last executing test programs:

3m10.316093965s ago: executing program 4 (id=1868):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000030500000000000000", @ANYRES32=0x0, @ANYBLOB="010000001184f9bb1c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x448c1}, 0x0)

3m10.186083511s ago: executing program 4 (id=1872):
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$inet6_int(r0, 0x29, 0x17, &(0x7f0000000040)=0x8001, 0x4)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
poll(&(0x7f0000000080)=[{r0}, {r0, 0x8688}, {r0, 0xc8}, {r0, 0x1}, {r0, 0x44}, {r0, 0x20}, {r1, 0x8}], 0x7, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = accept4$x25(r0, &(0x7f00000000c0), &(0x7f0000000100)=0x12, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r3, 0x8919, &(0x7f0000000140)={'dvmrp0\x00', {0x2, 0x0, @private}})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000300)=[0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x5, 0x1, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0], 0x0, 0xc, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000400), &(0x7f0000000440), 0x8, 0x9b, 0x8, 0x8, &(0x7f0000000480)}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={0xffffffffffffffff, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f00000006c0)=[0x0], &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0xe3, &(0x7f0000000740)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000780), &(0x7f00000007c0), 0x8, 0x1d, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000980)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x3, 0x11, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@ldst={0x1, 0x1, 0x0, 0x2, 0x2, 0xc, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x6}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x40f00, 0x41, '\x00', r5, @fallback=0x3, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x4, 0x3, 0x8, 0x1ff}, 0x10, r6, 0xffffffffffffffff, 0x1, &(0x7f0000000a00)=[r7, 0xffffffffffffffff, 0x1], &(0x7f0000000a40)=[{0x3, 0x1, 0x0, 0xb}], 0x10, 0x4}, 0x94)
splice(r8, &(0x7f0000000b40)=0x8, r0, &(0x7f0000000b80)=0x8001, 0xd09a, 0xf)
bind$unix(r0, &(0x7f0000000bc0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000d00)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x30, 0x0, 0x8, 0x70bd29, 0x25dfdbfc, {{}, {}, {0x14, 0x19, {0x7, 0x4, 0x5, 0x401}}}, ["", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x20014811}, 0x20000001)
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000d80)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_CONNECT(r9, &(0x7f0000000e80)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x54, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x762, 0x70}}}}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x14}, @NL80211_ATTR_PREV_BSSID={0xa, 0x4f, @random="6c343ecf6560"}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x4, {0xd8, 0x3, 0x401, 0xe648}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4048805}, 0x20000000)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000f80)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000fc0), &(0x7f0000001000)=0x4)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001040)={<r11=>0x0, 0x0, 0x7, [0x1ff, 0x7, 0xfc8f, 0x1, 0x7, 0xa7d, 0x8f5c]}, &(0x7f0000001080)=0x16)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f00000010c0)={<r12=>r11, 0x200}, &(0x7f0000001100)=0x8)
connect$pppl2tp(r0, &(0x7f0000001140)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x3, 0x4, 0x0, 0x4}}, 0x26)
r13 = syz_genetlink_get_family_id$ethtool(&(0x7f00000011c0), r9)
sendmsg$ETHTOOL_MSG_RINGS_SET(r9, &(0x7f0000001300)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001200)={0xbc, r13, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_RINGS_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_RINGS_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}]}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x5}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x1a}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0xd}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x64}, @ETHTOOL_A_RINGS_HEADER={0x4}, @ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x58649413}]}, 0xbc}, 0x1, 0x0, 0x0, 0x804}, 0x24000000)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000001340)={r12, 0x2, 0x2, 0xc6f}, 0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000001380)={0xc, 0x2268, 0x8000, 0x9, 0x7fffffff, 0x2, 0x80000001, 0x840b, r12}, 0x20)
connect$x25(r0, &(0x7f00000013c0), 0x12)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r14, &(0x7f00000014c0)={&(0x7f0000001400), 0xc, &(0x7f0000001480)={&(0x7f0000001440)={0x28, 0x8, 0x6, 0x5, 0x0, 0x0, {0x7, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x40044}, 0x4000)

3m9.995772635s ago: executing program 4 (id=1877):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x6, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb600000000000000008d0000007500000095"], 0x0}, 0x94)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff9f}, 0x90)

3m9.849943264s ago: executing program 4 (id=1879):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x4048080)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b400000000000000710e42000000000040000000000000009500000000000000691770ea726390bd"], &(0x7f0000000080)='GPL\x00', 0x4, 0xa, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x21)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac5500000000030006000000000002000000000000000000001c00000000020001000000000000000a0d00000000030005000000000002"], 0x78}, 0x1, 0x7}, 0x0)

3m9.63826706s ago: executing program 4 (id=1883):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac5500000000030006000000000002000000000000000005000000000000020001000000000000000a0d00000000030005000000000002"], 0x78}, 0x1, 0x7}, 0x0)

3m9.379937779s ago: executing program 4 (id=1887):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r0, 0x0, 0xf69}, 0x18)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x1, 0x1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)={0x2c, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x10}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r4, 0x0, 0xf69}, 0x18)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

2m54.29756639s ago: executing program 32 (id=1887):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r0, 0x0, 0xf69}, 0x18)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x1, 0x1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)={0x2c, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x10}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='rpc_call_rpcerror\x00', r4, 0x0, 0xf69}, 0x18)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

2m39.999572372s ago: executing program 5 (id=2132):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c020000190001000000000001000000fe880000000000000000000000000101ac1414bb00000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000005000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000084010500ac1414aa000000000000000000000000000000003300000000000000ffffffff0000000000000000000000000000000000000000000000000000000040000000fe8000000000000000000000000000bb000000003c00000000000000fe80000000000000000000000000000000000000000000000000000000000000000000007f000001000000000000000000000000000000006c0000"], 0x23c}, 0x1, 0x0, 0x0, 0x1}, 0x4000)

2m39.76415064s ago: executing program 5 (id=2134):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3a, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
shutdown(0xffffffffffffffff, 0x1)
unshare(0x62040200)
pipe(0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x10000000, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0x9, 0xfa, 0x0, 0x4, 0x0, 0x70bd25, 0x25dfdbfe, [@sadb_x_sec_ctx={0x1, 0x18, 0x7, 0xff}, @sadb_x_nat_t_type={0x1, 0x14, 0x57}]}, 0x20}}, 0x24000800)

2m38.937460926s ago: executing program 5 (id=2138):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="010000001184f9bb1c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x448c1}, 0x0) (fail_nth: 19)

2m37.784259941s ago: executing program 5 (id=2141):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000001c0)=ANY=[@ANYBLOB="09000000000000000200fffee00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000008fbabd8c76236306c383c066000000000000000000000000000000000000000000000000000000000000000000000000010000000200000002004e237f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e2100"/375], 0x190)

2m37.344230417s ago: executing program 5 (id=2142):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r1, 0x84, 0x2, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000040)=[@mss={0x2, 0x9}, @mss={0x2, 0x200}, @sack_perm, @mss={0x2, 0x10001}, @sack_perm, @mss={0x2, 0x7f}, @sack_perm, @mss={0x2, 0x4}, @sack_perm, @window={0x3, 0x9a, 0xfff}], 0xa)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000010c0)=ANY=[@ANYBLOB="5000000010004b0400000000000000005e000000eb03c4fe1bc4785bd4f1edf406b27eb03d425d12582a8c4a2998f7a26333a05245cb3f19ca83d177321118fa210ed775cfd9a1e17b1b00"/87, @ANYRES32=0x0, @ANYBLOB="401800000000000030001280080001006772650024000280050009000700000005000a0001000000080005000100000008000600ffffffff"], 0x50}}, 0x0)

2m36.911875966s ago: executing program 5 (id=2148):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000240)=@ipv6_getroute={0x2c, 0x1a, 0x1, 0x70bd29, 0x25dfdbff, {0xa, 0x80, 0x14, 0x8, 0xfe, 0x2, 0x3, 0x2, 0x100}, [@RTA_MARK={0x8, 0x10, 0xfffffffd}, @RTA_OIF={0x8}]}, 0x2c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000400)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r5, @ANYBLOB="0a0006000802110000000000380050800800030005ac0f0011000100cabee339084eeef109002471f40000000800070000000000050002"], 0x60}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r8, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000940)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000900)={&(0x7f0000000280)={0x648, r3, 0x8, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x0, 0x35}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x161c}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16e9}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xfb}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xa010}], @NL80211_ATTR_FRAME={0x5e2, 0x33, @probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x6}, @device_a, @device_b, @initial, {0x9, 0x7}, @value=@ver_80211n={0x0, 0x7ff7, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1}}, 0x5, @default, 0x0, @val={0x0, 0xfffffffffffffffb, @random="c4"}, @val={0x1, 0x7, [{0x5}, {0x1}, {0x9}, {0xc392344a9780c25e, 0x1}, {0x24}, {0x4, 0x1}, {0x9b1cb986865a9467, 0x1}]}, @void, @void, @void, @void, @val={0x72, 0x6}, @void, [{0xdd, 0xc0, "1b3caacbf52e5e738a40ddd9f713ceee2e7b66d56006d835e573263192035d61fbaaedca3348b0c1e363871f2c6f79aff03e9b0365ecd3aa59478d01d6c6cfc3a261aacf8c657051430e280c30cf01393aa879f3df9b3a34555ce2f0ca67241776db68a167af55341b1b14fafd7bf2d460fce5367502fcc8c2d865dec205083d8dd19ffd9b4e574dad48ba28071550287afcd935ac933a084519b16ea9e1e9dec9ad7f380481b93173d67602af4be2fde221db919fd91c03a6d6c5e3a321000c"}, {0xdd, 0xec, "a401a174d76cbe6a9b235f5195e1f32445abfff987e1451f9b7441f80c740098d02c3652f89ee3fbb4fe4df7883e66af4f5e30426007404a453baa15e8d121b2f52d3041f18fbc20246c97cfc08e27a92cd65020e20ce38b2a3b24ca3fceafb6f044c1a90c45d8bcce9037561da6fc2935074c3fc09aafc06f4d9bde4083b4656673f863076316b2b89477596e91257c5b168cc6caa51e47688c3238895b9472fc576270586be50fc760e796c6c50bc7abb90e35eaf66186872fd95395a43ca43bdd21c27ed329ba4df9ba35ab21d8c38d13665e64639658984c3faa786128743a72e60aeb59db0e7e8fb8c3"}, {0xdd, 0x7e, "95b5685f358c15844a98a016bcf172cfd48a8bff0f65ff54e2b806480dcef50ac6e37620e0d08a527789156b91fcd6d46da63695c48e32aee229b8ca9bcd65d53f9b5a70ecc13a97b07c46b5b3a8ec3b96af6f22d11fd09f268126d2236318199ce3c28107615e4616bc27e43af3e5a0d0f4a76850572c81bd9e78cc9715"}, {0xdd, 0xa6, "ce6594d9671d29caf209adbd2e061aa691c3d03d025c4c6d82dbdc71b2f21f4e14eca6e25390718f02d1fccc75aa3cf1718a75ff510b82f83f7b5a216705c26ad3022f9756cc9116a2cabd489170b3d5faf36acf184d7e81b3f6a88843d4403f0a28b1cc1cc5612a9114c87ed70dcca850f384b7a1728ba288674d79e421da1b53d5ac1b5f483bcbd9e5b3cf39ebb4e7fc65be9451a8297e471492eb1ced5705498d87c8d23d"}, {0xdd, 0x44, "bd0e869aa094076131ce6d8e19447b7f9e66930bf8b0091a3a709e0aa7e41c8b0aa1a8657ae50e431c13a15f97b0995fc728b395c9c8cc36898c2677f69582caa327deea"}, {0xdd, 0xe0, "9d843658731fc9e2391b78791be70ae57cf3a1ef319d4b1d32e070d90c158b9d7b05b78d774b18ddc8400135fc95b66a04c105304542a691a92df1c442d4a5147c442e987110b095fb99a0bd5a9d5469c7c1aa570c3596ad3364469aef16bbb3af94ab3cdd2e8960a6d921dbef8e9ae8dd47332a69c70eedce4fd5e90bf839a6b3028cb82f327819bf096d3710fd8928bedcb94f5cc0baf32ebba0d6d57993d673b64605864458022bc17b799444b35fa10a9aa88bb32eb1ae2067288f599293e36b4f059bfbf8b22b5ff3baa77364211bc88f32d12471ddc7be49dff5346deb"}, {0xdd, 0xa5, "5cf7e6b562ac44ceb2f4ab109b77a352a0b7e3e2493a76841a25659e53573599f225cbd94e8912b0f5d3f4c08234be6507e2c69753f7a4ac7550ef54b11c12b82f21df7f74d5fd7c3d3ee25426f7ebf179c70ffb94247ef3a922372c65d927932501e46928b87b5154dd5c7088d7fd4c8ff6b7266cbde0d394a2fb6d48102f1102838ef2352600fb5b8dbc658918446d135907f87b6a54964fe10a342bacad853587b53590"}, {0xdd, 0x5e, "87dc2b474e9259e4df49a0c17aeabcd6e3e24deefbb234db0b5adfb8fa6f89dc07db98e366d9a34e9cd1185bfacde9090dea481aae530cd9b2f60934e1a756a9abfccf989cbb95376ccbfd268ac6f4decbc7741bb4149f7f31a55cc6fa44"}, {0xdd, 0x19, "01d050c1c1291ca4a533b18e486014089ea9930d003537a448"}, {0xdd, 0x7e, "5ecd61a0077d6be8e0dffd6b2f8afe7d0b97994b9668fb21b4022cf320274116f25e38b86e00f96feb8db1c3d605fc0b7f77a6e1b724f198430b8c501178a85b5c4d318973ea0462ef664d0a1b966733ccdf5a3b4d7c1b0e0d0d55c0afbf995f883659ee7bace1ea3cb11f439fceab251696d90870185ae08fd0d1e55f71"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x6, 0x67c7, 0x53]}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xe7b}]}, 0x648}, 0x1, 0x0, 0x0, 0x90}, 0x800)
pipe(&(0x7f0000000980)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r10}, 0x94)
ioctl$SIOCPNENABLEPIPE(r10, 0x89ed, 0x0)
r11 = syz_genetlink_get_family_id$SEG6(&(0x7f00000009c0), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r12, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbfb, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x10)
sendmsg$SEG6_CMD_SET_TUNSRC(r9, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x12200}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x7c, r11, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_SECRET={0x8, 0x4, [0x423dddcc]}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x8}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_DST={0x14, 0x1, @private2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x60000}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x7c}}, 0xc004)

