x10
[  364.424175][T17547]  bpf_map_do_batch+0x39b/0x630
[  364.424198][T17547]  __sys_bpf+0x690/0x860
[  364.424217][T17547]  ? __pfx___sys_bpf+0x10/0x10
[  364.424250][T17547]  ? ksys_write+0x22a/0x250
[  364.424275][T17547]  ? __pfx_ksys_write+0x10/0x10
[  364.424304][T17547]  __x64_sys_bpf+0x7c/0x90
[  364.424329][T17547]  do_syscall_64+0xfa/0xfa0
[  364.424349][T17547]  ? lockdep_hardirqs_on+0x9c/0x150
[  364.424370][T17547]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.424387][T17547]  ? clear_bhb_loop+0x60/0xb0
[  364.424409][T17547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.424431][T17547] RIP: 0033:0x7fd36f18efc9
[  364.424447][T17547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.424462][T17547] RSP: 002b:00007fd370107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  364.424481][T17547] RAX: ffffffffffffffda RBX: 00007fd36f3e5fa0 RCX: 00007fd36f18efc9
[  364.424494][T17547] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  364.424505][T17547] RBP: 00007fd370107090 R08: 0000000000000000 R09: 0000000000000000
[  364.424516][T17547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  364.424527][T17547] R13: 00007fd36f3e6038 R14: 00007fd36f3e5fa0 R15: 00007ffe2a5e2558
[  364.424558][T17547]  </TASK>
[  365.344273][ T5894] tipc: Node number set to 3513217252
[  365.611509][T17582] x_tables: unsorted entry at hook 2
[  366.457204][T17535] tipc: Disabling bearer <eth:syzkaller0>
[  366.744167][T17600] FAULT_INJECTION: forcing a failure.
[  366.744167][T17600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.791526][T17600] CPU: 1 UID: 0 PID: 17600 Comm: syz.1.3795 Not tainted syzkaller #0 PREEMPT(full) 
[  366.791552][T17600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  366.791563][T17600] Call Trace:
[  366.791570][T17600]  <TASK>
[  366.791578][T17600]  dump_stack_lvl+0x189/0x250
[  366.791606][T17600]  ? __pfx____ratelimit+0x10/0x10
[  366.791628][T17600]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.791650][T17600]  ? __pfx__printk+0x10/0x10
[  366.791669][T17600]  ? __might_fault+0xb0/0x130
[  366.791704][T17600]  should_fail_ex+0x414/0x560
[  366.791734][T17600]  _copy_from_user+0x2d/0xb0
[  366.791757][T17600]  generic_map_update_batch+0x525/0x7f0
[  366.791794][T17600]  ? __pfx_generic_map_update_batch+0x10/0x10
[  366.791817][T17600]  ? __fget_files+0x2a/0x420
[  366.791841][T17600]  ? __pfx_generic_map_update_batch+0x10/0x10
[  366.791863][T17600]  bpf_map_do_batch+0x39b/0x630
[  366.791887][T17600]  __sys_bpf+0x690/0x860
[  366.791913][T17600]  ? __pfx___sys_bpf+0x10/0x10
[  366.791948][T17600]  ? ksys_write+0x22a/0x250
[  366.791974][T17600]  ? __pfx_ksys_write+0x10/0x10
[  366.792003][T17600]  __x64_sys_bpf+0x7c/0x90
[  366.792028][T17600]  do_syscall_64+0xfa/0xfa0
[  366.792050][T17600]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.792072][T17600]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.792090][T17600]  ? clear_bhb_loop+0x60/0xb0
[  366.792112][T17600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.792129][T17600] RIP: 0033:0x7fa54e58efc9
[  366.792146][T17600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.792161][T17600] RSP: 002b:00007fa54f380038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  366.792180][T17600] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58efc9
[  366.792194][T17600] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  366.792206][T17600] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  366.792217][T17600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  366.792227][T17600] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  366.792258][T17600]  </TASK>
[  367.067960][T17609] net veth1_virt_wifi : renamed from virt_wifi0
[  367.082385][T17611] __nla_validate_parse: 6 callbacks suppressed
[  367.082404][T17611] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3803'.
[  367.137263][T17616] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3802'.
[  367.165583][T17619] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3804'.
[  367.286955][T17616] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  367.480764][T17640] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3811'.
[  367.595592][T17645] FAULT_INJECTION: forcing a failure.
[  367.595592][T17645] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.614020][T17645] CPU: 1 UID: 0 PID: 17645 Comm: syz.1.3814 Not tainted syzkaller #0 PREEMPT(full) 
[  367.614049][T17645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  367.614059][T17645] Call Trace:
[  367.614066][T17645]  <TASK>
[  367.614073][T17645]  dump_stack_lvl+0x189/0x250
[  367.614100][T17645]  ? __pfx____ratelimit+0x10/0x10
[  367.614120][T17645]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.614143][T17645]  ? __pfx__printk+0x10/0x10
[  367.614161][T17645]  ? __might_fault+0xb0/0x130
[  367.614196][T17645]  should_fail_ex+0x414/0x560
[  367.614226][T17645]  _copy_from_user+0x2d/0xb0
[  367.614248][T17645]  generic_map_update_batch+0x57c/0x7f0
[  367.614283][T17645]  ? __pfx_generic_map_update_batch+0x10/0x10
[  367.614306][T17645]  ? __fget_files+0x2a/0x420
[  367.614329][T17645]  ? __pfx_generic_map_update_batch+0x10/0x10
[  367.614350][T17645]  bpf_map_do_batch+0x39b/0x630
[  367.614374][T17645]  __sys_bpf+0x690/0x860
[  367.614393][T17645]  ? __pfx___sys_bpf+0x10/0x10
[  367.614427][T17645]  ? ksys_write+0x22a/0x250
[  367.614452][T17645]  ? __pfx_ksys_write+0x10/0x10
[  367.614482][T17645]  __x64_sys_bpf+0x7c/0x90
[  367.614505][T17645]  do_syscall_64+0xfa/0xfa0
[  367.614525][T17645]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.614546][T17645]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.614563][T17645]  ? clear_bhb_loop+0x60/0xb0
[  367.614585][T17645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.614601][T17645] RIP: 0033:0x7fa54e58efc9
[  367.614617][T17645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.614632][T17645] RSP: 002b:00007fa54f380038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  367.614651][T17645] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58efc9
[  367.614664][T17645] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  367.614675][T17645] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  367.614686][T17645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  367.614696][T17645] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  367.614726][T17645]  </TASK>
[  369.651954][T17682] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3823'.
[  369.666157][T17676] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3823'.
[  369.706331][T17684] netlink: 'syz.2.3826': attribute type 1 has an invalid length.
[  369.720447][T17676] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.736390][T17676] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.772923][T17682] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3823'.
[  369.779682][T17685] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3826'.
[  369.783679][T17676] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.800566][T17676] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.860850][T17687] netlink: 'syz.0.3827': attribute type 29 has an invalid length.
[  369.916039][T17691] netlink: 'syz.0.3827': attribute type 29 has an invalid length.
