last executing test programs:

3m48.139484747s ago: executing program 3 (id=1231):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000004850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r2 = socket(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4) (async)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)=@newtfilter={0x470, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xc, 0x7fe6}, {0xfff2}, {0x0, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x444, 0x2, [@TCA_BPF_POLICE={0x440, 0x2, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3}, @TCA_POLICE_RATE64={0xc, 0x8, 0x2}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x652}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x4, 0x101, 0x3, 0xc214, 0x3, 0x8, 0xff, 0xfffffff7, 0x2, 0x6, 0x2, 0x8, 0x1, 0x4, 0x7fff, 0xe5f, 0x0, 0x4, 0xffffffab, 0x5, 0x3, 0x6, 0x3, 0x6, 0x40, 0xd, 0x8, 0xb, 0x49c, 0x8, 0x2, 0x9d, 0xb, 0x416, 0x1, 0x40, 0x0, 0x7fffffff, 0x3, 0x5, 0x9, 0x3, 0x9, 0x5, 0x2, 0xfffffffe, 0x8, 0x6, 0xcaa4, 0x400, 0xc, 0x101, 0x7fffffff, 0x2, 0x1ff, 0x2, 0x9, 0x3, 0xffffffff, 0x80000001, 0x3ff, 0x9, 0x4, 0xfffffc01, 0x36cc, 0x10001, 0x10000, 0x7f, 0x5, 0x1, 0x8, 0x8b, 0x6, 0x8, 0x9, 0xffffffff, 0x2, 0x9, 0x1, 0x5, 0x5, 0x8, 0x5, 0x7fff, 0x1, 0x9, 0x80000000, 0x6, 0xfffffffd, 0x7ff, 0x6, 0xb3, 0xfffffffc, 0x4, 0x5, 0x2, 0x9, 0x2fe, 0x3, 0x5, 0x100, 0xd88c, 0x0, 0x400, 0x9, 0x1, 0x8, 0xffff8000, 0xd448133e, 0xf, 0x5, 0x3, 0x9, 0x5, 0x1, 0x9, 0x0, 0x8, 0x1ba, 0x4, 0xf, 0x8, 0x2, 0x712, 0x7, 0xfffffffe, 0x9, 0xc, 0x1, 0x4, 0x1, 0x3, 0x4, 0x1002, 0x4, 0x0, 0x6, 0x5, 0x535d, 0x10, 0x4, 0x3ff, 0x2, 0x2, 0x1, 0x8, 0x4, 0x5, 0x9, 0x2, 0x4, 0x4, 0x5, 0x7, 0x33, 0x81, 0x3, 0x0, 0x8, 0x2, 0x5, 0x4, 0xfffffff9, 0x1ff, 0xb512, 0x11, 0x5, 0x5, 0x9, 0xf, 0x8001, 0x34516a5c, 0x0, 0x6, 0xfa8, 0xd88b, 0xb94, 0x101, 0x7fffffff, 0x8, 0x4, 0x0, 0x4, 0x6, 0x80000001, 0x7, 0x858a, 0xff, 0x8001, 0xffffffff, 0xffffffdd, 0x13c40000, 0x7, 0x5, 0x2, 0xfff, 0x9fe, 0x9, 0xf, 0x9, 0x4, 0x2, 0x1, 0x6, 0x40, 0xae, 0x6, 0x5, 0x6, 0x2, 0x4, 0x7, 0x2, 0x7ff, 0x101, 0x7fff, 0x8001, 0x3, 0xee, 0x1, 0xd3f, 0x538d67ee, 0x8001, 0x7fffffff, 0x2, 0xffff, 0x3, 0xfffffffb, 0x6, 0x9, 0xfffffffb, 0x5fb, 0xfffffffa, 0x6b2a, 0x0, 0xfffffffd, 0x8, 0x800, 0x5, 0x1, 0xba, 0x9, 0xffffffd9, 0x6d6f, 0x401, 0x648b, 0x39b7, 0x6, 0x400, 0xa, 0x3, 0xfc, 0x964, 0x4, 0x4, 0x8000]}]}]}}]}, 0x470}}, 0x0)

3m48.09304442s ago: executing program 3 (id=1232):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x40000, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r2, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10) (async)
sendto$inet(r2, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10) (async)
close(0x4)
close(r1) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r3) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
syz_emit_ethernet(0x6a, 0x0, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
r7 = syz_init_net_socket$ax25(0x3, 0x3, 0x8)
connect$ax25(r7, &(0x7f00000000c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x48) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='/proc/1/\x00\x82q\xee\xe5\xa0\xbd\xc2\x98#YP\xee\x9c2G\xf0\x81x\x97'}, 0x30) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080), 0x10) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000980)=ANY=[@ANYBLOB="ac0100001000330600000f0000000000fc000000000000000000000000000000ffffffff00ffffffff00000000ffff0000004000000080010000200000000000", @ANYRES64, @ANYRES32=0x0, @ANYBLOB="ff0200000000000000000000000000010000000032000000e000000200000000000000000000000023030000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000029bd7000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00200000004e2200000000ac1414bb0000000000000000000000001c0004"], 0x1ac}}, 0x0) (async)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="7badc0fbf75de7aa71e1733b9e61dd0de50c685a48841b5b4073effc7867d490b577f482566d2f761f4b9d054b2b0548fd1ace3e59e8445ee219", @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x4008002}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) (async)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r8) (async)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0x2d8}, 0x10)
socket$unix(0x1, 0x1, 0x0)

3m47.95100942s ago: executing program 3 (id=1235):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000000)=0x8001, &(0x7f0000000080)=0x2)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="340000001a00010028bd70000002000002202000ff0000070002000008000300", @ANYRES32=r3, @ANYBLOB="080019"], 0x34}, 0x1, 0x0, 0x0, 0x11}, 0xea5bc50b6599d77e)

3m47.776807261s ago: executing program 3 (id=1237):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x5, 0x0, &(0x7f0000000280), &(0x7f00000003c0)='syzkaller\x00', 0x5, 0x44, &(0x7f0000000580)=""/68, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x30, r2, 0x8, &(0x7f0000000400)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0x4, 0x2794, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x10000000000000ca, &(0x7f0000000b80)=[0xffffffffffffffff, r2, r2, r0, 0xffffffffffffffff, r4], &(0x7f0000000bc0)=[{0x5, 0x2, 0x5, 0x5}, {0x5, 0x3, 0xe}, {0x5, 0x5, 0xc, 0x8}, {0x3, 0x3, 0xf, 0xc}, {0x1, 0x2, 0x3, 0xa}], 0x10, 0x2314}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x2000002, 0xe, 0xffffffffffffffa0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a2c000000060a010400000000000000000a0000010900010073797a31000000000900020873797a3200000000140000001100010000000000000000000100000a"], 0x54}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="38000000070a050000000000000000000a0040010900010073797a31000000000900020073797a32000000000c000340"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x4004014)
socket$packet(0x11, 0x2, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYRES8=r4, @ANYRESHEX=r3, @ANYBLOB="0038009ffff7100000000000000000000000000019a1c85fd13c6bd9ee649be102e9c068c202cf8b80b52623163398569835e8fe23cd0b523d5f3587d9b3f15fa7099a3182e3c039e718c73adf045fcfa6b98c0695ad827a1849e7252c19169c896118903d1f1da843d276e2616842349d62a02341934298ac376c7118d1e6e869eaa3a7f4196386d6d27d", @ANYRESOCT, @ANYRESOCT=r1, @ANYBLOB="00000000001047844d00"/28], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
socket$kcm(0xa, 0x2, 0x73)
pipe(&(0x7f0000000100))
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff})
getpeername$packet(r9, &(0x7f0000000000)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r8, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r10}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

3m47.702280998s ago: executing program 3 (id=1239):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xc4)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000006340))
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x8, 0x6, 0x900, 0x401}})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@ipv4_newroute={0x2c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x2a00}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_DPORT={0x6, 0x1d, 0x4e24}]}, 0x2c}}, 0x20008081)
syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[], 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000001000000080001003f0000000c000200700f00000000ffff0c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0xc000)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r8, &(0x7f0000000480)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@any, "3ef9709b32572c6e7bb0e862a395489c", "13bf5c597de9b089e5f5b5525def5e2f"}}}, 0x2a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r10}, 0x10)
r11 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r11, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x34, r11, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x34}, 0x1, 0x40030000000000}, 0x0)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000340)={r2, 0xd9, 0xca28, 0xc3, 0xfff, 0x2, 0x3, 0xffff2366, {r2, @in={{0x2, 0x4e23, @multicast1}}, 0xbc, 0x3, 0x2, 0xb67, 0x80000001}}, &(0x7f0000000400)=0xb0)
socket$kcm(0x29, 0x0, 0x0)

3m46.724698639s ago: executing program 3 (id=1247):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000140)=ANY=[], 0x32600)
r1 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x8, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4, {0xa, 0xffff}, {}, {0xfff3, 0xe}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x1, 0xa}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x200008c2)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r1, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
unshare(0x20000400)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
accept(r1, 0x0, &(0x7f0000000300))
getsockopt$sock_int(r6, 0x1, 0x2d, 0x0, &(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newlink={0x58, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1183, 0x2a8a0}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11, 0x118}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PROTECT={0x5}]}}}, @IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x44801}, 0x48000)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r8, 0x890c, 0x0)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="180100001f00010000000000000096000601008014000300fc010000000000000000000000000000140001"], 0x118}], 0x1}, 0x0)

3m46.254011006s ago: executing program 32 (id=1247):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000140)=ANY=[], 0x32600)
r1 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x8, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4, {0xa, 0xffff}, {}, {0xfff3, 0xe}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x1, 0xa}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x200008c2)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r1, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
unshare(0x20000400)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
accept(r1, 0x0, &(0x7f0000000300))
getsockopt$sock_int(r6, 0x1, 0x2d, 0x0, &(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newlink={0x58, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1183, 0x2a8a0}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11, 0x118}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PROTECT={0x5}]}}}, @IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x44801}, 0x48000)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r8, 0x890c, 0x0)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="180100001f00010000000000000096000601008014000300fc010000000000000000000000000000140001"], 0x118}], 0x1}, 0x0)

34.761122136s ago: executing program 2 (id=2715):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000018000000000000000010000851000000000000000020000000000000000000700da"], 0x0, 0x52, 0x0, 0x0, 0x1000}, 0x28)

34.730383451s ago: executing program 2 (id=2716):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000740)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20,serpent)\x00'}, 0x4e)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000b98bc2c900000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa8)

34.484134844s ago: executing program 2 (id=2719):
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)=0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x80002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close(0xffffffffffffffff)
socket$kcm(0x10, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1837000000000000000000000800000085550c00000000009500000000000000e95a7f0fda1bc47138b7c53358451a9fa55742722f2d891fcf50e9d9ba8c18740091e294f5e3f6919d2e8a39d6119fbbbca9d0a4fe148f638347e08636ba40af31364908adfd64cafc4f7275fce536a74435dced0929185cb17ff57535ea870a2c0b60fcbf5c929988527d6c39b38e250e3af4a548f228bb66cd2ef0b591cf5da93825149d1a981f2bab3882c5b390aa251aa5c81ea7e1ab578306ec55ed304fb348d866586e62ad91d210f5c3df337b0ad85f7505ece06e1317d2d70bd3f24cf881d1a7f08249f3575d8e2729e72fc73c3c6a9107557d4d73c6a16098fad638dd05006ac2496ff16198b05b4eb885824518b5ebe1c5279595486b387fca4d682a8ae38bed86da508891ffb168899ace398b787f37b3a0390059d733be5fd0"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x24, 0xfffffffffffffffc, 0x0, 0x0, '\x00', 0x0, 0x38}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000cf00000007"], 0x50)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="340000003e000701fcffffff00000000017c0000040042800c00018006000600ab230000100002800c001780080001800400", @ANYRES64=r2], 0x34}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x2000c000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000780)=""/227, 0xe3}, {&(0x7f0000001a40)=""/217, 0xd9}, {&(0x7f0000003500)=""/4096, 0x1000}, {&(0x7f0000001d80)=""/161, 0xa1}, {&(0x7f0000000680)=""/122, 0x7a}, {&(0x7f0000002c40)=""/146, 0x92}, {&(0x7f0000002d00)=""/128, 0x80}, {&(0x7f0000000400)=""/262, 0x106}, {&(0x7f0000000140)=""/88, 0x58}], 0x9}, 0xf}], 0x1, 0x40000100, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x9c}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a05000000000000000000070000000900010073797a300000000054000000090a01040000000000000000070000000900010073797a30000000000c0009800800014060000002080005400000000408000a40000000010900020073797a3100000000080008400000000104000d40140000001000010000000000000000000084000af46b947451f9f54ac1df2cdc1b150c8eb0af7bf2772fe227ff5d86cc42715694"], 0x9c}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)

34.160667575s ago: executing program 2 (id=2722):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'pim6reg0\x00'})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r8, &(0x7f0000000040), 0x10)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_group_source_req(r9, 0x0, 0x2f, &(0x7f0000000480)={0x8, {{0x2, 0x4e22, @rand_addr=0x64010101}}, {{0x2, 0x4e24, @broadcast}}}, 0x108)
sendmsg$netlink(r8, &(0x7f0000005d80)={&(0x7f0000000440)=@proc={0x10, 0x0, 0x25dfdbfd, 0x80}, 0xc, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000080)=ANY=[], 0x38}], 0x2, 0x0, 0x0, 0x4048850}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x1}, 0x8)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80200, {0x0, 0x0, 0x0, r7, {}, {0xb, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c0e9}, 0x4000000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

33.660841557s ago: executing program 2 (id=2725):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x20044014)
socket$nl_route(0x10, 0x3, 0x0)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, 0x0, 0x0)
r7 = accept4(r6, 0x0, 0x0, 0x80800)
sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x40914)
recvmmsg$unix(r7, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)=""/14, 0xe}], 0x1}}], 0x1, 0x10101, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x20040884}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_ro(r8, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
preadv(r9, &(0x7f0000000100), 0xa, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0x20000014})
socket$netlink(0x10, 0x3, 0x6)

33.414218196s ago: executing program 5 (id=2730):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, r1, 0x4, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x15200, 0xf}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x240040d3) (async)
r2 = epoll_create1(0x0)
ioctl$FICLONE(r2, 0x40049409, r0) (async)
r3 = accept4$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x10, 0x80000)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r3, 0x8983, &(0x7f0000000200)={0x7, 'macvtap0\x00', {0x6}, 0x5}) (async)
ioctl$FS_IOC_GETVERSION(r3, 0x80087601, &(0x7f0000000240))
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000280)={0x33, 0x4, 0x1, 0x0, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @loopback]}, 0x28) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r5, 0x84, 0x8, &(0x7f00000002c0), 0x4) (async)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r5, &(0x7f0000000300)) (async)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000340)=0x5, 0x4)
accept4$llc(r3, &(0x7f0000000380)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000003c0)=0x10, 0x0) (async)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)) (async)
bind$phonet(r3, &(0x7f0000000440)={0x23, 0x7, 0x4, 0x7}, 0x10) (async)
getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, &(0x7f0000000480)={0x6, 0x7, 'syz2\x00'}, &(0x7f00000004c0)=0x28) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r7, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8000000000000001}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4000010)
bind$llc(r3, &(0x7f0000000640)={0x1a, 0x201, 0x5e, 0xe1, 0x81, 0x40, @broadcast}, 0x10) (async)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000680)={<r8=>0x0, 0x1ff, 0x10, 0x8, 0x10000}, &(0x7f00000006c0)=0x18)
syz_genetlink_get_family_id$gtp(&(0x7f0000000700), r4) (async)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000740)={r8, 0x5, 0x2, 0x7, 0x6, 0x87}, 0x14) (async)
ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, &(0x7f0000000780)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (async)
r9 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$sock_buf(r9, 0x1, 0x3, &(0x7f00000009c0)=""/181, &(0x7f0000000a80)=0xb5)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

33.276727435s ago: executing program 5 (id=2733):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r3 = syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$GTP_CMD_GETPDP(r2, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)={0x14, r3, 0x301, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008040) (async)
sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, r3, 0x200, 0x70bd27, 0x8, {}, [@GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_TID={0xc}, @GTPA_I_TEI={0x8, 0x8, 0x2}, @GTPA_I_TEI={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x4000001)

32.975807922s ago: executing program 5 (id=2737):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=<r1=>0x0, @ANYBLOB="007bd47342"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x18, &(0x7f0000000840)=ANY=[@ANYBLOB="180000008f0000ed000000000900000018110300", @ANYRES32=r0, @ANYRESDEC=r1], &(0x7f0000000080)='GPL\x00', 0x7, 0x1000, &(0x7f0000000cc0)=""/4096, 0x41100, 0x22}, 0x94)

32.939359143s ago: executing program 5 (id=2738):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x1, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newtfilter={0xd8, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xc}, {0xfff2}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0xac, 0x2, [@TCA_BPF_ACT={0x4c}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0xd8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071129c000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000003e000701faffffff0000009b00017c0000040042800c00018006000600800a00002c0002802600148004000f0043fd698a4d99cd7fc64ea245be01f197e6a1f56989dba98782eb0099858f0000"], 0x50}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

32.770142713s ago: executing program 5 (id=2741):
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f0000006340))
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x8, 0x6, 0x900, 0x401}})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@ipv4_newroute={0x2c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x2a00}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_DPORT={0x6, 0x1d, 0x4e24}]}, 0x2c}}, 0x20008081)
syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[], 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000080001003f0000000c000200700f00000000ffff0c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0xc000)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r6, &(0x7f0000000480)={0x1, @remote_oob_data_reply={{0x430, 0x26}, {@any, "3ef9709b32572c6e7bb0e862a395489c", "13bf5c597de9b089e5f5b5525def5e2f"}}}, 0x2a)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r8}, 0x10)
r9 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r9, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x34, r9, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x34}, 0x1, 0x40030000000000}, 0x0)

32.768376639s ago: executing program 2 (id=2742):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) (async, rerun: 32)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) (async, rerun: 32)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000804) (async, rerun: 64)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r3, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f0000002780)={0x34, 0x0, 0xb, 0x301, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_COMPAT_REV={0x8}, @NFTA_COMPAT_TYPE={0x8}, @NFTA_COMPAT_NAME={0xd, 0x1, 'rpfilter\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4040010) (async)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
r5 = socket$nl_rdma(0x10, 0x3, 0x14) (async)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000000300000000000000000000080a000000"], 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x804)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r6, 0x110, 0x5, &(0x7f00000004c0)=[0x1, 0x4], 0x2) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x38, 0x1403, 0x1, 0x70bd26, 0x25dfdbff, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4008010) (async)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0) (async)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)=<r10=>0x0)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r9, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x1c}}, 0x0)
write$nci(r7, &(0x7f0000000240)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x1, 0x3, 0x5, 0x5, @v={0x1, 0x1, 0x3, 0x6, 0x7, 0x3, 0x7e, {0x5, 0x9, "30ea56ccf61cab1d"}, 0x3, 0x3e, 0x8, 0x4, 0x1, "eb"}}, 0x1a) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffff7}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0xd}, 0x94) (rerun: 32)
close(r4) (async)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r11}, 0x18)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e00000000c001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c8269956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bea01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f085f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c33c1ed1c0d9cae846bcbfa8cce7b8944578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e666e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000100000000000000000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf129e6d19079e64336e7c676505c78ad67548f4b192be18b1fed95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb080000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eaf36e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee40350273418d4b000000000000c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a7467941bc21edcb9cb8d81e24c3090e1cc90d99e76939da87908fe2bedb44211701130d07c860000ba43870c61fcb4e84dbb216e6046fd7965ec52c94c5bf7511f4ed930c2"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r13, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000633a77fbac141416e000030a83040211fe8000ff811e0000845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) (async)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r12, r11}, 0x10)
setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000100)={{0xa, 0x4e20, 0x3, @mcast1, 0x3ff}, {0xa, 0x4e20, 0x8, @private1, 0x9}, 0x1, {[0x1, 0x0, 0x6, 0x10, 0x2, 0x1, 0x8, 0x4]}}, 0x5c)

32.462742465s ago: executing program 5 (id=2746):
unshare(0x22020600)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x98)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40500000000000079109c000000000005000000000000009500000000000020"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r2, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000000009500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r5, 0x11, 0x0, 0x0, @void, @value=r4}, 0x20)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x10448)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x16c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @remote}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x543}, {0x7, 0x7fffffffffffffff}, {}, 0x70bd2c, 0x3500, 0x2, 0x4, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e24, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@map, r5, 0xf3c5227cb953423c, 0x2010, 0x0, @value=r6}, 0x20)

24.170252043s ago: executing program 4 (id=2834):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)

23.981090009s ago: executing program 4 (id=2836):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbf9400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000100"], &(0x7f0000000240)='GPL\x00', 0x4, 0x4, &(0x7f0000002500)=""/4105, 0x0, 0x68}, 0x94)

23.919233682s ago: executing program 4 (id=2838):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r0, 0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$inet(0x2b, 0x801, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x7}, 0x18)
mmap(&(0x7f00008b7000/0x4000)=nil, 0x4000, 0x0, 0xb4013, 0xffffffffffffffff, 0x0)
ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000e32d284e000000000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x10001, 0x12)
sendfile(r2, r1, 0x0, 0xf03a0005)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

22.937584027s ago: executing program 4 (id=2840):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
listen(r1, 0x0)
ioctl$int_in(r1, 0x5421, &(0x7f0000000180)=0x7)
accept4(r1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001a40)={&(0x7f0000001900)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0xa, [@struct={0x8, 0x0, 0x0, 0x4, 0x1, 0x7}]}, {0x0, [0x5f, 0x2e, 0x5f, 0x30, 0x30, 0x0, 0x5f, 0x5f]}}, &(0x7f0000001a00)=""/16, 0x2e, 0x10, 0x1, 0x8}, 0x28)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r4)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)={0x48, r5, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40080}, 0x4000000)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="50010000100013040000000000000000ac1e000100000000000000000000000020010000000000000000000000000000000000074e2000000200002000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fe8000000000000000000000000000280000000032000000ac1414fe0000000000000000000000000000000000000000070000000000000000000000000000000400000020000000ffffffffffffffff00000000000000000800000000020000000000000000000000000000000000000800000000000000cc000000000000000000000000000000ec000000010000000100000000000000000000000200010100000000000000005f001200726663343330392863636d28616573292900000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000009800000040"], 0x150}, 0x1, 0x0, 0x0, 0x4}, 0x804)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x710, 0x8000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x0, 0x0, 0x5, 0x2f, 0x0, @empty, @private}}}})