2m27.956775096s ago: executing program 1 (id=2222):
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r0 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r5, r6, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0x7fff, 0x0, 0xfffffffd, 0x1}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000002000000000800040001000000", 0x24)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r7, @ANYRES32, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r8, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
sendmmsg$inet(r8, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

2m27.216449473s ago: executing program 1 (id=2229):
r0 = epoll_create1(0x80000)
r1 = accept$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x10000006})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@getneightbl={0x14, 0x42, 0x200, 0x70bd2b, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x20004004)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'erspan0\x00', &(0x7f0000000180)={'ip_vti0\x00', <r4=>0x0, 0x20, 0x7, 0x1, 0x2, {{0x12, 0x4, 0x0, 0x3, 0x48, 0x67, 0x0, 0x4, 0x2f, 0x0, @multicast1, @local, {[@timestamp={0x44, 0x8, 0x87, 0x0, 0xa, [0x4]}, @generic={0x7, 0x3, "7f"}, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0xf, 0xd0, [@rand_addr=0x64010101, @multicast1, @local]}, @rr={0x7, 0xf, 0xf7, [@empty, @multicast2, @multicast1]}, @ra={0x94, 0x4, 0x1}, @end]}}}}})
connect$can_j1939(r3, &(0x7f0000000240)={0x1d, r4, 0x3, {0x2, 0xff, 0x4}}, 0x18)
bind$alg(0xffffffffffffffff, &(0x7f0000000280)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000380)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r5, 0x800, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x4)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000480), r7)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f00000004c0)={0xfffffffb}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000500)="aab2507ee7d91068bbba7c4966d7f07ab43a507474b16a67dc6a4ce4323c2a13d013e97bedb82345df718eea29b10141b4f5c5ba62842f39ccd6ec00dcb40087ca81bd", 0x43)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./file0\x00', r1}, 0x18)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000640), r7)
sendmsg$NLBL_CALIPSO_C_ADD(r8, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x2c, r9, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x84}, 0x20000080)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close(r10)
r11 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10, 0x80000)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x18, 0x17, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @jmp={0x5, 0x1, 0x6, 0xb, 0x7, 0xb3, 0xfffffffffffffffc}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x2}]}, &(0x7f0000000880)='GPL\x00', 0x8d, 0xad, &(0x7f00000008c0)=""/173, 0x41100, 0x72, '\x00', r4, @fallback=0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x0, 0x1}, 0x8, 0x10, &(0x7f00000009c0)={0x2, 0xc, 0x6, 0x8}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000a00)=[{0x0, 0x1, 0xd, 0x5}, {0x1, 0x4, 0x8, 0x3}], 0x10, 0x3}, 0x94)
setsockopt$sock_attach_bpf(r11, 0x1, 0x32, &(0x7f0000000b00)=r12, 0x4)
socket$unix(0x1, 0x5, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000c00)={0x0, 0x3, 0x18}, 0xc)