[  369.961803][T17687] netlink: 500 bytes leftover after parsing attributes in process `syz.0.3827'.
[  370.237306][T17718] tap0: tun_chr_ioctl cmd 1074025672
[  370.244852][T17718] tap0: ignored: set checksum disabled
[  370.251425][T17718] netlink: 'syz.0.3836': attribute type 1 has an invalid length.
[  370.263574][T17714] netlink: 'syz.3.3835': attribute type 1 has an invalid length.
[  370.307413][T17714] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  370.362093][T17724] 8021q: adding VLAN 0 to HW filter on device bond4
[  370.372277][T17724] bond3: (slave bond4): making interface the new active one
[  370.380321][T17724] bond3: (slave bond4): Enslaving as an active interface with an up link
[  370.389917][T17718] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3836'.
[  370.728505][T17747] 0: reclassify loop, rule prio 0, protocol 800
[  370.795808][T17750] bridge0: port 3(ipvlan2) entered blocking state
[  370.802677][T17750] bridge0: port 3(ipvlan2) entered disabled state
[  370.813043][T17750] ipvlan2: entered allmulticast mode
[  370.822262][T17750] bridge0: entered allmulticast mode
[  370.831128][T17750] ipvlan2: left allmulticast mode
[  370.836510][T17750] bridge0: left allmulticast mode
[  372.163540][T17814] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  372.291608][T17818] veth0: entered promiscuous mode
[  372.373236][T17833] veth0: left promiscuous mode
[  372.572561][T17843] __nla_validate_parse: 6 callbacks suppressed
[  372.572581][T17843] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3873'.
[  372.771404][T17856] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3878'.
[  372.896840][T17864] netlink: 'syz.2.3882': attribute type 1 has an invalid length.
[  372.926507][T17864] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  372.967523][T17856] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  372.983516][T17856] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  372.995482][T17864] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3882'.
[  372.998271][T17878] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3886'.
[  373.006453][T17870] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3882'.
[  373.110895][T17881] wg1 speed is unknown, defaulting to 1000
[  373.223800][T17885] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3890'.
[  373.552457][T17897] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3894'.
[  373.635511][T17897] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3894'.
[  373.650090][T17897] No such timeout policy "syz1"
[  373.979103][T17913] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3900'.
[  374.145963][T17922] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3902'.
[  374.292917][T17927] sctp: [Deprecated]: syz.4.3903 (pid 17927) Use of int in max_burst socket option deprecated.
[  374.292917][T17927] Use struct sctp_assoc_value instead
[  374.935358][T17963] netlink: 'syz.2.3915': attribute type 1 has an invalid length.
[  375.517834][T17963] 8021q: adding VLAN 0 to HW filter on device bond1
[  375.552885][T17967] veth3: entered promiscuous mode
[  375.567963][T17967] bond1: (slave veth3): Enslaving as an active interface with a down link
[  375.601248][T17969] bond1: entered allmulticast mode
[  375.756694][T17992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  375.794222][T17992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  375.821420][T17992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  375.873811][T17992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  376.131454][T18022] Unsupported ieee802154 address type: 0
[  376.228943][T18026] netlink: 'syz.2.3932': attribute type 1 has an invalid length.
[  376.309141][T18026] 8021q: adding VLAN 0 to HW filter on device bond2
[  376.751183][T18060] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  376.761894][T18062] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  376.777971][T18063] netlink: 'syz.4.3947': attribute type 21 has an invalid length.
[  376.787657][T18063] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  376.794938][T18063] IPv6: NLM_F_CREATE should be set when creating new route
[  376.921964][T18071] netlink: 'syz.0.3951': attribute type 1 has an invalid length.
[  376.986847][T18077] mac80211_hwsim hwsim21 ÿ
: renamed from wlan1
[  377.041947][T18084] x_tables: duplicate underflow at hook 3
[  377.235958][T18094] netlink: 'syz.0.3958': attribute type 29 has an invalid length.
[  377.247028][T18094] netlink: 'syz.0.3958': attribute type 29 has an invalid length.
[  377.257995][T18094] netlink: 'syz.0.3958': attribute type 29 has an invalid length.
[  377.267770][T18094] netlink: 'syz.0.3958': attribute type 29 has an invalid length.
[  377.628066][T18110] __nla_validate_parse: 7 callbacks suppressed
[  377.628084][T18110] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3965'.
[  377.711410][T18118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3968'.
[  378.152735][T18139] netlink: 'syz.4.3972': attribute type 1 has an invalid length.
[  378.646760][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  378.654577][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  378.707870][T18157] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3980'.
[  378.733633][T18157] bridge_slave_0: default FDB implementation only supports local addresses
[  378.768430][T18160] netlink: 460 bytes leftover after parsing attributes in process `syz.3.3979'.
[  378.822317][T18164] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3981'.
[  378.960724][T18178] bond0: left promiscuous mode
[  379.232850][T18197] netlink: 'syz.4.3991': attribute type 39 has an invalid length.
[  379.732379][T18215] xt_nat: multiple ranges no longer supported
[  379.913464][T18225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4003'.
[  380.112494][T18246] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4007'.
[  380.127027][T18246] netlink: 'syz.4.4007': attribute type 4 has an invalid length.
[  380.202386][T18246] netlink: 'syz.4.4007': attribute type 4 has an invalid length.
[  380.236858][T18255] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4011'.
[  380.538397][ T5894] IPVS: starting estimator thread 0...
[  380.626270][T18271] IPVS: using max 29 ests per chain, 69600 per kthread
[  380.774448][T18285] netlink: 'syz.0.4017': attribute type 1 has an invalid length.
[  380.820778][T18287] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  380.858164][T18295] 0: reclassify loop, rule prio 0, protocol 800
[  381.130748][T18304] 8021q: VLANs not supported on ip6_vti0
[  381.449717][T18326] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4025'.
[  381.472193][T18329] netlink: 'syz.1.4028': attribute type 1 has an invalid length.
[  381.491900][T18330] netlink: 220 bytes leftover after parsing attributes in process `syz.2.4027'.
[  381.702556][T18342] bond2: entered promiscuous mode
[  381.727187][T18341] tipc: Enabling of bearer <eth:syzkaller0
> rejected, failed to enable media
[  381.747774][T18345] 0: reclassify loop, rule prio 0, protocol 800
[  381.779802][T18337] netlink: 'syz.4.4029': attribute type 1 has an invalid length.
[  381.877917][T18341] syzkaller0: entered promiscuous mode
[  381.883511][T18341] syzkaller0: entered allmulticast mode
[  382.780453][T18404] FAULT_INJECTION: forcing a failure.