22.260566253s ago: executing program 4 (id=2847):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@val={0x0, 0x809b}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0x3e)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4040850}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073112e0000000000851000000200000085000000000000009500d400000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70)
r2 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
socket$kcm(0x2, 0xa, 0x2) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (async)
write$tun(r0, &(0x7f0000000080)={@val={0x0, 0x809b}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0x3e) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4040850}, 0x4000) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073112e0000000000851000000200000085000000000000009500d400000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70) (async)
socket(0x840000000002, 0x3, 0xfa) (async)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @remote}, 0x10) (async)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0) (async)

22.021028837s ago: executing program 4 (id=2848):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000020000007b8af0ff00000000bfa100000000000007010000f8ffffffbf9400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000200"], &(0x7f0000000240)='GPL\x00', 0x4, 0x4, &(0x7f0000002500)=""/4105, 0x0, 0x68}, 0x94)

17.922354581s ago: executing program 0 (id=2874):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="54010000100001000000000000000000fc010000000000000000000000000000fc0200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe80000000000000000000000000001d000004d532000000fc01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00000000000000000500000000000000000000000000000003000000000000000000000000000000000000000000000018bfffff0000000000000000000000000000000002000000cd000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017"], 0x154}}, 0x0)

17.893756685s ago: executing program 1 (id=2875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000005e44f954c6b311a854a7ce673b46342911d1f0619eb513229688763fe15f0d4aa096c02e25cced2fcbf03a1058b204cd4e661b715479c92805e4805e1a6a5d8a1eef6226761d487dae961904dfa2", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000002c0), 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000280)=0xc9, 0x4)
readv(r1, &(0x7f0000000200)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1)
sendmsg$can_bcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES64=0x0, @ANYRES64=r1], 0x80}}, 0x0)
r2 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r5, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
r6 = socket$unix(0x1, 0x2, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4d2f02, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="120000000400000004000000"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r8, &(0x7f0000000340), &(0x7f00000002c0)=@tcp6=r7}, 0x20)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x54, 0x2c, 0xd27, 0x30bd29, 0x40000002, {0x0, 0x0, 0x0, r9, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x7}, {0x7, 0xffffffffffffff5c}}}]}]}]}}]}, 0x54}}, 0x0)
write(r2, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r0}, 0x38)

17.57775572s ago: executing program 0 (id=2876):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
clock_gettime(0x2, &(0x7f00000001c0))
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x20, r2, 0x400, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x10, 0x38}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000004180)=@newtaction={0x94, 0x30, 0xffffffffffffffff, 0x0, 0x40002, {}, [{0x80, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x64, 0x7, 0x8, 0x1, 0x3}}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

17.549215025s ago: executing program 33 (id=2742):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) (async, rerun: 32)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) (async, rerun: 32)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000804) (async, rerun: 64)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r3, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f0000002780)={0x34, 0x0, 0xb, 0x301, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_COMPAT_REV={0x8}, @NFTA_COMPAT_TYPE={0x8}, @NFTA_COMPAT_NAME={0xd, 0x1, 'rpfilter\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4040010) (async)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
r5 = socket$nl_rdma(0x10, 0x3, 0x14) (async)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000000300000000000000000000080a000000"], 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x804)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r6, 0x110, 0x5, &(0x7f00000004c0)=[0x1, 0x4], 0x2) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x38, 0x1403, 0x1, 0x70bd26, 0x25dfdbff, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4008010) (async)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0) (async)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)=<r10=>0x0)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r9, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}]}, 0x1c}}, 0x0)
write$nci(r7, &(0x7f0000000240)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x1, 0x3, 0x5, 0x5, @v={0x1, 0x1, 0x3, 0x6, 0x7, 0x3, 0x7e, {0x5, 0x9, "30ea56ccf61cab1d"}, 0x3, 0x3e, 0x8, 0x4, 0x1, "eb"}}, 0x1a) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffff7}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0xd}, 0x94) (rerun: 32)
close(r4) (async)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r12 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r11}, 0x18)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e00000000c001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c8269956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bea01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f085f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c33c1ed1c0d9cae846bcbfa8cce7b8944578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e666e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000100000000000000000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf129e6d19079e64336e7c676505c78ad67548f4b192be18b1fed95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb080000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eaf36e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee40350273418d4b000000000000c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a7467941bc21edcb9cb8d81e24c3090e1cc90d99e76939da87908fe2bedb44211701130d07c860000ba43870c61fcb4e84dbb216e6046fd7965ec52c94c5bf7511f4ed930c2"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r13, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000633a77fbac141416e000030a83040211fe8000ff811e0000845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) (async)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r12, r11}, 0x10)
setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000100)={{0xa, 0x4e20, 0x3, @mcast1, 0x3ff}, {0xa, 0x4e20, 0x8, @private1, 0x9}, 0x1, {[0x1, 0x0, 0x6, 0x10, 0x2, 0x1, 0x8, 0x4]}}, 0x5c)

17.440029475s ago: executing program 0 (id=2878):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
listen(r1, 0x0)
ioctl$int_in(r1, 0x5421, &(0x7f0000000180)=0x7)
accept4(r1, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001a40)={&(0x7f0000001900)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0xa, [@struct={0x8, 0x0, 0x0, 0x4, 0x1, 0x7}]}, {0x0, [0x5f, 0x2e, 0x5f, 0x30, 0x30, 0x0, 0x5f, 0x5f]}}, &(0x7f0000001a00)=""/16, 0x2e, 0x10, 0x1, 0x8}, 0x28)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r4)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)={0x48, r5, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40080}, 0x4000000)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="50010000100013040000000000000000ac1e000100000000000000000000000020010000000000000000000000000000000000074e2000000200002000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fe8000000000000000000000000000280000000032000000ac1414fe00000000000000000000000000000000000000000700000000000000000000000000000004000000001c0000ffffffffffffffff00000000000000000800000000020000000000000000000000000000000000000800000000000000cc000000000000000000000000000000ec000000010000000100000000000000000000000200010100000000000000005f001200726663343330392863636d28616573292900000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000009800000040"], 0x150}, 0x1, 0x0, 0x0, 0x4}, 0x804)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x710, 0x8000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x0, 0x0, 0x5, 0x2f, 0x0, @empty, @private}}}})

17.400765283s ago: executing program 34 (id=2746):
unshare(0x22020600)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x98)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40500000000000079109c000000000005000000000000009500000000000020"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r2, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000000009500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r5, 0x11, 0x0, 0x0, @void, @value=r4}, 0x20)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x10448)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x16c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @remote}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x543}, {0x7, 0x7fffffffffffffff}, {}, 0x70bd2c, 0x3500, 0x2, 0x4, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e24, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@map, r5, 0xf3c5227cb953423c, 0x2010, 0x0, @value=r6}, 0x20)

16.953078623s ago: executing program 1 (id=2880):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xe, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bda100000000000007010000f8ffffffb702000008000000b703000090ff0000850000003200000095"], &(0x7f0000000000)='GPL\x00', 0x3}, 0x94)

16.853197484s ago: executing program 1 (id=2881):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8)
bind$vsock_stream(r0, &(0x7f0000000940), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
ioctl$sock_TIOCOUTQ(r1, 0x5411, &(0x7f0000000040))
epoll_create1(0x0)
r2 = socket(0x26, 0x80800, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$xdp(0x2c, 0x3, 0x0)
epoll_create1(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x124, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x41, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}, 0x0, @random=0x7, 0x1, @void, @void, @void, @val={0x4, 0x6, {0xf0, 0x2, 0x7f, 0xa706}}, @val={0x6, 0x2, 0x6}, @void, @val={0x25, 0x3, {0x1, 0x8c, 0x8}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}, @NL80211_ATTR_FTM_RESPONDER={0xac, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x5f, 0x2, "6f28cae7e763e81067d4ceb813e7feb2a199aa4d55a1ab96f08a0f0e794136b12fef25420295cc1e507f98d439d24055b3819ebc8073730523a0a085ad7669c2155f69b15be1a3c2c548d7259b70c08e808f7af3a3406f731c9d6e"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x41, 0x3, "5ae3420e80c07506bfd5002f75393ca25f1b4eaf61a166ad9b6b03caed34ec7ca2d030cc7a9c46dec5fa602fdf022276c1d032155f658f98a411e682d7"}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x124}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
sendmsg$NL80211_CMD_SET_KEY(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa8, 0x0, 0x300, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x8, 0x7a}}}}, [@NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "a3ff841e7d975479a355bace85"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "12d173a638"}, @NL80211_ATTR_KEY={0x1c, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "f3df09a5a8bb0e362485420ab2"}, @NL80211_KEY_DEFAULT_MGMT={0x4}]}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x18, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}]}, 0xa8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$alg(0x26, 0x5, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x4c014)

16.656717544s ago: executing program 0 (id=2882):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x6, 0x4, 0xdd, 0xa}, 0x50) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x6, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000000000000000850000007b0000000100000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000061000000b70000004000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000061000000b70000004000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)

16.484958163s ago: executing program 1 (id=2883):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="2c00000011000500000000000003000007000000", @ANYRES32, @ANYBLOB="01000000000000000c001a800800048004000280"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

16.281423941s ago: executing program 1 (id=2884):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
r2 = accept$ax25(r1, &(0x7f00000001c0)={{}, [@netrom, @null, @null, @rose, @bcast, @default, @bcast, @netrom]}, &(0x7f00000000c0)=0x48)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)}, 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400580002020500000000000080000007010006"], 0x14}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
r3 = socket$inet6(0x10, 0x2, 0x0)
sendto$inet6(r3, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

15.755592686s ago: executing program 0 (id=2885):
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="3400009e110001002dbd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0000080008200000140035006970766c616e30000000000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40001}, 0x80)
ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f0000000080)={0x60, 0x10, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0]})

15.676867368s ago: executing program 0 (id=2886):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x0, 0x0, &(0x7f0000000240)='syzkaller\x00'}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)={0x2, 0x1, 0x0, 0x9, 0xa, 0x0, 0xffffffff, 0x25dfdbfc, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @private}}, @sadb_x_sa2={0x2, 0x13, 0xa, 0x0, 0x0, 0x70bd2c, 0x3501}, @sadb_address={0x3, 0x6, 0x6c, 0x20, 0x0, @in={0x2, 0x0, @private=0xa010100}}]}, 0x50}}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002d00010000000000fcdbdf2504"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
recvfrom(r4, 0x0, 0x0, 0x40002000, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$netlink(r5, 0x10e, 0xc, 0x0, &(0x7f0000000140))
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x48, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FWMARK={0x8, 0x14, 0xef}, @IFLA_IPTUN_FLAGS={0x6}, @IFLA_IPTUN_PMTUDISC={0x5}]}}}]}, 0x48}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6866f59e001406fffc010000000000000000000000000001ff"], 0x0)
r8 = accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='tegra_dma_tx_status\x00', r0, 0x0, 0x7}, 0x18)
sendto$packet(r8, &(0x7f00000001c0)="14f17046909452bdb52f3d318d4a5fc77b3343393c3c1352ee022f38c63c7cba0b955b7a6d90e4483519cf693a733ca67b0bac879a08e28366fa69bcfd2aa264af109b7295ed9a992232d2411814329b5ab29e49599f7dc97a2d4031dedf60790b0be351487856d542be0fb16997d994022f29f4c206e3260c8b3670eee70594b5bec3e2f4550ae64fb3138c7876c2ac301fedbf1906921ae69d70856721cf800ee7c1d8bad42c7b3ef6228cf774828819aaf065c210a79e76133bb9b1092b684a30f7eec2061830b130fb808ce296cbd7d291d1dbbbb3e503", 0xd9, 0x20004000, &(0x7f0000000300)={0x11, 0x6, 0x0, 0x1, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0x59, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7af}, 0x48)

15.373008754s ago: executing program 1 (id=2887):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000000009500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2180}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_CARRIER={0x5, 0x21, 0x6}]}, 0x3c}}, 0x0) (async, rerun: 32)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0) (rerun: 32)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) (async)
r10 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r11 = syz_genetlink_get_family_id$gtp(&(0x7f0000002700), 0xffffffffffffffff) (rerun: 32)
sendmsg$GTP_CMD_GETPDP(r10, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r11, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4c010}, 0x8080)
r12 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r12, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x2}, 0x1c)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) (async, rerun: 32)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) (async, rerun: 32)
writev(r6, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0x140}], 0x1)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r4, 0x11, 0x0, 0x0, @void, @value=r3}, 0x20) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x10448) (async)
setsockopt$IP_VS_SO_SET_DELDEST(r3, 0x0, 0x488, &(0x7f0000000240)={{0x8, @local, 0x4e20, 0x4, 'wrr\x00', 0x8, 0xd, 0x2b}, {@rand_addr=0x64010102, 0x4e24, 0x2, 0xda, 0xe53b, 0x1}}, 0x44) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x4010, 0xffffffffffffffff, 0xf9208000)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)={@map, r4, 0x27, 0x2010, 0x0, @value=r3}, 0x20)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, 0x0) (async, rerun: 32)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (rerun: 32)
getsockopt$inet_sctp_SCTP_MAX_BURST(r13, 0x84, 0x14, &(0x7f0000000480), &(0x7f00000004c0)=0x4) (async)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r13, 0x0)

37.384039ms ago: executing program 35 (id=2886):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x0, 0x0, &(0x7f0000000240)='syzkaller\x00'}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)={0x2, 0x1, 0x0, 0x9, 0xa, 0x0, 0xffffffff, 0x25dfdbfc, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @private}}, @sadb_x_sa2={0x2, 0x13, 0xa, 0x0, 0x0, 0x70bd2c, 0x3501}, @sadb_address={0x3, 0x6, 0x6c, 0x20, 0x0, @in={0x2, 0x0, @private=0xa010100}}]}, 0x50}}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002d00010000000000fcdbdf2504"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
recvfrom(r4, 0x0, 0x0, 0x40002000, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$netlink(r5, 0x10e, 0xc, 0x0, &(0x7f0000000140))
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x48, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FWMARK={0x8, 0x14, 0xef}, @IFLA_IPTUN_FLAGS={0x6}, @IFLA_IPTUN_PMTUDISC={0x5}]}}}]}, 0x48}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6866f59e001406fffc010000000000000000000000000001ff"], 0x0)
r8 = accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='tegra_dma_tx_status\x00', r0, 0x0, 0x7}, 0x18)
sendto$packet(r8, &(0x7f00000001c0)="14f17046909452bdb52f3d318d4a5fc77b3343393c3c1352ee022f38c63c7cba0b955b7a6d90e4483519cf693a733ca67b0bac879a08e28366fa69bcfd2aa264af109b7295ed9a992232d2411814329b5ab29e49599f7dc97a2d4031dedf60790b0be351487856d542be0fb16997d994022f29f4c206e3260c8b3670eee70594b5bec3e2f4550ae64fb3138c7876c2ac301fedbf1906921ae69d70856721cf800ee7c1d8bad42c7b3ef6228cf774828819aaf065c210a79e76133bb9b1092b684a30f7eec2061830b130fb808ce296cbd7d291d1dbbbb3e503", 0xd9, 0x20004000, &(0x7f0000000300)={0x11, 0x6, 0x0, 0x1, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0x59, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7af}, 0x48)

0s ago: executing program 36 (id=2887):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000000000009500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2180}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_CARRIER={0x5, 0x21, 0x6}]}, 0x3c}}, 0x0) (async, rerun: 32)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0) (rerun: 32)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) (async)
r10 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r11 = syz_genetlink_get_family_id$gtp(&(0x7f0000002700), 0xffffffffffffffff) (rerun: 32)
sendmsg$GTP_CMD_GETPDP(r10, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r11, 0x1, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4c010}, 0x8080)
r12 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r12, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x2}, 0x1c)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) (async, rerun: 32)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) (async, rerun: 32)
writev(r6, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0x140}], 0x1)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r4, 0x11, 0x0, 0x0, @void, @value=r3}, 0x20) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x10448) (async)
setsockopt$IP_VS_SO_SET_DELDEST(r3, 0x0, 0x488, &(0x7f0000000240)={{0x8, @local, 0x4e20, 0x4, 'wrr\x00', 0x8, 0xd, 0x2b}, {@rand_addr=0x64010102, 0x4e24, 0x2, 0xda, 0xe53b, 0x1}}, 0x44) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x4010, 0xffffffffffffffff, 0xf9208000)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)={@map, r4, 0x27, 0x2010, 0x0, @value=r3}, 0x20)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, 0x0) (async, rerun: 32)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (rerun: 32)
getsockopt$inet_sctp_SCTP_MAX_BURST(r13, 0x84, 0x14, &(0x7f0000000480), &(0x7f00000004c0)=0x4) (async)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r13, 0x0)

kernel console output (not intermixed with test programs):