2m27.020013285s ago: executing program 1 (id=2230):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x38, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x4}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
r0 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="b411f9a36b91f9063328a336c7339f3c40687b13ab913b8857c0f9a85a623808a4f6602e16b770d272fa5b88daab64b7df31535d7f49a5036b6c3c52443c25ab9248342bd139d184788636ae48d789", 0x4f}, {}, {&(0x7f0000000380)="152695307c9ae47b9f06654a7612dfa9459aad4032d6bd24b825f09098740d1272e3983faf12685d5646d9020b63f29eeee4a587cc8218cdef4d0ceffef53424b9684428b6216580d550a945a40bbecc9a88a28c9a992ed8e16bda32a1732ccf7f41cb96c62309c2fdafc5c47ee1e72e60641b49a29c072f16985a2a80e3424f83749b7861cd27fc5c2458e93612f14600610035038061f1e36122f3fd89e5ad7dff5fc8571b414ae2b3e389631395eb373b2ba509224f3eb84b60dca213898fc042b73db8d6c5e63b89a553d883a0b99df390316319799dd93e4b358e5f7fbc790b748cbf3b6d5335acaff471", 0xed}], 0x3, &(0x7f0000000480)=[{0x40, 0x1, 0x6, "a1baa36f3b3d2577c0640b92318e944da49718ff284b291770ce5de6458d5261e1c7b9dbdc34c524311b"}, {0x108, 0x10e, 0xe7, "181ecf48ed2f39630fda9095e265bab5a9ac46949512f99b25e4d6462bc02ba6cc21d97de0ebbce2c075fac42e4fc5a7611bdf2038c49c0f63f9183eac707975a36abcf8bd8691b79aaa60d149404d84e536587534ae868e7976f2df432d218f2c261331b72356ad574e7bb460c6bbad26402fc89c13831909d4b4a6c98cb454af208b9dcc69e9d59918c5574e5bf8ad53373380bba6b1e5360b3a3d0982095bfa266444b93ac33f8d91a1a626d83c35871bb187936320ed36cbf1a86226cb1d7f2e93e56af4cb36be5f68818ac29f5120ff9595ef23b9487d09dfb3b346dbcc372babe807425a642dd18e0c122baaba86b26f30"}], 0x148}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000010400b500000000040000000000", @ANYRES32=<r1=>0x0, @ANYBLOB="00000000001400001c00128009000100626f6e64000000000c00028008"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x8000010}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRESDEC=r1, @ANYBLOB="83991c8a3c85407476", @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m26.969344992s ago: executing program 1 (id=2231):
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x24000000)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg(r1, &(0x7f0000001340)=[{{&(0x7f0000000600)=@nl=@proc={0x10, 0x0, 0x25dfdbfb, 0x2000000}, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000780)="f5faea09b06be5f41412f3a12080051962e52d0fb38ea4a0e73f0591cb192bf15ced3b382d81f870afc221be166d849da5d2b5e577fa75938a1b922d3c50376bdede32f314fd38de914a002a692889cee5fd3f3713b5bd299e27a1f4499d945ffce38474de8e357ed106ccab9c676b9c614d123b3d37fb4a4c267c5ef7917e36f518135ed6b8d977c9022da1e6bf38208ff6ce65a6e64576382b68a1c0e3e80052021f75d9ef90d80a4d3b191176ca3cd485a716ce38ea19c27669f3dacd1700e92f030d4657d66b2a583f661edfdcf766fedc57ab33e8cc6341ab03c9b71c7451c86fcabd09", 0xe6}, {0x0}, {&(0x7f0000000900)="11da3bc1a433922f4304e5e8a31bbeea7dc7cbf9a22a3536b8fb9c6cf47defb649f5b7ac01fb0e9dfb82d83aa97370b5b92e8a65b1c44569766a25ecb3d0f903862bdfe7585ddd9097a6647992f0ec64e4bec9b9821836264df9c45e5264ac9e18eaf9d585f52078123d8000731530e2adbb18cd0aa5afb2f9939d0a0a3a9be674b6a602615f12e39d508c99c84e5de9110a66eef1c15ea28460e91bc1530ce3c3a36fe580889bb3fae27fdad489c22dd1b47726399a76c98438b9267455d49f6d3fc24531748600f3c0d6fc24b12254dc2ed0b6d466cd86f96030f3a9", 0xdd}, {&(0x7f0000000a00)="5df48b3b05d62ebefdb5e3de4f7ecac08aa089113e4dda8df203c2f98fd37ebebbaffa4f00860239985f76bc94261538f1a5a3208f9d19872a2d0e9654880fd3fc7068ec79a843981ce50a4ffa991dd7f64e8782c52dec6a8b37bb06bba1e41f78dbeda1d33662ea3c2c4f9de72863", 0x6f}, {&(0x7f0000000340)="581b378fc9bb6ec9997977cace7eaee5e933e10ce71b248c", 0x18}, {&(0x7f0000000a80)="0f8e4ac5bade437319541d5c96b25e8fa99402e8", 0x14}], 0x6, &(0x7f00000015c0)=ANY=[@ANYBLOB="f80000000000000014010000070000000df1159d94e09507fcb0af6252a2c626eb3eac4cae29e1ed9952c6900106ca440f2c4530c86888e5b51a5858c96561cd7a0cce899c03d64a4f2c4e875e5f6f9716d6329c1249746f2ff6ce1c54fb1c4dad1c95ef95b15d3384d6b7db2692e8bfb008f854f3224b80866c80a0e7e66926b19479618ee0452e11926cebfcf9e1635e8709bc04000000000000006a6995e3a314fef42500be1dc08ba19bbccef25b348cb683aac559f417b020bc34f09eeb4356739b23a1bee8cff835026a90bcd76a044a5555f1bf56781f06745e59d9fc4ecabf0cbf54b23d9436b44b467adf8b5d17429f9000000000000000150100000300000066e03f81b7509f35d15bd2005e4d3173df187a7adfb87a26f782ab703a090b13ecd86dfb71702cae612a41523e06aae5b5f82e65e4502fe65db118f5aea4e22f0802ca25e9e19b2b351bcc6df9470f8893dad92e4bb6cfdeed3659c2fa45e44dbcd894fb242c12c0bb90976bb1e42e58130a86b0f353e1936ef1782f33760000000000004c17e3265705c36ed52d270c7c392e4de100cb52bef9fdfc7f5d42a3cef52117454bb968153289ec559fe1283b8d6b40c060e5b1a5905a2225100ba8321eb5fed2ab4d9aed00889f708ee9cccdbfaa3c90950a593a6620e8d0d0713b872be723a4efddefb2879617b2873e964391babfecf98a5d2aab166d215c720fbc934c50d34023d6c32cd43fbe9e681455a04e7e688b96c21b6a81ab686d8be0429142646cd7de9cacc67cb1820cf9bbdd31e281030ac5314733e4b41a41b1ea789a3f5400e3f98e"], 0x188}}, {{&(0x7f0000000d00)=@llc={0x1a, 0x303, 0x3, 0xb, 0x7, 0x8, @random="9ca6efd0c7e2"}, 0x80, &(0x7f00000012c0)=[{&(0x7f0000000d80)="20cc3b30f16f31ad9fd25cfa8dbe711273cad25af286b87df07e4bb7193e4f4fbfc7bc5ad8835788e6858f73e271ab5dbe02dc381ee3659ee59a4dbc4db6f1b164e0bd5d6c3ee3b5cbad547d8d58f81a0279699a6851e93aceea06c5a409b1bcae665833a1b05f85210ff3be73dbbc25c8ff2b0e2cec42875b3b8cfdb720d6281e14b24edc641be4cac3deab0ebf28246b0810fdc42cdff647daa10b21bdb590cee8da", 0xa3}, {&(0x7f0000003100)="74bb1635c52883f96a9c0e4c75e37a063e32de94aa7502fb3089ef490f50715cb7dbadc8776048e253d563596d74902c29c3701ee23931d8d06d045fb9b092e0ed345afef37ff97885d9a850b5e1667c8a60bb5e10ba8b778e47aab258b5d34ef9f7b6521640b068af24d6bdde84a5619e287bbb265717db6b8da7636083b8260b8e35cca5dda0d9ee574714bbdea5580ac409876d76dc082340d61f90bd7e4df4f70bd097479db11478ba204a2c9b5907b9ec1518bd1371fb0c18f69f6a59851174db69a7d4b7ff3d3d7332101e8d74b306c51627a4de2f10acc4b3438181c70fe446430b8433ba8a67e5f57eb79931ba0da4213cfdb1831d81fe6857dabcd0ec33a8856fd7c06d032f6f5a45f17dec1734b43b8ac9ee5a39e702ee8bf79bcaa673033a67aad44f2ca36808c38a2f2ad7ddd23073b26a53f640aed155dfe4bdda8bedb170213fdcbe856633c59e01c2c74ae572f3a123dca78edc72769ec301a8c07b87cc0a029a00222283e1a46ba22ce72d1014108694b66bfc6ab802b1b7215ab81326d83b46337f982e1353d79aba797faefbd8534d3c0f45c0f24ab4ebbb110b5eb1178917e44cfb891c946748b4bfafec1168e0eb543544f5503b9bcc06a68b4810a67b84836fd7ea5192f1110302f22621c112074efd052f8ce9a2e4fd9a8c548909158a8dceaea0eb6164e665f57f94ff583b246cee47a353ebf67de685bbf89eca55a99d20fb6702bf2ca50abb1eae4a13e0712ab295c88de6a2dc723844a7f9fda5aa8002e72dfdb7e3de5201af90381fcbab784bb81b569fef4b0fa2a1b1db827192786248bece190bc4b322668fbd92dff56c8c6e406e119f757edd7faa9a779a8d79b5db5156f0a50233865526fcce063323ef6b32d35200227ddaafa5705cf3da6a19c56adf492fda7b91789b4c58b10cb337df52dfa634c4ce1478732df550d926e560fba158c63e4c776f1b193c8f185e8efe533eefe3613f6a11c62dc1d1900f2af2227af69c3af48262b29f2781e7122bd2376e09b8fca038ce9703c29a015f9612c10e3241ada80621faca661239ca63ee3f5e69af59de70c616db9c0a509c270f91cfef44fd37d39ad3b5b13b51b6b6169ad25c453e19e625c68302131eaf9de4a6e61a5a55e3374e6c4cd82db55745b52aaf7e7ef3c29944ba146bd955125e4137d2f0d1a958b3c3deaf8c068f1476cba0998aeaf8f75ba7d5667effe224dce6b332ebfeb6aa32190a7489d2d4747ca46648f2bb4c7636c1bcd1d01e33d68cf72fbc037cd800500a2258dab0e91a18ea1b49c4060a656943e9bd8c346f92196aa4f1e068fc0fb3866b1450d1f7680258d79a655a6efec8fe3c261bd78f3b8011e0f7aa9210486d7a26d7b45687fc0c95aa252badbe94ad95898adb6eb466ab59e68b46a472751fe6c96f570fd711a456040bc21efdbeb365d312547df685c6ed0ad4c6b263188e5dd87fbc885e85e01c60cd6bbb4ba4c31baa7a3136bfc08da1682cc36d48410c0c4687960a621cb4cd718f89fe57f0708bd8766262ba8306e6a18c1365e4e9412d4413508f454359029422c96db82e14ab62a80536a4af0fddcd60c62ff5b3160af2e947ef2a95baa4749ad4c870efefda1208193453d65ca9a11e2cd00e4d25c7f9dc9c7c977e8fa74ecfab4f8b7ba202e5a5ca6d294b63d7b9345588ba2dcbf8017b9c81a1fc005ad9b69056e6da8f5e21e3afde4aac4354afc73f678df554eefb0b2c4efb7ea6b3e532f8cd10eaf713eb83ca8ec0a1c27675f4540529500c48e2e13be721ec46fd388cc00b7286ed9313bebf3036bc729ff85cd1016a742ecf7e10a16cdc8484192cf9b727f2ce2a548a9a514d9889770397566aa5b0ce0775bbd2fb1848ea92c50f72e5bf0d810fa41008229869f82e76dba3d136a75e116a563e889b2d1e7145440b3b6c4355af5709e11da02b6c53ebd18467c7a58bc9e76114e456ec5ac6aaaf2aa50549dbd9dc8df5fc669fc87a608b8ff529aba73e5b26eb35ce8b988c86591f9d1f92a792e0dc64b5f18ef5bfc67a3ea054a83e3e80b172ab5a819f160370431f4e8015d4a15f7f7b7fa57ee3b48cc5b4460019f399d2aab58353c650aa9da1838cdec4b710c0cc2960258776d66fe9afd1ce60f41a6cc634b3a8d88cddc039fb5f6b9293f6066e16ab7a3b57eaee18f5bc1b260d59a76490b7993914493a5db6400032736bf59ae730a85d966411d68cc7706049502b3ef0d849a41f2228c20428395d6390ff9640b07ff4447950561657352d67d8146718f9a90d4e32819ec1cef55ac4e57caabb7f21f30b7c190abe9f85d2b288d7c6697c260c89b3b83c40b26c68a77462934aa4177afb2fd77397ee4656e71f6424ff5f825495ebef158e4d191b3316d1894df052927e2e136c848108d3d4d7f32cf4fb35e8f754e843ac5983bceaa029b6a84f09917de46337731401961fc78ba76ea5155f22584f608d2536eff406a1ecdf0859af70f2c8c97191da048bb0ed5d48c0deb42ec4a51b383a4c7162dabf36335dff0caf451115c2b58c378b9471a2efb8a77a9630a17f6edc96aa852f3c5742da64dc8dc4107ac5443654216e7622e9e2af4f107c970aa49cb2687434d4f6cdb07a0b1b94177dc82d7946a645723b7e629cc6f17d06116289de23c07b97d4984eb51bad468f539f2c43232943f51d179804a50d3776d132b16eaf273d22281301069e0f200923e2f08073dd62475dac938eaa3f0ba1bc32a56f55faf82886bc6957b1ca718fc04b35ac2b86895559247b0ec4d8c2394fd9c8d7b82bddb811cd206888d3c9d84f0a51e54da44cb40e0d95aad03b2d0f093cbdefdb72adbd880d0e6d8fc0aee7448a39cc744b1bf1d7bb6ba0e635c91165e904386ce46715a24ed6b69e7ba9034670e0798bf2144c6b90b5fc16102088306342ca60d9ea14ec2295368b2f22f555c66ff68a4458daf2da95a1b5862b659306a409ed65e23b9f820f6a25257f6546dc72fda683e0fb08a9758907e8dcce12dc34c00d3cadb388e7f99ef3b0e096fccd7db0ec7c68df278b3187ca64e7a446949f5fb68e1fdedc4ebff59a0a1e0e0299a211b7ff537c12015da625c138e30e4c1c4ee404ddf9880d2b87d3238f61b81368d2d62e0f60407f6676a5e44b0f518f418f7010023310d9456e1a40f2cdf8ee5e9b8a4003a4228ef32cf23c8c06180276b98cc206dfffb3240fa5ff12a0a6f78213d7fad6d1bde79062037bafc47591a455008b1ca43fc70dfd1f14493696e7f2d80d44d894099e84bfaef263ecaf9ff49d642b1ccaf5ba9a4679fb7457fc4565d8ea286492839237f559e37e82827afc5fea90e644b9fa344412a74ef5d725e0a8959e523f836060c498eaca9b9e8129e3608142162e65a982394cfaf190c8686b4ba2ae4fa3408e733423515f04d86427351bb9bf2102ef0e158e75616a8bcaf381250441c7bffd0e0517a229b29f4b0b85ecd34949c37c69c2bad8b6ab3bc563f52a761878ebaaf2795029a1c341f28b9352c5e3f88f358124ec739eaf7dd364b9b306204ba8ddeb7b52b6c3ffa95d0dc2c8622cb72494923c1246afe80982e997ef09638b9242ce4eb1a0ced34b66d70ecf235c8d263e422c750a700fab3ed0db89e076c8bad6d2d6e14d980f5fbfaa04ebfde96129060d9278cbb3f601844141b0e02ad88a646b81a70a7d93b934404b97e5eda09100c6b507cac20dbc4771aa0581bd00249b1a7adcb9b4dedc5d4d8cfdb3f58e5a17fe3f41ed110b7ffab4d675cdada7e362c09259d52b55d292c94536b69b7138761aa35719a72574cfef6b8ef5ac9ab6a3a49441f409670e94b8586360a4c4d6292333857de805259df18e65e7dcf3bf4d83519e88eb92dffbd2a0a2defe0071899da259e6256e40f2de08fc31ed6e2a17ffe60b91ba324edd8af3d891e36e0a9e78f69a60b95ca2bb140d1544752d15cbba5375f654fb055867ed74e99271b71a15f1de1359e23b1e3d051d2f64dcf49ce42678855c00513aaee0debdf14f0e28f012c8ae46876efa49eb078f20775556f8491f7ee3b56dbb11044790dfddfc9a0a6a9447b17515cc0c3b2169a2d431f3044165cb4054b11148fcc7a9c0850e21ba2ec3124f9cd1b46b916491bc931219c6f1a22e9db0ff1c5ee0f240c3684229dcbc07b1d170bbab7df2aac8392ea92dcffd21da9c2222d3b97f52d3afa6cefbb64ce336cc2e48b62a56aba2e405259ac20efe201b692f09fe72d17c15429d4286cf4c9019b3fb4b47754ef2813f8ee5bec1f4b9ebfed36828f9c2bb53ef5e392d8e5b6dfb45fd425eaff81a59a26c19a38f98c41359a8ad4101e15f8e39a97e8d752c2ba190c1684d91648d617d1ba993651a7fd69bd4c6b28fcb0028f31175c0d19a1734dad3b5f462e7fe099a2dfaa442c98caeefe47cbc124e3447450ce7920b90ce67ed385752010eab1b7220cae9bb0b621afddceddbdb5f7ef7c9137320794cd6dbeb9281edd2dc3d727a5be0f89c7c5c22af5b7cb9568f4ef3e59a20ac3ebc56259f35415e0fc01c184ecdadab83c685448aa5fcf615d89769ca2e6fe2d7c8e4e7586a937ebf000fd3d342e97592059815a88c95432709a0303e1d24d904fb102b9a64e3df73407f24f9a45dd5e0a578e5ec46c5917e2bea64b9b6a98816db9cdf5fcdc3d4b6ef6e56099303cd6e8365d40adab59bc1109dde30cc904d280c81c939f6993ca6e8bd524d862dd02cfd18be818b9408f06f638dd307b94ced4c3fee178db2ceaec1b86f530b115ccc62544a83b75da9cdf4ca6d1338a5f13fa383e950aaf989d256c4615c10c63b0801e4ca6c459f45c7eaa01dd38d35bcc8ce6545551b19f2f80ac35aeb65f79a98fea9d62c264162cb8fcd8d81a34bf3c04bc2e391a9a567c1e5afc6493b936acbbda00c925a4745a59fa0fa14e8d7183fcb78fa5a57b137187e7a6c9abe32b148a30939996ab28f4569c194e1f5fd1738a55535e65df727a8b9c5334358e3157c3299c02ab7c2c3d1b303e866238119dc9176e8a197c3b73b4665180de786a6a9f077be0133874226899f1524054950b1a54f941dc1040c4663f4a203cb8f9e4c4828ebf943f40c0e23fe00ef8f0cfc1cbc17cbb9cdd30956e3f1a21cb8c67b41a7373dc280b5ac916a14a8ce8c38a0b8395e9a47c6150da1e74e6dda2cdb348a03b6dc91feebfa6b31e5fd0bda9e3c6833a3748cd49331a9544c1d397d209bd647a500191ccda9bef933b76c6026c834b03383aae21ba449ca9967ba7c488ebd4cfab2c80d66b7b6f52cf4d331ce9efa9a258d44eaad485351bb131adfd19324a2e575d647328c969775437f0ddfacfe1e7ff4cb1a57846c83dc3cf0c2ed9a9494c8059062164db6f6acabce630422d2d25839f66b15d284eecb52b514cf04e061d6008e9d8dd88fd2b030467cca5e6f8ed8d02995b24643365d72570e7adc554abaf820b3042c15e79432bf28a5939a5c74c24fdc22674d8d48f8a54d64eda194a203127e5e51354147ab59c540dc56de86970b85546c9cffc01e3bd25aa7231d0e6875fd61d71d3ec67e396a7904410bcdefd22b3b92e22884328438aaca3980f1240020dd84a10ce21f25f2ca0ee71636bd8dcbeb7b6a766986c27dbdf32b89fab63a088be8981437aca05f6d873140364a5dc196390e7a578905996cd6a0df6591d2e42f7432f36f8ea0509b996189e73b90f03a2b975af160a977a778aaa7f4ac1b0d7d22143a105de03bb5aee6577859af36cad73366bdf5e761cdd0df72deeb943db0bb", 