[  382.780453][T18404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.793780][T18404] CPU: 0 UID: 0 PID: 18404 Comm: syz.3.4047 Not tainted syzkaller #0 PREEMPT(full) 
[  382.793804][T18404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  382.793814][T18404] Call Trace:
[  382.793821][T18404]  <TASK>
[  382.793828][T18404]  dump_stack_lvl+0x189/0x250
[  382.793857][T18404]  ? __pfx____ratelimit+0x10/0x10
[  382.793876][T18404]  ? __pfx_dump_stack_lvl+0x10/0x10
[  382.793895][T18404]  ? __pfx__printk+0x10/0x10
[  382.793911][T18404]  ? __might_fault+0xb0/0x130
[  382.793941][T18404]  should_fail_ex+0x414/0x560
[  382.793967][T18404]  _copy_from_user+0x2d/0xb0
[  382.793987][T18404]  generic_map_update_batch+0x525/0x7f0
[  382.794022][T18404]  ? __pfx_generic_map_update_batch+0x10/0x10
[  382.794048][T18404]  ? __fget_files+0x2a/0x420
[  382.794069][T18404]  ? __pfx_generic_map_update_batch+0x10/0x10
[  382.794088][T18404]  bpf_map_do_batch+0x39b/0x630
[  382.794111][T18404]  __sys_bpf+0x690/0x860
[  382.794129][T18404]  ? __pfx___sys_bpf+0x10/0x10
[  382.794162][T18404]  ? ksys_write+0x22a/0x250
[  382.794187][T18404]  ? __pfx_ksys_write+0x10/0x10
[  382.794215][T18404]  __x64_sys_bpf+0x7c/0x90
[  382.794239][T18404]  do_syscall_64+0xfa/0xfa0
[  382.794259][T18404]  ? lockdep_hardirqs_on+0x9c/0x150
[  382.794280][T18404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.794296][T18404]  ? clear_bhb_loop+0x60/0xb0
[  382.794318][T18404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.794346][T18404] RIP: 0033:0x7f126e38efc9
[  382.794363][T18404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.794378][T18404] RSP: 002b:00007f126f2cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  382.794399][T18404] RAX: ffffffffffffffda RBX: 00007f126e5e5fa0 RCX: 00007f126e38efc9
[  382.794412][T18404] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  382.794423][T18404] RBP: 00007f126f2cc090 R08: 0000000000000000 R09: 0000000000000000
[  382.794435][T18404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  382.794445][T18404] R13: 00007f126e5e6038 R14: 00007f126e5e5fa0 R15: 00007fffb60342c8
[  382.794473][T18404]  </TASK>
[  383.409752][T18420] netlink: 'syz.3.4053': attribute type 3 has an invalid length.
[  384.554438][T18441] FAULT_INJECTION: forcing a failure.
[  384.554438][T18441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.574256][T18443] netlink: 'syz.2.4060': attribute type 12 has an invalid length.
[  384.590173][T18441] CPU: 0 UID: 0 PID: 18441 Comm: syz.1.4058 Not tainted syzkaller #0 PREEMPT(full) 
[  384.590199][T18441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  384.590210][T18441] Call Trace:
[  384.590218][T18441]  <TASK>
[  384.590226][T18441]  dump_stack_lvl+0x189/0x250
[  384.590255][T18441]  ? __pfx____ratelimit+0x10/0x10
[  384.590277][T18441]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.590299][T18441]  ? __pfx__printk+0x10/0x10
[  384.590318][T18441]  ? __might_fault+0xb0/0x130
[  384.590353][T18441]  should_fail_ex+0x414/0x560
[  384.590383][T18441]  _copy_from_user+0x2d/0xb0
[  384.590405][T18441]  generic_map_update_batch+0x57c/0x7f0
[  384.590441][T18441]  ? __pfx_generic_map_update_batch+0x10/0x10
[  384.590464][T18441]  ? __fget_files+0x2a/0x420
[  384.590488][T18441]  ? __pfx_generic_map_update_batch+0x10/0x10
[  384.590509][T18441]  bpf_map_do_batch+0x39b/0x630
[  384.590534][T18441]  __sys_bpf+0x690/0x860
[  384.590554][T18441]  ? __pfx___sys_bpf+0x10/0x10
[  384.590587][T18441]  ? ksys_write+0x22a/0x250
[  384.590613][T18441]  ? __pfx_ksys_write+0x10/0x10
[  384.590641][T18441]  __x64_sys_bpf+0x7c/0x90
[  384.590666][T18441]  do_syscall_64+0xfa/0xfa0
[  384.590685][T18441]  ? lockdep_hardirqs_on+0x9c/0x150
[  384.590708][T18441]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.590725][T18441]  ? clear_bhb_loop+0x60/0xb0
[  384.590747][T18441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.590764][T18441] RIP: 0033:0x7fa54e58efc9
[  384.590778][T18441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.590792][T18441] RSP: 002b:00007fa54f380038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  384.590811][T18441] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58efc9
[  384.590823][T18441] RDX: 0000000000000038 RSI: 00002000000006c0 RDI: 000000000000001a
[  384.590834][T18441] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  384.590845][T18441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  384.590855][T18441] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  384.590892][T18441]  </TASK>
[  384.806847][T18445] __nla_validate_parse: 7 callbacks suppressed
[  384.806865][T18445] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4060'.
[  384.889786][T18445] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4060'.
[  384.910740][T18443] bond3 (unregistering): Released all slaves
[  384.935059][T18452] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4063'.
[  385.081810][T18461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4065'.
[  385.238468][T18475] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4070'.
[  385.256231][T18476] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4069'.
[  385.408456][T18484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4071'.
[  385.558774][T18492] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4075'.
[  385.563311][T18494] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.4076'.
[  385.618328][T18494] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  385.624951][T18500] netlink: zone id is out of range
[  385.763806][T18505] netlink: 'syz.2.4080': attribute type 13 has an invalid length.
[  385.812658][T18505] veth0_macvtap: left promiscuous mode
[  385.819161][T18505] macvtap0: entered allmulticast mode
[  385.848571][T18505] macvtap0: refused to change device tx_queue_len
[  385.898884][T18515] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4083'.
[  385.914448][T18514] 0: reclassify loop, rule prio 0, protocol 800
[  386.402533][T18554] batman_adv: batadv0: Adding interface: dummy0
[  386.410884][T18554] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.437402][T18554] batman_adv: batadv0: Interface activated: dummy0
[  386.447771][T18552] policy can only be matched on NF_INET_PRE_ROUTING
[  386.447792][T18552] unable to load match
[  386.467212][T18554] batadv0: mtu less than device minimum
[  386.474878][T18554] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  386.487129][T18554] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  386.499119][T18554] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  386.510940][T18554] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  386.522817][T18554] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  386.534789][T18554] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  386.928514][T18578] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  386.951959][T18578] syzkaller0: entered promiscuous mode
[  386.988621][T18578] syzkaller0: entered allmulticast mode
[  387.077043][T18578] tipc: Resetting bearer <eth:syzkaller0>
[  387.092727][T18577] tipc: Resetting bearer <eth:syzkaller0>
[  387.130178][T18577] tipc: Disabling bearer <eth:syzkaller0>
[  387.361839][T18614] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not filter
[  387.803080][T18644] Cannot find map_set index 0 as target
[  388.255207][T18676] netlink: 'syz.4.4136': attribute type 1 has an invalid length.
[  388.279228][T18676] netlink: 'syz.4.4136': attribute type 2 has an invalid length.
[  388.686461][T18702] syzkaller0: entered promiscuous mode
[  388.692312][T18702] syzkaller0: entered allmulticast mode
[  388.761720][T18712] SET target dimension over the limit!