  ? __pfx___sys_bpf+0x10/0x10
[  261.279711][T11992]  ? ksys_write+0x22a/0x250
[  261.279738][T11992]  ? __pfx_ksys_write+0x10/0x10
[  261.279760][T11992]  ? rcu_is_watching+0x15/0xb0
[  261.279791][T11992]  __x64_sys_bpf+0x7c/0x90
[  261.279819][T11992]  do_syscall_64+0xfa/0x3b0
[  261.279840][T11992]  ? lockdep_hardirqs_on+0x9c/0x150
[  261.279859][T11992]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.279876][T11992]  ? clear_bhb_loop+0x60/0xb0
[  261.279898][T11992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.279915][T11992] RIP: 0033:0x7fbae038eba9
[  261.279930][T11992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.279945][T11992] RSP: 002b:00007fbae121a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  261.279965][T11992] RAX: ffffffffffffffda RBX: 00007fbae05d5fa0 RCX: 00007fbae038eba9
[  261.279977][T11992] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  261.279989][T11992] RBP: 00007fbae121a090 R08: 0000000000000000 R09: 0000000000000000
[  261.280001][T11992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.280011][T11992] R13: 00007fbae05d6038 R14: 00007fbae05d5fa0 R15: 00007ffe67459b58
[  261.280041][T11992]  </TASK>
[  261.696377][T11997] __nla_validate_parse: 5 callbacks suppressed
[  261.696397][T11997] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1677'.
[  261.759311][T11997] gretap0: entered promiscuous mode
[  261.764584][T11997] gretap0: left allmulticast mode
[  261.786334][T11997] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1677'.
[  261.852863][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1678'.
[  261.980064][T12013] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1683'.
[  262.099059][T12009] geneve5: entered promiscuous mode
[  262.151392][ T6490] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  262.187686][ T6490] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  262.218163][T12018] smc: net device bond0 applied user defined pnetid SYZ2
[  262.225543][ T6490] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  262.254867][ T6490] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  262.286437][T12024] smc: net device bond0 erased user defined pnetid SYZ2
[  262.596828][T12046] netlink: 'syz.5.1695': attribute type 7 has an invalid length.
[  262.625333][T12046] netlink: 'syz.5.1695': attribute type 8 has an invalid length.
[  262.639624][T12046] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1695'.
[  262.730928][T12056] netlink: 'syz.5.1699': attribute type 1 has an invalid length.
[  262.805358][T12060] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1700'.
[  262.825494][T12063] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1701'.
[  262.840268][T12057] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  262.852995][T12057] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  262.863469][T12057] bond1: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  262.890004][T12058] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  262.910191][T12060] vlan0: entered promiscuous mode
[  262.943526][T12058] tipc: Resetting bearer <eth:syzkaller0>
[  263.051910][T12054] tipc: Disabling bearer <eth:syzkaller0>
[  263.069336][T12071] netlink: 'syz.0.1702': attribute type 1 has an invalid length.
[  263.072964][T12070] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1703'.
[  263.172678][T12075] smc: net device bond0 applied user defined pnetid SYZ2
[  263.185539][T12075] smc: net device bond0 erased user defined pnetid SYZ2
[  263.458335][T12089] netlink: 'syz.1.1710': attribute type 5 has an invalid length.
[  263.610032][T12101] syzkaller1: entered promiscuous mode
[  263.632347][T12101] syzkaller1: entered allmulticast mode
[  263.781149][T12093] syzkaller1: left promiscuous mode
[  263.786476][T12093] syzkaller1: left allmulticast mode
[  264.055032][T12122] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1717'.
[  264.130053][T12122] vlan0: entered promiscuous mode
[  264.255497][T12130] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1721'.
[  264.498444][T12145] lo speed is unknown, defaulting to 1000
[  264.512437][T12146] smc: net device bond0 applied user defined pnetid SYZ2
[  264.520343][T12146] smc: net device bond0 erased user defined pnetid SYZ2
[  264.552714][T12145] lo speed is unknown, defaulting to 1000
[  264.606396][T12145] lo speed is unknown, defaulting to 1000
[  264.653891][T12145] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  264.719781][T12145] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  264.873602][T12145] lo speed is unknown, defaulting to 1000
[  264.949792][T12145] lo speed is unknown, defaulting to 1000
[  264.961567][T12145] lo speed is unknown, defaulting to 1000
[  264.981337][T12145] lo speed is unknown, defaulting to 1000
[  264.990393][T12169] syzkaller0: entered promiscuous mode
[  264.996311][T12169] syzkaller0: entered allmulticast mode
[  265.005842][T12145] lo speed is unknown, defaulting to 1000
[  265.060472][T12169] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  265.105028][T12169] tipc: Resetting bearer <eth:syzkaller0>
[  265.145161][T12175] vlan2: entered promiscuous mode
[  265.181188][T12166] tipc: Resetting bearer <eth:syzkaller0>
[  265.291874][T12166] tipc: Disabling bearer <eth:syzkaller0>
[  265.295259][T12186] FAULT_INJECTION: forcing a failure.
[  265.295259][T12186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.315449][T12186] CPU: 1 UID: 0 PID: 12186 Comm: syz.5.1737 Not tainted syzkaller #0 PREEMPT(full) 
[  265.315485][T12186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  265.315497][T12186] Call Trace:
[  265.315505][T12186]  <TASK>
[  265.315514][T12186]  dump_stack_lvl+0x189/0x250
[  265.315543][T12186]  ? __pfx____ratelimit+0x10/0x10
[  265.315565][T12186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  265.315587][T12186]  ? __pfx__printk+0x10/0x10
[  265.315614][T12186]  ? __might_fault+0xb0/0x130
[  265.315653][T12186]  should_fail_ex+0x414/0x560
[  265.315686][T12186]  _copy_from_user+0x2d/0xb0
[  265.315730][T12186]  __sys_sendto+0x25c/0x520
[  265.315756][T12186]  ? __pfx___sys_sendto+0x10/0x10
[  265.315807][T12186]  ? ksys_write+0x1e1/0x250
[  265.315838][T12186]  ? __pfx_ksys_write+0x10/0x10
[  265.315862][T12186]  ? rcu_is_watching+0x15/0xb0
[  265.315889][T12186]  __x64_sys_sendto+0xde/0x100
[  265.315916][T12186]  do_syscall_64+0xfa/0x3b0
[  265.315939][T12186]  ? lockdep_hardirqs_on+0x9c/0x150
[  265.315960][T12186]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.315981][T12186]  ? clear_bhb_loop+0x60/0xb0
[  265.316006][T12186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.316026][T12186] RIP: 0033:0x7f2ec178eba9
[  265.316044][T12186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.316062][T12186] RSP: 002b:00007f2ec262f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  265.316085][T12186] RAX: ffffffffffffffda RBX: 00007f2ec19d5fa0 RCX: 00007f2ec178eba9
[  265.316100][T12186] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  265.316112][T12186] RBP: 00007f2ec262f090 R08: 0000200000000040 R09: 000000000000001c
[  265.316126][T12186] R10: 0000000024008844 R11: 0000000000000246 R12: 0000000000000001
[  265.316138][T12186] R13: 00007f2ec19d6038 R14: 00007f2ec19d5fa0 R15: 00007ffe64dd7c48
[  265.316172][T12186]  </TASK>
[  265.548184][T12180] vlan3: entered promiscuous mode
[  265.899651][T12210] openvswitch: netlink: Message has 4 unknown bytes.
[  265.906512][T12210] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  265.942501][T12210] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  265.962616][T12216] vlan0: entered promiscuous mode
[  265.968282][T12209] GUP no longer grows the stack in syz.1.1742 (12209): 200000003000-20000000a000 (200000001000)
[  266.021747][T12220] netlink: 'syz.4.1750': attribute type 7 has an invalid length.
[  266.032493][T12210] syzkaller0: entered promiscuous mode
[  266.037581][T12220] netlink: 'syz.4.1750': attribute type 8 has an invalid length.
[  266.042038][T12210] syzkaller0: entered allmulticast mode
[  266.045961][T12209] CPU: 1 UID: 0 PID: 12209 Comm: syz.1.1742 Not tainted syzkaller #0 PREEMPT(full) 
[  266.045989][T12209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  266.046001][T12209] Call Trace:
[  266.046012][T12209]  <TASK>
[  266.046021][T12209]  dump_stack_lvl+0x189/0x250
[  266.046057][T12209]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.046084][T12209]  ? __pfx__printk+0x10/0x10
[  266.046110][T12209]  ? find_vma+0xe7/0x160
[  266.046137][T12209]  ? __lock_acquire+0xab9/0xd20
[  266.046181][T12209]  __get_user_pages+0x24d0/0x2ce0
[  266.046210][T12209]  ? __bpf_trace_mmap_lock_acquire_returned+0x13b/0x190
[  266.046269][T12209]  ? rcu_is_watching+0x15/0xb0
[  266.046295][T12209]  __gup_longterm_locked+0xde9/0x1660
[  266.046336][T12209]  ? sanity_check_pinned_pages+0x123a/0x1300
[  266.046373][T12209]  gup_fast_fallback+0x1e6a/0x2010
[  266.046434][T12209]  ? __pfx_gup_fast_fallback+0x10/0x10
[  266.046457][T12209]  ? stack_trace_save+0x9c/0xe0
[  266.046482][T12209]  ? __pfx_stack_trace_save+0x10/0x10
[  266.046519][T12209]  ? pin_user_pages_fast+0x4d/0xb0
[  266.046571][T12209]  iov_iter_extract_pages+0x35a/0x5e0
[  266.046629][T12209]  extract_iter_to_sg+0xe46/0x24e0
[  266.046690][T12209]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  266.046736][T12209]  ? __asan_memset+0x22/0x50
[  266.046765][T12209]  af_alg_get_rsgl+0x436/0x810
[  266.046816][T12209]  aead_recvmsg+0x4cc/0x13f0
[  266.046862][T12209]  ? rcu_is_watching+0x15/0xb0
[  266.046900][T12209]  ? __pfx_aead_recvmsg+0x10/0x10
[  266.046935][T12209]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  266.046961][T12209]  ? __pfx_aead_recvmsg+0x10/0x10
[  266.046994][T12209]  sock_recvmsg_nosec+0x183/0x1c0
[  266.047033][T12209]  ____sys_recvmsg+0x3aa/0x460
[  266.047073][T12209]  ? __pfx_____sys_recvmsg+0x10/0x10
[  266.047120][T12209]  ? import_iovec+0x74/0xa0
[  266.047150][T12209]  ___sys_recvmsg+0x1b5/0x510
[  266.047186][T12209]  ? __pfx____sys_recvmsg+0x10/0x10
[  266.047255][T12209]  ? __might_fault+0xb0/0x130
[  266.047292][T12209]  do_recvmmsg+0x307/0x770
[  266.047331][T12209]  ? __pfx_do_recvmmsg+0x10/0x10
[  266.047355][T12209]  ? __ia32_sys_rt_sigreturn+0x6a2/0x7b0
[  266.047422][T12209]  ? __pfx_do_futex+0x10/0x10
[  266.047472][T12209]  __x64_sys_recvmmsg+0x190/0x240
[  266.047503][T12209]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  266.047531][T12209]  ? rcu_is_watching+0x15/0xb0
[  266.047559][T12209]  ? do_syscall_64+0xbe/0x3b0
[  266.047591][T12209]  do_syscall_64+0xfa/0x3b0
[  266.047614][T12209]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.047636][T12209]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.047658][T12209]  ? clear_bhb_loop+0x60/0xb0
[  266.047688][T12209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.047710][T12209] RIP: 0033:0x7fbae038eba9
[  266.047730][T12209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.047751][T12209] RSP: 002b:00007fbae11f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  266.047774][T12209] RAX: ffffffffffffffda RBX: 00007fbae05d6090 RCX: 00007fbae038eba9
[  266.047789][T12209] RDX: 0000000000000002 RSI: 0000200000000180 RDI: 000000000000000b
[  266.047804][T12209] RBP: 00007fbae0411e19 R08: 0000000000000000 R09: 0000000000000000
[  266.047818][T12209] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000000
[  266.047831][T12209] R13: 00007fbae05d6128 R14: 00007fbae05d6090 R15: 00007ffe67459b58
[  266.047868][T12209]  </TASK>
[  266.406197][T12222] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  266.434388][T12207] tipc: Resetting bearer <eth:syzkaller0>
[  266.464197][T12207] tipc: Disabling bearer <eth:syzkaller0>
[  266.595343][   T30] audit: type=1800 audit(1757569630.290:4): pid=12227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1749" name="memory.events" dev="tmpfs" ino=420 res=0 errno=0
[  266.644048][T12220] bridge0: entered promiscuous mode
[  266.650726][T12220] bridge0: left promiscuous mode
[  266.973597][T12242] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  267.057240][T12249] __nla_validate_parse: 12 callbacks suppressed
[  267.057262][T12249] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1758'.
[  267.108248][    C0] bridge0: port 5(team0) entered learning state
[  267.137202][T12249] vlan0: entered promiscuous mode
[  267.184147][T12259] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1762'.
[  267.247164][T12258] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  267.306354][T12262] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1763'.
[  267.441894][T12271] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1766'.
[  267.481862][T12267] smc: net device bond0 applied user defined pnetid SYZ2
[  267.506029][T12270] smc: net device bond0 erased user defined pnetid SYZ2
[  267.906033][T12294] netlink: 'syz.2.1767': attribute type 1 has an invalid length.
[  267.914181][T12294] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1767'.
[  267.924883][T12295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1769'.
[  268.086279][T12294] lo speed is unknown, defaulting to 1000
[  268.158809][T12303] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1773'.
[  268.417017][T12312] netlink: 'syz.0.1776': attribute type 4 has an invalid length.
[  268.522287][T12316] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1777'.
[  268.531832][T12317] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  268.607832][T12312] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  268.636463][T12312] netlink: 'syz.0.1776': attribute type 4 has an invalid length.
[  268.647869][T12319] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  268.686509][T12322] smc: net device bond0 applied user defined pnetid SYZ2
[  268.707421][T12324] smc: net device bond0 erased user defined pnetid SYZ2
[  268.831362][T12327] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1779'.
[  270.325779][T12349] syzkaller0: entered promiscuous mode
[  270.336000][T12349] syzkaller0: entered allmulticast mode
[  270.406668][T12341] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  270.431910][T12341] tipc: Resetting bearer <eth:syzkaller0>
[  270.460695][T12340] tipc: Resetting bearer <eth:syzkaller0>
[  270.583223][T12340] tipc: Disabling bearer <eth:syzkaller0>
[  270.871174][T12372] netlink: 'syz.5.1794': attribute type 1 has an invalid length.
[  270.890887][T12373] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1795'.
[  270.916748][  T143] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  270.954175][  T143] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  271.000657][  T143] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  271.043254][  T143] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  271.195213][T12377] sit0: left allmulticast mode
[  271.278653][T12377] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20003
[  271.343716][T12395] netlink: 'syz.2.1801': attribute type 4 has an invalid length.
[  282.467077][    C0] bridge0: port 5(team0) entered forwarding state
[  282.473526][    C0] bridge0: topology change detected, propagating
[  317.030946][ T1300] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[  317.040054][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  333.825480][T12402] __nla_validate_parse: 6 callbacks suppressed
[  333.825500][T12402] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1806'.
[  333.862024][T12406] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1807'.
[  333.964279][T12414] smc: net device bond0 applied user defined pnetid SYZ2
[  333.997921][T12414] smc: net device bond0 erased user defined pnetid SYZ2
[  334.025639][T12402] netlink: 'syz.2.1806': attribute type 9 has an invalid length.
[  334.066739][T12402] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1806'.
[  334.126286][T12408] netlink: 'syz.4.1808': attribute type 1 has an invalid length.
[  334.177289][T12422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1810'.
[  334.470035][T12408] 8021q: adding VLAN 0 to HW filter on device bond4
[  334.528781][T12430] netlink: 'syz.2.1811': attribute type 3 has an invalid length.
[  334.548368][T12415] bond4: (slave geneve2): making interface the new active one
[  334.583077][T12432] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1810'.
[  334.602219][T12415] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  334.701840][T12426] bond4: entered promiscuous mode
[  334.713277][T12426] geneve2: entered promiscuous mode
[  334.912800][T12447] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1815'.
[  335.416370][T12462] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  335.457817][T12462] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1819'.
[  335.686354][T12476] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1823'.
[  335.810992][T12479] netlink: 'syz.4.1824': attribute type 83 has an invalid length.
[  335.851403][T12479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1824'.
[  335.958296][T12485] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1825'.
[  336.018677][T12479] lo speed is unknown, defaulting to 1000
[  336.498775][T12511] smc: net device bond0 applied user defined pnetid SYZ2
[  336.517581][T12511] smc: net device bond0 erased user defined pnetid SYZ2
[  337.094824][T12532] lo speed is unknown, defaulting to 1000
[  337.411687][T12572] FAULT_INJECTION: forcing a failure.
[  337.411687][T12572] name failslab, interval 1, probability 0, space 0, times 0
[  337.445264][T12572] CPU: 1 UID: 0 PID: 12572 Comm: syz.4.1850 Not tainted syzkaller #0 PREEMPT(full) 
[  337.445292][T12572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  337.445304][T12572] Call Trace:
[  337.445312][T12572]  <TASK>
[  337.445320][T12572]  dump_stack_lvl+0x189/0x250
[  337.445349][T12572]  ? __pfx____ratelimit+0x10/0x10
[  337.445369][T12572]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.445392][T12572]  ? __pfx__printk+0x10/0x10
[  337.445424][T12572]  ? __pfx___might_resched+0x10/0x10
[  337.445442][T12572]  ? fs_reclaim_acquire+0x7d/0x100
[  337.445464][T12572]  should_fail_ex+0x414/0x560
[  337.445494][T12572]  should_failslab+0xa8/0x100
[  337.445523][T12572]  __kmalloc_noprof+0xcb/0x4f0
[  337.445546][T12572]  ? __nla_parse+0x40/0x60
[  337.445561][T12572]  ? nft_obj_init+0x1e0/0x360
[  337.445586][T12572]  nft_obj_init+0x1e0/0x360
[  337.445610][T12572]  nf_tables_newobj+0xac7/0x1320
[  337.445653][T12572]  ? __pfx_nf_tables_newobj+0x10/0x10
[  337.445688][T12572]  ? __nla_parse+0x40/0x60
[  337.445709][T12572]  nfnetlink_rcv+0x1132/0x2520
[  337.445772][T12572]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  337.445816][T12572]  ? ref_tracker_free+0x63a/0x7d0
[  337.445873][T12572]  ? __netlink_deliver_tap+0x807/0x850
[  337.445894][T12572]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.445933][T12572]  netlink_unicast+0x82f/0x9e0
[  337.445971][T12572]  ? __pfx_netlink_unicast+0x10/0x10
[  337.446002][T12572]  ? netlink_sendmsg+0x642/0xb30
[  337.446020][T12572]  ? skb_put+0x11b/0x210
[  337.446045][T12572]  netlink_sendmsg+0x805/0xb30
[  337.446076][T12572]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.446100][T12572]  ? aa_sock_msg_perm+0xf1/0x1d0
[  337.446131][T12572]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  337.446152][T12572]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.446173][T12572]  __sock_sendmsg+0x21c/0x270
[  337.446205][T12572]  ____sys_sendmsg+0x505/0x830
[  337.446235][T12572]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.446267][T12572]  ? import_iovec+0x74/0xa0
[  337.446293][T12572]  ___sys_sendmsg+0x21f/0x2a0
[  337.446319][T12572]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.446381][T12572]  ? __fget_files+0x2a/0x420
[  337.446397][T12572]  ? __fget_files+0x3a0/0x420
[  337.446425][T12572]  __x64_sys_sendmsg+0x19b/0x260
[  337.446452][T12572]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  337.446486][T12572]  ? __pfx_ksys_write+0x10/0x10
[  337.446507][T12572]  ? rcu_is_watching+0x15/0xb0
[  337.446532][T12572]  ? do_syscall_64+0xbe/0x3b0
[  337.446558][T12572]  do_syscall_64+0xfa/0x3b0
[  337.446577][T12572]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.446601][T12572]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.446620][T12572]  ? clear_bhb_loop+0x60/0xb0
[  337.446643][T12572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.446679][T12572] RIP: 0033:0x7f917178eba9
[  337.446698][T12572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.446714][T12572] RSP: 002b:00007f91726ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.446736][T12572] RAX: ffffffffffffffda RBX: 00007f91719d5fa0 RCX: 00007f917178eba9
[  337.446750][T12572] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  337.446762][T12572] RBP: 00007f91726ef090 R08: 0000000000000000 R09: 0000000000000000
[  337.446774][T12572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.446803][T12572] R13: 00007f91719d6038 R14: 00007f91719d5fa0 R15: 00007fff75df5d08
[  337.446872][T12572]  </TASK>
[  337.486650][T12574] lo speed is unknown, defaulting to 1000
[  337.530542][T12575] smc: net device bond0 applied user defined pnetid SYZ2
[  338.158057][T12576] smc: net device bond0 erased user defined pnetid SYZ2
[  338.408861][T12602] geneve2: entered promiscuous mode
[  338.439815][  T143] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.465659][  T143] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.481961][  T143] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.544064][T12601] syzkaller0: entered promiscuous mode
[  338.556198][T12601] syzkaller0: entered allmulticast mode
[  338.608453][  T143] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.625219][T12612] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  338.634392][T12619] netlink: 'syz.4.1862': attribute type 13 has an invalid length.
[  338.659384][T12601] tipc: Resetting bearer <eth:syzkaller0>
[  338.674845][T12619] netlink: 'syz.4.1862': attribute type 17 has an invalid length.
[  338.728643][T12600] tipc: Resetting bearer <eth:syzkaller0>
[  338.753052][T12600] tipc: Disabling bearer <eth:syzkaller0>
[  338.924657][T12633] __nla_validate_parse: 6 callbacks suppressed
[  338.924677][T12633] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1862'.
[  339.015900][T12619] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  339.030075][T12641] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1869'.
[  339.105293][T12636] ip_vti0: entered promiscuous mode
[  339.113154][T12636] ip_vti0: left allmulticast mode
[  339.119291][T12636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1866'.
[  339.161941][T12622] lo speed is unknown, defaulting to 1000
[  339.244439][T12642] smc: net device bond0 applied user defined pnetid SYZ2
[  339.286742][T12650] smc: net device bond0 erased user defined pnetid SYZ2
[  339.323270][T12649] netlink: 159784 bytes leftover after parsing attributes in process `syz.1.1871'.
[  339.661407][T12668] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1878'.
[  339.675059][T12667] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1877'.
[  339.773741][T12669] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1877'.
[  339.865233][T12667] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1877'.
[  339.967482][T12669] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1877'.
[  339.988290][T12679] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1882'.
[  340.035296][T12681] netlink: 'syz.2.1883': attribute type 13 has an invalid length.
[  340.144345][T12681] lo speed is unknown, defaulting to 1000
[  340.234523][T12683] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  340.294433][T12690] syzkaller0: entered promiscuous mode
[  340.324371][T12690] syzkaller0: entered allmulticast mode
[  340.363634][T12683] tipc: Resetting bearer <eth:syzkaller0>
[  340.405921][T12683] tipc: Disabling bearer <eth:syzkaller0>
[  341.147352][T12728] !
: renamed from dummy0 (while UP)
[  341.214756][T12728] lo speed is unknown, defaulting to 1000
[  341.734041][T12743] netlink: 'syz.2.1903': attribute type 1 has an invalid length.
[  341.908946][T12746] netlink: 'syz.0.1904': attribute type 1 has an invalid length.
[  342.225918][T12760] vlan3: entered promiscuous mode