0x1000}, {&(0x7f0000000ec0)="df3a8d2d0fcf585c30583fd5a5570a3f4aef792e120178c7713adb25f7b004ca3f685525b382ab7fa05518daace5db1bd88aa33d22c6341d9e7a12a0f41a5175af1b2667417e187d439ad63699989a595492e06ceacccd9c88cb92c87bf63b14e52385220b4c73b12b2a7909a83b11e0ca4ac908c54c69f6c632c73849b6e12974c29135c786514babf2d329346792afffd7eb6d0cb51f54f93d43787ce67e1e3712fb1d752c8924427c50152cd0e68111d97b94f78ae71cc74948bb016bf3776264a3d5d40a4354f1666616d9c97e11a80cc0eb72e1078a01575e9af825cb115ec1d03fdc28dd2a9f", 0xe9}, {&(0x7f0000000e40)}, {&(0x7f0000000b40)="a2cbda28c972fbe009406716ee80cc605b9026b6ffc86a04ff23d54185040c2c3804bf0c2052b2b5cd33788acc6c3ccc4ebe57ce252c30816c938c9160917a8c41bb0256f0ba474ab010036b6691a39186e93b8fc50ff51e6d130a8fe424e3e6a32bc3ea2b47a355190be028afc56c48ca9fd15c3edb79a49dc51d7dd90bb153ae6cf39d627756066bd2de2ea61e8fcf44a0f2ef5ca322c02c46a2552e85d7fed9cec1277ed75c28545e2a5025", 0xad}, {&(0x7f0000001080)="3e09c418c7c3ea3bb75f7e92af147ba69c5a096ca241933bf2993fde27326b9765bb7c537fd60357d7eff384db9e2aef26fb9b0e6e0f54fc68541143eab7e5ac9d369ad6cfd38818c417cd42da046f8e51d3db7ec36b66229465a71a1f4adb245a422b47affbb3312b6602fe4ffcfa23e96029938da0a7d096d20804b6b8f77bbbd8545aa682dc99f05e24b3b664c62e2cf735ff46d0d4252d88a009b474cc8bea21f6b704d611c0a45f46cd4399", 0xae}, {&(0x7f0000001140)="6e4a095fa481d4090151bb4a5549cdc5deb8f1fafba0ff86714bb5ce06cfab92b919006f40534016d8a1437589107c9316c21950e423d5a7c0eab9db8bfaaaa7cf44301223d73f5fa659424a49d74cadf5f42869fcefd96cef3460eabdf9ce03d0e93103949187c482f2460da54f908bc0df2c78eeb544661c13498663444c62af848519cc3ffa", 0x87}, {&(0x7f0000001200)="2bce91805364e98cd0d6f561a0a85a283b78514a95ab752108e284f3dd11025a45bfc0838ec664cef9f4f0f58a6410b6bc47ef315c3633bebf3f3ae2cff974afbe00bbef72864d04ff6897e3fbc1fc381edd80360824c79940cc888a669b48bcbeabdb2fd78deec875dc6faeffc4bcbf52d1a1226e56c449c02a00b61b010c75344d0ffa53f0ae244a", 0x89}], 0x8}}], 0x2, 0x4080)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004040)=ANY=[@ANYBLOB="682400003e000701feffffff00000000037c000008004280040008000c0001800600060086dd"], 0x2468}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r5}, 0xc)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fc", 0x39}], 0x1}, 0x0)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004100)=ANY=[@ANYRES64=r3, @ANYRES16=0x0, @ANYBLOB="1e75a17b00722d4d7288e558d4332c776fea43dea4efdeecbdaec2db4c46a3257f93b0fbf5593063da1a100bd87a3102e5eaf503977d87d59c685fbc4f07ee247555623a8d14bf98ae26c7a39ce201fe264462c0da583185b104ff7aec129902aa2e89f23e4f164e7908970c8aa53333950b93bb035988a1927d5d54832d2fd7a2b0a9cbf2e0c8fc485ff0cc910436ed754034fee9469b37a00ad53dafc47518c71cdd7e0ffffaf23368715d3ba7790fb8742059d74a60c781ed0732b251d8ad4a5645a931e57a62617cd6ccf6531a291ececd09fdb06f424c339ead2b5631c10a8021b9ba31b81aa949ce745c3c8d1ec179c5c0f704f467ac1ae687e1ea88155e8eacc0c6eedd14c63dbd0089ab08c67dc09810d2c5bcee78723f0059e0a860c57fe496ce521428bd885743d32b897ae5d71532cd7a450aa786cb7e3ed7764924f0bd126d8205c5023c292090f171eff9656bb4722381716c47559a89470e5249a461e354beb63bc6b94744cd5647d769d95e046ab03036bf865aa0f2d6bc1659ed105729d886b0ad0eb78ca1652dfa2961aaa6c7713e0aa0175512e3d74ff0558b73bdeb3ee67c60dc98417e6f245bca6dad38a13510059a6686275c0e52c6a9a575a9f847d84a934eadb16f42e6e30785bd669201b6eb9ee8a7beef9a42f818d1556420af37add88fc5586d1750bc1e352b3727dc8e2b2966dd1ac42f7cb0f585a69affb5a35d7b01bb350549751fd779f92e6b2f5b69f508cfff65f583e6632a8614c154d1b6aa56a421825dea6d910cb3c84ae893c61336229798d30f82099caa528df45ad666c8cc6d4a958929c60c2abc280c6cd4d404011869049e8f659be16c279f70f4fa519f29cdb5bf7d3d8d8206d332ab74e98894938a717cc76b1ad4535e9b130a51cf91321a24d9a2014ff0a8d4b0ae23180dcb06938f8aa3508c9c37bb860aec3067bbf1f4e4d67634b74b4e151dc49881605784531872cf8a535feb87b7838a0d327310cc8f42e8d23d61780281e86bc8f1a231de9e198993b050b0465afeff4a8fb538c22687b8394dd03fabbce7d8b8aecc741de33018d9fcb43a3722cfc2939bc418c23d3f352515df7ee4607d244a83336d86ddf6c0761d222a13e592bde5cbd4c5537f1fa1b5303383c531961de94804cf78b41ef4eeb3c66dfa03023d10e1aa7ed325f2d1fcce5ca157815c06f14c4fad57d2aae7b873cdf1ab0621321192048ac471cb1b50feabb431e48ee8663a52f909761684fd22235058e85b69fc41cc68be13ec619e804da2cea3a5bb911c4ed009916dfd92be625d2ad976b05f412d5cf8047f8409bb400e5a3df87633860244390237201a969ba00dcc588a51c8a424db9befdca8e857c99cb7ee431068d265e789a69bd5e2948a518831967a7f7d44960c9943eb3d56182284649e16a0a198101216dd43ad0abb7d913948b450ef4ae3423efa85863455704728692819c220271404e9db9abed7c6bdaa1173f734a2af6dc1fd463383b42bc9d030a58c89c460957837730b955433fcdf6fadaea171e7c9703d2919eaed49892f2ca4edfc6eae50d6e756a2685b57fadfd707ac8254f7cdf28260b1a138210670173ae191698047582e46d7126c09039a383f0b5cd556f4e4a891b0eb6e38ecae6e9f1fd8643bce96f5fd48d3da96287a0c835e8a986592ba340abc7a8a6a97ae4bb5605a97609694e51fea2768aecb31f3c8d3b0d0faf88074ad9c9c6ed2b8414112e55b2f9658625bf77d3cb565afc23f12a29aec8ac02ba7eac68b693bffac4aa4468511d321afe9cf8875129f2c719506d191957de6884b948ffc20d94129baa80cd543635611c84de472bc0df3d2369c9b2a8eaf69fdd6263c13c158af28720215281341c8f754ae96e4ca0f2ac91bc05bc54cebe74eb185434a40101bd5971d7922be5417e14939dd54210f184bc2c76805beaced85fbfd35214dbcd41f295a3b190932ee8e68a083dbb51eb3c356e20fa7e4e99fe90d5e795ad79e9f21838143dad58975e8d25b571ee6713b2abe504a9dab8a2e9f92c45aea2b5cf32f6b59d20ce16b107972a7d7ae26908cc9bfddb9eb1f082bb2e4e3ca9f594c3db4982d1acdba46107d7d96d0edf5562e213d83de4d1a4382b901db44200a580a6a535c6072a37ef7bdbe654c24b643b2b00c8cd1a27d1653a5b8a51097d04f98a2a41c0816cb98b407a2e12f2f09ec31cb7a834d31b1df5332bab0a4ae0e74fb36e39e6e0111185605d3b9bbc7654a8a45a2f28059bf1fda0be39205af064e74c9dfbb61f3d65e02c4925f8fffc7d24a638ae70dc40600921266d06e33c469388274dc89882dd3b0d66196bc0de70a67e592218fdec976f3ecd49c2338077fefe469e26cd4077a62d75d18f4ce8ed47d0fce3222b4c29efab212ec4545686fa067ceab4cb94cfc6016f5352cb641263cca3617db2603af5d93da244910cf2c01a304a16f236c66615af8bbf637a85ce675f3a389f023ae2bb80e2e813f26e2059dc15d5c4389e8d978b74aaf1fb733d217edb1e7f9d836382cc87be0d78e4df1fd656ce6690314aa39c5a3cd78459b808b6a78ccd910c41829b43f7e9d02c22d73de60df7cc70942ae2938ed5a13be363b4985385b8bd143fef09944240365f6d4e9e877922de1cfc3db6b08174f32bf0acfb14df670bde74d59215bb0d809fb050c96bd51275c125a5f4b422a40b83c6e1e1006183896d086fd9eaa7d669632d9e8a84aa31f916e489a6b80ee4731480aa4c4a8b9c0efc9135ca06234deaaaa142c4755e008d97f44ecf040675581bb632e36b10b653a825b142b567a72154566257231e458f13dc6335dfffe2e82f057861448540d0b506eb97216ced6487e6af6367e5f799996fd13664c68b1610cc3ed0bfb08cdb8886b3c1134da7caa623e70c0bec864e9b0abd4a02906681a17b1db1f5805712fc68f1c904226c4824f18b88545871f204296bf852c74f431e36bf6bdaef9bf4ac2438a6e58f7b31e288a98aaf8dcd9838f01633dbdfb67b5160260bb8bf5a881878769eb02d866e7d46426d8c7198e25c48a2f8951659c09d4768859c76e307a8fcd0b04f9519e3cef1f0c8d1117308e9ca43fb8650fc7f0dcd5cb69020ac2f99d51da9f1a863dbbfa27c606b87f18c2b45b73eca02a07290e34fc390c5be19bece6145a2305d18d033040b8bedfde1511e3f2d0393e84d9fbd887b550fa5b4bdd11625795067e1d675a3af3e94fcf6fe3ad87ad40a5a253574c9c19eb40fd744ba9ea59abb4d751c8db6f3ac447042dce7ea169c77500b87599564be6c177c27c8acf1db0f83369be1c524b43c46cd289bf4b13c7ea83abf843bb427569354bd850c541c45356f9cea4c8520038e298c27a8e398d0f2b8535163c7fa3d11312af577c44144c4858b37c6f47248e0a53ba4c2a36644874e6723fdcf3b1d7dda74e78c9ae265427ca7db3d767d58f787229b905f85e0c0fd57738a445e99de9748c8c3d84dc6875bec5c6be43fb30eb91bd79bce3b66ab9fdc5cad914fd283cff100d7ccf9c7933032e1acbba8a33b8f4f64b31578564bd0dfb224046d1f776af9c0e819c4d9fd4b7b3e480d2586f8cc993787de345dd38c6280c1fe3aca93e9883404eeae21f4f4d688394f1faf41a7db838992bc1003693b5f711214529828689e2a9f8e3398b461e9b0b87303fb2b588afe8ce1cde7b24c044309a9f51d0bd41423261e19d320115ef7a39a1ef02cb49ecb711a975b463bdbbb0c45acef06a04fe8bc21409b98dc4a5d6fa4807bac3bd84f8a54b7c6660098f9cc74d96bed1e2d7dc6c5c28cbc4ff2bc4217ad1f81f3e0efef6221b850b367370866194d93bb6b3275df0112b385f10e39c22c3207876f0c9fb7f431e8bc026824939a4b172192765bfbb1c518d61eca2a02d8c4d00894096ce3439830879b6739328bbae48c1024f2aa823a0ad2c07b0525e02861253dcc6e7ac1590b18d7f4d83dc1b692a1b6e179869829933eeef12d762c46cf2f3f62def14e9485e8264bda04ddb8f0663cd93bd30928d39c4f5b0d000243f93697cb3e2366713871fa6505b818b8a90c6eb067dd59afce27efa3719e96ec0b46bc9ef720784f1894eb208657a9f634e75334662c681c77d3e2df6740b5efcbfe8a667533815c22e261af1bdbbc0ca364e8da2a89e7fe6257c5bdadf8bba6947902deaa457e0d3c407ba6e398baf1cd1700350c24a791453b0ffc671be432d9cb544ecb46d1b97604e9c8f866d35d5d0d0f235dd47c89cd1072f6da7d843f76cbe445dc9072f03c4cd3edf54780b339c7953eebd235c0400bb511e4822a12dd801c6fbae37b8f818e6d14d99ef4776139e9160a35021d356774bc348b3c8ad27a3d751ce02237f5efdc70310ff9ec47c0070c6ca6848ec76784d1e48d406cf865195241821eea0885c043c81c776d4dba1eb1901820b1fc66ba079a9cb0e541e0844ce4b5b0e6124ee9ddde4c3280743f4b9b3d29257d1590de3a3025a941c1c860e5e0762fc157d744f4e3c9e8de586a2929e4a8dc45be0c931a121fc6e7552e6365bbe8719a3a669acf679305c77ab8ac38fcb4289e2e9b382f410298d7b66bd2715f938fedcd10f60c3213fafae319a400700be26a95b062596d88e28f99355c898805aae28a560a4f7bb3d9614d9439bb0b9f1d2f402ef91605925702b71aa774a11d8a8673b742cd77fddfcdce38b2824ebc063f05828c96e6f5c10c0ec03678de0e76ead947cf994fcec643ac64e08970deb53b0e14aa068319c4d9f4ebd963ffa04eb50662debe04703834e9088a1c0cd3cc19bcd900d579b834e8928b868d2c51612bcac46b82355c43538708d20dc38cef441501401743fa92f1bfa3a21a8c7bbdab553bdca84f1dee99a80e919cb8e9af036d97324204f60dd214e025675d4b2a04b7b871a8d23ac87ff3c3dedb4315984fb22a1a1c6e0e8f110e3747a35964f3313319bbce86eaf8cdbf099048adb7b007b1afe05d5cf803b6f97d702933f158055d076f7e25298585f4720f77036ff40d3a4013a838275a7dea5072e3f089ac596fbbd5dcbeb0942419b75fa3a948bedfc173b3a9d96c30a98912878dd910758c33ff4b850dca432e190df3945d5a98340b5c3eaa06d40e4d1f90aabd19e3dee177e1f2af4e03cd0e918a2ac54625708ec0cb84b3402e8305b4f578350f78535d9819edda647e3f96127ba190c23e7ea6834f70901d61e725cdc47deeede5b4d533e18171174de6dac1b6b00ec110fa8512da1dc1259f7ae70ec150d32ed7d3a7993deafa6e8c635b9c23a1b57f7e0d167b61b00c3583101a508800b390f3fbba9eabf7e858908ef35059c274cc7ed218c20143fbf4203cca862fff80bedd8917ef06a4d41745d65c11229764d200371611f021719dfc10dab457d7cb6f850a3e73d51f7b4b4dfed52686897fa81927caf4a7eb26ef47885a8ffc38af4739367be0b78fe5bdc46713c33d22f799bb7b1b4ca648b90de049dc5365878b9a083d129a059baa5de0354be1595bb65c37131f1071080841a516842938fecbd2d0abe4460388fca11fec514e7777b6f115b758d024a0d4d0357a3e6658f47f9f391957ee52e8c05ee3b5938abe5dfebda320c2f9edf8048aec27dbb69b1aafbf0fc600e7e18812416dd453ff88dd5da6eaf18080aa0354b29364f5e712b0de16e0a9d7dad6e3e56888d6a7133285c430704810bbdec34be2eb923ea702745ef08a2a2754aeb98309d2c9d4d917ccb87a6dd0f6bf1158b9da2527eb4c3689e4b"], 0x48}}, 0x0)
sendmmsg$alg(r6, &(0x7f00000000c0), 0x492492492492627, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendto$inet(r8, &(0x7f00000000c0)="f72bacc3ca1aaadf08e239411cbcf4b2ef918084f500db36e2ef38b56d756f041132ccc67bec238c21e52da753", 0x2d, 0x0, &(0x7f00000004c0)={0x2, 0x4e20, @multicast1}, 0x10)
readv(r7, &(0x7f0000000500)=[{&(0x7f0000002100)=""/4076, 0x2d}], 0x57)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r3, &(0x7f00000001c0)="cc9c675d96ba080613a6df0daf8aa37ec58cfaeb3e69a8d8fbf7402e3a7cbee3968591b66b09cbb996e758861d60c2f9278ce435860b2cd1355f5a2279d8b26c923cd646bf", &(0x7f0000000280)=""/116}, 0x20)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0xa, 0x84}}}, 0x28}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
getpeername$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @broadcast}}, &(0x7f0000000100)=0xfffffffffffffead)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x9, 0xffff, 0x0, 0x6, 0x55, 0xb66e, 0x7c}, 0x9c)