[  388.932378][T18718] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  389.108685][ T2986] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  389.154989][T18740] netlink: 'syz.4.4154': attribute type 1 has an invalid length.
[  389.870998][T18752] __nla_validate_parse: 8 callbacks suppressed
[  389.871016][T18752] netlink: 128 bytes leftover after parsing attributes in process `syz.4.4159'.
[  389.894384][T18752] netlink: 128 bytes leftover after parsing attributes in process `syz.4.4159'.
[  389.965003][T18758] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4161'.
[  390.025545][T18761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4163'.
[  390.048507][T18761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4163'.
[  390.089134][T18761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4163'.
[  390.114598][T18761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4163'.
[  390.273587][T18784] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  390.294807][T18786] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4170'.
[  390.305718][T18784] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.313384][T18784] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.408150][T18792] netlink: 'syz.1.4174': attribute type 12 has an invalid length.
[  390.509017][T18800] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4177'.
[  390.532397][T18802] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4178'.
[  390.561000][T18802] netlink: 'syz.0.4178': attribute type 10 has an invalid length.
[  390.571824][T18802] veth0_virt_wifi: entered allmulticast mode
[  390.607053][T18802] team0: Port device veth0_virt_wifi added
[  391.221031][T18834] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  391.463524][T18857] net_ratelimit: 15 callbacks suppressed
[  391.463542][T18857] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  391.783122][T18883] bridge3: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  391.905061][T18884] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.129698][T18884] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.251448][T18914] netlink: 'syz.3.4208': attribute type 1 has an invalid length.
[  392.257245][T18899] bond5: Removing last ns target with arp_interval on
[  392.260951][T18914] netlink: 'syz.3.4208': attribute type 3 has an invalid length.
[  392.354770][T18917] bridge3: entered promiscuous mode
[  392.361671][T18917] bridge3: entered allmulticast mode
[  392.511577][T18925] netlink: 'syz.1.4211': attribute type 1 has an invalid length.
[  392.980947][T18945] delete_channel: no stack
[  393.525565][T18981] syzkaller0: entered promiscuous mode
[  393.531170][T18981] syzkaller0: entered allmulticast mode
[  393.615489][T18986] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  393.696247][T18988] sch_tbf: burst 21990 is lower than device lo mtu (65550) !
[  394.068737][T19002] wg1 speed is unknown, defaulting to 1000
[  394.473271][T19034] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  394.693390][ T5067] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  394.843173][ T5067] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  394.875748][ T5067] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  394.907608][T19054] __nla_validate_parse: 12 callbacks suppressed
[  394.907629][T19054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4247'.
[  394.929340][T19054] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4247'.
[  394.938754][T19054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4247'.
[  394.948307][T19054] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4247'.
[  394.959679][T19054] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4247'.
[  394.971336][ T5067] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  395.383711][T19080] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4252'.
[  395.403172][T19080] netlink: 'syz.0.4252': attribute type 10 has an invalid length.
[  395.488165][T19080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4252'.
[  395.497465][T19080] bridge_slave_1: left allmulticast mode
[  395.503133][T19080] bridge_slave_1: left promiscuous mode
[  395.510075][T19080] bridge0: port 2(bridge_slave_1) entered disabled state
[  395.533603][T19080] bridge_slave_0: left allmulticast mode
[  395.547293][T19080] bridge_slave_0: left promiscuous mode
[  395.553447][T19080] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.605800][T19087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4253'.
[  395.662961][T19084] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4253'.
[  395.737697][T19092] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4256'.
[  396.329333][T19114] x_tables: duplicate underflow at hook 2
[  396.695182][T19145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  396.703739][T19145] batadv0: mtu less than device minimum
[  396.710908][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.723109][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.734929][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.746798][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.758644][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.770426][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.782289][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.794164][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.806001][T19145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  396.943464][T19145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  397.095858][T19175] xt_TPROXY: Can be used only with -p tcp or -p udp
[  397.335066][T19188] !
: renamed from dummy0 (while UP)
[  397.483340][T19203] netlink: 'syz.1.4289': attribute type 29 has an invalid length.
[  397.495674][T19203] netlink: 'syz.1.4289': attribute type 29 has an invalid length.
[  397.692599][T19222] netlink: 'syz.4.4295': attribute type 11 has an invalid length.
[  398.362756][T19252] ieee802154 phy1 wpan1: encryption failed: -22
[  398.557191][T19265] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  398.558260][T19267] netlink: 'syz.3.4311': attribute type 12 has an invalid length.
[  398.602120][T19267] bond3: option primary_reselect: invalid value (255)
[  398.612835][T19267] bond3 (unregistering): Released all slaves
[  416.564368][ T5149] Bluetooth: hci4: command 0x0406 tx timeout
[  421.841177][T19301] __nla_validate_parse: 15 callbacks suppressed
[  421.841198][T19301] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4323'.
[  421.875106][T19301] net_ratelimit: 11 callbacks suppressed
[  421.875125][T19301] openvswitch: netlink: Duplicate or invalid key (type 0).
[  421.906545][T19301] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  421.949146][T19309] netlink: 268 bytes leftover after parsing attributes in process `syz.1.4323'.
[  421.993737][T19309] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4323'.
[  422.203253][T19322] tun0: tun_chr_ioctl cmd 1074025675
[  422.218598][T19322] tun0: persist disabled
[  422.615446][T19334] sch_tbf: burst 512 is lower than device syzkaller0 mtu (1500) !
[  422.652839][T19341] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4339'.
[  422.787261][T19347] syzkaller0: entered allmulticast mode
[  422.827614][T19347] netlink: 'syz.2.4341': attribute type 2 has an invalid length.
[  422.837146][T19347] netlink: 'syz.2.4341': attribute type 8 has an invalid length.
[  422.850112][T19347] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4341'.
[  423.250610][T19371] macvlan1: entered promiscuous mode
[  423.268339][T19371] macvlan1: entered allmulticast mode
[  423.278262][T19371] veth1_vlan: entered allmulticast mode
[  423.309743][T19387] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  423.497788][T19394] IPVS: set_ctl: invalid protocol: 50 0.0.0.0:20000
[  423.621812][T19394] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.629672][T19394] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.648295][T19401] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4355'.
[  423.667474][T19394] batman_adv: batadv0: Interface deactivated: dummy0
[  423.743817][T19394] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  424.056680][T19401] 8021q: adding VLAN 0 to HW filter on device bond6
[  424.096461][T19402] bond6: entered allmulticast mode
[  424.110136][T19419] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4359'.
[  424.132243][   T79] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.142086][   T79] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.152081][   T79] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.165089][T19424] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4359'.
[  424.180734][   T79] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  424.357714][T19426] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  424.377881][T19426] syzkaller0: entered promiscuous mode
[  424.389308][T19426] syzkaller0: entered allmulticast mode
[  424.400414][T19429] netlink: 'syz.4.4360': attribute type 10 has an invalid length.