[  342.285542][T12758] geneve2: entered promiscuous mode
[  342.291053][T12758] geneve2: entered allmulticast mode
[  342.424253][T12767] smc: net device bond0 applied user defined pnetid SYZ2
[  342.440353][T12771] FAULT_INJECTION: forcing a failure.
[  342.440353][T12771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.444888][T12772] smc: net device bond0 erased user defined pnetid SYZ2
[  342.517560][T12771] CPU: 0 UID: 0 PID: 12771 Comm: syz.2.1913 Not tainted syzkaller #0 PREEMPT(full) 
[  342.517589][T12771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  342.517601][T12771] Call Trace:
[  342.517610][T12771]  <TASK>
[  342.517619][T12771]  dump_stack_lvl+0x189/0x250
[  342.517647][T12771]  ? __pfx____ratelimit+0x10/0x10
[  342.517669][T12771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.517700][T12771]  ? __pfx__printk+0x10/0x10
[  342.517730][T12771]  ? __might_fault+0xb0/0x130
[  342.517780][T12771]  should_fail_ex+0x414/0x560
[  342.517810][T12771]  _copy_from_user+0x2d/0xb0
[  342.517833][T12771]  kstrtouint_from_user+0xc4/0x170
[  342.517854][T12771]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  342.517891][T12771]  proc_fail_nth_write+0x88/0x200
[  342.517913][T12771]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  342.517941][T12771]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  342.517964][T12771]  vfs_write+0x27b/0xb30
[  342.518000][T12771]  ? __pfx_vfs_write+0x10/0x10
[  342.518027][T12771]  ? __fget_files+0x2a/0x420
[  342.518049][T12771]  ? __fget_files+0x3a0/0x420
[  342.518065][T12771]  ? __fget_files+0x2a/0x420
[  342.518091][T12771]  ksys_write+0x145/0x250
[  342.518120][T12771]  ? __pfx_ksys_write+0x10/0x10
[  342.518141][T12771]  ? rcu_is_watching+0x15/0xb0
[  342.518167][T12771]  ? do_syscall_64+0xbe/0x3b0
[  342.518192][T12771]  do_syscall_64+0xfa/0x3b0
[  342.518212][T12771]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.518231][T12771]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.518249][T12771]  ? clear_bhb_loop+0x60/0xb0
[  342.518272][T12771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.518290][T12771] RIP: 0033:0x7efe87f8d65f
[  342.518318][T12771] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  342.518333][T12771] RSP: 002b:00007efe88ea0030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  342.518369][T12771] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007efe87f8d65f
[  342.518394][T12771] RDX: 0000000000000001 RSI: 00007efe88ea00a0 RDI: 000000000000000b
[  342.518406][T12771] RBP: 00007efe88ea0090 R08: 0000000000000000 R09: 0000000000000000
[  342.518416][T12771] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  342.518425][T12771] R13: 00007efe881d6038 R14: 00007efe881d5fa0 R15: 00007ffce2ef86b8
[  342.518455][T12771]  </TASK>
[  343.085169][T12793] lo speed is unknown, defaulting to 1000
[  343.941966][T12816] __nla_validate_parse: 18 callbacks suppressed
[  343.941999][T12816] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1926'.
[  344.065615][T12820] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1927'.
[  344.161450][T12820] smc: net device bond0 applied user defined pnetid SYZ2
[  344.185794][T12820] smc: net device bond0 erased user defined pnetid SYZ2
[  344.554504][T12835] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1933'.
[  344.584061][T12837] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1932'.
[  344.656129][T12840] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1934'.
[  344.662693][T12841] smc: net device bond0 applied user defined pnetid SYZ2
[  344.711758][T12840] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1934'.
[  344.727485][T12845] smc: net device bond0 erased user defined pnetid SYZ2
[  345.276660][T12859] geneve3: entered promiscuous mode
[  345.330541][ T6497] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  345.357037][ T6497] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  345.375749][ T6497] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  345.401083][ T6497] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  345.464765][T12864] syzkaller0: entered promiscuous mode
[  345.473823][T12864] syzkaller0: entered allmulticast mode
[  345.523282][T12869] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1943'.
[  345.541985][T12864] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  345.555137][T12864] tipc: Resetting bearer <eth:syzkaller0>
[  345.564978][T12863] tipc: Resetting bearer <eth:syzkaller0>
[  345.602258][T12863] tipc: Disabling bearer <eth:syzkaller0>
[  345.643471][T12871] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1945'.
[  345.660044][T12873] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1944'.
[  345.665901][T12871] vlan0: entered promiscuous mode
[  345.776428][T12877] smc: net device bond0 applied user defined pnetid SYZ2
[  345.784891][T12877] smc: net device bond0 erased user defined pnetid SYZ2
[  346.074361][T12886] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1948'.
[  346.600178][T12911] IPVS: set_ctl: invalid protocol: 94 255.255.255.255:20001
[  346.697973][T12914] smc: net device bond0 applied user defined pnetid SYZ2
[  346.718961][T12915] bond0: (slave gretap0): Error: Device type is different from other slaves
[  346.720998][T12914] smc: net device bond0 erased user defined pnetid SYZ2
[  346.816674][  T143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.839329][  T143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.062642][T12928] nftables ruleset with unbound set
[  347.189494][T12935] syzkaller0: entered promiscuous mode
[  347.208732][T12935] syzkaller0: entered allmulticast mode
[  347.368185][T12943] netlink: 'syz.0.1966': attribute type 11 has an invalid length.
[  347.574808][T12953] syzkaller0: entered promiscuous mode
[  347.584349][T12953] syzkaller0: entered allmulticast mode
[  347.862826][T12959] smc: net device bond0 applied user defined pnetid SYZ2
[  347.889541][T12959] smc: net device bond0 erased user defined pnetid SYZ2
[  347.968570][T12962] syzkaller0: entered promiscuous mode
[  347.974541][T12962] syzkaller0: entered allmulticast mode
[  348.173321][T12967] FAULT_INJECTION: forcing a failure.
[  348.173321][T12967] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.194534][T12967] CPU: 1 UID: 0 PID: 12967 Comm: syz.2.1973 Not tainted syzkaller #0 PREEMPT(full) 
[  348.194560][T12967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  348.194571][T12967] Call Trace:
[  348.194578][T12967]  <TASK>
[  348.194587][T12967]  dump_stack_lvl+0x189/0x250
[  348.194614][T12967]  ? __pfx____ratelimit+0x10/0x10
[  348.194635][T12967]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.194657][T12967]  ? __pfx__printk+0x10/0x10
[  348.194684][T12967]  ? __might_fault+0xb0/0x130
[  348.194721][T12967]  should_fail_ex+0x414/0x560
[  348.194752][T12967]  _copy_from_iter+0x1de/0x1790
[  348.194779][T12967]  ? rcu_is_watching+0x15/0xb0
[  348.194799][T12967]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  348.194827][T12967]  ? __pfx__copy_from_iter+0x10/0x10
[  348.194849][T12967]  ? __build_skb_around+0x257/0x3e0
[  348.194873][T12967]  ? netlink_sendmsg+0x642/0xb30
[  348.194892][T12967]  ? skb_put+0x11b/0x210
[  348.194916][T12967]  netlink_sendmsg+0x6b2/0xb30
[  348.194946][T12967]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.194971][T12967]  ? aa_sock_msg_perm+0xf1/0x1d0
[  348.194990][T12967]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  348.195011][T12967]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.195033][T12967]  __sock_sendmsg+0x21c/0x270
[  348.195064][T12967]  ____sys_sendmsg+0x505/0x830
[  348.195093][T12967]  ? __pfx_____sys_sendmsg+0x10/0x10
[  348.195125][T12967]  ? import_iovec+0x74/0xa0
[  348.195151][T12967]  ___sys_sendmsg+0x21f/0x2a0
[  348.195176][T12967]  ? __pfx____sys_sendmsg+0x10/0x10
[  348.195246][T12967]  ? __fget_files+0x2a/0x420
[  348.195262][T12967]  ? __fget_files+0x3a0/0x420
[  348.195289][T12967]  __x64_sys_sendmsg+0x19b/0x260
[  348.195315][T12967]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  348.195348][T12967]  ? __pfx_ksys_write+0x10/0x10
[  348.195370][T12967]  ? rcu_is_watching+0x15/0xb0
[  348.195394][T12967]  ? do_syscall_64+0xbe/0x3b0
[  348.195420][T12967]  do_syscall_64+0xfa/0x3b0
[  348.195439][T12967]  ? lockdep_hardirqs_on+0x9c/0x150
[  348.195459][T12967]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.195488][T12967]  ? clear_bhb_loop+0x60/0xb0
[  348.195509][T12967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.195525][T12967] RIP: 0033:0x7efe87f8eba9
[  348.195542][T12967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.195556][T12967] RSP: 002b:00007efe88ea0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.195575][T12967] RAX: ffffffffffffffda RBX: 00007efe881d5fa0 RCX: 00007efe87f8eba9
[  348.195588][T12967] RDX: 0000000000048010 RSI: 0000200000000280 RDI: 0000000000000015
[  348.195599][T12967] RBP: 00007efe88ea0090 R08: 0000000000000000 R09: 0000000000000000
[  348.195610][T12967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.195621][T12967] R13: 00007efe881d6038 R14: 00007efe881d5fa0 R15: 00007ffce2ef86b8
[  348.195649][T12967]  </TASK>
[  349.222873][T13008] __nla_validate_parse: 14 callbacks suppressed
[  349.222893][T13008] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1987'.
[  349.259331][T13010] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1989'.
[  349.274808][T13008] vlan2: entered promiscuous mode
[  349.309677][T13016] FAULT_INJECTION: forcing a failure.
[  349.309677][T13016] name failslab, interval 1, probability 0, space 0, times 0
[  349.323018][T13016] CPU: 0 UID: 0 PID: 13016 Comm: syz.2.1990 Not tainted syzkaller #0 PREEMPT(full) 
[  349.323044][T13016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  349.323055][T13016] Call Trace:
[  349.323063][T13016]  <TASK>
[  349.323071][T13016]  dump_stack_lvl+0x189/0x250
[  349.323099][T13016]  ? __pfx____ratelimit+0x10/0x10
[  349.323121][T13016]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.323143][T13016]  ? __pfx__printk+0x10/0x10
[  349.323176][T13016]  ? __pfx___might_resched+0x10/0x10
[  349.323193][T13016]  ? fs_reclaim_acquire+0x7d/0x100
[  349.323215][T13016]  should_fail_ex+0x414/0x560
[  349.323245][T13016]  should_failslab+0xa8/0x100
[  349.323275][T13016]  __kmalloc_cache_noprof+0x70/0x3d0
[  349.323299][T13016]  ? rtnl_newlink+0xed/0x1c70
[  349.323343][T13016]  rtnl_newlink+0xed/0x1c70
[  349.323362][T13016]  ? __lock_acquire+0xab9/0xd20
[  349.323398][T13016]  ? __pfx_rtnl_newlink+0x10/0x10
[  349.323426][T13016]  ? is_bpf_text_address+0x26/0x2b0
[  349.323472][T13016]  ? __lock_acquire+0xab9/0xd20
[  349.323510][T13016]  ? __lock_acquire+0xab9/0xd20
[  349.323553][T13016]  ? is_bpf_text_address+0x26/0x2b0
[  349.323583][T13016]  ? is_bpf_text_address+0x292/0x2b0
[  349.323608][T13016]  ? is_bpf_text_address+0x26/0x2b0
[  349.323641][T13016]  ? __lock_acquire+0xab9/0xd20
[  349.323693][T13016]  ? __pfx_rtnl_newlink+0x10/0x10
[  349.323711][T13016]  rtnetlink_rcv_msg+0x7cc/0xb70
[  349.323728][T13016]  ? __lock_acquire+0xab9/0xd20
[  349.323754][T13016]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  349.323771][T13016]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  349.323806][T13016]  netlink_rcv_skb+0x208/0x470
[  349.323823][T13016]  ? __lock_acquire+0xab9/0xd20
[  349.323849][T13016]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  349.323869][T13016]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  349.323899][T13016]  ? netlink_deliver_tap+0x2e/0x1b0
[  349.323925][T13016]  netlink_unicast+0x82f/0x9e0
[  349.323961][T13016]  ? __pfx_netlink_unicast+0x10/0x10
[  349.323989][T13016]  ? netlink_sendmsg+0x642/0xb30
[  349.324006][T13016]  ? skb_put+0x11b/0x210
[  349.324029][T13016]  netlink_sendmsg+0x805/0xb30
[  349.324057][T13016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.324080][T13016]  ? aa_sock_msg_perm+0xf1/0x1d0
[  349.324099][T13016]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  349.324118][T13016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.324138][T13016]  __sock_sendmsg+0x21c/0x270
[  349.324168][T13016]  ____sys_sendmsg+0x505/0x830
[  349.324195][T13016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.324226][T13016]  ? import_iovec+0x74/0xa0
[  349.324251][T13016]  ___sys_sendmsg+0x21f/0x2a0
[  349.324275][T13016]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.324336][T13016]  ? __fget_files+0x2a/0x420
[  349.324351][T13016]  ? __fget_files+0x3a0/0x420
[  349.324377][T13016]  __x64_sys_sendmsg+0x19b/0x260
[  349.324402][T13016]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  349.324433][T13016]  ? __pfx_ksys_write+0x10/0x10
[  349.324454][T13016]  ? rcu_is_watching+0x15/0xb0
[  349.324478][T13016]  ? do_syscall_64+0xbe/0x3b0
[  349.324501][T13016]  do_syscall_64+0xfa/0x3b0
[  349.324520][T13016]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.324538][T13016]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.324555][T13016]  ? clear_bhb_loop+0x60/0xb0
[  349.324576][T13016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.324593][T13016] RIP: 0033:0x7efe87f8eba9
[  349.324610][T13016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.324625][T13016] RSP: 002b:00007efe88ea0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.324643][T13016] RAX: ffffffffffffffda RBX: 00007efe881d5fa0 RCX: 00007efe87f8eba9
[  349.324655][T13016] RDX: 0000000000048010 RSI: 0000200000000280 RDI: 0000000000000015
[  349.324666][T13016] RBP: 00007efe88ea0090 R08: 0000000000000000 R09: 0000000000000000
[  349.324677][T13016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.324687][T13016] R13: 00007efe881d6038 R14: 00007efe881d5fa0 R15: 00007ffce2ef86b8
[  349.324715][T13016]  </TASK>
[  349.944942][T13027] vlan3: entered promiscuous mode
[  350.035250][T13037] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1999'.
[  350.043094][T13034] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1997'.
[  350.170670][T13045] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  350.241561][T13040] smc: net device bond0 applied user defined pnetid SYZ2
[  350.249501][T13040] smc: net device bond0 erased user defined pnetid SYZ2
[  350.286338][T13050] FAULT_INJECTION: forcing a failure.
[  350.286338][T13050] name failslab, interval 1, probability 0, space 0, times 0
[  350.304497][T13050] CPU: 1 UID: 0 PID: 13050 Comm: syz.4.2003 Not tainted syzkaller #0 PREEMPT(full) 
[  350.304523][T13050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  350.304535][T13050] Call Trace:
[  350.304543][T13050]  <TASK>
[  350.304552][T13050]  dump_stack_lvl+0x189/0x250
[  350.304578][T13050]  ? __pfx____ratelimit+0x10/0x10
[  350.304600][T13050]  ? __pfx_dump_stack_lvl+0x10/0x10
[  350.304622][T13050]  ? __pfx__printk+0x10/0x10
[  350.304653][T13050]  ? __pfx___might_resched+0x10/0x10
[  350.304671][T13050]  ? fs_reclaim_acquire+0x7d/0x100
[  350.304693][T13050]  should_fail_ex+0x414/0x560
[  350.304723][T13050]  should_failslab+0xa8/0x100
[  350.304752][T13050]  __kmalloc_cache_noprof+0x70/0x3d0
[  350.304777][T13050]  ? rtnl_newlink+0xed/0x1c70
[  350.304794][T13050]  ? kasan_save_free_info+0x46/0x50
[  350.304818][T13050]  rtnl_newlink+0xed/0x1c70
[  350.304835][T13050]  ? netlink_sendmsg+0x805/0xb30
[  350.304853][T13050]  ? __sock_sendmsg+0x21c/0x270
[  350.304878][T13050]  ? ____sys_sendmsg+0x505/0x830
[  350.304897][T13050]  ? ___sys_sendmsg+0x21f/0x2a0
[  350.304916][T13050]  ? __x64_sys_sendmsg+0x19b/0x260
[  350.304936][T13050]  ? do_syscall_64+0xfa/0x3b0
[  350.304956][T13050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.304983][T13050]  ? __pfx_rtnl_newlink+0x10/0x10
[  350.305036][T13050]  ? kasan_quarantine_put+0xdd/0x220
[  350.305059][T13050]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.305085][T13050]  ? nlmon_xmit+0xb0/0x100
[  350.305103][T13050]  ? kmem_cache_free+0x18f/0x400
[  350.305135][T13050]  ? __local_bh_enable_ip+0x12d/0x1c0
[  350.305155][T13050]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.305176][T13050]  ? __local_bh_enable_ip+0x12d/0x1c0
[  350.305194][T13050]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  350.305216][T13050]  ? __dev_queue_xmit+0x27b/0x3b50
[  350.305240][T13050]  ? __dev_queue_xmit+0x27b/0x3b50
[  350.305262][T13050]  ? __dev_queue_xmit+0x27b/0x3b50
[  350.305285][T13050]  ? __dev_queue_xmit+0x1d79/0x3b50
[  350.305314][T13050]  ? __lock_acquire+0xab9/0xd20
[  350.305367][T13050]  ? __pfx_rtnl_newlink+0x10/0x10
[  350.305385][T13050]  rtnetlink_rcv_msg+0x7cc/0xb70
[  350.305409][T13050]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  350.305426][T13050]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  350.305443][T13050]  ? ref_tracker_free+0x63a/0x7d0
[  350.305471][T13050]  ? __asan_memcpy+0x40/0x70
[  350.305491][T13050]  ? __pfx_ref_tracker_free+0x10/0x10
[  350.305529][T13050]  netlink_rcv_skb+0x208/0x470
[  350.305550][T13050]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  350.305571][T13050]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  350.305602][T13050]  ? netlink_deliver_tap+0x2e/0x1b0
[  350.305630][T13050]  netlink_unicast+0x82f/0x9e0
[  350.305668][T13050]  ? __pfx_netlink_unicast+0x10/0x10
[  350.305697][T13050]  ? netlink_sendmsg+0x642/0xb30
[  350.305715][T13050]  ? skb_put+0x11b/0x210
[  350.305739][T13050]  netlink_sendmsg+0x805/0xb30
[  350.305769][T13050]  ? __pfx_netlink_sendmsg+0x10/0x10
[  350.305793][T13050]  ? aa_sock_msg_perm+0xf1/0x1d0
[  350.305812][T13050]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  350.305833][T13050]  ? __pfx_netlink_sendmsg+0x10/0x10
[  350.305854][T13050]  __sock_sendmsg+0x21c/0x270
[  350.305885][T13050]  ____sys_sendmsg+0x505/0x830
[  350.305913][T13050]  ? __pfx_____sys_sendmsg+0x10/0x10
[  350.305945][T13050]  ? import_iovec+0x74/0xa0
[  350.305971][T13050]  ___sys_sendmsg+0x21f/0x2a0
[  350.305996][T13050]  ? __pfx____sys_sendmsg+0x10/0x10
[  350.306063][T13050]  ? __fget_files+0x2a/0x420
[  350.306079][T13050]  ? __fget_files+0x3a0/0x420
[  350.306106][T13050]  __x64_sys_sendmsg+0x19b/0x260
[  350.306131][T13050]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  350.306164][T13050]  ? __pfx_ksys_write+0x10/0x10
[  350.306185][T13050]  ? rcu_is_watching+0x15/0xb0
[  350.306210][T13050]  ? do_syscall_64+0xbe/0x3b0
[  350.306234][T13050]  do_syscall_64+0xfa/0x3b0
[  350.306255][T13050]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.306274][T13050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.306293][T13050]  ? clear_bhb_loop+0x60/0xb0
[  350.306316][T13050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.306334][T13050] RIP: 0033:0x7f917178eba9
[  350.306351][T13050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.306367][T13050] RSP: 002b:00007f91726ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  350.306386][T13050] RAX: ffffffffffffffda RBX: 00007f91719d5fa0 RCX: 00007f917178eba9
[  350.306400][T13050] RDX: 0000000000048010 RSI: 0000200000000280 RDI: 0000000000000015
[  350.306412][T13050] RBP: 00007f91726ef090 R08: 0000000000000000 R09: 0000000000000000
[  350.306423][T13050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.306434][T13050] R13: 00007f91719d6038 R14: 00007f91719d5fa0 R15: 00007fff75df5d08
[  350.306464][T13050]  </TASK>
[  350.358135][T13042] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  350.554277][T13056] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  350.992417][T13071] syzkaller0: entered promiscuous mode
[  351.005567][T13074] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2008'.
[  351.015265][T13071] syzkaller0: entered allmulticast mode
[  351.116637][T13074] vlan3: entered promiscuous mode
[  351.278242][T13089] netlink: 'syz.5.2012': attribute type 3 has an invalid length.
[  351.307311][T13089] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2012'.
[  351.388587][T13091] netlink: del zone limit has 4 unknown bytes
[  351.487050][T13096] FAULT_INJECTION: forcing a failure.
[  351.487050][T13096] name failslab, interval 1, probability 0, space 0, times 0
[  351.517411][T13096] CPU: 1 UID: 0 PID: 13096 Comm: syz.5.2016 Not tainted syzkaller #0 PREEMPT(full) 
[  351.517438][T13096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  351.517448][T13096] Call Trace:
[  351.517456][T13096]  <TASK>
[  351.517464][T13096]  dump_stack_lvl+0x189/0x250
[  351.517492][T13096]  ? __pfx____ratelimit+0x10/0x10
[  351.517513][T13096]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.517535][T13096]  ? __pfx__printk+0x10/0x10
[  351.517569][T13096]  ? __pfx___might_resched+0x10/0x10
[  351.517584][T13096]  ? fs_reclaim_acquire+0x7d/0x100
[  351.517607][T13096]  should_fail_ex+0x414/0x560
[  351.517638][T13096]  ? alloc_netdev_mqs+0xa3/0x11b0
[  351.517662][T13096]  should_failslab+0xa8/0x100
[  351.517692][T13096]  __kvmalloc_node_noprof+0x161/0x5f0
[  351.517719][T13096]  ? alloc_netdev_mqs+0xa3/0x11b0
[  351.517743][T13096]  ? snprintf+0xda/0x120
[  351.517774][T13096]  alloc_netdev_mqs+0xa3/0x11b0
[  351.517798][T13096]  ? __pfx_vlan_setup+0x10/0x10
[  351.517819][T13096]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  351.517843][T13096]  rtnl_create_link+0x31f/0xd10
[  351.517877][T13096]  rtnl_newlink_create+0x25c/0xb00
[  351.517904][T13096]  ? __mutex_lock+0x5bb/0x1350
[  351.517932][T13096]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  351.517957][T13096]  ? __pfx___mutex_lock+0x10/0x10
[  351.517988][T13096]  ? ns_capable+0x8a/0xf0
[  351.518012][T13096]  rtnl_newlink+0x16d6/0x1c70
[  351.518033][T13096]  ? netlink_sendmsg+0x805/0xb30
[  351.518067][T13096]  ? __pfx_rtnl_newlink+0x10/0x10
[  351.518112][T13096]  ? kasan_quarantine_put+0xdd/0x220
[  351.518134][T13096]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.518167][T13096]  ? nlmon_xmit+0xb0/0x100
[  351.518185][T13096]  ? kmem_cache_free+0x18f/0x400
[  351.518218][T13096]  ? __local_bh_enable_ip+0x12d/0x1c0
[  351.518237][T13096]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.518258][T13096]  ? __local_bh_enable_ip+0x12d/0x1c0
[  351.518276][T13096]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  351.518299][T13096]  ? __dev_queue_xmit+0x27b/0x3b50
[  351.518323][T13096]  ? __dev_queue_xmit+0x27b/0x3b50
[  351.518346][T13096]  ? __dev_queue_xmit+0x27b/0x3b50
[  351.518389][T13096]  ? __dev_queue_xmit+0x1d79/0x3b50
[  351.518421][T13096]  ? __lock_acquire+0xab9/0xd20
[  351.518480][T13096]  ? __pfx_rtnl_newlink+0x10/0x10
[  351.518499][T13096]  rtnetlink_rcv_msg+0x7cc/0xb70
[  351.518524][T13096]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  351.518544][T13096]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  351.518561][T13096]  ? ref_tracker_free+0x63a/0x7d0
[  351.518591][T13096]  ? __asan_memcpy+0x40/0x70
[  351.518612][T13096]  ? __pfx_ref_tracker_free+0x10/0x10
[  351.518654][T13096]  netlink_rcv_skb+0x208/0x470
[  351.518676][T13096]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  351.518698][T13096]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  351.518733][T13096]  ? netlink_deliver_tap+0x2e/0x1b0
[  351.518763][T13096]  netlink_unicast+0x82f/0x9e0
[  351.518804][T13096]  ? __pfx_netlink_unicast+0x10/0x10
[  351.518836][T13096]  ? netlink_sendmsg+0x642/0xb30
[  351.518854][T13096]  ? skb_put+0x11b/0x210
[  351.518881][T13096]  netlink_sendmsg+0x805/0xb30
[  351.518914][T13096]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.518950][T13096]  ? aa_sock_msg_perm+0xf1/0x1d0
[  351.518970][T13096]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  351.518990][T13096]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.519012][T13096]  __sock_sendmsg+0x21c/0x270
[  351.519042][T13096]  ____sys_sendmsg+0x505/0x830
[  351.519072][T13096]  ? __pfx_____sys_sendmsg+0x10/0x10
[  351.519105][T13096]  ? import_iovec+0x74/0xa0
[  351.519131][T13096]  ___sys_sendmsg+0x21f/0x2a0
[  351.519163][T13096]  ? __pfx____sys_sendmsg+0x10/0x10
[  351.519226][T13096]  ? __fget_files+0x2a/0x420
[  351.519242][T13096]  ? __fget_files+0x3a0/0x420
[  351.519269][T13096]  __x64_sys_sendmsg+0x19b/0x260
[  351.519294][T13096]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  351.519326][T13096]  ? __pfx_ksys_write+0x10/0x10
[  351.519348][T13096]  ? rcu_is_watching+0x15/0xb0