2m25.886822397s ago: executing program 1 (id=2241):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x21, &(0x7f0000000180)=""/34, &(0x7f0000000200)=0x22)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$inet(0x2, 0x5, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
pselect6(0x40, &(0x7f0000000100)={0x8, 0x6c1bd504, 0xf, 0x4, 0x1, 0x0, 0x3, 0x1}, 0x0, 0x0, &(0x7f00000003c0), 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x54, 0x10, 0xf11, 0x0, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x54}}, 0x0)

2m25.443723252s ago: executing program 1 (id=2242):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r0, 0x0, 0xb9b}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r1, 0x0, 0xb9b}, 0x18)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x0, 0x40}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)

2m21.509635189s ago: executing program 33 (id=2148):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000240)=@ipv6_getroute={0x2c, 0x1a, 0x1, 0x70bd29, 0x25dfdbff, {0xa, 0x80, 0x14, 0x8, 0xfe, 0x2, 0x3, 0x2, 0x100}, [@RTA_MARK={0x8, 0x10, 0xfffffffd}, @RTA_OIF={0x8}]}, 0x2c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000400)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r5, @ANYBLOB="0a0006000802110000000000380050800800030005ac0f0011000100cabee339084eeef109002471f40000000800070000000000050002"], 0x60}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r8, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000940)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000900)={&(0x7f0000000280)={0x648, r3, 0x8, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x0, 0x35}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x161c}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16e9}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xfb}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xa010}], @NL80211_ATTR_FRAME={0x5e2, 0x33, @probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x6}, @device_a, @device_b, @initial, {0x9, 0x7}, @value=@ver_80211n={0x0, 0x7ff7, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1}}, 0x5, @default, 0x0, @val={0x0, 0xfffffffffffffffb, @random="c4"}, @val={0x1, 0x7, [{0x5}, {0x1}, {0x9}, {0xc392344a9780c25e, 0x1}, {0x24}, {0x4, 0x1}, {0x9b1cb986865a9467, 0x1}]}, @void, @void, @void, @void, @val={0x72, 0x6}, @void, [{0xdd, 0xc0, "1b3caacbf52e5e738a40ddd9f713ceee2e7b66d56006d835e573263192035d61fbaaedca3348b0c1e363871f2c6f79aff03e9b0365ecd3aa59478d01d6c6cfc3a261aacf8c657051430e280c30cf01393aa879f3df9b3a34555ce2f0ca67241776db68a167af55341b1b14fafd7bf2d460fce5367502fcc8c2d865dec205083d8dd19ffd9b4e574dad48ba28071550287afcd935ac933a084519b16ea9e1e9dec9ad7f380481b93173d67602af4be2fde221db919fd91c03a6d6c5e3a321000c"}, {0xdd, 0xec, "a401a174d76cbe6a9b235f5195e1f32445abfff987e1451f9b7441f80c740098d02c3652f89ee3fbb4fe4df7883e66af4f5e30426007404a453baa15e8d121b2f52d3041f18fbc20246c97cfc08e27a92cd65020e20ce38b2a3b24ca3fceafb6f044c1a90c45d8bcce9037561da6fc2935074c3fc09aafc06f4d9bde4083b4656673f863076316b2b89477596e91257c5b168cc6caa51e47688c3238895b9472fc576270586be50fc760e796c6c50bc7abb90e35eaf66186872fd95395a43ca43bdd21c27ed329ba4df9ba35ab21d8c38d13665e64639658984c3faa786128743a72e60aeb59db0e7e8fb8c3"}, {0xdd, 0x7e, "95b5685f358c15844a98a016bcf172cfd48a8bff0f65ff54e2b806480dcef50ac6e37620e0d08a527789156b91fcd6d46da63695c48e32aee229b8ca9bcd65d53f9b5a70ecc13a97b07c46b5b3a8ec3b96af6f22d11fd09f268126d2236318199ce3c28107615e4616bc27e43af3e5a0d0f4a76850572c81bd9e78cc9715"}, {0xdd, 0xa6, "ce6594d9671d29caf209adbd2e061aa691c3d03d025c4c6d82dbdc71b2f21f4e14eca6e25390718f02d1fccc75aa3cf1718a75ff510b82f83f7b5a216705c26ad3022f9756cc9116a2cabd489170b3d5faf36acf184d7e81b3f6a88843d4403f0a28b1cc1cc5612a9114c87ed70dcca850f384b7a1728ba288674d79e421da1b53d5ac1b5f483bcbd9e5b3cf39ebb4e7fc65be9451a8297e471492eb1ced5705498d87c8d23d"}, {0xdd, 0x44, "bd0e869aa094076131ce6d8e19447b7f9e66930bf8b0091a3a709e0aa7e41c8b0aa1a8657ae50e431c13a15f97b0995fc728b395c9c8cc36898c2677f69582caa327deea"}, {0xdd, 0xe0, "9d843658731fc9e2391b78791be70ae57cf3a1ef319d4b1d32e070d90c158b9d7b05b78d774b18ddc8400135fc95b66a04c105304542a691a92df1c442d4a5147c442e987110b095fb99a0bd5a9d5469c7c1aa570c3596ad3364469aef16bbb3af94ab3cdd2e8960a6d921dbef8e9ae8dd47332a69c70eedce4fd5e90bf839a6b3028cb82f327819bf096d3710fd8928bedcb94f5cc0baf32ebba0d6d57993d673b64605864458022bc17b799444b35fa10a9aa88bb32eb1ae2067288f599293e36b4f059bfbf8b22b5ff3baa77364211bc88f32d12471ddc7be49dff5346deb"}, {0xdd, 0xa5, "5cf7e6b562ac44ceb2f4ab109b77a352a0b7e3e2493a76841a25659e53573599f225cbd94e8912b0f5d3f4c08234be6507e2c69753f7a4ac7550ef54b11c12b82f21df7f74d5fd7c3d3ee25426f7ebf179c70ffb94247ef3a922372c65d927932501e46928b87b5154dd5c7088d7fd4c8ff6b7266cbde0d394a2fb6d48102f1102838ef2352600fb5b8dbc658918446d135907f87b6a54964fe10a342bacad853587b53590"}, {0xdd, 0x5e, "87dc2b474e9259e4df49a0c17aeabcd6e3e24deefbb234db0b5adfb8fa6f89dc07db98e366d9a34e9cd1185bfacde9090dea481aae530cd9b2f60934e1a756a9abfccf989cbb95376ccbfd268ac6f4decbc7741bb4149f7f31a55cc6fa44"}, {0xdd, 0x19, "01d050c1c1291ca4a533b18e486014089ea9930d003537a448"}, {0xdd, 0x7e, "5ecd61a0077d6be8e0dffd6b2f8afe7d0b97994b9668fb21b4022cf320274116f25e38b86e00f96feb8db1c3d605fc0b7f77a6e1b724f198430b8c501178a85b5c4d318973ea0462ef664d0a1b966733ccdf5a3b4d7c1b0e0d0d55c0afbf995f883659ee7bace1ea3cb11f439fceab251696d90870185ae08fd0d1e55f71"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x6, 0x67c7, 0x53]}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xe7b}]}, 0x648}, 0x1, 0x0, 0x0, 0x90}, 0x800)
pipe(&(0x7f0000000980)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, r10}, 0x94)
ioctl$SIOCPNENABLEPIPE(r10, 0x89ed, 0x0)
r11 = syz_genetlink_get_family_id$SEG6(&(0x7f00000009c0), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r12, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)={0x14, 0x25, 0x1, 0x70bd2c, 0x25dfdbfb, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x10)
sendmsg$SEG6_CMD_SET_TUNSRC(r9, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x12200}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x7c, r11, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_SECRET={0x8, 0x4, [0x423dddcc]}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x8}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_DST={0x14, 0x1, @private2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x7}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x60000}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x7c}}, 0xc004)

2m10.42677006s ago: executing program 34 (id=2242):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r0, 0x0, 0xb9b}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r1, 0x0, 0xb9b}, 0x18)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x0, 0x40}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94)

3.793685062s ago: executing program 0 (id=3482):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000500)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2, 0x30}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000080)='O', 0x28}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

3.564906514s ago: executing program 3 (id=3483):
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f000c00100006000d0085a168d0bf46d32345653600648d0a00120002000a0000005ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a", 0x65, 0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10) (async)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) (async)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0x6a, 0xdb, &(0x7f00000005c0)="9248397243668473b5a9e02df1f5dc9e9828febbedda27141e605aa0190a1f6fc2ba520f434df957a450242ca2947c4f60ba2a2f3d79aa047b70c6c3528d8b535394270a789fdf383c4726606a74fe07dc87be21622f0cdf6742f8e9eaac405b6daa74b2721508be71d7", &(0x7f0000000640)=""/219, 0x0, 0x0, 0x8f, 0x96, &(0x7f0000000740)="3e9251ba000f98c363dbbc45f014e4548f54dd2fe9bd97e0080681d535a05a9899bbc7a19c18e9a8581bda9572e09f4b0146a778075939ce2bd868fa72e674455be803c1913527b64c30693ec120a841de5473793db4f0d17c8883139a41acda52fe9e37634de6bd7e91fcea2129301d7077415453fa4bccde2e3c5fbb9c4b15e072212e7b66e766e0e85a33498732", &(0x7f0000000800)="b392037e223ed4cb0ecf10ad9057ff17883fe1f4ce5263ecd86022f91fa0d9052621983c58d5c772bf11b12981afe61b73076962cc5bc429c7834827cc737ed9a0c095c8b593eb93159f25bdda492f7df03ae27a9b0645950acc17f26e5f915d0878a880ff821fede56d03d552be134af439f0966fcdc8b82afbe280b172739b521c9b3e701452b77a735af5986721613cf64ab8aad3", 0x4, 0x0, 0x100}, 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r2, 0x0, 0x4}, 0x18) (async)
r3 = socket$alg(0x26, 0x5, 0x0) (async)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x319) (async)
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400}) (async)
r5 = socket$inet(0x2, 0x2, 0x0)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) (async)
writev(r7, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) (async)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r8, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) (async)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_buf(r9, 0x6, 0xd, &(0x7f00000008c0)='.', 0x1) (async)
listen(r9, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000040)={'vxcan0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57) (async)
setsockopt$inet_mreqsrc(r5, 0x0, 0x27, &(0x7f0000000440)={@multicast2, @loopback, @private=0xa010100}, 0xc) (async)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)

3.512360055s ago: executing program 0 (id=3484):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, 0x0}, 0x9c1}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/208, 0xd0}, {&(0x7f0000004200)=""/4080, 0xff0}], 0x2}, 0xffffffff}], 0x3, 0x2102, 0x0)

3.191861829s ago: executing program 6 (id=3486):
socket(0x10, 0x3, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000200)=0x2, 0x43)
shutdown(r0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'wlan1\x00', @random="0100c3201000"})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000280)={'syztnl1\x00', &(0x7f00000005c0)={'gretap0\x00', 0x0, 0x8, 0x700, 0x8001, 0x5, {{0x36, 0x4, 0x0, 0x3a, 0xd8, 0x64, 0x0, 0x3, 0x2, 0x0, @multicast1, @broadcast, {[@timestamp_addr={0x44, 0x4c, 0x75, 0x1, 0x7, [{@empty, 0xe}, {@private=0xa010100, 0x1ff}, {@broadcast, 0x5b}, {@private=0xa010101, 0x5}, {@multicast1, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty, 0xfffffffe}, {@multicast1, 0xa00}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6}]}, @end, @rr={0x7, 0x13, 0xe4, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @local]}, @generic={0x82, 0x3, 'v'}, @timestamp_addr={0x44, 0x3c, 0x8b, 0x1, 0xc, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}, {@multicast1, 0x4}, {@rand_addr=0x64010102, 0x6}, {@dev={0xac, 0x14, 0x14, 0x31}, 0x2}, {@dev={0xac, 0x14, 0x14, 0x1f}, 0x3}, {@multicast2, 0x5}, {@loopback, 0x149fea77}]}, @ssrr={0x89, 0x1f, 0x5b, [@private=0xa010102, @multicast1, @remote, @multicast2, @remote, @empty, @dev={0xac, 0x14, 0x14, 0x1d}]}, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000000)={0x5, 0x4, 0x9, 0x59, 0x1})
r5 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r5, 0x20, &(0x7f0000000100)={0x0, 0x0, <r6=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001840)=r6, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYRES32, @ANYRES16=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
ppoll(&(0x7f0000000080)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.151688113s ago: executing program 0 (id=3487):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000280)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x42}}, 0x80, 0x0}, 0x4000080)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$IPVS_CMD_FLUSH(r2, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x30, r3, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7fff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x82}, 0x20004002)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = accept$alg(r0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000680), 0x4)
recvmmsg(r4, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)=""/98, 0x62}, {0x0}], 0x2}, 0x7fffffff}], 0x2, 0xe92a05421bb0ac92, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x200}}, &(0x7f0000000200)='syzkaller\x00', 0x3, 0xe, &(0x7f0000000240)=""/14, 0x41000, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0x2, 0xf30, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000440)={0x1, <r6=>0xffffffffffffffff}, 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000004c0)={<r7=>r4, 0xf93, 0xfffffffffffffffb, 0x7ff})
connect$phonet_pipe(r7, &(0x7f0000000500)={0x23, 0x1, 0x4, 0x9}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000480)={r5, r6}, 0xc)

3.080603348s ago: executing program 3 (id=3488):
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$alg(0x26, 0x5, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, 0x140e, 0x1, 0x60bd29, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40002)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, 0x0, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_int(r1, 0x29, 0xcf, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
pwritev(r2, 0x0, 0x0, 0xfff, 0x3)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$kcm(0x29, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.799291899s ago: executing program 3 (id=3491):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a5e5ffffffff"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

2.636135631s ago: executing program 0 (id=3492):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
unshare(0x62040200)
write$tun(0xffffffffffffffff, 0x0, 0x3e) (async)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r1, 0x5452, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) (async)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000240)={@ipv4={'\x00', '\xff\xff', @multicast2}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x9, 0xefff, 0x2, 0x100, 0x2000040, 0x85000040}) (async)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0xf) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) (async)
setsockopt(r3, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)

2.620320275s ago: executing program 3 (id=3493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0500000001000000400000004000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000ca16771e66c43b6de6279d8e"], 0x48)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xfffffffffffffe3f}}}]}, 0x3c}}, 0x4000010)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)="cacafd486242d211", &(0x7f0000000180), 0x1003, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r0, &(0x7f0000000140), &(0x7f0000000080)=""/113}, 0x20)

2.603028656s ago: executing program 2 (id=3494):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c00001f1b0a05000001000000000000010000000900010073797a30000000000c0002"], 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

2.400516767s ago: executing program 2 (id=3496):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000002000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000009400000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.185683186s ago: executing program 6 (id=3498):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r3, 0x110, 0x3)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000040)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x2000, 0xfc, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0x8000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x10, 0x0, @void}}}}}}}}, 0x32)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmmsg(0xffffffffffffffff, &(0x7f0000007dc0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000100)="3f5c5495f8a1d92fd70cc0ce268a5a3f9624475b567711e3a51610aafb624481a54f14a2abc4dc4ebe3a5e4bee988cd37a63091103dcda6185765d116cf9ae3b50a7be37352b8dd6ea88", 0x4a}], 0x1}}], 0x1, 0x8000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r7 = openat$cgroup_devices(r6, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r7, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a340977770a"], 0xa)
sendmsg$can_bcm(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x288, 0xfb, {0x0, 0x2710}, {}, {0x2}, 0x1, @canfd={{0x3, 0x0, 0x1, 0x1}, 0x1a, 0x2, 0x0, 0x0, "2eee8b8c7bc696ac7e69e7aa47c6d0d68fadb35c442b21f901b7250ae4b1fd3e4c2d276bd430e75b98da64de986548c577b6751c49f7c133cde0576f1dd8a261"}}, 0x80}, 0x1, 0x0, 0x0, 0x4000084}, 0x40000)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="3ffb99b81d3a0378f44122"], 0x14}}, 0x0)

2.132166144s ago: executing program 3 (id=3499):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="6110000000006c1000000000", @ANYRES32, @ANYBLOB="000000000000000095"], 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000008000000711238"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

2.131621132s ago: executing program 2 (id=3500):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000400)=0xc)
sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000380)={0x24, 0x2d, 0x1, 0x0, 0x0, "", [@typed={0x8, 0xc, 0x0, 0x0, @uid=r2}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}]}, 0x24}], 0x1, 0x0, 0x0, 0x2000000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1d, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005100000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000c100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

1.762918422s ago: executing program 3 (id=3502):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2}]}]}], {0x14, 0x10}}, 0xc0}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000b80)={{0xeb9f, 0x1, 0x0, 0xfc5f, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0xfc5f}, 0x20)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, 0x0}, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$int_in(r5, 0x5421, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCDELRT(r8, 0x890c, &(0x7f0000000640)={@remote, @private0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40000, 0x40, 0x5, 0x100, 0x6, 0x4005a})
sendmsg$IPVS_CMD_NEW_DAEMON(r7, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x90, r3, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x38, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xa0cf05e}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@loopback}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}]}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e23}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x400c900}, 0x2000c0d5)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000020605000000000000000000000000000c00078008000640001000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYRESDEC, @ANYRES8=r6, @ANYRESOCT=0x0, @ANYRES64=r9, @ANYRES32, @ANYRES32=r1], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000840)=@bpf_ext={0x1c, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x3d0d, 0xffffffffffffffff, 0x3, 0x0, &(0x7f00000007c0)=[{0x1, 0x4, 0xa, 0x9}, {0x0, 0x2, 0x4, 0x9}, {0x1, 0x4, 0x5, 0xe}], 0x10, 0x8}, 0x94)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa}, 0x1c)
sendmsg$IPSET_CMD_ADD(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000090601020000000000000000000000000900020073797a31000000000500010007000000180007800c00018008000140fffffffe0500030008"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