[  424.423154][T19429] team0: Device ipvlan1 failed to register rx_handler
[  424.455261][T19426] tipc: Resetting bearer <eth:syzkaller0>
[  424.528971][T19425] tipc: Resetting bearer <eth:syzkaller0>
[  424.587788][T19425] tipc: Disabling bearer <eth:syzkaller0>
[  424.661941][T19446] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4367'.
[  424.797068][T19451] sctp: [Deprecated]: syz.4.4369 (pid 19451) Use of int in max_burst socket option.
[  424.797068][T19451] Use struct sctp_assoc_value instead
[  424.853342][T19457] IPVS: Unknown mcast interface: rose0
[  424.861311][T19457] x_tables: duplicate underflow at hook 1
[  425.266863][T19482] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4380'.
[  425.405626][T19480] delete_channel: no stack
[  425.421341][T19491] syzkaller1: entered promiscuous mode
[  425.427232][T19491] syzkaller1: entered allmulticast mode
[  425.497300][T19497] x_tables: duplicate underflow at hook 3
[  425.558878][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.574316][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.585419][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.642619][T19499] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  425.727279][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.749295][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.776069][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.800679][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.821772][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.862127][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.905602][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.934778][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.947488][T19499] hsr0 speed is unknown, defaulting to 1000
[  425.996861][T19531] macsec1: entered promiscuous mode
[  426.002121][T19531] bridge0: entered promiscuous mode
[  426.017757][T19531] macsec1: entered allmulticast mode
[  426.023651][T19531] bridge0: entered allmulticast mode
[  426.050010][T19531] bridge0: port 3(macsec1) entered blocking state
[  426.059438][T19531] bridge0: port 3(macsec1) entered disabled state
[  426.073313][T19531] bridge0: left allmulticast mode
[  426.080254][T19531] bridge0: left promiscuous mode
[  426.460782][T19567] FAULT_INJECTION: forcing a failure.
[  426.460782][T19567] name failslab, interval 1, probability 0, space 0, times 0
[  426.476435][T19567] CPU: 0 UID: 0 PID: 19567 Comm: syz.3.4406 Not tainted syzkaller #0 PREEMPT(full) 
[  426.476462][T19567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  426.476473][T19567] Call Trace:
[  426.476480][T19567]  <TASK>
[  426.476489][T19567]  dump_stack_lvl+0x189/0x250
[  426.476517][T19567]  ? __pfx____ratelimit+0x10/0x10
[  426.476539][T19567]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.476562][T19567]  ? __pfx__printk+0x10/0x10
[  426.476586][T19567]  ? __pfx___might_resched+0x10/0x10
[  426.476603][T19567]  ? fs_reclaim_acquire+0x7d/0x100
[  426.476634][T19567]  should_fail_ex+0x414/0x560
[  426.476666][T19567]  should_failslab+0xa8/0x100
[  426.476686][T19567]  __kmalloc_noprof+0xcb/0x7f0
[  426.476708][T19567]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  426.476731][T19567]  ? rcu_is_watching+0x15/0xb0
[  426.476756][T19567]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  426.476785][T19567]  genl_family_rcv_msg_doit+0xb8/0x300
[  426.476811][T19567]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  426.476838][T19567]  ? apparmor_capable+0x137/0x1b0
[  426.476859][T19567]  ? bpf_lsm_capable+0x9/0x20
[  426.476878][T19567]  ? security_capable+0x7e/0x2e0
[  426.476904][T19567]  genl_rcv_msg+0x60e/0x790
[  426.476929][T19567]  ? __pfx_genl_rcv_msg+0x10/0x10
[  426.476945][T19567]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  426.476965][T19567]  ? __pfx_nl802154_set_short_addr+0x10/0x10
[  426.476985][T19567]  ? __pfx_nl802154_post_doit+0x10/0x10
[  426.477018][T19567]  netlink_rcv_skb+0x208/0x470
[  426.477041][T19567]  ? __lock_acquire+0xab9/0xd20
[  426.477060][T19567]  ? __pfx_genl_rcv_msg+0x10/0x10
[  426.477082][T19567]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  426.477133][T19567]  ? down_read+0x1ad/0x2e0
[  426.477159][T19567]  genl_rcv+0x28/0x40
[  426.477176][T19567]  netlink_unicast+0x82f/0x9e0
[  426.477208][T19567]  ? __pfx_netlink_unicast+0x10/0x10
[  426.477233][T19567]  ? netlink_sendmsg+0x642/0xb30
[  426.477255][T19567]  netlink_sendmsg+0x805/0xb30
[  426.477281][T19567]  ? __pfx_netlink_sendmsg+0x10/0x10
[  426.477308][T19567]  ? __lock_acquire+0xab9/0xd20
[  426.477322][T19567]  ? aa_sock_msg_perm+0xf1/0x1d0
[  426.477352][T19567]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  426.477369][T19567]  ? __pfx_netlink_sendmsg+0x10/0x10
[  426.477394][T19567]  __sock_sendmsg+0x21c/0x270
[  426.477419][T19567]  ____sys_sendmsg+0x505/0x830
[  426.477441][T19567]  ? __pfx_____sys_sendmsg+0x10/0x10
[  426.477467][T19567]  ? import_iovec+0x74/0xa0
[  426.477489][T19567]  ___sys_sendmsg+0x21f/0x2a0
[  426.477510][T19567]  ? __pfx____sys_sendmsg+0x10/0x10
[  426.477562][T19567]  ? __fget_files+0x2a/0x420
[  426.477578][T19567]  ? __fget_files+0x3a0/0x420
[  426.477602][T19567]  __x64_sys_sendmsg+0x19b/0x260
[  426.477621][T19567]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  426.477647][T19567]  ? __pfx_ksys_write+0x10/0x10
[  426.477672][T19567]  ? do_syscall_64+0xbe/0xfa0
[  426.477698][T19567]  do_syscall_64+0xfa/0xfa0
[  426.477718][T19567]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.477739][T19567]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.477757][T19567]  ? clear_bhb_loop+0x60/0xb0
[  426.477779][T19567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.477796][T19567] RIP: 0033:0x7f126e38efc9
[  426.477812][T19567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.477827][T19567] RSP: 002b:00007f126f2cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  426.477847][T19567] RAX: ffffffffffffffda RBX: 00007f126e5e5fa0 RCX: 00007f126e38efc9
[  426.477860][T19567] RDX: 0000000004004000 RSI: 0000200000002800 RDI: 0000000000000007
[  426.477871][T19567] RBP: 00007f126f2cc090 R08: 0000000000000000 R09: 0000000000000000
[  426.477882][T19567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  426.477892][T19567] R13: 00007f126e5e6038 R14: 00007f126e5e5fa0 R15: 00007fffb60342c8
[  426.477921][T19567]  </TASK>
[  427.006785][T19583] __nla_validate_parse: 6 callbacks suppressed
[  427.006804][T19583] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4408'.
[  427.363902][T19599] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  427.538226][T19612] FAULT_INJECTION: forcing a failure.