[  351.519372][T13096]  ? do_syscall_64+0xbe/0x3b0
[  351.519396][T13096]  do_syscall_64+0xfa/0x3b0
[  351.519416][T13096]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.519435][T13096]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.519453][T13096]  ? clear_bhb_loop+0x60/0xb0
[  351.519476][T13096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.519495][T13096] RIP: 0033:0x7f2ec178eba9
[  351.519511][T13096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.519527][T13096] RSP: 002b:00007f2ec262f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  351.519546][T13096] RAX: ffffffffffffffda RBX: 00007f2ec19d5fa0 RCX: 00007f2ec178eba9
[  351.519560][T13096] RDX: 0000000000048010 RSI: 0000200000000280 RDI: 0000000000000015
[  351.519572][T13096] RBP: 00007f2ec262f090 R08: 0000000000000000 R09: 0000000000000000
[  351.519583][T13096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.519594][T13096] R13: 00007f2ec19d6038 R14: 00007f2ec19d5fa0 R15: 00007ffe64dd7c48
[  351.519626][T13096]  </TASK>
[  352.050987][T13100] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2019'.
[  352.100061][T13101] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  352.112975][T13098] syzkaller0: entered promiscuous mode
[  352.131973][T13098] syzkaller0: entered allmulticast mode
[  352.204471][T13113] smc: net device bond0 applied user defined pnetid SYZ2
[  352.224612][T13113] smc: net device bond0 erased user defined pnetid SYZ2
[  352.276609][T13097] tipc: Resetting bearer <eth:syzkaller0>
[  352.380809][T13097] tipc: Disabling bearer <eth:syzkaller0>
[  352.430678][T13119] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2026'.
[  352.660280][T13130] Àÿ: renamed from team_slave_1
[  353.051929][T13158] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2037'.
[  353.106945][T13159] vlan0: entered promiscuous mode
[  353.141481][T13163] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  353.154883][T13161] syzkaller0: entered promiscuous mode
[  353.204646][T13161] syzkaller0: entered allmulticast mode
[  353.233935][T13165] smc: net device bond0 applied user defined pnetid SYZ2
[  353.281817][T13169] smc: net device bond0 erased user defined pnetid SYZ2
[  353.288391][T13170] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  353.328991][T13161] tipc: Resetting bearer <eth:syzkaller0>
[  353.413015][T13161] tipc: Disabling bearer <eth:syzkaller0>
[  353.495522][T13174] netlink: 'syz.1.2041': attribute type 7 has an invalid length.
[  353.504098][T13174] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2041'.
[  353.624987][T13178] 8021q: adding VLAN 0 to HW filter on device bond6
[  353.773896][T13178] bond6 (unregistering): Released all slaves
[  354.850352][T13236] __nla_validate_parse: 2 callbacks suppressed
[  354.850372][T13236] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2055'.
[  354.867541][T13241] lo speed is unknown, defaulting to 1000
[  355.165826][T13248] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2058'.
[  355.179654][T13264] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2060'.
[  355.184963][T13266] syzkaller0: entered promiscuous mode
[  355.200107][T13266] syzkaller0: entered allmulticast mode
[  355.232656][T13261] netlink: 228 bytes leftover after parsing attributes in process `syz.4.2058'.
[  355.340727][T13274] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2062'.
[  355.419712][T13279] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2063'.
[  355.512813][T13281] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2064'.
[  355.634224][T13283] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2064'.
[  355.665356][T13274] vlan0: entered promiscuous mode
[  355.739244][T13281] macvtap1: entered promiscuous mode
[  355.744751][T13281] erspan0: entered promiscuous mode
[  355.750614][T13281] macvtap1: entered allmulticast mode
[  355.932839][T13289] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2066'.
[  355.993107][T13289] 8021q: VLANs not supported on wg1
[  356.686731][T13316] netlink: 'syz.2.2073': attribute type 11 has an invalid length.
[  356.717034][T13316] netlink: 'syz.2.2073': attribute type 4 has an invalid length.
[  356.734602][T13316] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2073'.
[  356.877862][T13320] netlink: 'syz.2.2073': attribute type 3 has an invalid length.
[  357.135639][T13328] vlan0: entered promiscuous mode
[  357.274593][T13333] syzkaller0: entered promiscuous mode
[  357.297202][T13333] syzkaller0: entered allmulticast mode
[  357.750421][ T6518] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x80
[  357.871444][T13359] lo speed is unknown, defaulting to 1000
[  358.222287][T13383] netlink: 'syz.0.2091': attribute type 13 has an invalid length.
[  358.242085][T13383] netlink: 'syz.0.2091': attribute type 17 has an invalid length.
[  358.250951][T13383] lo: left allmulticast mode
[  358.261426][T13383] tunl0: left allmulticast mode
[  358.271968][T13383] gre0: left allmulticast mode
[  358.291010][T13383] gretap0: left promiscuous mode
[  358.315721][T13383] ip_vti0: left promiscuous mode
[  358.323662][T13383] ip6_vti0: left allmulticast mode
[  358.334723][T13383] ip6tnl0: left allmulticast mode
[  358.342263][T13383] ip6gre0: left allmulticast mode
[  358.349754][T13383] syz_tun: left allmulticast mode
[  358.366488][T13383] ip6gretap0: left allmulticast mode
[  358.389864][T13383] bridge0: left allmulticast mode
[  358.400428][T13383] vcan0: left allmulticast mode
[  358.406819][T13383] bond0: left allmulticast mode
[  358.418590][T13383] team0: left allmulticast mode
[  358.424643][T13383] 8021q: adding VLAN 0 to HW filter on device team0
[  358.434354][T13383] !
: left allmulticast mode
[  358.444447][T13383] nlmon0: left allmulticast mode
[  358.454051][T13383] 0ªX¹¦À: left allmulticast mode
[  358.463769][T13383] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  358.691045][T13389] lo speed is unknown, defaulting to 1000
[  359.495807][T13448] netlink: 'syz.1.2109': attribute type 1 has an invalid length.
[  359.768038][T13454] 8021q: adding VLAN 0 to HW filter on device bond7
[  359.779777][T13454] bond6: (slave bond7): making interface the new active one
[  359.791052][T13454] bond6: (slave bond7): Enslaving as an active interface with an up link
[  359.980251][T13465] !
: renamed from dummy0
[  360.088685][T13468] __nla_validate_parse: 5 callbacks suppressed
[  360.088707][T13468] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2115'.
[  360.423769][T13474] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2116'.
[  360.477511][T13471] lo speed is unknown, defaulting to 1000
[  360.506384][T13474] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2116'.
[  360.802258][T13482] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2118'.
[  360.845749][T13482] netlink: 9 bytes leftover after parsing attributes in process `syz.5.2118'.
[  360.903714][T13482] gretap0: entered promiscuous mode
[  361.016054][T13490] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2121'.
[  361.247979][T13493] syzkaller0: entered promiscuous mode
[  361.272641][T13493] syzkaller0: entered allmulticast mode
[  361.364313][T13497] syzkaller0: entered promiscuous mode
[  361.376808][T13497] syzkaller0: entered allmulticast mode
[  361.406235][T13503] syzkaller1: tun_chr_ioctl cmd 1074025677
[  361.414004][T13503] syzkaller1: linktype set to 823
[  361.447827][T13501] lo speed is unknown, defaulting to 1000
[  361.532777][T13505] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  361.833484][T13510] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2128'.
[  361.866002][T13515] lo speed is unknown, defaulting to 1000
[  361.941511][T13516] rdma_op ffff8880548c39f0 conn xmit_rdma 0000000000000000
[  362.304690][T13525] vlan0: entered promiscuous mode
[  362.319269][T13525] veth1: entered promiscuous mode
[  362.522501][T13526] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2132'.
[  362.694540][T13530] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.2133'.
[  362.811252][T13538] raw_sendmsg: syz.5.2135 forgot to set AF_INET. Fix it!
[  362.857183][T13540] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2136'.
[  362.933503][T13544] netlink: 'syz.4.2137': attribute type 1 has an invalid length.
[  362.944001][T13540] vlan0: entered promiscuous mode
[  363.163948][T13544] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR
[  363.663262][T13555] syzkaller0: entered promiscuous mode
[  363.712596][T13555] syzkaller0: entered allmulticast mode
[  363.918051][T13561] (unnamed net_device) (uninitialized): option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0)
[  364.061914][T13561] lo speed is unknown, defaulting to 1000
[  364.249673][T13570] 8021q: VLANs not supported on vxcan1
[  365.076018][T13603] syzkaller0: entered promiscuous mode
[  365.086955][T13603] syzkaller0: entered allmulticast mode
[  365.510738][T13621] __nla_validate_parse: 6 callbacks suppressed
[  365.510758][T13621] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2161'.
[  365.591873][T13625] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2163'.
[  365.671350][T13629] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2164'.
[  365.706786][T13629] bridge_slave_1: left allmulticast mode
[  365.734417][T13629] bridge_slave_1: left promiscuous mode
[  365.760683][T13629] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.796756][T13629] bridge_slave_0: left allmulticast mode
[  365.810956][T13629] bridge_slave_0: left promiscuous mode
[  365.833944][T13629] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.906141][T13629] bridge0 (unregistering): left promiscuous mode
[  365.963661][T13633] smc: net device bond0 applied user defined pnetid SYZ2
[  366.007453][T13636] smc: net device bond0 erased user defined pnetid SYZ2
[  366.015980][T13641] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  366.223506][T13650] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2167'.
[  366.283663][T13657] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.403530][T13659] smc: net device bond0 applied user defined pnetid SYZ2
[  366.423134][T13665] smc: net device bond0 erased user defined pnetid SYZ2
[  366.475136][T13657] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.594228][T13657] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.695695][T13657] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.702688][T13674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2174'.
[  366.870488][T13678] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2173'.
[  366.972174][ T6490] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.991036][ T6490] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.051252][ T6492] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.074071][ T6492] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.194399][T13686] IPVS: set_ctl: invalid protocol: 92 127.0.0.1:20003
[  367.469796][T13698] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2183'.
[  367.577587][T13706] smc: net device bond0 applied user defined pnetid SYZ2
[  367.578503][T13705] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  367.586131][T13706] smc: net device bond0 erased user defined pnetid SYZ2
[  367.618196][T13705] netdevsim netdevsim2 netdevsim0: refused to change device tx_queue_len
[  367.625330][T13700] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  367.748760][T13711] netlink: 'syz.2.2189': attribute type 16 has an invalid length.
[  367.757327][T13711] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.2189'.
[  368.405466][T13750] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2202'.
[  368.474783][T13759] smc: net device bond0 applied user defined pnetid SYZ2
[  368.488745][T13759] smc: net device bond0 erased user defined pnetid SYZ2
[  368.494100][T13758] IPVS: Unknown mcast interface: ipvlan1
[  368.542352][T13761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2206'.
[  368.755208][T13773] netlink: 'syz.4.2206': attribute type 10 has an invalid length.
[  368.804119][T13773] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  368.804407][T13776] syz.1.2210 uses old SIOCAX25GETINFO
[  368.882158][T13779] netlink: 'syz.0.2212': attribute type 12 has an invalid length.
[  368.912060][T13779] netlink: 'syz.0.2212': attribute type 29 has an invalid length.
[  369.009663][T13784] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  370.307294][ T5186] Bluetooth: hci2: command 0x0405 tx timeout
[  370.536837][T13850] lo speed is unknown, defaulting to 1000
[  370.615270][T13858] __nla_validate_parse: 14 callbacks suppressed
[  370.615290][T13858] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2241'.
[  370.663192][T13861] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2242'.
[  370.680543][T13861] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2242'.
[  370.802580][T13869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2244'.
[  370.818996][T13869] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2244'.
[  370.827203][   T30] audit: type=1804 audit(1757569734.520:5): pid=13867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2243" name="/newroot/405/cgroup.controllers" dev="tmpfs" ino=2106 res=1 errno=0
[  370.894327][   T30] audit: type=1800 audit(1757569734.550:6): pid=13867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2243" name="cgroup.controllers" dev="tmpfs" ino=2106 res=0 errno=0
[  370.980133][T13871] syzkaller0: entered promiscuous mode
[  370.986164][   T30] audit: type=1800 audit(1757569734.550:7): pid=13867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2243" name="cgroup.controllers" dev="tmpfs" ino=2106 res=0 errno=0
[  370.999282][T13871] syzkaller0: entered allmulticast mode
[  371.617227][T13911] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.634474][T13913] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  371.663248][T13913] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  371.685243][T13910] lo speed is unknown, defaulting to 1000
[  372.019152][T13921] netlink: 'syz.4.2258': attribute type 1 has an invalid length.
[  372.037428][T13921] netlink: 5624 bytes leftover after parsing attributes in process `syz.4.2258'.
[  372.085865][T13919] lo speed is unknown, defaulting to 1000
[  372.203432][T13921] lo speed is unknown, defaulting to 1000
[  373.589960][T13960] lo speed is unknown, defaulting to 1000
[  373.626362][T13982] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2276'.
[  373.638701][T13984] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2274'.
[  374.015057][T13999] sctp: [Deprecated]: syz.2.2281 (pid 13999) Use of int in maxseg socket option.
[  374.015057][T13999] Use struct sctp_assoc_value instead
[  374.394576][T14007] ªªªªª>: renamed from wg2 (while UP)
[  375.128777][T14050] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  375.345880][T14062] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2296'.
[  375.358559][T14057] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2294'.
[  375.416491][T14062] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  375.425900][T14062] team0: Device ipvlan2 is already an upper device of the team interface
[  375.573120][T14075] netlink: 'syz.4.2299': attribute type 4 has an invalid length.
[  375.596701][T14075] : renamed from bond0 (while UP)
[  375.683043][T14080] __nla_validate_parse: 3 callbacks suppressed
[  375.683061][T14080] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2301'.
[  375.779820][T14081] openvswitch: netlink: IP tunnel attribute has 113 unknown bytes.
[  375.799323][T14090] openvswitch: netlink: IP tunnel attribute has 113 unknown bytes.
[  375.808060][T14086] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2303'.
[  376.023960][T14104] netlink: 'syz.5.2306': attribute type 1 has an invalid length.
[  376.052737][T14104] netlink: 'syz.5.2306': attribute type 2 has an invalid length.
[  376.130731][T14104] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2306'.
[  376.148854][ T6511] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  376.162789][ T6511] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  376.190497][ T6511] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  376.258332][ T6511] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  377.125798][T14127] lo speed is unknown, defaulting to 1000
[  377.184979][T14130] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2316'.
[  377.305169][T14125] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  377.378477][T10413] lo speed is unknown, defaulting to 1000
[  377.384466][T10413] syz2: Port: 1 Link ACTIVE
[  377.437938][ T6672] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  377.471070][ T6497] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  377.556256][T14136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2318'.
[  377.617473][T14137] netlink: 284 bytes leftover after parsing attributes in process `syz.0.2318'.
[  378.051250][ T6672] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  378.183899][T14157] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2326'.
[  378.224981][T14158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2325'.
[  378.244998][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2325'.
[  378.260488][T14158] netlink: 'syz.1.2325': attribute type 1 has an invalid length.
[  378.275069][T14158] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2325'.
[  378.471020][ T1300] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[  378.485548][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.550875][ T6492] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  378.584009][ T6492] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  378.905239][T14166] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  378.925605][T14166] syzkaller0: entered promiscuous mode
[  378.942520][T14166] syzkaller0: entered allmulticast mode
[  379.002364][ T6672] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  379.017359][T14166] tipc: Resetting bearer <eth:syzkaller0>
[  379.034066][T14165] tipc: Resetting bearer <eth:syzkaller0>
[  379.090302][T14165] tipc: Disabling bearer <eth:syzkaller0>
[  379.248698][T14174] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  379.333358][T14177] batadv_slave_0: mtu less than device minimum
[  379.359257][T14177] batadv_slave_0: mtu less than device minimum
[  379.473268][T14185] netlink: 'syz.1.2334': attribute type 9 has an invalid length.
[  380.031276][T14199] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  380.039449][T14199] syzkaller0: entered promiscuous mode
[  380.048492][T14199] syzkaller0: entered allmulticast mode
[  380.111636][T14199] tipc: Resetting bearer <eth:syzkaller0>
[  380.931378][T14214] syz.5.2342 (14214) used greatest stack depth: 17816 bytes left
[  381.045153][T14219] netlink: 'syz.5.2343': attribute type 1 has an invalid length.
[  381.088711][T14219] bond2: entered promiscuous mode
[  381.094333][T14219] 8021q: adding VLAN 0 to HW filter on device bond2
[  381.205680][T14221] 8021q: adding VLAN 0 to HW filter on device bond3
[  381.214748][T14221] bond2: (slave bond3): making interface the new active one
[  381.237158][T14221] bond3: entered promiscuous mode
[  381.243260][T14221] bond2: (slave bond3): Enslaving as an active interface with an up link
[  381.439275][T14228] __nla_validate_parse: 1 callbacks suppressed
[  381.439295][T14228] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2345'.
[  381.514943][T14231] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2346'.
[  381.558295][T14233] smc: net device bond0 applied user defined pnetid SYZ2
[  381.577650][T14233] smc: net device bond0 erased user defined pnetid SYZ2
[  381.661224][T14235] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2347'.
[  381.721876][T14235] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2347'.
[  381.839090][T14235] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2347'.
[  381.866703][T14235] geneve3: entered promiscuous mode
[  381.898280][ T6492] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  381.933883][ T6492] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  381.967246][ T6492] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  381.985634][ T6492] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  382.012403][T14243] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2350'.
[  382.085843][T14245] lo speed is unknown, defaulting to 1000
[  382.095667][T14252] smc: net device bond0 applied user defined pnetid SYZ2
[  382.108159][T14252] smc: net device bond0 erased user defined pnetid SYZ2
[  382.130060][T14247] netlink: 'syz.1.2352': attribute type 62 has an invalid length.
[  382.158983][T14247] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2352'.
[  382.172017][T14253] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2351'.
[  382.181270][T14253] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2351'.
[  382.199467][T14253] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2351'.
[  382.221072][T14247] lo speed is unknown, defaulting to 1000
[  382.627067][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  382.990764][T14195] tipc: Resetting bearer <eth:syzkaller0>
[  383.011442][T14195] tipc: Disabling bearer <eth:syzkaller0>
[  383.304571][T14307] vlan2: entered promiscuous mode
[  383.923204][T14324] pim6reg99999999: entered allmulticast mode
[  383.935612][T14324] netlink: 'syz.5.2367': attribute type 30 has an invalid length.
[  384.132145][T14331] vlan0: entered promiscuous mode
[  384.230597][T14337] tipc: New replicast peer: 255.255.255.255
[  384.238233][T14337] tipc: Enabled bearer <udp:s>, priority 10
[  384.249057][T14340] FAULT_INJECTION: forcing a failure.
[  384.249057][T14340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.279830][T14340] CPU: 0 UID: 0 PID: 14340 Comm: syz.4.2372 Not tainted syzkaller #0 PREEMPT(full) 
[  384.279859][T14340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  384.279875][T14340] Call Trace:
[  384.279883][T14340]  <TASK>
[  384.279893][T14340]  dump_stack_lvl+0x189/0x250
[  384.279921][T14340]  ? __pfx____ratelimit+0x10/0x10
[  384.279942][T14340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.279965][T14340]  ? __pfx__printk+0x10/0x10
[  384.279991][T14340]  ? __might_fault+0xb0/0x130
[  384.280049][T14340]  should_fail_ex+0x414/0x560
[  384.280079][T14340]  _copy_from_user+0x2d/0xb0
[  384.280103][T14340]  __sys_bpf+0x1ed/0x870
[  384.280131][T14340]  ? __pfx___sys_bpf+0x10/0x10
[  384.280193][T14340]  ? ksys_write+0x22a/0x250
[  384.280219][T14340]  ? __pfx_ksys_write+0x10/0x10
[  384.280241][T14340]  ? rcu_is_watching+0x15/0xb0
[  384.280265][T14340]  __x64_sys_bpf+0x7c/0x90
[  384.280287][T14340]  do_syscall_64+0xfa/0x3b0
[  384.280306][T14340]  ? lockdep_hardirqs_on+0x9c/0x150
[  384.280324][T14340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.280342][T14340]  ? clear_bhb_loop+0x60/0xb0
[  384.280364][T14340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.280385][T14340] RIP: 0033:0x7f917178eba9
[  384.280401][T14340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.280416][T14340] RSP: 002b:00007f91726ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  384.280435][T14340] RAX: ffffffffffffffda RBX: 00007f91719d5fa0 RCX: 00007f917178eba9
[  384.280448][T14340] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  384.280459][T14340] RBP: 00007f91726ef090 R08: 0000000000000000 R09: 0000000000000000
[  384.280470][T14340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.280481][T14340] R13: 00007f91719d6038 R14: 00007f91719d5fa0 R15: 00007fff75df5d08
[  384.280511][T14340]  </TASK>
[  384.999708][T14387] vlan2: entered promiscuous mode
[  385.058147][T14391] netlink: 'syz.5.2390': attribute type 99 has an invalid length.
[  385.100787][T14393] FAULT_INJECTION: forcing a failure.
[  385.100787][T14393] name failslab, interval 1, probability 0, space 0, times 0
[  385.113875][T14393] CPU: 1 UID: 0 PID: 14393 Comm: syz.0.2391 Not tainted syzkaller #0 PREEMPT(full) 
[  385.113900][T14393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  385.113911][T14393] Call Trace:
[  385.113918][T14393]  <TASK>
[  385.113925][T14393]  dump_stack_lvl+0x189/0x250
[  385.113951][T14393]  ? __pfx____ratelimit+0x10/0x10