1.499279285s ago: executing program 2 (id=3504):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000a00), r0)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000a80)={0xf0, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0xb0, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x4}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "33dea04a445e2c45d6c91f194aa4d46a22e9fe23a251dfb84658c0bc6cb0f88e"}, @NL802154_KEY_ATTR_ID={0x40, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x81}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xa4}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}, @NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "3050c9e0d932ec14b09fa1cacc26655ccc81fcf6af7afbda02a99dbd29dc9699"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0xf0}, 0x1, 0x0, 0x0, 0x20000840}, 0x40)

1.294884689s ago: executing program 6 (id=3506):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000180))
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)

1.241203047s ago: executing program 7 (id=3507):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000500)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2, 0x30}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000080)='O', 0x504}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

1.204580316s ago: executing program 2 (id=3508):
socket(0x10, 0x3, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000200)=0x2, 0x43)
shutdown(r0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'wlan1\x00', @random="0100c3201000"})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000280)={'syztnl1\x00', &(0x7f00000005c0)={'gretap0\x00', 0x0, 0x8, 0x700, 0x8001, 0x5, {{0x36, 0x4, 0x0, 0x3a, 0xd8, 0x64, 0x0, 0x3, 0x2, 0x0, @multicast1, @broadcast, {[@timestamp_addr={0x44, 0x4c, 0x75, 0x1, 0x7, [{@empty, 0xe}, {@private=0xa010100, 0x1ff}, {@broadcast, 0x5b}, {@private=0xa010101, 0x5}, {@multicast1, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty, 0xfffffffe}, {@multicast1, 0xa00}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6}]}, @end, @rr={0x7, 0x13, 0xe4, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @local]}, @generic={0x82, 0x3, 'v'}, @timestamp_addr={0x44, 0x3c, 0x8b, 0x1, 0xc, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}, {@multicast1, 0x4}, {@rand_addr=0x64010102, 0x6}, {@dev={0xac, 0x14, 0x14, 0x31}, 0x2}, {@dev={0xac, 0x14, 0x14, 0x1f}, 0x3}, {@multicast2, 0x5}, {@loopback, 0x149fea77}]}, @ssrr={0x89, 0x1f, 0x5b, [@private=0xa010102, @multicast1, @remote, @multicast2, @remote, @empty, @dev={0xac, 0x14, 0x14, 0x1d}]}, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000000)={0x5, 0x4, 0x9, 0x59, 0x1})
r5 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r5, 0x20, &(0x7f0000000100)={0x0, 0x0, <r6=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001840)=r6, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYRES32, @ANYRES16=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
ppoll(&(0x7f0000000080)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.048067223s ago: executing program 6 (id=3509):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)='GPL\x00', 0x6, 0xf, &(0x7f0000000500)=""/15, 0x41100, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe30}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0), 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x10, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffbff966, 0x0, 0x0, 0x0, 0xfffffffd}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000540)="64b61d9b104c99176403699c7d94", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0xfffffffffffffffc, 0x4000080)

1.01341732s ago: executing program 0 (id=3510):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0203f30216000000000000000000000002001b0008000000e9000000000000000300060000000000020000000000000000000000000000000200010000000000000003fcff000020030005000000000002000000ac1414aa00000000000000000a00080008"], 0xb0}, 0x1, 0x7, 0x34000}, 0x0)

982.78457ms ago: executing program 7 (id=3511):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)=ANY=[@ANYBLOB="ec000000210001002dbd7000fedbdf25fe880000000000000000000000000101ac1414bb0000000000000000000000004e240002000700010a0080a000ff8400", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="af6b6e00010000009c0011001901010000000000000000000000000020010000000000000000000000000001ac14143e0000000000c8b10000000000ac1414bb00fb0000000000000000000032000001073500000a00020000000000000000000000020000000000ac1e01010000000000000000000000000a010102000000000000000000000000fe80000000000000000000000000002f33"], 0xec}}, 0x20000000)
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0x4000000000000002, 0x0, 0x0)
listen(r2, 0x1000)
openat$tun(0xffffffffffffff9c, 0x0, 0x144180, 0x0)
setsockopt$RDS_FREE_MR(0xffffffffffffffff, 0x114, 0x3, 0x0, 0x0)

758.928038ms ago: executing program 6 (id=3512):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="6110000000006c1000000000", @ANYRES32, @ANYBLOB="000000000000000095"], 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000018000000711238"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

716.314977ms ago: executing program 7 (id=3513):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
ioctl$IMSETDEVNAME(r1, 0x80184947, &(0x7f00000000c0)={0x0, 'syz1\x00'})
sendmmsg(r0, &(0x7f0000000500)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2, 0x30}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000080)='O', 0x1}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

662.069256ms ago: executing program 0 (id=3514):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000002ec0), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000002f00)=0x2)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000003440)=0xbf)
close(0x3)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socket(0x2b, 0x1, 0x7)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00'}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r4}, &(0x7f00000002c0), &(0x7f0000000300)=r4}, 0x20)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="1e031c00008c71ef288563"], 0x32d1)

543.927538ms ago: executing program 6 (id=3515):
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r6=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x0, r6}, 0x10)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8954, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz0\x00', 0x200002, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="050000000400000004000000040000000000000000e9be089736d5c21351ee902c4eb9f7de3d9e2c5cb7cac2988e82dfbea03b1532f09b9efd34b474d84e9a1120fd9b39f7ccb0ab18d1e7dc0dc27ca8155fdb2429a1fc0c02f11bbf374658d1a7b8e407b069ef2d67aa225a86829ae28ea552b8990a7ff501a768bd28ba726aab6cd64ce6", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESHEX=r8, @ANYRES8=r9], 0x50)
r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="200000002d0001000000ea001000000004000080050011802efff2"], 0x20}], 0x1}, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0xd, 0x17, &(0x7f00000004c0)=ANY=[@ANYRES8=r10], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0xe43c4cf3342b4a61, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe9e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0xfffffffffffffd24, &(0x7f0000002680)={&(0x7f0000002740)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0xfff2, 0xfff1}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x1fa7}}]}}]}, 0x48}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, r12, {}, {}, {0x2}}, [@TCA_CHAIN={0x8, 0xb, 0x8}, @filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_VLAN_PRIO={0x5}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

525.924554ms ago: executing program 7 (id=3516):
r0 = socket$inet6(0xa, 0x3, 0x3)
close(0x3)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x4000000)
syz_genetlink_get_family_id$nfc(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x8080)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x56}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xc0}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r3, &(0x7f0000000080)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @null}, 0x1c)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x2, r0}, 0x2)
sendmsg$inet6(r2, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x25}}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000029000000040000002b0000000000000718"], 0x30}, 0x0)
close(0x3)

340.436144ms ago: executing program 7 (id=3517):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c020000190001000000000001000000fe880000000000000000000000000101ac1414bb00000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000006c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000084010500ac1414aa000000000000000000000000000000003300000000000000ffffffff0000000000000000000000000000000000000000000000000000000040000000fe8000000000000000000000000000bb000000003c00000000000000fe80000000000000000000000000000000000000000000000000000000000000000000007f000001000000000000000000000000000000006c0000"], 0x23c}, 0x1, 0x0, 0x0, 0x1}, 0x4000)

188.76241ms ago: executing program 2 (id=3518):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000a00), r0)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000a80)={0xf0, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0xb0, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x4}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "33dea04a445e2c45d6c91f194aa4d46a22e9fe23a251dfb84658c0bc6cb0f88e"}, @NL802154_KEY_ATTR_ID={0x40, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x81}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xa4}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}, @NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "3050c9e0d932ec14b09fa1cacc26655ccc81fcf6af7afbda02a99dbd29dc9699"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0xf0}, 0x1, 0x0, 0x0, 0x20000840}, 0x40)

0s ago: executing program 7 (id=3519):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2c}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa4}]}], {0x14, 0x10}}, 0x6c}}, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x5, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000001300], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000000000000400000000000000000000000000000000000000000000000000000000feffffff0017600000000000000000000000000000000000000000000000000000000000000000000000000002000000354caabe0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000feffffff00000000"]}, 0x108)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x6, 0x6, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440), &(0x7f0000000580), 0x1f93, r6}, 0x38)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x15, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r8}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x54, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x38, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x34, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x1}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x9, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

kernel console output (not intermixed with test programs):