[  427.538226][T19612] name failslab, interval 1, probability 0, space 0, times 0
[  427.626696][T19612] CPU: 1 UID: 0 PID: 19612 Comm: syz.4.4420 Not tainted syzkaller #0 PREEMPT(full) 
[  427.626723][T19612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  427.626734][T19612] Call Trace:
[  427.626742][T19612]  <TASK>
[  427.626750][T19612]  dump_stack_lvl+0x189/0x250
[  427.626778][T19612]  ? __pfx____ratelimit+0x10/0x10
[  427.626799][T19612]  ? __pfx_dump_stack_lvl+0x10/0x10
[  427.626822][T19612]  ? __pfx__printk+0x10/0x10
[  427.626847][T19612]  ? __pfx___might_resched+0x10/0x10
[  427.626872][T19612]  should_fail_ex+0x414/0x560
[  427.626902][T19612]  should_failslab+0xa8/0x100
[  427.626922][T19612]  kmem_cache_alloc_node_noprof+0x77/0x710
[  427.626947][T19612]  ? __alloc_skb+0x112/0x2d0
[  427.626983][T19612]  __alloc_skb+0x112/0x2d0
[  427.627012][T19612]  netlink_ack+0x146/0xa50
[  427.627035][T19612]  ? __pfx_genl_rcv_msg+0x10/0x10
[  427.627054][T19612]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  427.627075][T19612]  ? __pfx_nl802154_post_doit+0x10/0x10
[  427.627112][T19612]  netlink_rcv_skb+0x28c/0x470
[  427.627134][T19612]  ? __lock_acquire+0xab9/0xd20
[  427.627152][T19612]  ? __pfx_genl_rcv_msg+0x10/0x10
[  427.627174][T19612]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  427.627218][T19612]  ? down_read+0x1ad/0x2e0
[  427.627245][T19612]  genl_rcv+0x28/0x40
[  427.627263][T19612]  netlink_unicast+0x82f/0x9e0
[  427.627295][T19612]  ? __pfx_netlink_unicast+0x10/0x10
[  427.627320][T19612]  ? netlink_sendmsg+0x642/0xb30
[  427.627342][T19612]  netlink_sendmsg+0x805/0xb30
[  427.627369][T19612]  ? __pfx_netlink_sendmsg+0x10/0x10
[  427.627396][T19612]  ? __lock_acquire+0xab9/0xd20
[  427.627410][T19612]  ? aa_sock_msg_perm+0xf1/0x1d0
[  427.627436][T19612]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  427.627453][T19612]  ? __pfx_netlink_sendmsg+0x10/0x10
[  427.627478][T19612]  __sock_sendmsg+0x21c/0x270
[  427.627503][T19612]  ____sys_sendmsg+0x505/0x830
[  427.627527][T19612]  ? __pfx_____sys_sendmsg+0x10/0x10
[  427.627555][T19612]  ? import_iovec+0x74/0xa0
[  427.627581][T19612]  ___sys_sendmsg+0x21f/0x2a0
[  427.627602][T19612]  ? __pfx____sys_sendmsg+0x10/0x10
[  427.627659][T19612]  ? __fget_files+0x2a/0x420
[  427.627675][T19612]  ? __fget_files+0x3a0/0x420
[  427.627704][T19612]  __x64_sys_sendmsg+0x19b/0x260
[  427.627729][T19612]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  427.627759][T19612]  ? __pfx_ksys_write+0x10/0x10
[  427.627787][T19612]  ? do_syscall_64+0xbe/0xfa0
[  427.627813][T19612]  do_syscall_64+0xfa/0xfa0
[  427.627835][T19612]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.627852][T19612]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  427.627870][T19612]  ? clear_bhb_loop+0x60/0xb0
[  427.627891][T19612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.627909][T19612] RIP: 0033:0x7ff85db8efc9
[  427.627924][T19612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  427.627939][T19612] RSP: 002b:00007ff85eaa8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  427.627959][T19612] RAX: ffffffffffffffda RBX: 00007ff85dde5fa0 RCX: 00007ff85db8efc9
[  427.627976][T19612] RDX: 0000000004004000 RSI: 0000200000002800 RDI: 0000000000000007
[  427.627988][T19612] RBP: 00007ff85eaa8090 R08: 0000000000000000 R09: 0000000000000000
[  427.627999][T19612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  427.628010][T19612] R13: 00007ff85dde6038 R14: 00007ff85dde5fa0 R15: 00007ffcd044e928
[  427.628042][T19612]  </TASK>
[  428.030154][T19627] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  428.121597][T19637] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4429'.
[  428.181028][T19642] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4429'.
[  428.339403][T19648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4432'.
[  428.359419][T19648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4432'.
[  428.379303][T19650] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  428.408943][T19656] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4434'.
[  428.532598][T19660] bond7: option arp_interval: mode dependency failed, not supported in mode 802.3ad(4)
[  428.549854][T19660] bond7 (unregistering): Released all slaves
[  428.561222][T19668] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4436'.
[  428.799318][T19681] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4441'.
[  428.868657][T19686] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4443'.
[  428.898146][T19686] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4443'.
[  429.238264][T19709] FAULT_INJECTION: forcing a failure.
[  429.238264][T19709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.270176][T19709] CPU: 1 UID: 0 PID: 19709 Comm: syz.1.4453 Not tainted syzkaller #0 PREEMPT(full) 
[  429.270203][T19709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  429.270213][T19709] Call Trace:
[  429.270221][T19709]  <TASK>
[  429.270229][T19709]  dump_stack_lvl+0x189/0x250
[  429.270256][T19709]  ? __pfx____ratelimit+0x10/0x10
[  429.270278][T19709]  ? __pfx_dump_stack_lvl+0x10/0x10
[  429.270301][T19709]  ? __pfx__printk+0x10/0x10
[  429.270332][T19709]  should_fail_ex+0x414/0x560
[  429.270362][T19709]  _copy_to_user+0x31/0xb0
[  429.270385][T19709]  simple_read_from_buffer+0xe1/0x170
[  429.270414][T19709]  proc_fail_nth_read+0x1b3/0x220
[  429.270439][T19709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  429.270463][T19709]  ? rw_verify_area+0x2a6/0x4d0
[  429.270485][T19709]  ? __lock_acquire+0xab9/0xd20
[  429.270519][T19709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  429.270547][T19709]  vfs_read+0x200/0xa30
[  429.270568][T19709]  ? fdget_pos+0x247/0x320
[  429.270589][T19709]  ? __pfx___mutex_lock+0x10/0x10
[  429.270612][T19709]  ? __pfx_vfs_read+0x10/0x10
[  429.270636][T19709]  ? __fget_files+0x2a/0x420
[  429.270658][T19709]  ? __fget_files+0x3a0/0x420
[  429.270672][T19709]  ? __fget_files+0x2a/0x420
[  429.270699][T19709]  ksys_read+0x145/0x250
[  429.270723][T19709]  ? __pfx_ksys_read+0x10/0x10
[  429.270750][T19709]  ? do_syscall_64+0xbe/0xfa0
[  429.270775][T19709]  do_syscall_64+0xfa/0xfa0
[  429.270795][T19709]  ? lockdep_hardirqs_on+0x9c/0x150
[  429.270816][T19709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.270833][T19709]  ? clear_bhb_loop+0x60/0xb0
[  429.270855][T19709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.270872][T19709] RIP: 0033:0x7fa54e58d9dc
[  429.270888][T19709] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  429.270904][T19709] RSP: 002b:00007fa54f380030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  429.270923][T19709] RAX: ffffffffffffffda RBX: 00007fa54e7e5fa0 RCX: 00007fa54e58d9dc
[  429.270936][T19709] RDX: 000000000000000f RSI: 00007fa54f3800a0 RDI: 0000000000000006
[  429.270947][T19709] RBP: 00007fa54f380090 R08: 0000000000000000 R09: 0000000000000000
[  429.270957][T19709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.270967][T19709] R13: 00007fa54e7e6038 R14: 00007fa54e7e5fa0 R15: 00007fff4e7d8948
[  429.270998][T19709]  </TASK>
[  430.612361][T19778] netlink: 'syz.3.4472': attribute type 1 has an invalid length.