[  385.113970][T14393]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.114017][T14393]  ? __pfx__printk+0x10/0x10
[  385.114049][T14393]  ? __pfx___might_resched+0x10/0x10
[  385.114065][T14393]  ? fs_reclaim_acquire+0x7d/0x100
[  385.114087][T14393]  should_fail_ex+0x414/0x560
[  385.114116][T14393]  should_failslab+0xa8/0x100
[  385.114144][T14393]  __kmalloc_noprof+0xcb/0x4f0
[  385.114167][T14393]  ? bpf_test_init+0xc2/0x170
[  385.114190][T14393]  bpf_test_init+0xc2/0x170
[  385.114211][T14393]  bpf_prog_test_run_xdp+0x37c/0x1000
[  385.114247][T14393]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  385.114272][T14393]  ? __fget_files+0x2a/0x420
[  385.114305][T14393]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  385.114324][T14393]  bpf_prog_test_run+0x2c7/0x340
[  385.114352][T14393]  __sys_bpf+0x581/0x870
[  385.114377][T14393]  ? __pfx___sys_bpf+0x10/0x10
[  385.114412][T14393]  ? ksys_write+0x22a/0x250
[  385.114437][T14393]  ? __pfx_ksys_write+0x10/0x10
[  385.114458][T14393]  ? rcu_is_watching+0x15/0xb0
[  385.114483][T14393]  __x64_sys_bpf+0x7c/0x90
[  385.114504][T14393]  do_syscall_64+0xfa/0x3b0
[  385.114523][T14393]  ? lockdep_hardirqs_on+0x9c/0x150
[  385.114541][T14393]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.114558][T14393]  ? clear_bhb_loop+0x60/0xb0
[  385.114579][T14393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.114596][T14393] RIP: 0033:0x7f12a198eba9
[  385.114611][T14393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.114625][T14393] RSP: 002b:00007f12a289c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  385.114643][T14393] RAX: ffffffffffffffda RBX: 00007f12a1bd5fa0 RCX: 00007f12a198eba9
[  385.114655][T14393] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  385.114666][T14393] RBP: 00007f12a289c090 R08: 0000000000000000 R09: 0000000000000000
[  385.114676][T14393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.114686][T14393] R13: 00007f12a1bd6038 R14: 00007f12a1bd5fa0 R15: 00007fffa9b85638
[  385.114714][T14393]  </TASK>
[  385.378902][ T5959] tipc: Node number set to 2613413396
[  385.465443][T14404] : (slave bridge0): Releasing backup interface
[  385.501577][T14404] bridge0: port 5(team0) entered disabled state
[  385.508403][T14404] bridge0: port 4(netdevsim2) entered disabled state
[  385.515292][T14404] bridge0: port 3(macsec0) entered disabled state
[  385.522006][T14404] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.529403][T14404] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.564518][T14404] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check.
[  385.731016][T14411] lo speed is unknown, defaulting to 1000
[  385.822353][T14416] lo speed is unknown, defaulting to 1000
[  386.029766][T14430] FAULT_INJECTION: forcing a failure.
[  386.029766][T14430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.043274][T14430] CPU: 0 UID: 0 PID: 14430 Comm: syz.1.2403 Not tainted syzkaller #0 PREEMPT(full) 
[  386.043296][T14430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  386.043307][T14430] Call Trace:
[  386.043312][T14430]  <TASK>
[  386.043319][T14430]  dump_stack_lvl+0x189/0x250
[  386.043342][T14430]  ? __pfx____ratelimit+0x10/0x10
[  386.043357][T14430]  ? __pfx_dump_stack_lvl+0x10/0x10
[  386.043374][T14430]  ? __pfx__printk+0x10/0x10
[  386.043404][T14430]  should_fail_ex+0x414/0x560
[  386.043427][T14430]  _copy_from_user+0x2d/0xb0
[  386.043444][T14430]  bpf_test_init+0xf8/0x170
[  386.043462][T14430]  bpf_prog_test_run_xdp+0x37c/0x1000
[  386.043489][T14430]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  386.043507][T14430]  ? __fget_files+0x2a/0x420
[  386.043524][T14430]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  386.043539][T14430]  bpf_prog_test_run+0x2c7/0x340
[  386.043563][T14430]  __sys_bpf+0x581/0x870
[  386.043585][T14430]  ? __pfx___sys_bpf+0x10/0x10
[  386.043616][T14430]  ? ksys_write+0x22a/0x250
[  386.043636][T14430]  ? __pfx_ksys_write+0x10/0x10
[  386.043653][T14430]  ? rcu_is_watching+0x15/0xb0
[  386.043672][T14430]  __x64_sys_bpf+0x7c/0x90
[  386.043689][T14430]  do_syscall_64+0xfa/0x3b0
[  386.043705][T14430]  ? lockdep_hardirqs_on+0x9c/0x150
[  386.043719][T14430]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.043733][T14430]  ? clear_bhb_loop+0x60/0xb0
[  386.043750][T14430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.043763][T14430] RIP: 0033:0x7fbae038eba9
[  386.043776][T14430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.043788][T14430] RSP: 002b:00007fbae121a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  386.043803][T14430] RAX: ffffffffffffffda RBX: 00007fbae05d5fa0 RCX: 00007fbae038eba9
[  386.043814][T14430] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  386.043823][T14430] RBP: 00007fbae121a090 R08: 0000000000000000 R09: 0000000000000000
[  386.043832][T14430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.043840][T14430] R13: 00007fbae05d6038 R14: 00007fbae05d5fa0 R15: 00007ffe67459b58
[  386.043863][T14430]  </TASK>
[  386.102404][T14433] vlan2: entered promiscuous mode
[  386.513156][T14446] __nla_validate_parse: 10 callbacks suppressed
[  386.513177][T14446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  386.574467][T14440] lo speed is unknown, defaulting to 1000
[  386.628220][T14446] team1: entered promiscuous mode
[  386.644564][T14446] team1: entered allmulticast mode
[  386.662329][T14444] lo speed is unknown, defaulting to 1000
[  386.831690][T14458] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2411'.
[  386.880597][T14461] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2412'.
[  386.892836][T14463] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2413'.
[  386.942314][T14464] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2412'.
[  387.114201][T14468] FAULT_INJECTION: forcing a failure.
[  387.114201][T14468] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  387.136566][T14468] CPU: 0 UID: 0 PID: 14468 Comm: syz.1.2415 Not tainted syzkaller #0 PREEMPT(full) 
[  387.136593][T14468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  387.136604][T14468] Call Trace:
[  387.136620][T14468]  <TASK>
[  387.136627][T14468]  dump_stack_lvl+0x189/0x250
[  387.136654][T14468]  ? __pfx____ratelimit+0x10/0x10
[  387.136673][T14468]  ? __pfx_dump_stack_lvl+0x10/0x10
[  387.136712][T14468]  ? __pfx__printk+0x10/0x10
[  387.136741][T14468]  ? fs_reclaim_acquire+0x7d/0x100
[  387.136786][T14468]  should_fail_ex+0x414/0x560
[  387.136830][T14468]  prepare_alloc_pages+0x213/0x610
[  387.136857][T14468]  __alloc_frozen_pages_noprof+0x123/0x370
[  387.136880][T14468]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  387.136908][T14468]  ? policy_nodemask+0x27c/0x720
[  387.136940][T14468]  alloc_pages_mpol+0x232/0x4a0
[  387.136972][T14468]  alloc_pages_noprof+0xa9/0x190
[  387.137001][T14468]  bpf_prog_test_run_xdp+0xb8d/0x1000
[  387.137039][T14468]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  387.137065][T14468]  ? __fget_files+0x2a/0x420
[  387.137087][T14468]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  387.137108][T14468]  bpf_prog_test_run+0x2c7/0x340
[  387.137139][T14468]  __sys_bpf+0x581/0x870
[  387.137166][T14468]  ? __pfx___sys_bpf+0x10/0x10
[  387.137204][T14468]  ? ksys_write+0x22a/0x250
[  387.137231][T14468]  ? __pfx_ksys_write+0x10/0x10
[  387.137253][T14468]  ? rcu_is_watching+0x15/0xb0
[  387.137280][T14468]  __x64_sys_bpf+0x7c/0x90
[  387.137304][T14468]  do_syscall_64+0xfa/0x3b0
[  387.137324][T14468]  ? lockdep_hardirqs_on+0x9c/0x150
[  387.137343][T14468]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.137361][T14468]  ? clear_bhb_loop+0x60/0xb0
[  387.137384][T14468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.137403][T14468] RIP: 0033:0x7fbae038eba9
[  387.137420][T14468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.137436][T14468] RSP: 002b:00007fbae121a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  387.137456][T14468] RAX: ffffffffffffffda RBX: 00007fbae05d5fa0 RCX: 00007fbae038eba9
[  387.137470][T14468] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  387.137482][T14468] RBP: 00007fbae121a090 R08: 0000000000000000 R09: 0000000000000000
[  387.137493][T14468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.137504][T14468] R13: 00007fbae05d6038 R14: 00007fbae05d5fa0 R15: 00007ffe67459b58
[  387.137535][T14468]  </TASK>
[  387.555119][T14475] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2417'.
[  387.573660][T14478] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2418'.
[  387.679634][T14478] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2418'.
[  387.699683][T14487] ieee802154 phy0 wpan0: encryption failed: -22
[  387.725210][T14487] ieee802154 phy0 wpan0: encryption failed: -22
[  387.780816][T14477] lo speed is unknown, defaulting to 1000
[  387.954379][T14495] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2423'.
[  388.111462][T14502] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2426'.
[  388.230090][T14505] FAULT_INJECTION: forcing a failure.
[  388.230090][T14505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.276082][T14505] CPU: 1 UID: 0 PID: 14505 Comm: syz.0.2427 Not tainted syzkaller #0 PREEMPT(full) 
[  388.276110][T14505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  388.276121][T14505] Call Trace:
[  388.276128][T14505]  <TASK>
[  388.276136][T14505]  dump_stack_lvl+0x189/0x250
[  388.276163][T14505]  ? __pfx____ratelimit+0x10/0x10
[  388.276182][T14505]  ? __pfx_dump_stack_lvl+0x10/0x10
[  388.276204][T14505]  ? __pfx__printk+0x10/0x10
[  388.276229][T14505]  ? __might_fault+0xb0/0x130
[  388.276265][T14505]  should_fail_ex+0x414/0x560
[  388.276294][T14505]  _copy_from_user+0x2d/0xb0
[  388.276317][T14505]  bpf_prog_test_run_xdp+0xd05/0x1000
[  388.276353][T14505]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  388.276378][T14505]  ? __fget_files+0x2a/0x420
[  388.276401][T14505]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  388.276422][T14505]  bpf_prog_test_run+0x2c7/0x340
[  388.276453][T14505]  __sys_bpf+0x581/0x870
[  388.276479][T14505]  ? __pfx___sys_bpf+0x10/0x10
[  388.276516][T14505]  ? ksys_write+0x22a/0x250
[  388.276544][T14505]  ? __pfx_ksys_write+0x10/0x10
[  388.276565][T14505]  ? rcu_is_watching+0x15/0xb0
[  388.276591][T14505]  __x64_sys_bpf+0x7c/0x90
[  388.276613][T14505]  do_syscall_64+0xfa/0x3b0
[  388.276634][T14505]  ? lockdep_hardirqs_on+0x9c/0x150
[  388.276691][T14505]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.276711][T14505]  ? clear_bhb_loop+0x60/0xb0
[  388.276735][T14505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.276754][T14505] RIP: 0033:0x7f12a198eba9
[  388.276772][T14505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.276789][T14505] RSP: 002b:00007f12a289c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  388.276810][T14505] RAX: ffffffffffffffda RBX: 00007f12a1bd5fa0 RCX: 00007f12a198eba9
[  388.276824][T14505] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  388.276840][T14505] RBP: 00007f12a289c090 R08: 0000000000000000 R09: 0000000000000000
[  388.276852][T14505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.276863][T14505] R13: 00007f12a1bd6038 R14: 00007f12a1bd5fa0 R15: 00007fffa9b85638
[  388.276894][T14505]  </TASK>
[  388.746513][T14523] veth1_macvtap: left allmulticast mode
[  388.760480][T14523] veth1_macvtap: left promiscuous mode
[  388.820948][T14527] openvswitch: netlink: Key type 770 is out of range max 32
[  388.891844][T14523] macsec0 (unregistering): left allmulticast mode
[  388.910590][T14523] macsec0 (unregistering): left promiscuous mode
[  388.940502][T14523] bridge0: port 3(macsec0) entered disabled state
[  389.926546][T14553] netlink: 'syz.0.2440': attribute type 3 has an invalid length.
[  390.027350][T14557] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  390.034949][T14557] syzkaller0: entered promiscuous mode
[  390.040796][T14557] syzkaller0: entered allmulticast mode
[  390.053398][T14557] tipc: Resetting bearer <eth:syzkaller0>
[  390.062655][T14554] tipc: Resetting bearer <eth:syzkaller0>
[  390.090165][T14554] tipc: Disabling bearer <eth:syzkaller0>
[  390.627043][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  390.784234][T14589] team0: left allmulticast mode
[  390.812418][T14589] team_slave_0: left allmulticast mode
[  390.840988][T14589] team_slave_1: left allmulticast mode
[  390.848025][T14589] !
: left allmulticast mode
[  390.853580][T14589] geneve0: left allmulticast mode
[  390.872441][T14589] team0: left promiscuous mode
[  390.888311][T14589] team_slave_0: left promiscuous mode
[  390.906412][T14589] team_slave_1: left promiscuous mode
[  390.941156][T14589] geneve0: left promiscuous mode
[  390.954689][T14589] bridge0: port 5(team0) entered disabled state
[  390.974995][T14589] netdevsim netdevsim4 netdevsim2: left allmulticast mode
[  390.983067][T14589] netdevsim netdevsim4 netdevsim2: left promiscuous mode
[  390.998334][T14589] bridge0: port 4(netdevsim2) entered disabled state
[  391.012460][T14589] bridge_slave_1: left allmulticast mode
[  391.024878][T14589] bridge_slave_1: left promiscuous mode
[  391.032892][T14589] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.048150][T14589] bridge_slave_0: left allmulticast mode
[  391.055509][T14589] bridge_slave_0: left promiscuous mode
[  391.066090][T14589] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.403801][T14612] vlan0: entered promiscuous mode
[  391.420759][T14614] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  391.675930][T14631] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  391.682162][T14626] lo speed is unknown, defaulting to 1000
[  391.839822][T14640] netlink: 'syz.0.2464': attribute type 13 has an invalid length.
[  391.943477][T14638] __nla_validate_parse: 7 callbacks suppressed
[  391.943495][T14638] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2463'.
[  391.970597][T14640] lo speed is unknown, defaulting to 1000
[  392.003200][T14643] lo speed is unknown, defaulting to 1000
[  392.538364][T14662] vlan2: entered promiscuous mode
[  392.863383][T14677] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2475'.
[  392.967755][T14681] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2477'.
[  393.121579][T14688] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2478'.
[  393.135307][T14688] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2478'.
[  393.284565][T14678] batadv0: left allmulticast mode
[  393.290673][T14678] vxcan0: left allmulticast mode
[  393.295831][T14678] vxcan1: left allmulticast mode
[  393.308369][T14678] veth0: left allmulticast mode
[  393.313519][T14678] veth1: left allmulticast mode
[  393.322357][T14678] wg0: left allmulticast mode
[  393.327356][T14678] wg1: left allmulticast mode
[  393.332181][T14678] wg2: left allmulticast mode
[  393.337402][T14678] veth0_to_bridge: left allmulticast mode
[  393.343366][T14678] veth1_to_bridge: left allmulticast mode
[  393.349829][T14678] veth0_to_bond: left allmulticast mode
[  393.355653][T14678] bond_slave_0: left allmulticast mode
[  393.361585][T14678] veth1_to_bond: left allmulticast mode
[  393.368360][T14678] bond_slave_1: left allmulticast mode
[  393.374166][T14678] veth0_to_team: left allmulticast mode
[  393.381136][T14678] team_slave_0: left allmulticast mode
[  393.387150][T14678] veth1_to_team: left allmulticast mode
[  393.393092][T14678] Àÿ: left allmulticast mode
[  393.397913][T14678] veth0_to_batadv: left allmulticast mode
[  393.403828][T14678] batadv_slave_0: left allmulticast mode
[  393.409844][T14678] veth1_to_batadv: left allmulticast mode
[  393.415750][T14678] batadv_slave_1: left allmulticast mode
[  393.421760][T14678] xfrm0: left allmulticast mode
[  393.426799][T14678] veth0_to_hsr: left allmulticast mode
[  393.433115][ T5186] Bluetooth: hci2: command 0x0405 tx timeout
[  393.439628][T14678] veth1_to_hsr: left allmulticast mode
[  393.445298][T14678] hsr0: left allmulticast mode
[  393.450123][T14678] hsr_slave_0: left allmulticast mode
[  393.455515][T14678] hsr_slave_1: left allmulticast mode
[  393.461194][T14678] veth1_virt_wifi: left allmulticast mode
[  393.467194][T14678] veth0_virt_wifi: left allmulticast mode
[  393.473111][T14678] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  393.481151][T14678] veth1_macvtap: left allmulticast mode
[  393.486915][T14678] veth0_macvtap: left allmulticast mode
[  393.492685][T14678] macvtap0: left allmulticast mode
[  393.498212][T14678] macsec0: left allmulticast mode
[  393.503402][T14678] geneve0: left allmulticast mode
[  393.508647][T14678] geneve1: left allmulticast mode
[  393.513844][T14678] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  393.520940][T14678] mac80211_hwsim hwsim7 wlan1: left allmulticast mode
[  393.528200][T14678] syztnl1: left allmulticast mode
[  393.533392][T14678] syztnl2: left allmulticast mode
[  393.538779][T14678] mac80211_hwsim hwsim12 wlan2: left allmulticast mode
[  393.545786][T14678] syztnl0: left allmulticast mode
[  393.551007][T14678] erspan1: left allmulticast mode
[  393.556120][T14678] veth2: left allmulticast mode
[  393.561404][T14678] veth3: left allmulticast mode
[  393.566515][T14678] bond1: left allmulticast mode
[  393.571561][T14678] bond2: left allmulticast mode
[  393.576789][T14678] veth4: left allmulticast mode
[  393.582613][T14678] veth5: left allmulticast mode
[  393.588255][T14678] gretap1: left allmulticast mode
[  393.593398][T14678] veth6: left allmulticast mode
[  393.598636][T14678] veth7: left allmulticast mode
[  393.603620][T14678] vti0: left allmulticast mode
[  393.608689][T14678] bond3: left allmulticast mode
[  393.613716][T14678] macvlan2: left allmulticast mode
[  393.619267][T14678] geneve2: left allmulticast mode
[  393.624435][T14678] bridge1: left allmulticast mode
[  393.629700][T14678] bond4: left allmulticast mode
[  393.634653][T14678] bond5: left allmulticast mode
[  393.639898][T14678] sit1: left allmulticast mode
[  393.644754][T14678] bridge2: left allmulticast mode
[  393.649997][T14678] netdevsim netdevsim0 eth0: left allmulticast mode
[  393.656738][T14678] netdevsim netdevsim0 eth1: left allmulticast mode
[  393.663998][T14678] netdevsim netdevsim0 eth2: left allmulticast mode
[  393.671374][T14678] netdevsim netdevsim0 eth3: left allmulticast mode
[  393.679742][T14678] sit2: left allmulticast mode
[  393.685600][T14678] bridge4: left promiscuous mode
[  393.690592][T14678] bridge4: left allmulticast mode
[  393.699889][T14678] geneve3: left promiscuous mode
[  393.723119][T14678] geneve5: left promiscuous mode
[  393.739343][T14678] erspan0: left allmulticast mode
[  393.745021][T14678] macvtap1: left promiscuous mode
[  393.751049][T14678] macvtap1: left allmulticast mode
[  393.759995][T14678] team1: left promiscuous mode
[  393.765003][T14678] team1: left allmulticast mode
[  393.975752][   T36] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  394.014776][   T36] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  394.045559][   T36] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 20000 - 0
[  394.065360][   T36] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  394.090287][   T36] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  394.115871][   T36] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 20000 - 0
[  394.161988][ T6492] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  394.178364][T10412] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  394.191502][ T6492] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  394.236973][ T6492] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 20000 - 0
[  394.267644][ T6492] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  394.307446][ T6492] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  394.353187][ T6492] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 20000 - 0
[  394.376285][T14717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2487'.
[  394.406194][T14717] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2487'.
[  394.431771][T14712] vlan0: entered promiscuous mode
[  394.500956][T14720] dvmrp8: entered allmulticast mode
[  394.566235][T14720] dvmrp8: left allmulticast mode
[  394.576817][T14726] Bluetooth: MGMT ver 1.23
[  394.588122][  T960] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  394.997719][ T6490] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  395.060326][T14745] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2494'.
[  395.122541][T14746] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2493'.
[  395.193068][T14752] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2496'.
[  395.222849][T14754] smc: net device bond0 applied user defined pnetid SYZ2
[  395.264641][T14754] smc: net device bond0 erased user defined pnetid SYZ2
[  395.332104][T14756] lo speed is unknown, defaulting to 1000
[  395.386702][T14759] vlan2: entered promiscuous mode
[  396.006489][T14795] FAULT_INJECTION: forcing a failure.
[  396.006489][T14795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.023656][T14795] CPU: 0 UID: 0 PID: 14795 Comm: syz.4.2511 Not tainted syzkaller #0 PREEMPT(full) 
[  396.023684][T14795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  396.023695][T14795] Call Trace:
[  396.023702][T14795]  <TASK>
[  396.023710][T14795]  dump_stack_lvl+0x189/0x250
[  396.023738][T14795]  ? __pfx____ratelimit+0x10/0x10
[  396.023758][T14795]  ? __pfx_dump_stack_lvl+0x10/0x10
[  396.023779][T14795]  ? __pfx__printk+0x10/0x10
[  396.023808][T14795]  ? 0xffffffffa02016f0
[  396.023833][T14795]  should_fail_ex+0x414/0x560
[  396.023864][T14795]  _copy_to_user+0x31/0xb0
[  396.023889][T14795]  bpf_test_finish+0x24e/0x700
[  396.023919][T14795]  ? __pfx_bpf_test_finish+0x10/0x10
[  396.023942][T14795]  ? rep_movs_alternative+0x4a/0x90
[  396.023973][T14795]  bpf_prog_test_run_xdp+0x79a/0x1000
[  396.024010][T14795]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  396.024033][T14795]  ? __fget_files+0x2a/0x420
[  396.024056][T14795]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  396.024076][T14795]  bpf_prog_test_run+0x2c7/0x340
[  396.024106][T14795]  __sys_bpf+0x581/0x870
[  396.024132][T14795]  ? __pfx___sys_bpf+0x10/0x10
[  396.024170][T14795]  ? ksys_write+0x22a/0x250
[  396.024198][T14795]  ? __pfx_ksys_write+0x10/0x10
[  396.024221][T14795]  ? rcu_is_watching+0x15/0xb0
[  396.024248][T14795]  __x64_sys_bpf+0x7c/0x90
[  396.024271][T14795]  do_syscall_64+0xfa/0x3b0
[  396.024297][T14795]  ? lockdep_hardirqs_on+0x9c/0x150
[  396.024318][T14795]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.024335][T14795]  ? clear_bhb_loop+0x60/0xb0
[  396.024358][T14795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.024376][T14795] RIP: 0033:0x7f917178eba9
[  396.024392][T14795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.024407][T14795] RSP: 002b:00007f91726ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  396.024426][T14795] RAX: ffffffffffffffda RBX: 00007f91719d5fa0 RCX: 00007f917178eba9
[  396.024440][T14795] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  396.024451][T14795] RBP: 00007f91726ef090 R08: 0000000000000000 R09: 0000000000000000
[  396.024462][T14795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.024473][T14795] R13: 00007f91719d6038 R14: 00007f91719d5fa0 R15: 00007fff75df5d08
[  396.024503][T14795]  </TASK>
[  396.261280][ T6486] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  396.270967][ T6486] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  396.333846][T14799] vlan2: entered promiscuous mode
[  396.457600][ T5935] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  396.591455][T14810] bond8 (unregistering): Released all slaves
[  396.729438][T14804] lo speed is unknown, defaulting to 1000
[  396.746147][T14802] lo speed is unknown, defaulting to 1000
[  397.329585][T14837] FAULT_INJECTION: forcing a failure.
[  397.329585][T14837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.344721][T14837] CPU: 0 UID: 0 PID: 14837 Comm: syz.1.2523 Not tainted syzkaller #0 PREEMPT(full) 
[  397.344751][T14837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  397.344764][T14837] Call Trace:
[  397.344773][T14837]  <TASK>
[  397.344784][T14837]  dump_stack_lvl+0x189/0x250
[  397.344815][T14837]  ? __pfx____ratelimit+0x10/0x10