0
[  338.413844][T12951] 8021q: adding VLAN 0 to HW filter on device team0
[  338.494254][ T1857] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.501565][ T1857] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.549836][ T3527] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.557258][ T3527] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.720399][T12951] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  338.990916][T13099] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2308'.
[  339.481722][T12951] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.582399][T13121] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2312'.
[  339.618377][ T5849] Bluetooth: hci6: command tx timeout
[  340.107191][T13135] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2317'.
[  340.252894][T13148] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2320'.
[  340.430131][T12951] veth0_vlan: entered promiscuous mode
[  340.475277][T13150] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  340.487008][T12951] veth1_vlan: entered promiscuous mode
[  340.506584][T13150] syzkaller0: entered promiscuous mode
[  340.512121][T13150] syzkaller0: entered allmulticast mode
[  340.565795][T13150] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2322'.
[  340.621602][T13150] tipc: Resetting bearer <eth:syzkaller0>
[  340.636715][T12951] veth0_macvtap: entered promiscuous mode
[  340.675277][T12951] veth1_macvtap: entered promiscuous mode
[  340.700882][T13150] tipc: Resetting bearer <eth:syzkaller0>
[  340.735937][T13150] tipc: Disabling bearer <eth:syzkaller0>
[  340.820673][T12951] batman_adv: batadv0: Interface activated: batadv_slave_0
[  340.836605][T13162] pimreg: entered allmulticast mode
[  340.850772][T12951] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.875863][T13162] pimreg: left allmulticast mode
[  340.944138][   T65] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.960281][   T65] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.970326][ T3527] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.990716][ T3527] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.162345][T13172] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2329'.
[  341.194015][T13174] No such timeout policy "syz1"
[  341.236230][ T3527] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.275029][ T3527] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.333650][T13176] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2332'.
[  341.429233][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.461020][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.986053][T13192] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2338'.
[  341.997841][T13188] lo speed is unknown, defaulting to 1000
[  342.043776][T13192] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2338'.
[  342.112520][ T5857] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  342.134448][ T5857] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  342.143961][ T5857] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  342.153056][ T5857] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  342.161238][ T5857] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  342.545532][T13209] lo speed is unknown, defaulting to 1000
[  342.576318][T13196] lo speed is unknown, defaulting to 1000
[  342.624324][T13214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2343'.
[  342.680413][T13192] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2338'.
[  342.703494][T13214] veth1_macvtap: left promiscuous mode
[  343.175102][T13192] syz.6.2338 (13192) used greatest stack depth: 16856 bytes left
[  343.365193][T13223] nbd3: detected capacity change from 0 to 63
[  343.375538][T13219] block nbd3: NBD_DISCONNECT
[  343.393122][T13219] block nbd3: Disconnected due to user request.
[  343.425990][T13219] block nbd3: shutting down sockets
[  343.819757][T13196] chnl_net:caif_netlink_parms(): no params data found
[  344.007841][T13249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2352'.
[  344.027018][T13249] netlink: 120 bytes leftover after parsing attributes in process `syz.0.2352'.
[  344.063636][T13249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2352'.
[  344.123435][T13251] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  344.214057][T13251] vlan0: entered promiscuous mode
[  344.221059][T13251] vlan0: entered allmulticast mode
[  344.222583][T13262] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2355'.
[  344.237647][T13251] veth0_vlan: entered allmulticast mode
[  344.240520][T13264] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2354'.
[  344.263598][ T5857] Bluetooth: hci7: command tx timeout
[  344.277728][T13196] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.287506][T13196] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.295860][T13196] bridge_slave_0: entered allmulticast mode
[  344.304501][T13196] bridge_slave_0: entered promiscuous mode
[  344.331718][T13196] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.340424][T13196] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.348070][T13196] bridge_slave_1: entered allmulticast mode
[  344.360107][T13196] bridge_slave_1: entered promiscuous mode
[  344.374618][T13256] tipc: Resetting bearer <eth:syzkaller0>
[  344.470976][T13196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  344.502787][T13196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  344.642231][T13196] team0: Port device team_slave_0 added
[  344.667337][T13196] team0: Port device team_slave_1 added
[  344.789681][T13196] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.812855][T13196] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.841314][T13196] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  344.872184][T13196] batman_adv: batadv0: Adding interface: batadv_slave_1
[  344.897577][T13196] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.925911][T13196] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  344.938130][T13270] lo speed is unknown, defaulting to 1000
[  344.938235][T13275] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.2360'.
[  345.309345][T13285] netlink: 'syz.0.2362': attribute type 7 has an invalid length.
[  345.331572][T13285] netlink: 'syz.0.2362': attribute type 8 has an invalid length.
[  345.462768][T13196] hsr_slave_0: entered promiscuous mode
[  345.484160][T13196] hsr_slave_1: entered promiscuous mode
[  345.492742][T13196] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  345.510836][T13196] Cannot create hsr debugfs directory
[  345.534265][T13285] gretap0: entered promiscuous mode
[  345.551811][T13285] batadv_slave_1: entered promiscuous mode
[  345.561814][T13285] erspan0: entered promiscuous mode
[  345.569461][T13285] hsr1: Slave A (gretap0) is not up; please bring it up to get a fully working HSR network
[  345.580274][T13285] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network
[  345.593105][T13285] hsr1: Interlink (erspan0) is not up; please bring it up to get a fully working HSR network
[  346.138975][T13308] tipc: Started in network mode
[  346.147973][T13308] tipc: Node identity 02bf421e586b, cluster identity 4711
[  346.167872][T13308] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  346.193407][T13310] syzkaller0: entered promiscuous mode
[  346.206375][T13310] syzkaller0: entered allmulticast mode
[  346.335776][ T5857] Bluetooth: hci7: command tx timeout
[  346.344567][T13310] tipc: Resetting bearer <eth:syzkaller0>
[  346.483939][T13307] tipc: Resetting bearer <eth:syzkaller0>
[  346.544591][T13321] netlink: 'syz.0.2372': attribute type 10 has an invalid length.
[  346.566048][T13307] tipc: Disabling bearer <eth:syzkaller0>
[  346.863155][T13196] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  346.890711][T13196] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  346.929364][T13196] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  346.951495][T13328] lo speed is unknown, defaulting to 1000
[  346.959125][T13196] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  347.442325][T13196] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.492401][T13196] 8021q: adding VLAN 0 to HW filter on device team0
[  347.562097][ T3572] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.569586][ T3572] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.619237][ T6181] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.626636][ T6181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  347.761242][T13355] __nla_validate_parse: 7 callbacks suppressed
[  347.761263][T13355] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2381'.
[  347.915528][T13364] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2384'.
[  347.956289][T13363] lo speed is unknown, defaulting to 1000
[  348.068133][T13364] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2384'.
[  348.120357][T13373] netlink: 'syz.0.2384': attribute type 1 has an invalid length.
[  348.128963][T13373] netlink: 112 bytes leftover after parsing attributes in process `syz.0.2384'.
[  348.416442][ T5857] Bluetooth: hci7: command tx timeout
[  348.417470][T13382] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2389'.
[  348.444575][T13373] lo speed is unknown, defaulting to 1000
[  348.695401][T13196] 8021q: adding VLAN 0 to HW filter on device batadv0
[  349.081523][T13393] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2391'.
[  349.125566][T13393] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2391'.
[  349.241355][T13394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2391'.
[  349.295570][T13394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2391'.
[  349.393457][T13394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2391'.
[  349.846121][T13196] veth0_vlan: entered promiscuous mode
[  349.887888][T13196] veth1_vlan: entered promiscuous mode
[  349.978675][T13196] veth0_macvtap: entered promiscuous mode
[  350.011203][T13418] bridge0: entered promiscuous mode
[  350.041474][T13196] veth1_macvtap: entered promiscuous mode
[  350.152396][T13196] batman_adv: batadv0: Interface activated: batadv_slave_0
[  350.193388][T13196] batman_adv: batadv0: Interface activated: batadv_slave_1
[  350.236045][   T36] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  350.248306][   T36] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  350.264170][   T36] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  350.287276][   T36] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  350.483903][ T3466] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.495593][ T5857] Bluetooth: hci7: command tx timeout
[  350.501346][ T3466] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.713694][ T3527] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.745824][ T3527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.014541][T13433] lo speed is unknown, defaulting to 1000
[  351.835750][T13464] IPVS: set_ctl: invalid protocol: 29 224.0.0.2:20003
[  352.954528][T13514] bridge0: entered promiscuous mode
[  353.337937][T13535] __nla_validate_parse: 8 callbacks suppressed
[  353.337957][T13535] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2436'.
[  353.447794][T13535] netlink: 92 bytes leftover after parsing attributes in process `syz.7.2436'.
[  354.156395][   T30] audit: type=1800 audit(1752557087.372:5): pid=13545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2441" name="memory.events" dev="tmpfs" ino=43 res=0 errno=0
[  354.260952][T13554] netlink: 'syz.6.2444': attribute type 2 has an invalid length.
[  354.321697][T13554] netlink: 6396 bytes leftover after parsing attributes in process `syz.6.2444'.
[  354.346075][T13556] netlink: 'syz.3.2445': attribute type 1 has an invalid length.
[  354.382955][T13556] bond2: entered promiscuous mode
[  354.402408][T13556] 8021q: adding VLAN 0 to HW filter on device bond2
[  354.473811][T13558] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2445'.
[  354.538182][T13563] !
: renamed from dummy0 (while UP)
[  354.968301][T13574] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.976305][T13574] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.461947][T13571] lo speed is unknown, defaulting to 1000
[  356.111131][T13611] netlink: 828 bytes leftover after parsing attributes in process `syz.6.2458'.
[  357.276474][T13635] FAULT_INJECTION: forcing a failure.
[  357.276474][T13635] name failslab, interval 1, probability 0, space 0, times 0
[  357.334388][T13635] CPU: 0 UID: 0 PID: 13635 Comm: syz.6.2466 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  357.334422][T13635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  357.334434][T13635] Call Trace:
[  357.334442][T13635]  <TASK>
[  357.334450][T13635]  dump_stack_lvl+0x189/0x250
[  357.334482][T13635]  ? __pfx____ratelimit+0x10/0x10
[  357.334507][T13635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  357.334530][T13635]  ? __pfx__printk+0x10/0x10
[  357.334564][T13635]  ? __pfx___might_resched+0x10/0x10
[  357.334585][T13635]  ? fs_reclaim_acquire+0x7d/0x100
[  357.334614][T13635]  should_fail_ex+0x414/0x560
[  357.334646][T13635]  should_failslab+0xa8/0x100
[  357.334678][T13635]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  357.334700][T13635]  ? __alloc_skb+0x112/0x2d0
[  357.334730][T13635]  __alloc_skb+0x112/0x2d0
[  357.334759][T13635]  netlink_ack+0x146/0xa50
[  357.334780][T13635]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  357.334803][T13635]  ? ref_tracker_free+0x63a/0x7d0
[  357.334829][T13635]  ? __copy_skb_header+0xa7/0x550
[  357.334849][T13635]  ? __pfx_ref_tracker_free+0x10/0x10
[  357.334890][T13635]  netlink_rcv_skb+0x28c/0x470
[  357.334916][T13635]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  357.334944][T13635]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  357.334984][T13635]  ? netlink_deliver_tap+0x2e/0x1b0
[  357.335008][T13635]  ? netlink_deliver_tap+0x2e/0x1b0
[  357.335039][T13635]  netlink_unicast+0x759/0x8e0
[  357.335076][T13635]  netlink_sendmsg+0x805/0xb30
[  357.335112][T13635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  357.335142][T13635]  ? aa_sock_msg_perm+0x94/0x160
[  357.335171][T13635]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  357.335196][T13635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  357.335221][T13635]  __sock_sendmsg+0x219/0x270
[  357.335256][T13635]  ____sys_sendmsg+0x505/0x830
[  357.335292][T13635]  ? __pfx_____sys_sendmsg+0x10/0x10
[  357.335332][T13635]  ? import_iovec+0x74/0xa0
[  357.335358][T13635]  ___sys_sendmsg+0x21f/0x2a0
[  357.335380][T13635]  ? __pfx____sys_sendmsg+0x10/0x10
[  357.335442][T13635]  ? __fget_files+0x2a/0x420
[  357.335465][T13635]  ? __fget_files+0x3a0/0x420
[  357.335500][T13635]  __x64_sys_sendmsg+0x19b/0x260
[  357.335522][T13635]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  357.335552][T13635]  ? __pfx_ksys_write+0x10/0x10
[  357.335571][T13635]  ? rcu_is_watching+0x15/0xb0
[  357.335600][T13635]  ? do_syscall_64+0xbe/0x3b0
[  357.335630][T13635]  do_syscall_64+0xfa/0x3b0
[  357.335653][T13635]  ? lockdep_hardirqs_on+0x9c/0x150
[  357.335677][T13635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.335694][T13635]  ? clear_bhb_loop+0x60/0xb0
[  357.335717][T13635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.335735][T13635] RIP: 0033:0x7f782eb8e929
[  357.335753][T13635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.335769][T13635] RSP: 002b:00007f782f9ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  357.335791][T13635] RAX: ffffffffffffffda RBX: 00007f782edb5fa0 RCX: 00007f782eb8e929
[  357.335805][T13635] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[  357.335817][T13635] RBP: 00007f782f9ae090 R08: 0000000000000000 R09: 0000000000000000
[  357.335829][T13635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  357.335840][T13635] R13: 0000000000000000 R14: 00007f782edb5fa0 R15: 00007ffd8297e568
[  357.335873][T13635]  </TASK>
[  357.819181][T13640] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2465'.
[  359.593235][T13699] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2484'.
[  359.896653][T13705] netlink: 'syz.3.2488': attribute type 21 has an invalid length.
[  359.917968][T13705] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2488'.
[  359.940265][T13705] netlink: 'syz.3.2488': attribute type 4 has an invalid length.
[  359.970600][T13705] netlink: 'syz.3.2488': attribute type 3 has an invalid length.
[  359.990525][T13707] openvswitch: netlink: Message has 20 unknown bytes.
[  360.019518][T13705] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2488'.
[  360.029801][T13707] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  360.320157][T13725] bridge0: left promiscuous mode
[  361.300661][T13760] netlink: 'syz.2.2504': attribute type 2 has an invalid length.
[  361.392382][T13760] netlink: 6396 bytes leftover after parsing attributes in process `syz.2.2504'.
[  361.401449][T13757] lo speed is unknown, defaulting to 1000
[  361.514148][T13765] Can't find ip_set type hash:net,p
[  361.742207][T13768] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.027138][T13768] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.295391][T13768] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.902058][T13768] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.013951][T13808] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2518'.
[  363.087662][T13808] vlan3: entered promiscuous mode
[  363.092971][T13808] ip6gretap0: entered promiscuous mode
[  363.245958][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  363.285269][   T65] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  363.340539][ T3466] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  363.402665][   T65] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  363.450617][T13814] netlink: 'syz.6.2520': attribute type 10 has an invalid length.
[  363.495035][T13814] bridge0: port 3(netdevsim0) entered blocking state
[  363.515155][T13814] bridge0: port 3(netdevsim0) entered disabled state
[  363.522346][T13814] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[  363.551081][T13814] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  363.569573][T13814] bridge0: port 3(netdevsim0) entered blocking state
[  363.576472][T13814] bridge0: port 3(netdevsim0) entered forwarding state
[  363.805820][T13828] netlink: 828 bytes leftover after parsing attributes in process `syz.7.2527'.
[  363.826651][T13830] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2524'.
[  363.920025][   T43] IPVS: starting estimator thread 0...
[  364.039371][T13834] IPVS: using max 26 ests per chain, 62400 per kthread
[  364.082102][T13838] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  364.280320][T13843] netlink: 'syz.3.2533': attribute type 10 has an invalid length.
[  364.310569][T13843] bridge0: port 1(netdevsim0) entered blocking state
[  364.335386][T13843] bridge0: port 1(netdevsim0) entered disabled state
[  364.365549][T13843] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  364.390185][T13843] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  364.433127][T13850] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2536'.
[  364.505572][T13852] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2537'.
[  364.669992][T13860] netlink: 'syz.6.2539': attribute type 2 has an invalid length.
[  364.694277][T13860] netlink: 6396 bytes leftover after parsing attributes in process `syz.6.2539'.
[  364.862091][T13868] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2542'.
[  364.883681][T13868] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2542'.
[  364.935788][T13868] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  365.052161][T13873] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2542'.
[  365.375352][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  365.549563][T13882] netlink: 828 bytes leftover after parsing attributes in process `syz.0.2544'.
[  365.895449][T13890] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  366.097578][ T3572] wlan0: Trigger new scan to find an IBSS to join
[  366.795938][T13927] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2560'.
[  366.830467][T13926] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  366.871804][T13928] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  366.936045][T13926] syzkaller0: entered promiscuous mode
[  366.957975][T13931] xt_hashlimit: size too large, truncated to 1048576
[  366.968745][T13931] xt_hashlimit: max too large, truncated to 1048576
[  366.976642][T13926] syzkaller0: entered allmulticast mode
[  367.130305][T13926] tipc: Resetting bearer <eth:syzkaller0>
[  367.238051][T13926] tipc: Disabling bearer <eth:syzkaller0>
[  367.319724][T13942] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2564'.
[  367.859472][T13967] lo speed is unknown, defaulting to 1000