[  430.688807][T19778] 8021q: adding VLAN 0 to HW filter on device bond4
[  430.751142][T19786] bond5: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  430.853849][T19786] bond5 (unregistering): Released all slaves
[  431.053411][T19780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  431.063628][T19780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  431.073665][T19780] bond0 (unregistering): Released all slaves
[  431.304666][T19820] netlink: 'syz.2.4479': attribute type 2 has an invalid length.
[  431.902858][T19870] netlink: 'syz.0.4497': attribute type 6 has an invalid length.
[  432.013518][T19869] xt_TPROXY: Can be used only with -p tcp or -p udp
[  433.443936][T19954] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  433.613844][T19973] netlink: 'syz.0.4531': attribute type 18 has an invalid length.
[  433.643984][T19973] __nla_validate_parse: 6 callbacks suppressed
[  433.644005][T19973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4531'.
[  433.693626][   T50] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  433.713084][   T50] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  433.724654][   T50] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  433.741440][   T50] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  433.827201][T19973] syzkaller1: entered promiscuous mode
[  433.833530][T19973] syzkaller1: entered allmulticast mode
[  434.155188][T19989] bond5: option arp_all_targets: invalid value (18446744073709551613)
[  434.214609][T19996] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4540'.
[  434.242126][T19989] bond5 (unregistering): Released all slaves
[  434.311902][T19996] netlink: 596 bytes leftover after parsing attributes in process `syz.0.4540'.
[  434.619398][T20015] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4545'.
[  434.633517][T20015] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4545'.
[  435.288704][T20055] netlink: 260 bytes leftover after parsing attributes in process `syz.0.4560'.
[  435.875892][T20093] netlink: 'syz.1.4575': attribute type 39 has an invalid length.
[  436.050854][T20089] wg1 speed is unknown, defaulting to 1000
[  436.396808][T20121] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4581'.
[  436.602904][T20089] hsr0 speed is unknown, defaulting to 1000
[  436.902088][T20152] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4592'.
[  437.045604][ T5149] Bluetooth: hci5: command 0x0406 tx timeout
[  437.201049][T20160] syzkaller0: tun_chr_ioctl cmd 2147767511
[  437.242541][T20156] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4593'.
[  437.265207][T20156] syzkaller0: tun_chr_ioctl cmd 1074025677
[  437.271359][T20156] syzkaller0: linktype set to 778
[  437.560044][T20170] bond3: Removing last arp target with arp_interval on
[  439.264523][T20182] syzkaller1: entered promiscuous mode
[  439.270120][T20182] syzkaller1: entered allmulticast mode
[  439.538022][T20203] 
[  439.540395][T20203] ======================================================
[  439.547415][T20203] WARNING: possible circular locking dependency detected
[  439.554448][T20203] syzkaller #0 Not tainted
[  439.558863][T20203] ------------------------------------------------------
[  439.565881][T20203] syz.2.4606/20203 is trying to acquire lock:
[  439.571949][T20203] ffffffff8f425a98 (nr_neigh_list_lock){+...}-{3:3}, at: nr_remove_neigh+0x25/0xe0
[  439.581278][T20203] 
[  439.581278][T20203] but task is already holding lock:
[  439.588647][T20203] ffff88802f8c6470 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0xcce/0x2570
[  439.597982][T20203] 
[  439.597982][T20203] which lock already depends on the new lock.
[  439.597982][T20203] 
[  439.608391][T20203] 
[  439.608391][T20203] the existing dependency chain (in reverse order) is:
[  439.617414][T20203] 
[  439.617414][T20203] -> #2 (&nr_node->node_lock){+...}-{3:3}:
[  439.625435][T20203]        lock_acquire+0x120/0x360
[  439.630472][T20203]        _raw_spin_lock_bh+0x36/0x50
[  439.635785][T20203]        nr_rt_device_down+0x12a/0x720
[  439.641259][T20203]        nr_device_event+0x137/0x150
[  439.646561][T20203]        notifier_call_chain+0x1b6/0x3e0
[  439.652209][T20203]        netif_close_many+0x29c/0x410
[  439.657594][T20203]        netif_close+0x158/0x210
[  439.662549][T20203]        dev_close+0x10a/0x220
[  439.667328][T20203]        bpq_device_event+0x377/0x6a0
[  439.672701][T20203]        notifier_call_chain+0x1b6/0x3e0
[  439.678336][T20203]        netif_close_many+0x29c/0x410
[  439.683723][T20203]        netif_close+0x158/0x210
[  439.688675][T20203]        dev_close+0x10a/0x220
[  439.693452][T20203]        bond_setup_by_slave+0x5f/0x3f0
[  439.699020][T20203]        bond_enslave+0x6ca/0x3850
[  439.704151][T20203]        bond_do_ioctl+0x635/0x9b0
[  439.709289][T20203]        dev_ifsioc+0x90b/0xf00
[  439.714160][T20203]        dev_ioctl+0x7b4/0x1150
[  439.719034][T20203]        sock_do_ioctl+0x22c/0x300
[  439.724162][T20203]        sock_ioctl+0x576/0x790
[  439.729024][T20203]        __se_sys_ioctl+0xfc/0x170
[  439.734148][T20203]        do_syscall_64+0xfa/0xfa0
[  439.739190][T20203]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.745612][T20203] 
[  439.745612][T20203] -> #1 (nr_node_list_lock){+...}-{3:3}:
[  439.753448][T20203]        lock_acquire+0x120/0x360
[  439.758502][T20203]        _raw_spin_lock_bh+0x36/0x50
[  439.763800][T20203]        nr_rt_device_down+0xa9/0x720
[  439.769183][T20203]        nr_device_event+0x137/0x150
[  439.774483][T20203]        notifier_call_chain+0x1b6/0x3e0
[  439.780135][T20203]        netif_close_many+0x29c/0x410
[  439.785527][T20203]        netif_close+0x158/0x210
[  439.790487][T20203]        dev_close+0x10a/0x220
[  439.795271][T20203]        bpq_device_event+0x377/0x6a0
[  439.800647][T20203]        notifier_call_chain+0x1b6/0x3e0
[  439.806291][T20203]        netif_close_many+0x29c/0x410
[  439.811675][T20203]        netif_close+0x158/0x210
[  439.816624][T20203]        dev_close+0x10a/0x220
[  439.821403][T20203]        bond_setup_by_slave+0x5f/0x3f0
[  439.826968][T20203]        bond_enslave+0x6ca/0x3850
[  439.832101][T20203]        bond_do_ioctl+0x635/0x9b0
[  439.833656][T20224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4612'.