[  397.344837][T14837]  ? __pfx_dump_stack_lvl+0x10/0x10
[  397.344862][T14837]  ? __pfx__printk+0x10/0x10
[  397.344905][T14837]  ? 0xffffffffa0201788
[  397.344931][T14837]  should_fail_ex+0x414/0x560
[  397.344979][T14837]  _copy_to_user+0x31/0xb0
[  397.345006][T14837]  bpf_test_finish+0x56f/0x700
[  397.345037][T14837]  ? __pfx_bpf_test_finish+0x10/0x10
[  397.345063][T14837]  ? rep_movs_alternative+0x4a/0x90
[  397.345095][T14837]  bpf_prog_test_run_xdp+0x79a/0x1000
[  397.345137][T14837]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  397.345165][T14837]  ? __fget_files+0x2a/0x420
[  397.345189][T14837]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  397.345213][T14837]  bpf_prog_test_run+0x2c7/0x340
[  397.345248][T14837]  __sys_bpf+0x581/0x870
[  397.345278][T14837]  ? __pfx___sys_bpf+0x10/0x10
[  397.345320][T14837]  ? ksys_write+0x22a/0x250
[  397.345350][T14837]  ? __pfx_ksys_write+0x10/0x10
[  397.345373][T14837]  ? rcu_is_watching+0x15/0xb0
[  397.345402][T14837]  __x64_sys_bpf+0x7c/0x90
[  397.345427][T14837]  do_syscall_64+0xfa/0x3b0
[  397.345449][T14837]  ? lockdep_hardirqs_on+0x9c/0x150
[  397.345469][T14837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.345495][T14837]  ? clear_bhb_loop+0x60/0xb0
[  397.345521][T14837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.345541][T14837] RIP: 0033:0x7fbae038eba9
[  397.345559][T14837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.345576][T14837] RSP: 002b:00007fbae121a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  397.345599][T14837] RAX: ffffffffffffffda RBX: 00007fbae05d5fa0 RCX: 00007fbae038eba9
[  397.345614][T14837] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  397.345627][T14837] RBP: 00007fbae121a090 R08: 0000000000000000 R09: 0000000000000000
[  397.345640][T14837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  397.345651][T14837] R13: 00007fbae05d6038 R14: 00007fbae05d5fa0 R15: 00007ffe67459b58
[  397.345686][T14837]  </TASK>
[  397.583842][T14841] netlink: 'syz.4.2524': attribute type 13 has an invalid length.
[  397.592956][T14841] netlink: 'syz.4.2524': attribute type 17 has an invalid length.
[  397.641313][T14844] __nla_validate_parse: 7 callbacks suppressed
[  397.641335][T14844] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2520'.
[  397.663096][T14841] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  397.688352][T14843] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2522'.
[  397.831102][T14844] smc: net device bond0 applied user defined pnetid SYZ2
[  397.844201][T14844] smc: net device bond0 erased user defined pnetid SYZ2
[  397.928299][T14838] lo speed is unknown, defaulting to 1000
[  398.042725][T14861] xt_socket: unknown flags 0xd0
[  398.695006][T14877] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  398.697087][T14883] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_cmd_wq": -EINTR
[  398.706130][T14879] netlink: 277 bytes leftover after parsing attributes in process `syz.5.2534'.
[  398.729206][   T36] nci: nci_rx_work: unknown MT 0x1
[  398.973213][T14894] FAULT_INJECTION: forcing a failure.
[  398.973213][T14894] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.017303][T14894] CPU: 1 UID: 0 PID: 14894 Comm: syz.4.2537 Not tainted syzkaller #0 PREEMPT(full) 
[  399.017333][T14894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  399.017346][T14894] Call Trace:
[  399.017354][T14894]  <TASK>
[  399.017363][T14894]  dump_stack_lvl+0x189/0x250
[  399.017394][T14894]  ? __pfx____ratelimit+0x10/0x10
[  399.017417][T14894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  399.017442][T14894]  ? __pfx__printk+0x10/0x10
[  399.017486][T14894]  should_fail_ex+0x414/0x560
[  399.017521][T14894]  _copy_to_user+0x31/0xb0
[  399.017548][T14894]  simple_read_from_buffer+0xe1/0x170
[  399.017584][T14894]  proc_fail_nth_read+0x1b3/0x220
[  399.017612][T14894]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  399.017639][T14894]  ? rw_verify_area+0x2a6/0x4d0
[  399.017664][T14894]  ? __lock_acquire+0xab9/0xd20
[  399.017691][T14894]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  399.017716][T14894]  vfs_read+0x200/0xa30
[  399.017749][T14894]  ? fdget_pos+0x247/0x320
[  399.017772][T14894]  ? __pfx___mutex_lock+0x10/0x10
[  399.017797][T14894]  ? __pfx_vfs_read+0x10/0x10
[  399.017838][T14894]  ? __fget_files+0x2a/0x420
[  399.017860][T14894]  ? __fget_files+0x3a0/0x420
[  399.017876][T14894]  ? __fget_files+0x2a/0x420
[  399.017903][T14894]  ksys_read+0x145/0x250
[  399.017933][T14894]  ? __pfx_ksys_read+0x10/0x10
[  399.017956][T14894]  ? rcu_is_watching+0x15/0xb0
[  399.017982][T14894]  ? do_syscall_64+0xbe/0x3b0
[  399.018009][T14894]  do_syscall_64+0xfa/0x3b0
[  399.018030][T14894]  ? lockdep_hardirqs_on+0x9c/0x150
[  399.018051][T14894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.018070][T14894]  ? clear_bhb_loop+0x60/0xb0
[  399.018095][T14894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.018113][T14894] RIP: 0033:0x7f917178d5bc
[  399.018131][T14894] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  399.018148][T14894] RSP: 002b:00007f91726ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  399.018169][T14894] RAX: ffffffffffffffda RBX: 00007f91719d5fa0 RCX: 00007f917178d5bc
[  399.018183][T14894] RDX: 000000000000000f RSI: 00007f91726ef0a0 RDI: 0000000000000004
[  399.018195][T14894] RBP: 00007f91726ef090 R08: 0000000000000000 R09: 0000000000000000
[  399.018207][T14894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  399.018218][T14894] R13: 00007f91719d6038 R14: 00007f91719d5fa0 R15: 00007fff75df5d08
[  399.018251][T14894]  </TASK>
[  399.398670][T14902] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2541'.
[  399.413074][T14902] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2541'.
[  399.518061][T14912] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2544'.
[  399.825166][T14929] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2548'.
[  399.893049][T14934] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:d004:28ff:fef5:0908 error=-28
[  399.968393][T14936] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2548'.
[  399.993312][T14939] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2551'.
[  399.996283][T14936] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2548'.
[  400.067118][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  400.561247][T14934] infiniband syz!: set down
[  400.567751][T14934] infiniband syz!: added team_slave_0
[  400.642306][T14934] RDS/IB: syz!: added
[  400.649354][T14934] smc: adding ib device syz! with port count 1
[  400.657455][T14934] smc:    ib device syz! port 1 has no pnetid
[  400.915615][T14963] netlink: 'syz.1.2556': attribute type 1 has an invalid length.
[  400.944458][T14962] netlink: 'syz.1.2556': attribute type 1 has an invalid length.
[  400.983127][T14965] !
: renamed from dummy0 (while UP)
[  401.179612][T14973] netlink: 'syz.0.2559': attribute type 1 has an invalid length.
[  401.242573][T14973] bond8: entered promiscuous mode
[  401.252778][T14973] 8021q: adding VLAN 0 to HW filter on device bond8
[  401.451081][T14977] 8021q: adding VLAN 0 to HW filter on device bond8
[  401.574609][T14977] bond8: (slave vxcan5): The slave device specified does not support setting the MAC address
[  401.595437][T14977] bond8: (slave vxcan5): Setting fail_over_mac to active for active-backup mode
[  401.630260][T14977] bond8: (slave vxcan5): making interface the new active one
[  401.660658][T14977] vxcan5: entered promiscuous mode
[  401.667316][T14977] bond8: (slave vxcan5): Enslaving as an active interface with an up link
[  401.759592][T14988] netlink: 'syz.5.2563': attribute type 2 has an invalid length.
[  402.571355][T15015] lo speed is unknown, defaulting to 1000
[  402.723580][T15017] __nla_validate_parse: 2 callbacks suppressed
[  402.723600][T15017] netlink: 211920 bytes leftover after parsing attributes in process `syz.4.2572'.
[  402.751283][T15017] openvswitch: netlink: Message has 4 unknown bytes.
[  403.613977][T15042] vlan2: entered promiscuous mode
[  403.917724][T15051] netlink: 'syz.1.2582': attribute type 21 has an invalid length.
[  403.980275][T15051] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2582'.
[  404.068559][T15051] netlink: 'syz.1.2582': attribute type 4 has an invalid length.
[  404.106136][T15051] netlink: 'syz.1.2582': attribute type 5 has an invalid length.
[  404.137054][T15051] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2582'.
[  404.300652][T15063] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  404.320873][T15063] syzkaller0: entered promiscuous mode
[  404.326394][T15063] syzkaller0: entered allmulticast mode
[  404.357326][T15062] tipc: Resetting bearer <eth:syzkaller0>
[  404.409880][T15062] tipc: Disabling bearer <eth:syzkaller0>
[  404.692282][T15079] vlan0: entered promiscuous mode
[  404.726377][T15076] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2589'.
[  404.946110][T15093] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2595'.
[  405.195559][T15099] smc: net device bond0 applied user defined pnetid SYZ2
[  405.238368][T15104] smc: net device bond0 erased user defined pnetid SYZ2
[  405.253364][T15096] lo speed is unknown, defaulting to 1000
[  405.465922][T15114] tipc: New replicast peer: 255.255.255.255
[  405.489272][T15114] tipc: Enabled bearer <udp:syz2>, priority 10
[  405.606477][T15117] netlink: 'syz.2.2600': attribute type 12 has an invalid length.
[  405.639185][T15117] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.2600'.
[  405.934509][T15130] block nbd1: Unsupported socket: shutdown callout must be supported.
[  405.987351][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  406.307546][T15146] vlan0: entered promiscuous mode
[  406.483432][T15160] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2608'.
[  406.808941][T15164] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2607'.
[  406.871427][T15163] tc_dump_action: action bad kind
[  406.980411][T15182] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2612'.
[  407.054317][T15188] netlink: 'syz.4.2615': attribute type 13 has an invalid length.
[  407.067177][T15188] netlink: 'syz.4.2615': attribute type 17 has an invalid length.
[  407.180445][T15188] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  407.517864][T15201] lo speed is unknown, defaulting to 1000
[  407.681454][T15211] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2621'.
[  407.755749][T15212] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2620'.
[  407.818228][T15212] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2620'.
[  407.827432][T15216] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2623'.
[  407.829761][T15210] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2620'.
[  407.907042][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  407.917743][T15218] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2623'.
[  408.925075][T15268] vlan0: entered promiscuous mode
[  409.834848][T15288] openvswitch: netlink: Missing valid actions attribute.
[  409.897810][T15288] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  409.969202][T15288] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2640'.
[  410.282747][T15303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2644'.
[  410.318301][T15303] netlink: 'syz.0.2644': attribute type 10 has an invalid length.
[  410.350371][T15303] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  410.456021][T15312] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2646'.
[  410.546470][T15316] netlink: 'syz.0.2647': attribute type 1 has an invalid length.
[  410.685420][T15316] bond9: entered promiscuous mode
[  410.740917][T15316] 8021q: adding VLAN 0 to HW filter on device bond9
[  410.851570][T15321] 8021q: adding VLAN 0 to HW filter on device bond10
[  410.878664][T15321] bond9: (slave bond10): making interface the new active one
[  410.897357][T15321] bond10: entered promiscuous mode
[  410.926567][T15321] bond9: (slave bond10): Enslaving as an active interface with an up link
[  411.009763][T15327] netlink: 'syz.4.2648': attribute type 1 has an invalid length.
[  411.034802][T15327] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2648'.
[  411.044006][T15338] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.2652'.
[  411.341900][ T6492] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  411.353542][ T6492] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  411.613343][T15374] vlan2: entered promiscuous mode
[  411.676344][T15376] netlink: 'syz.5.2665': attribute type 21 has an invalid length.
[  411.690993][T15379] netlink: 'syz.5.2665': attribute type 21 has an invalid length.
[  411.704274][T15379] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  411.745149][T15380] netlink: 'syz.0.2664': attribute type 1 has an invalid length.
[  411.827270][T15384] openvswitch: netlink: Tunnel attr 227 out of range max 16
[  412.463188][T15415] lo speed is unknown, defaulting to 1000
[  413.211951][T15444] __nla_validate_parse: 6 callbacks suppressed
[  413.211973][T15444] netlink: 161716 bytes leftover after parsing attributes in process `syz.4.2684'.
[  413.236990][T15444] netlink: zone id is out of range
[  413.252415][T15444] netlink: zone id is out of range
[  413.271377][T15444] netlink: zone id is out of range
[  413.302064][T15444] netlink: zone id is out of range
[  413.339722][T15444] netlink: zone id is out of range
[  413.396300][T15444] netlink: zone id is out of range
[  413.419043][T15454] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2688'.
[  413.449172][T15455] netlink: 212936 bytes leftover after parsing attributes in process `syz.5.2689'.
[  413.465471][T15458] Unsupported ieee802154 address type: 0
[  413.517461][T15455] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  413.557200][T15455] syzkaller0: entered promiscuous mode
[  413.583877][T15455] syzkaller0: entered allmulticast mode
[  413.684821][T15472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2694'.
[  413.761835][T15469] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2692'.
[  413.933626][T15477] netlink: 'syz.1.2695': attribute type 96 has an invalid length.
[  414.132629][T15489] lo speed is unknown, defaulting to 1000
[  414.189432][T15492] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 1, id = 0
[  414.205994][T15453] tipc: Resetting bearer <eth:syzkaller0>
[  414.239596][T15453] tipc: Disabling bearer <eth:syzkaller0>
[  414.364525][T15499] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2701'.
[  414.384688][T15499] netlink: 'syz.4.2701': attribute type 4 has an invalid length.
[  414.415973][T15499] netlink: 'syz.4.2701': attribute type 4 has an invalid length.
[  414.593322][T15508] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2704'.
[  414.701709][T15510] lo speed is unknown, defaulting to 1000
[  414.879252][T15520] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2708'.
[  415.365814][T15537] netlink: 'syz.1.2712': attribute type 3 has an invalid length.
[  415.538404][T15545] macsec2: entered promiscuous mode
[  415.543900][T15545] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  415.551472][T15545] macsec2: entered allmulticast mode
[  415.562268][T15545] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  416.086046][T15569] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2721'.
[  416.244014][T15572] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2721'.
[  416.369906][T15574] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  416.395860][T15574] syzkaller0: entered promiscuous mode
[  416.424909][T15574] syzkaller0: entered allmulticast mode
[  416.504646][T15574] tipc: Resetting bearer <eth:syzkaller0>
[  416.545857][T15566] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.603684][T15573] tipc: Resetting bearer <eth:syzkaller0>
[  416.640568][T15573] tipc: Disabling bearer <eth:syzkaller0>
[  417.059584][T15594] netlink: 'syz.4.2729': attribute type 1 has an invalid length.
[  417.246418][T15605] ip6tnl0: entered promiscuous mode
[  417.253954][T15605] ip6tnl0: entered allmulticast mode
[  417.263867][T15607] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  417.341809][T15611] netlink: 'syz.4.2735': attribute type 21 has an invalid length.
[  417.351176][T15612] netlink: 'syz.4.2735': attribute type 21 has an invalid length.
[  417.359244][T15611] netlink: 'syz.4.2735': attribute type 6 has an invalid length.
[  417.368309][T15612] netlink: 'syz.4.2735': attribute type 6 has an invalid length.
[  417.831119][T15633] netlink: 'syz.1.2743': attribute type 32 has an invalid length.
[  417.863265][T15630] smc: net device bond0 applied user defined pnetid SYZ2
[  417.871215][T15630] smc: net device bond0 erased user defined pnetid SYZ2
[  417.977170][T15628] wg1 speed is unknown, defaulting to 1000
[  417.983106][T15628] wg1 speed is unknown, defaulting to 1000
[  417.995692][T15628] wg1 speed is unknown, defaulting to 1000
[  418.039701][T15628] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  418.093867][T15628] wg1 speed is unknown, defaulting to 1000
[  418.122806][T15628] wg1 speed is unknown, defaulting to 1000
[  418.141848][T15628] wg1 speed is unknown, defaulting to 1000
[  418.158763][T15628] wg1 speed is unknown, defaulting to 1000
[  418.182635][T15628] wg1 speed is unknown, defaulting to 1000
[  418.359072][T15661] netlink: 'syz.0.2749': attribute type 9 has an invalid length.
[  418.369989][T15661] __nla_validate_parse: 11 callbacks suppressed
[  418.370011][T15661] netlink: 147436 bytes leftover after parsing attributes in process `syz.0.2749'.
[  418.546143][T15669] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2751'.
[  418.610506][T15671] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2752'.
[  418.725701][T15678] smc: net device bond0 applied user defined pnetid SYZ2
[  418.748404][T15678] smc: net device bond0 erased user defined pnetid SYZ2
[  418.876029][T15646] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  418.883570][T15646] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  420.111621][T15718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2764'.
[  420.183659][T15721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2765'.
[  420.285523][T15725] netlink: 'syz.0.2767': attribute type 11 has an invalid length.
[  420.296806][T15725] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2767'.
[  420.412699][T15735] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  420.805831][T15748] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2771'.
[  420.819643][T15748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2771'.
[  421.050188][T15759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2775'.
[  421.430012][T15774] team0: Device gtp0 is of different type
[  421.597562][T15781] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2779'.
[  421.765865][T15790] nbd: couldn't find device at index 536870912
[  422.034040][T15804] lo speed is unknown, defaulting to 1000
[  422.333266][T15809] smc: net device bond0 applied user defined pnetid SYZ2
[  422.337983][T15804] wg1 speed is unknown, defaulting to 1000
[  422.348902][T15809] smc: net device bond0 erased user defined pnetid SYZ2
[  422.576744][T15804] geneve0: entered promiscuous mode
[  422.627701][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  422.726584][T15822] bond0: invalid ARP target 0.0.0.0 specified for addition
[  422.744232][T15822] bond0: option arp_ip_target: invalid value (0)
[  422.771346][T15824] bond0: option mode: unable to set because the bond device has slaves
[  423.017866][T15836] netlink: 'syz.0.2789': attribute type 1 has an invalid length.
[  423.171108][T15833] bond11: (slave bridge7): making interface the new active one
[  423.182291][T15833] bond11: (slave bridge7): Enslaving as an active interface with an up link
[  423.616590][T15873] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  423.625753][T15873] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  424.043106][T15901] __nla_validate_parse: 5 callbacks suppressed
[  424.043128][T15901] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2809'.
[  424.065815][T15901] netlink: 'syz.0.2809': attribute type 1 has an invalid length.
[  424.082095][T15900] netlink: 'syz.0.2809': attribute type 17 has an invalid length.
[  424.092945][T15900] net_ratelimit: 16 callbacks suppressed
[  424.092964][T15900] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  424.200216][T15906] netlink: 'syz.0.2811': attribute type 6 has an invalid length.
[  424.275124][T15908] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2812'.
[  424.485101][T15915] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2815'.
[  425.410306][T15952] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2825'.
[  425.479037][T15948] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2824'.
[  425.518875][T15959] smc: net device bond0 applied user defined pnetid SYZ2
[  425.527917][T15959] smc: net device bond0 erased user defined pnetid SYZ2
[  425.546559][T15961] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2827'.
[  425.678122][T15968] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  425.924730][T15980] lo speed is unknown, defaulting to 1000
[  426.325096][T15991] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2834'.
[  426.351819][T15980] wg1 speed is unknown, defaulting to 1000
[  426.494298][T15998] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2837'.
[  426.532273][T15998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2837'.
[  426.682002][T16004] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2839'.
[  430.073252][T16078] lo speed is unknown, defaulting to 1000
[  430.103976][T16084] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2857'.
[  430.141875][T16084] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20003
[  430.267467][T16078] wg1 speed is unknown, defaulting to 1000
[  430.405744][T16087] lo speed is unknown, defaulting to 1000
[  430.681539][T16087] wg1 speed is unknown, defaulting to 1000
[  431.038859][T16094] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2860'.
[  431.303557][T16104] sctp: [Deprecated]: syz.1.2862 (pid 16104) Use of int in max_burst socket option.
[  431.303557][T16104] Use struct sctp_assoc_value instead
[  431.488876][T16107] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2861'.
[  431.950143][T16118] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2865'.
[  432.049468][T16118] smc: net device bond0 applied user defined pnetid SYZ2
[  432.057042][T16118] smc: net device bond0 erased user defined pnetid SYZ2
[  432.341497][   T30] audit: type=1800 audit(1757569796.040:8): pid=16126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2868" name="memory.events" dev="tmpfs" ino=3052 res=0 errno=0
[  432.450333][T16140] IPVS: set_ctl: invalid protocol: 47 224.0.0.1:20003
[  432.650130][T16153] Set syz1 is full, maxelem 65536 reached
[  433.800984][T16175] 8021q: VLANs not supported on nlmon0
[  434.756016][T16190] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2886'.
[  437.987051][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  439.909867][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  452.707324][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  501.349833][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  501.349831][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  511.597095][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  562.792099][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  572.387354][   T31] INFO: task syz-executor:5874 blocked for more than 143 seconds.
[  572.395281][   T31]       Not tainted syzkaller #0
[  572.400493][   T31]       Blocked by coredump.
[  572.405127][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  572.414019][   T31] task:syz-executor    state:D stack:21720 pid:5874  tgid:5874  ppid:1      task_flags:0x40054c flags:0x00004006
[  572.425986][   T31] Call Trace:
[  572.429328][   T31]  <TASK>
[  572.432297][   T31]  __schedule+0x1798/0x4cc0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  572.436928][   T31]  ? __lock_acquire+0xab9/0xd20
[  572.442850][   T31]  ? __lock_acquire+0xab9/0xd20
[  572.447854][   T31]  ? __pfx___schedule+0x10/0x10
[  572.452757][   T31]  ? schedule+0x91/0x360