[  439.837221][T20203]        dev_ifsioc+0x90b/0xf00
[  439.837249][T20203]        dev_ioctl+0x7b4/0x1150
[  439.837269][T20203]        sock_do_ioctl+0x22c/0x300
[  439.837287][T20203]        sock_ioctl+0x576/0x790
[  439.837303][T20203]        __se_sys_ioctl+0xfc/0x170
[  439.837322][T20203]        do_syscall_64+0xfa/0xfa0
[  439.837344][T20203]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.837361][T20203] 
[  439.837361][T20203] -> #0 (nr_neigh_list_lock){+...}-{3:3}:
[  439.837395][T20203]        validate_chain+0xb9b/0x2140
[  439.837415][T20203]        __lock_acquire+0xab9/0xd20
[  439.837432][T20203]        lock_acquire+0x120/0x360
[  439.905532][T20203]        _raw_spin_lock_bh+0x36/0x50
[  439.910801][T20203]        nr_remove_neigh+0x25/0xe0
[  439.915895][T20203]        nr_add_node+0x1d9f/0x2570
[  439.920984][T20203]        nr_rt_ioctl+0xc12/0xd50
[  439.925902][T20203]        sock_do_ioctl+0xdc/0x300
[  439.930908][T20203]        sock_ioctl+0x576/0x790
[  439.935739][T20203]        __se_sys_ioctl+0xfc/0x170
[  439.940833][T20203]        do_syscall_64+0xfa/0xfa0
[  439.945843][T20203]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.952237][T20203] 
[  439.952237][T20203] other info that might help us debug this:
[  439.952237][T20203] 
[  439.962446][T20203] Chain exists of:
[  439.962446][T20203]   nr_neigh_list_lock --> nr_node_list_lock --> &nr_node->node_lock
[  439.962446][T20203] 
[  439.976241][T20203]  Possible unsafe locking scenario:
[  439.976241][T20203] 
[  439.983673][T20203]        CPU0                    CPU1
[  439.989022][T20203]        ----                    ----
[  439.994370][T20203]   lock(&nr_node->node_lock);
[  439.999134][T20203]                                lock(nr_node_list_lock);
[  440.006227][T20203]                                lock(&nr_node->node_lock);
[  440.013494][T20203]   lock(nr_neigh_list_lock);
[  440.018155][T20203] 
[  440.018155][T20203]  *** DEADLOCK ***
[  440.018155][T20203] 
[  440.026275][T20203] 1 lock held by syz.2.4606/20203:
[  440.031366][T20203]  #0: ffff88802f8c6470 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0xcce/0x2570
[  440.041087][T20203] 
[  440.041087][T20203] stack backtrace:
[  440.046960][T20203] CPU: 1 UID: 0 PID: 20203 Comm: syz.2.4606 Not tainted syzkaller #0 PREEMPT(full) 
[  440.046977][T20203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  440.046985][T20203] Call Trace:
[  440.046993][T20203]  <TASK>
[  440.047000][T20203]  dump_stack_lvl+0x189/0x250
[  440.047020][T20203]  ? __pfx_dump_stack_lvl+0x10/0x10
[  440.047034][T20203]  ? __pfx__printk+0x10/0x10
[  440.047044][T20203]  ? stack_trace_save+0x9c/0xe0
[  440.047061][T20203]  print_circular_bug+0x2ee/0x310
[  440.047076][T20203]  check_noncircular+0x134/0x160
[  440.047089][T20203]  validate_chain+0xb9b/0x2140
[  440.047106][T20203]  __lock_acquire+0xab9/0xd20
[  440.047117][T20203]  ? nr_remove_neigh+0x25/0xe0
[  440.047130][T20203]  lock_acquire+0x120/0x360
[  440.047139][T20203]  ? nr_remove_neigh+0x25/0xe0
[  440.047152][T20203]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  440.047165][T20203]  ? nr_remove_neigh+0x25/0xe0
[  440.047176][T20203]  _raw_spin_lock_bh+0x36/0x50
[  440.047188][T20203]  ? nr_remove_neigh+0x25/0xe0
[  440.047199][T20203]  nr_remove_neigh+0x25/0xe0
[  440.047211][T20203]  nr_add_node+0x1d9f/0x2570
[  440.047223][T20203]  ? __asan_memcpy+0x40/0x70
[  440.047237][T20203]  ? nr_call_to_digi+0x126/0x1b0
[  440.047249][T20203]  nr_rt_ioctl+0xc12/0xd50
[  440.047262][T20203]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  440.047271][T20203]  ? lockdep_hardirqs_on+0x9c/0x150
[  440.047287][T20203]  ? apparmor_capable+0x137/0x1b0
[  440.047300][T20203]  ? capable+0x89/0xe0
[  440.047311][T20203]  ? nr_ioctl+0x1b1/0x3b0
[  440.047320][T20203]  sock_do_ioctl+0xdc/0x300
[  440.047334][T20203]  ? __pfx_sock_do_ioctl+0x10/0x10
[  440.047349][T20203]  sock_ioctl+0x576/0x790
[  440.047361][T20203]  ? __pfx_sock_ioctl+0x10/0x10
[  440.047372][T20203]  ? __fget_files+0x3a0/0x420
[  440.047381][T20203]  ? __fget_files+0x2a/0x420
[  440.047390][T20203]  ? bpf_lsm_file_ioctl+0x9/0x20
[  440.047401][T20203]  ? __pfx_sock_ioctl+0x10/0x10
[  440.047412][T20203]  __se_sys_ioctl+0xfc/0x170
[  440.047424][T20203]  do_syscall_64+0xfa/0xfa0
[  440.047437][T20203]  ? lockdep_hardirqs_on+0x9c/0x150
[  440.047449][T20203]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.047459][T20203]  ? clear_bhb_loop+0x60/0xb0
[  440.047470][T20203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.047480][T20203] RIP: 0033:0x7f984998efc9
[  440.047491][T20203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  440.047500][T20203] RSP: 002b:00007f984a7cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  440.047516][T20203] RAX: ffffffffffffffda RBX: 00007f9849be5fa0 RCX: 00007f984998efc9
[  440.047527][T20203] RDX: 0000200000000440 RSI: 000000000000890b RDI: 0000000000000005
[  440.047533][T20203] RBP: 00007f9849a11f91 R08: 0000000000000000 R09: 0000000000000000
[  440.047540][T20203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  440.047546][T20203] R13: 00007f9849be6038 R14: 00007f9849be5fa0 R15: 00007ffe5bdc3d48
[  440.047557][T20203]  </TASK>
[  440.052319][T20227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4604'.
[  440.063808][T20228] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4606'.
[  447.284193][ T5829] Bluetooth: hci1: command 0x0406 tx timeout