[  572.461659][   T31]  schedule+0x165/0x360
[  572.497459][   T31]  schedule_preempt_disabled+0x13/0x30
[  572.502991][   T31]  __mutex_lock+0x7e6/0x1350
[  572.527254][   T31]  ? __mutex_lock+0x5bb/0x1350
[  572.532100][   T31]  ? rfkill_unregister+0xc8/0x220
[  572.544576][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  572.550689][   T31]  ? __pfx_device_del+0x10/0x10
[  572.555822][   T31]  ? hci_sock_dev_event+0x42d/0x600
[  572.561436][   T31]  rfkill_unregister+0xc8/0x220
[  572.566390][   T31]  hci_unregister_dev+0x374/0x510
[  572.571730][   T31]  vhci_release+0x152/0x1a0
[  572.576290][   T31]  ? __pfx_vhci_release+0x10/0x10
[  572.581374][   T31]  __fput+0x44c/0xa70
[  572.585370][   T31]  task_work_run+0x1d1/0x260
[  572.590490][   T31]  ? __pfx_task_work_run+0x10/0x10
[  572.595631][   T31]  ? kmem_cache_free+0x18f/0x400
[  572.600630][   T31]  do_exit+0x6b5/0x2300
[  572.604801][   T31]  ? do_raw_spin_lock+0x121/0x290
[  572.609945][   T31]  ? __pfx_do_exit+0x10/0x10
[  572.614552][   T31]  do_group_exit+0x21c/0x2d0
[  572.619415][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  572.624646][   T31]  get_signal+0x1286/0x1340
[  572.629493][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  572.635079][   T31]  ? fput_close_sync+0x119/0x200
[  572.640054][   T31]  ? kmem_cache_free+0x309/0x400
[  572.644997][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  572.651478][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  572.657008][   T31]  exit_to_user_mode_loop+0x75/0x110
[  572.662329][   T31]  do_syscall_64+0x2bd/0x3b0
[  572.667176][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  572.672398][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.678715][   T31]  ? clear_bhb_loop+0x60/0xb0
[  572.683398][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.690224][   T31] RIP: 0033:0x7f917178d5bc
[  572.694648][   T31] RSP: 002b:00007fff75df6060 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  572.703112][   T31] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007f917178d5bc
[  572.711478][   T31] RDX: 0000000000000030 RSI: 00007fff75df6120 RDI: 00000000000000f9
[  572.719786][   T31] RBP: 00007fff75df60cc R08: 0000000000000000 R09: 00007fff75df5dd7
[  572.727801][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000258
[  572.735785][   T31] R13: 00000000000927c0 R14: 000000000006896a R15: 00007fff75df6120
[  572.744111][   T31]  </TASK>
[  572.747315][   T31] INFO: task kworker/1:11:6674 blocked for more than 143 seconds.
[  572.755143][   T31]       Not tainted syzkaller #0
[  572.761538][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  572.770273][   T31] task:kworker/1:11    state:D stack:24072 pid:6674  tgid:6674  ppid:2      task_flags:0x4208060 flags:0x00004000
[  572.782378][   T31] Workqueue: events rfkill_global_led_trigger_worker
[  572.789259][   T31] Call Trace:
[  572.792599][   T31]  <TASK>
[  572.795539][   T31]  __schedule+0x1798/0x4cc0
[  572.800568][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  572.805987][   T31]  ? __pfx___schedule+0x10/0x10
[  572.811029][   T31]  ? schedule+0x91/0x360
[  572.815284][   T31]  schedule+0x165/0x360
[  572.819493][   T31]  schedule_preempt_disabled+0x13/0x30
[  572.824952][   T31]  __mutex_lock+0x7e6/0x1350
[  572.830064][   T31]  ? __mutex_lock+0x5bb/0x1350
[  572.834859][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  572.841161][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  572.846213][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  572.852269][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  572.858684][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[  572.864796][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  572.870770][   T31]  process_scheduled_works+0xae1/0x17b0
[  572.876402][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  572.882574][   T31]  worker_thread+0x8a0/0xda0
[  572.887734][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  572.894103][   T31]  ? __kthread_parkme+0x7b/0x200
[  572.899277][   T31]  kthread+0x70e/0x8a0
[  572.903419][   T31]  ? __pfx_worker_thread+0x10/0x10
[  572.908860][   T31]  ? __pfx_kthread+0x10/0x10
[  572.913494][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  572.919052][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  572.924272][   T31]  ? __pfx_kthread+0x10/0x10
[  572.928999][   T31]  ret_from_fork+0x3fc/0x770
[  572.933591][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  572.938744][   T31]  ? __switch_to_asm+0x39/0x70
[  572.943532][   T31]  ? __switch_to_asm+0x33/0x70
[  572.948883][   T31]  ? __pfx_kthread+0x10/0x10
[  572.953527][   T31]  ret_from_fork_asm+0x1a/0x30
[  572.958448][   T31]  </TASK>
[  572.961540][   T31] INFO: task syz.2.2742:15628 blocked for more than 143 seconds.
[  572.971958][   T31]       Not tainted syzkaller #0
[  572.977365][   T31]       Blocked by coredump.
[  572.981971][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  572.990837][   T31] task:syz.2.2742      state:D stack:22696 pid:15628 tgid:15626 ppid:5871   task_flags:0x40054c flags:0x00004002
[  573.003364][   T31] Call Trace:
[  573.006675][   T31]  <TASK>
[  573.009793][   T31]  __schedule+0x1798/0x4cc0
[  573.014337][   T31]  ? __lock_acquire+0xab9/0xd20
[  573.019358][   T31]  ? __lock_acquire+0xab9/0xd20
[  573.024240][   T31]  ? __pfx___schedule+0x10/0x10
[  573.029532][   T31]  ? schedule+0x91/0x360
[  573.033806][   T31]  schedule+0x165/0x360
[  573.038046][   T31]  schedule_preempt_disabled+0x13/0x30
[  573.043525][   T31]  __mutex_lock+0x7e6/0x1350
[  573.048182][   T31]  ? __mutex_lock+0x5bb/0x1350
[  573.052973][   T31]  ? rfkill_unregister+0xc8/0x220
[  573.058076][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  573.063126][   T31]  ? __pfx_device_del+0x10/0x10
[  573.068384][   T31]  rfkill_unregister+0xc8/0x220
[  573.073274][   T31]  nfc_unregister_device+0x96/0x2a0
[  573.078601][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  573.084353][   T31]  virtual_ncidev_close+0x56/0x90
[  573.089425][   T31]  __fput+0x44c/0xa70
[  573.093432][   T31]  task_work_run+0x1d1/0x260
[  573.098093][   T31]  ? __pfx_task_work_run+0x10/0x10
[  573.103351][   T31]  do_exit+0x6b5/0x2300
[  573.107733][   T31]  ? do_raw_spin_lock+0x121/0x290
[  573.112836][   T31]  ? __pfx_do_exit+0x10/0x10
[  573.117549][   T31]  do_group_exit+0x21c/0x2d0
[  573.122177][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  573.127481][   T31]  get_signal+0x1286/0x1340
[  573.132048][   T31]  arch_do_signal_or_restart+0x9a/0x750
[  573.137663][   T31]  ? __x64_sys_sendmsg+0x230/0x260
[  573.142801][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  573.149082][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  573.154557][   T31]  exit_to_user_mode_loop+0x75/0x110
[  573.159910][   T31]  do_syscall_64+0x2bd/0x3b0
[  573.164522][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  573.169758][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.175825][   T31]  ? clear_bhb_loop+0x60/0xb0
[  573.180809][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.186723][   T31] RIP: 0033:0x7efe87f8eba9
[  573.191197][   T31] RSP: 002b:00007efe88ea0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  573.200882][   T31] RAX: 0000000000000038 RBX: 00007efe881d5fa0 RCX: 00007efe87f8eba9
[  573.209045][   T31] RDX: 0000000004008010 RSI: 0000200000000380 RDI: 0000000000000049
[  573.218612][   T31] RBP: 00007efe88011e19 R08: 0000000000000000 R09: 0000000000000000
[  573.226640][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  573.234780][   T31] R13: 00007efe881d6038 R14: 00007efe881d5fa0 R15: 00007ffce2ef86b8
[  573.242933][   T31]  </TASK>
[  573.245995][   T31] INFO: task syz.5.2746:15646 blocked for more than 144 seconds.
[  573.254040][   T31]       Not tainted syzkaller #0
[  573.259174][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  573.267916][   T31] task:syz.5.2746      state:D stack:24456 pid:15646 tgid:15645 ppid:10633  task_flags:0x400140 flags:0x00004006
[  573.280356][   T31] Call Trace:
[  573.283665][   T31]  <TASK>
[  573.286603][   T31]  __schedule+0x1798/0x4cc0
[  573.291215][   T31]  ? __lock_acquire+0xab9/0xd20
[  573.296094][   T31]  ? __lock_acquire+0xab9/0xd20
[  573.301204][   T31]  ? __pfx___schedule+0x10/0x10
[  573.306111][   T31]  ? schedule+0x91/0x360
[  573.310656][   T31]  schedule+0x165/0x360
[  573.315251][   T31]  schedule_preempt_disabled+0x13/0x30
[  573.320846][   T31]  __mutex_lock+0x7e6/0x1350
[  573.325448][   T31]  ? __mutex_lock+0x5bb/0x1350
[  573.330300][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[  573.335633][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  573.341024][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  573.346263][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  573.352193][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  573.358780][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  573.364528][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[  573.369886][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  573.375618][   T31]  rfkill_set_block+0x1d2/0x440
[  573.380607][   T31]  rfkill_fop_write+0x44b/0x570
[  573.385475][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[  573.390910][   T31]  ? security_kernfs_init_security+0x240/0x290
[  573.397610][   T31]  ? rw_verify_area+0x255/0x4d0
[  573.402500][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[  573.408008][   T31]  vfs_write+0x27b/0xb30
[  573.412279][   T31]  ? __pfx_vfs_write+0x10/0x10
[  573.417988][   T31]  ? __pfx_do_futex+0x10/0x10
[  573.422713][   T31]  ? kmem_cache_free+0x18f/0x400
[  573.428111][   T31]  ksys_write+0x145/0x250
[  573.432483][   T31]  ? __pfx_ksys_write+0x10/0x10
[  573.437495][   T31]  ? rcu_is_watching+0x15/0xb0
[  573.442288][   T31]  ? do_syscall_64+0xbe/0x3b0
[  573.447149][   T31]  do_syscall_64+0xfa/0x3b0
[  573.451675][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  573.456992][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.463085][   T31]  ? clear_bhb_loop+0x60/0xb0
[  573.467955][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.473871][   T31] RIP: 0033:0x7f2ec178eba9
[  573.478315][   T31] RSP: 002b:00007f2ec262f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  573.486735][   T31] RAX: ffffffffffffffda RBX: 00007f2ec19d5fa0 RCX: 00007f2ec178eba9
[  573.494771][   T31] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000004
[  573.502859][   T31] RBP: 00007f2ec1811e19 R08: 0000000000000000 R09: 0000000000000000
[  573.511292][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  573.519477][   T31] R13: 00007f2ec19d6038 R14: 00007f2ec19d5fa0 R15: 00007ffe64dd7c48
[  573.528048][   T31]  </TASK>
[  573.531921][   T31] INFO: task syz-executor:16051 blocked for more than 144 seconds.
[  573.540632][   T31]       Not tainted syzkaller #0
[  573.545595][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  573.555718][   T31] task:syz-executor    state:D stack:28040 pid:16051 tgid:16051 ppid:1      task_flags:0x400040 flags:0x00004000
[  573.567904][   T31] Call Trace:
[  573.571212][   T31]  <TASK>
[  573.574150][   T31]  __schedule+0x1798/0x4cc0
[  573.579038][   T31]  ? __lock_acquire+0xab9/0xd20
[  573.583938][   T31]  ? __lock_acquire+0xab9/0xd20
[  573.589272][   T31]  ? __pfx___schedule+0x10/0x10
[  573.594185][   T31]  ? schedule+0x91/0x360
[  573.598559][   T31]  schedule+0x165/0x360
[  573.602747][   T31]  schedule_preempt_disabled+0x13/0x30
[  573.608701][   T31]  __mutex_lock+0x7e6/0x1350
[  573.613324][   T31]  ? __mutex_lock+0x5bb/0x1350
[  573.618124][   T31]  ? rfkill_register+0x37/0x8e0
[  573.622976][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  573.628178][   T31]  ? __raw_spin_lock_init+0x45/0x100
[  573.633501][   T31]  ? __init_waitqueue_head+0xa9/0x150
[  573.639297][   T31]  ? device_initialize+0x24b/0x440
[  573.644456][   T31]  rfkill_register+0x37/0x8e0
[  573.649364][   T31]  hci_register_dev+0x3f5/0x890
[  573.654266][   T31]  vhci_create_device+0x39c/0x650
[  573.659381][   T31]  vhci_write+0x3ce/0x4a0
[  573.663847][   T31]  vfs_write+0x5c9/0xb30
[  573.668648][   T31]  ? __pfx_vhci_write+0x10/0x10
[  573.673535][   T31]  ? __pfx_vfs_write+0x10/0x10
[  573.678381][   T31]  ? count_memcg_event_mm+0x21/0x260
[  573.683725][   T31]  ksys_write+0x145/0x250
[  573.688220][   T31]  ? __pfx_ksys_write+0x10/0x10
[  573.693094][   T31]  ? do_syscall_64+0xbe/0x3b0
[  573.698160][   T31]  do_syscall_64+0xfa/0x3b0
[  573.702700][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  573.708146][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.714253][   T31]  ? clear_bhb_loop+0x60/0xb0
[  573.718972][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.724868][   T31] RIP: 0033:0x7fad9278d620
[  573.729811][   T31] RSP: 002b:00007fffbc2b8958 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  573.738280][   T31] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fad9278d620
[  573.746253][   T31] RDX: 0000000000000002 RSI: 00007fffbc2b896a RDI: 00000000000000ca
[  573.754396][   T31] RBP: 00007fad929d67b8 R08: 0000000000000000 R09: 00007fad9350d6c0
[  573.762637][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  573.770776][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  573.778834][   T31]  </TASK>
[  573.781907][   T31] 
[  573.781907][   T31] Showing all locks held in the system:
[  573.790155][   T31] 1 lock held by khungtaskd/31:
[  573.795031][   T31]  #0: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  573.805006][   T31] 2 locks held by getty/5630:
[  573.809879][   T31]  #0: ffff88814dc2e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  573.819901][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  573.830148][   T31] 1 lock held by syz-executor/5871:
[  573.835469][   T31]  #0: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[  573.845627][   T31] 1 lock held by syz-executor/5874:
[  573.851176][   T31]  #0: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[  573.861346][   T31] 3 locks held by kworker/1:11/6674:
[  573.866628][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  573.877978][   T31]  #1: ffffc9001aaafbc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  573.891536][   T31]  #2: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  573.903067][   T31] 2 locks held by syz.2.2742/15628:
[  573.908631][   T31]  #0: ffff888051131100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  573.918631][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[  573.928816][   T31] 2 locks held by syz.5.2746/15646:
[  573.934029][   T31]  #0: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x191/0x570
[  573.944632][   T31]  #1: ffff888051131100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[  573.954413][   T31] 2 locks held by syz-executor/16051:
[  573.959963][   T31]  #0: ffff88805e3fb118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  573.970257][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  573.980412][   T31] 2 locks held by syz-executor/16167:
[  573.985798][   T31]  #0: ffff88807a68c918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  573.995899][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.006206][   T31] 2 locks held by syz-executor/16173:
[  574.011623][   T31]  #0: ffff888031a5b918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.021781][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.031947][   T31] 3 locks held by syz.0.2886/16190:
[  574.037335][   T31]  #0: ffffffff8f59ed50 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  574.045594][   T31]  #1: ffffffff8f59eb68 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  574.054625][   T31]  #2: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.064943][   T31] 2 locks held by syz.0.2886/16191:
[  574.070219][   T31]  #0: ffff88802b4066e0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: netlink_dump+0xbd/0xe90
[  574.080179][   T31]  #1: ffffffff8f59eb68 (genl_mutex){+.+.}-{4:4}, at: genl_dumpit+0xdb/0x1b0
[  574.089370][   T31] 2 locks held by syz.1.2887/16195:
[  574.094589][   T31]  #0: ffffffff8f59ed50 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  574.102941][   T31]  #1: ffffffff8f59eb68 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  574.111944][   T31] 2 locks held by syz-executor/16200:
[  574.117803][   T31]  #0: ffff888053f55918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.127956][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.138062][   T31] 2 locks held by syz-executor/16201:
[  574.143431][   T31]  #0: ffff888078718918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.153858][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.164170][   T31] 2 locks held by syz-executor/16203:
[  574.169610][   T31]  #0: ffff88803415c918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.179987][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.189951][   T31] 2 locks held by syz-executor/16206:
[  574.195317][   T31]  #0: ffff88802f0f0118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.205487][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.215784][   T31] 2 locks held by syz-executor/16207:
[  574.221361][   T31]  #0: ffff888024218918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.231569][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.242045][   T31] 2 locks held by syz-executor/16210:
[  574.247483][   T31]  #0: ffff88802f75a918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.257679][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.267953][   T31] 2 locks held by syz-executor/16211:
[  574.273361][   T31]  #0: ffff88802f75a118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.283529][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.293507][   T31] 2 locks held by syz-executor/16213:
[  574.299385][   T31]  #0: ffff88807891b918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.309488][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.319599][   T31] 2 locks held by syz-executor/16216:
[  574.324970][   T31]  #0: ffff888054d79118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.335242][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.345309][   T31] 2 locks held by syz-executor/16217:
[  574.350715][   T31]  #0: ffff88802f0cb918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.361304][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.371323][   T31] 2 locks held by syz-executor/16220:
[  574.376689][   T31]  #0: ffff888029286918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.387206][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.397283][   T31] 2 locks held by syz-executor/16221:
[  574.402652][   T31]  #0: ffff88807b506918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  574.412711][   T31]  #1: ffffffff8f812aa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  574.422997][   T31] 
[  574.425351][   T31] =============================================
[  574.425351][   T31] 
[  574.433846][   T31] NMI backtrace for cpu 1
[  574.433862][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  574.433878][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  574.433887][   T31] Call Trace:
[  574.433893][   T31]  <TASK>
[  574.433900][   T31]  dump_stack_lvl+0x189/0x250
[  574.433924][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  574.433943][   T31]  ? __pfx__printk+0x10/0x10
[  574.433975][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  574.434000][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  574.434024][   T31]  ? __pfx__printk+0x10/0x10
[  574.434049][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  574.434074][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  574.434099][   T31]  watchdog+0xf93/0xfe0
[  574.434124][   T31]  ? watchdog+0x1de/0xfe0
[  574.434151][   T31]  kthread+0x70e/0x8a0
[  574.434173][   T31]  ? __pfx_watchdog+0x10/0x10
[  574.434193][   T31]  ? __pfx_kthread+0x10/0x10
[  574.434213][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  574.434227][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  574.434242][   T31]  ? __pfx_kthread+0x10/0x10
[  574.434261][   T31]  ret_from_fork+0x3fc/0x770
[  574.434278][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  574.434298][   T31]  ? __switch_to_asm+0x39/0x70
[  574.434317][   T31]  ? __switch_to_asm+0x33/0x70
[  574.434334][   T31]  ? __pfx_kthread+0x10/0x10
[  574.434354][   T31]  ret_from_fork_asm+0x1a/0x30
[  574.434386][   T31]  </TASK>
[  574.434392][   T31] Sending NMI from CPU 1 to CPUs 0:
[  574.581134][    C0] NMI backtrace for cpu 0
[  574.581153][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[  574.581171][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  574.581182][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  574.581205][    C0] Code: 13 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 97 0d 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  574.581220][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[  574.581236][    C0] RAX: 5a6ac0ae85af6300 RBX: ffffffff819683f8 RCX: 5a6ac0ae85af6300
[  574.581249][    C0] RDX: 0000000000000001 RSI: ffffffff8d9b9a1a RDI: ffffffff8be33880
[  574.581260][    C0] RBP: ffffffff8de07eb8 R08: ffff8880b8632f9b R09: 1ffff110170c65f3
[  574.581273][    C0] R10: dffffc0000000000 R11: ffffed10170c65f4 R12: ffffffff8fa38f30
[  574.581285][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a20
[  574.581296][    C0] FS:  0000000000000000(0000) GS:ffff888125c14000(0000) knlGS:0000000000000000
[  574.581310][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  574.581322][    C0] CR2: 00005619d732a000 CR3: 000000000df36000 CR4: 00000000003526f0
[  574.581337][    C0] Call Trace:
[  574.581345][    C0]  <TASK>
[  574.581351][    C0]  default_idle+0x13/0x20
[  574.581372][    C0]  default_idle_call+0x74/0xb0
[  574.581394][    C0]  do_idle+0x1e8/0x510
[  574.581410][    C0]  ? asm_sysvec_call_function_single+0x1a/0x20
[  574.581429][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  574.581447][    C0]  ? __pfx_do_idle+0x10/0x10
[  574.581470][    C0]  ? do_idle+0xc/0x510
[  574.581488][    C0]  cpu_startup_entry+0x44/0x60
[  574.581504][    C0]  rest_init+0x2de/0x300
[  574.581526][    C0]  start_kernel+0x3a9/0x410
[  574.581547][    C0]  x86_64_start_reservations+0x24/0x30
[  574.581570][    C0]  x86_64_start_kernel+0x143/0x1c0
[  574.581601][    C0]  common_startup_64+0x13e/0x147
[  574.581635][    C0]  </TASK>
[  574.582159][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  574.778247][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  574.787383][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  574.797445][   T31] Call Trace:
[  574.800733][   T31]  <TASK>
[  574.803692][   T31]  dump_stack_lvl+0x99/0x250
[  574.808294][   T31]  ? __asan_memcpy+0x40/0x70
[  574.812892][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  574.818094][   T31]  ? __pfx__printk+0x10/0x10
[  574.822702][   T31]  vpanic+0x281/0x750
[  574.826692][   T31]  ? __pfx_vpanic+0x10/0x10
[  574.831225][   T31]  ? preempt_schedule+0xae/0xc0
[  574.836080][   T31]  ? preempt_schedule_common+0x83/0xd0
[  574.841549][   T31]  panic+0xb9/0xc0
[  574.845279][   T31]  ? __pfx_panic+0x10/0x10
[  574.849698][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  574.855072][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  574.861239][   T31]  watchdog+0xfd2/0xfe0
[  574.865413][   T31]  ? watchdog+0x1de/0xfe0
[  574.869759][   T31]  kthread+0x70e/0x8a0
[  574.873839][   T31]  ? __pfx_watchdog+0x10/0x10
[  574.878528][   T31]  ? __pfx_kthread+0x10/0x10
[  574.883132][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  574.888333][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  574.893533][   T31]  ? __pfx_kthread+0x10/0x10
[  574.898134][   T31]  ret_from_fork+0x3fc/0x770
[  574.902740][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  574.907889][   T31]  ? __switch_to_asm+0x39/0x70
[  574.912658][   T31]  ? __switch_to_asm+0x33/0x70
[  574.917427][   T31]  ? __pfx_kthread+0x10/0x10
[  574.922028][   T31]  ret_from_fork_asm+0x1a/0x30
[  574.926830][   T31]  </TASK>
[  574.930005][   T31] Kernel Offset: disabled
[  574.934327][   T31] Rebooting in 86400 seconds..