[  367.873548][T13959] IPVS: Scheduler module ip_vs_sip not found
[  368.227253][T13985] x_tables: duplicate underflow at hook 1
[  369.136390][ T3466] wlan0: Trigger new scan to find an IBSS to join
[  369.412636][T14017] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2591'.
[  369.486353][T14017] netlink: 7 bytes leftover after parsing attributes in process `syz.7.2591'.
[  369.688915][T14039] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2596'.
[  369.737365][T14045] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2601'.
[  370.849485][T14080] lo speed is unknown, defaulting to 1000
[  371.000936][T14083] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2616'.
[  371.268883][T14088] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2619'.
[  371.451254][T14092] netlink: 'syz.3.2620': attribute type 2 has an invalid length.
[  371.502072][T14092] netlink: 6396 bytes leftover after parsing attributes in process `syz.3.2620'.
[  372.095225][   T36] wlan0: Trigger new scan to find an IBSS to join
[  372.681689][T14129] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2632'.
[  372.724017][T14129] geneve2: entered promiscuous mode
[  372.735670][T14129] geneve2: entered allmulticast mode
[  372.763280][T14131] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2632'.
[  372.788562][ T3572] netdevsim netdevsim7 netdevsim0: set [1, 1] type 2 family 0 port 41254 - 0
[  372.813103][ T3572] netdevsim netdevsim7 netdevsim1: set [1, 1] type 2 family 0 port 41254 - 0
[  372.832507][ T3572] netdevsim netdevsim7 netdevsim2: set [1, 1] type 2 family 0 port 41254 - 0
[  372.843869][ T3572] netdevsim netdevsim7 netdevsim3: set [1, 1] type 2 family 0 port 41254 - 0
[  372.890445][T14134] netlink: 'syz.3.2634': attribute type 1 has an invalid length.
[  373.049876][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.164250][T14136] bond3: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  373.281915][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  373.354601][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  373.441965][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  373.580697][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  373.832807][T14137] tipc: Resetting bearer <ib:ip6gre0>
[  373.942649][T14137] bridge0: left promiscuous mode
[  373.967143][T14174] netlink: 'syz.2.2640': attribute type 13 has an invalid length.
[  374.570801][T14137] vlan0: left promiscuous mode
[  374.585394][T14137] vlan0: left allmulticast mode
[  374.592044][T14137] veth0_vlan: left allmulticast mode
[  374.756489][T14137] __nla_validate_parse: 61 callbacks suppressed
[  374.756504][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.779718][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.805145][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.840088][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.869642][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.883374][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.892923][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.904044][T14137] vlan2: left allmulticast mode
[  374.909439][T14137] bridge_slave_0: left allmulticast mode
[  374.936559][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.948970][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  374.975950][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2634'.
[  375.035656][T14137] bond2: left promiscuous mode
[  375.058877][T14134] bond3: (slave ip6gretap2): Releasing backup interface
[  375.175214][ T3466] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  375.205536][ T3466] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  375.240463][ T3466] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  375.273471][ T3466] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  375.301489][ T3466] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  375.315430][ T3466] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  375.363028][ T3466] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  375.385320][ T3466] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  376.007295][T14207] lo speed is unknown, defaulting to 1000
[  376.428466][T14224] smc: net device bond0 applied user defined pnetid SYZ2
[  377.312774][T14224] smc: removing net device bond0 with user defined pnetid SYZ2
[  377.324155][T14224] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.346830][T14224] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  377.362977][T14224] bond0 (unregistering): Released all slaves
[  378.374551][T14277] Bluetooth: hci4: Opcode 0x0401 failed: -4
[  379.090781][T14318] netlink: 'syz.3.2698': attribute type 2 has an invalid length.
[  379.101670][T14316] tap0: tun_chr_ioctl cmd 1074025677
[  379.116463][T14316] tap0: linktype set to 804
[  380.024892][T14350] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  380.041594][T14350] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  380.415001][ T5857] Bluetooth: hci4: command 0x0405 tx timeout
[  380.931059][T14407] netlink: 'syz.7.2724': attribute type 5 has an invalid length.
[  380.933220][T14408] FAULT_INJECTION: forcing a failure.
[  380.933220][T14408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.954401][T14408] CPU: 0 UID: 0 PID: 14408 Comm: syz.3.2723 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  380.954441][T14408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  380.954453][T14408] Call Trace:
[  380.954461][T14408]  <TASK>
[  380.954470][T14408]  dump_stack_lvl+0x189/0x250
[  380.954501][T14408]  ? __pfx____ratelimit+0x10/0x10
[  380.954526][T14408]  ? __pfx_dump_stack_lvl+0x10/0x10
[  380.954549][T14408]  ? __pfx__printk+0x10/0x10
[  380.954575][T14408]  ? __might_fault+0xb0/0x130
[  380.954610][T14408]  should_fail_ex+0x414/0x560
[  380.954642][T14408]  _copy_from_user+0x2d/0xb0
[  380.954670][T14408]  ___sys_sendmsg+0x158/0x2a0
[  380.954692][T14408]  ? __pfx____sys_sendmsg+0x10/0x10
[  380.954752][T14408]  ? __fget_files+0x2a/0x420
[  380.954775][T14408]  ? __fget_files+0x3a0/0x420
[  380.954809][T14408]  __sys_sendmmsg+0x227/0x430
[  380.954834][T14408]  ? __pfx___sys_sendmmsg+0x10/0x10
[  380.954850][T14408]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  380.954906][T14408]  ? ksys_write+0x22a/0x250
[  380.954931][T14408]  ? __pfx_ksys_write+0x10/0x10
[  380.954950][T14408]  ? rcu_is_watching+0x15/0xb0
[  380.954980][T14408]  __x64_sys_sendmmsg+0xa0/0xc0
[  380.955001][T14408]  do_syscall_64+0xfa/0x3b0
[  380.955025][T14408]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.955048][T14408]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.955067][T14408]  ? clear_bhb_loop+0x60/0xb0
[  380.955090][T14408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.955108][T14408] RIP: 0033:0x7f8443f8e929
[  380.955126][T14408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.955143][T14408] RSP: 002b:00007f8444db6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  380.955165][T14408] RAX: ffffffffffffffda RBX: 00007f84441b6080 RCX: 00007f8443f8e929
[  380.955179][T14408] RDX: 0000000000000001 RSI: 0000200000000740 RDI: 0000000000000003
[  380.955191][T14408] RBP: 00007f8444db6090 R08: 0000000000000000 R09: 0000000000000000
[  380.955203][T14408] R10: 0000000004000855 R11: 0000000000000246 R12: 0000000000000001
[  380.955215][T14408] R13: 0000000000000000 R14: 00007f84441b6080 R15: 00007fff75a9a888
[  380.955248][T14408]  </TASK>
[  381.307475][T14378] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  381.370284][T14378] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  381.393253][T14378] bond0 (unregistering): Released all slaves
[  381.421010][T14392] __nla_validate_parse: 25 callbacks suppressed
[  381.421031][T14392] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2717'.
[  381.701710][T14414] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2726'.
[  382.002205][T14434] veth0: entered promiscuous mode
[  382.035961][T14434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2728'.
[  382.065187][T14436] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  382.932865][T14441] lo speed is unknown, defaulting to 1000
[  384.084800][T14500] xt_CT: No such helper "snmp_trap"
[  384.303854][T14516] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2751'.
[  384.503128][T14523] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  384.584192][T14529] syzkaller0: entered promiscuous mode
[  384.613820][T14529] syzkaller0: entered allmulticast mode
[  384.684493][T14523] tipc: Resetting bearer <eth:syzkaller0>
[  384.712486][T14520] tipc: Resetting bearer <eth:syzkaller0>
[  384.766250][T14520] tipc: Disabling bearer <eth:syzkaller0>
[  385.000926][T14542] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2755'.
[  385.271945][T14548] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2758'.
[  385.298789][T14548] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2758'.
[  385.745694][T14563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2766'.
[  385.880079][T14574] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.2766'.
[  386.406360][T14596] netlink: 'syz.7.2773': attribute type 1 has an invalid length.
[  386.823801][T14613] pim6reg: entered allmulticast mode
[  386.910760][T14613] pim6reg: left allmulticast mode
[  387.000595][T14617] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2781'.
[  387.100371][T14632] tipc: Resetting bearer <ib:ip6gre0>
[  387.161678][T14632] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  387.633560][T14654] netlink: 'syz.2.2793': attribute type 1 has an invalid length.
[  387.650092][T14654] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2793'.
[  388.116091][T14674] x_tables: duplicate underflow at hook 1
[  388.118802][T14677] netlink: 100 bytes leftover after parsing attributes in process `syz.7.2800'.
[  388.214568][T14671] lo speed is unknown, defaulting to 1000
[  388.266148][T14677] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2800'.
[  388.329282][T14677] netlink: 'syz.7.2800': attribute type 1 has an invalid length.
[  388.390415][T14691] siw: device registration error -23
[  388.506133][T14683] lo speed is unknown, defaulting to 1000
[  389.063482][T14718] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2812'.
[  389.181136][T14711] bridge5: entered promiscuous mode
[  389.204590][T14722] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2816'.
[  389.226422][T14711] bridge5: entered allmulticast mode
[  389.678630][T14735] netlink: 'syz.3.2820': attribute type 1 has an invalid length.
[  389.782153][T14733] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  390.712703][T14764] netlink: 'syz.3.2831': attribute type 14 has an invalid length.
[  391.008833][T14772] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2833'.
[  391.206102][T14772] netdevsim netdevsim6 netdevsim0: left allmulticast mode
[  391.213972][T14772] netdevsim netdevsim6 netdevsim0: left promiscuous mode
[  391.248520][T14772] bridge0: port 3(netdevsim0) entered disabled state
[  391.313079][ T5907] IPVS: starting estimator thread 0...
[  391.336473][T14772] bridge_slave_1: left allmulticast mode
[  391.350930][T14772] bridge_slave_1: left promiscuous mode
[  391.362986][T14772] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.426153][T14787] IPVS: using max 24 ests per chain, 57600 per kthread
[  391.446360][T14772] bridge_slave_0: left allmulticast mode
[  391.459055][T14772] bridge_slave_0: left promiscuous mode
[  391.475511][T14772] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.478698][T14789] xt_l2tp: unknown flags: 10
[  391.757110][T14795] wg2: entered promiscuous mode
[  391.785868][T14798] netem: change failed
[  391.849264][T14792] lo speed is unknown, defaulting to 1000
[  391.913473][T14784] lo speed is unknown, defaulting to 1000
[  392.201149][T14813] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2847'.
[  392.216624][T14814] netlink: 'syz.6.2845': attribute type 13 has an invalid length.
[  392.231776][T14814] netlink: 'syz.6.2845': attribute type 17 has an invalid length.
[  392.289372][T14813] bond0: invalid ARP target 0.0.0.0 specified for addition
[  392.297123][T14813] bond0: option arp_ip_target: invalid value (0)
[  392.422609][T14814] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  392.527494][T14817] lo speed is unknown, defaulting to 1000
[  392.549090][T14814] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  392.645062][T14818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  392.687647][T14824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2849'.
[  392.712653][T14824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2849'.
[  392.762780][T14830] netlink: 'syz.2.2849': attribute type 1 has an invalid length.
[  392.961370][T14836] lo speed is unknown, defaulting to 1000
[  392.997774][T14837] lo speed is unknown, defaulting to 1000
[  393.047650][T14838] syz.7.2851 (14838) used obsolete PPPIOCDETACH ioctl
[  393.938534][T14878] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  394.039624][T14886] tipc: Can't bind to reserved service type 2
[  394.176744][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  394.458418][T14896] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2871'.
[  394.527731][T14896] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  395.187886][T14905] lo speed is unknown, defaulting to 1000
[  395.577217][T14922] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  395.592146][ T5859] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  395.605032][ T5859] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  395.613684][ T5859] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  395.629226][ T5859] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  395.641010][ T5859] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  395.882856][T14920] lo speed is unknown, defaulting to 1000
[  396.001619][T14930] C: renamed from team_slave_0
[  396.009814][T14930] netlink: 'syz.3.2881': attribute type 1 has an invalid length.
[  396.018054][T14930] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2881'.
[  396.028750][T14930] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  396.323439][T14938] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2884'.
[  396.430809][T14920] chnl_net:caif_netlink_parms(): no params data found
[  396.601324][T14948] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  396.767909][T14957] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2886'.
[  396.806163][T14958] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2887'.
[  397.694793][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  397.707578][ T5859] Bluetooth: hci1: command tx timeout
[  398.161539][T14946] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  398.218631][T14946] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  398.734927][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  399.109035][T14987] lo speed is unknown, defaulting to 1000
[  399.185478][ T6174] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  399.232696][ T6174] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  399.338081][ T6174] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  399.447873][ T3572] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.514366][ T6174] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  399.537850][T14920] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.554946][T14920] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.573492][T14920] bridge_slave_0: entered allmulticast mode
[  399.614107][T15019] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2898'.
[  399.626199][T14920] bridge_slave_0: entered promiscuous mode
[  399.757946][ T3572] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.775164][ T5168] Bluetooth: hci1: command tx timeout
[  399.818759][T14920] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.858418][T14920] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.878617][T14920] bridge_slave_1: entered allmulticast mode
[  399.907974][T14920] bridge_slave_1: entered promiscuous mode
[  400.062816][ T3572] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.568914][ T3572] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.677495][T14920] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  400.728336][T14920] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  401.010200][T14920] team0: Port device team_slave_0 added
[  401.063514][T14920] team0: Port device team_slave_1 added
[  401.294292][T14920] batman_adv: batadv0: Adding interface: batadv_slave_0
[  401.333430][T14920] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.375697][ T5168] Bluetooth: hci4: command 0x0405 tx timeout
[  401.419939][T14920] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  401.527367][T14920] batman_adv: batadv0: Adding interface: batadv_slave_1
[  401.537146][T14920] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.565144][T14920] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  401.856809][ T5849] Bluetooth: hci1: command 0x040f tx timeout
[  401.891922][T14920] hsr_slave_0: entered promiscuous mode
[  401.909847][T14920] hsr_slave_1: entered promiscuous mode
[  401.942013][T14920] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  401.973573][T14920] Cannot create hsr debugfs directory
[  402.304537][T15066] Bluetooth: MGMT ver 1.23
[  402.433278][T15072] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2911'.
[  402.601423][ T3572] erspan0 (unregistering): left promiscuous mode
[  402.653169][ T3572] gretap0 (unregistering): left promiscuous mode
[  403.070013][T15086] netlink: 'syz.2.2922': attribute type 2 has an invalid length.
[  403.082633][T15086] netlink: 6396 bytes leftover after parsing attributes in process `syz.2.2922'.
[  403.141200][ T3572] team0: Port device bond0 removed
[  403.161248][ T3572] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  403.180870][ T3572] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  403.192864][T15078] netlink: 248 bytes leftover after parsing attributes in process `syz.6.2918'.
[  403.204867][ T3572] bond0 (unregistering): Released all slaves
[  403.340759][T15089] Bluetooth: MGMT ver 1.23
[  403.396013][ T3572] bond1 (unregistering): Released all slaves
[  403.603557][ T3572] bond2 (unregistering): Released all slaves
[  403.779364][ T3572] : left promiscuous mode
[  403.884560][T15059] lo speed is unknown, defaulting to 1000
[  403.908373][ T3572] tipc: Left network mode
[  403.937484][ T5849] Bluetooth: hci1: command 0x040f tx timeout
[  404.031713][T15096] netlink: 'syz.2.2924': attribute type 2 has an invalid length.
[  404.048747][T15096] netlink: 6396 bytes leftover after parsing attributes in process `syz.2.2924'.
[  405.070088][ T3572] batadv_slave_1: left promiscuous mode
[  405.173017][ T3572] hsr_slave_0: left promiscuous mode
[  405.186093][ T3572] hsr_slave_1: left promiscuous mode
[  405.196238][ T3572] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  405.218091][ T3572] batman_adv: batadv0: Removing interface: batadv_slave_1
[  405.321516][ T3572] veth0_macvtap: left promiscuous mode
[  405.407891][T15109] netlink: 828 bytes leftover after parsing attributes in process `syz.2.2929'.
[  406.028581][ T5849] Bluetooth: hci1: command 0x040f tx timeout
[  406.158435][T15120] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2933'.
[  406.318814][T15123] netlink: 52 bytes leftover after parsing attributes in process `syz.6.2933'.
[  406.342160][T15123] netlink: 52 bytes leftover after parsing attributes in process `syz.6.2933'.
[  406.380516][T15123] netlink: 52 bytes leftover after parsing attributes in process `syz.6.2933'.
[  406.439038][ T3572] team0 (unregistering): Port device team_slave_1 removed
[  406.513247][ T3572] team0 (unregistering): Port device team_slave_0 removed
[  407.206375][ T5927] lo speed is unknown, defaulting to 1000
[  407.213739][T15119] 
@ÿ: renamed from veth0_vlan
[  407.235311][ T5927] infiniband syz2: ib_query_port failed (-19)
[  408.177592][ T3572] IPVS: stop unused estimator thread 0...
[  408.275732][T14920] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  408.280479][T15146] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2943'.
[  408.315790][T15146] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2943'.
[  408.347833][T14920] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  408.393841][T15156] netlink: 'syz.7.2945': attribute type 2 has an invalid length.
[  408.399777][T14920] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  408.432059][T15156] netlink: 6396 bytes leftover after parsing attributes in process `syz.7.2945'.
[  408.453939][T14920] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  408.507003][T15159] netlink: 828 bytes leftover after parsing attributes in process `syz.2.2947'.
[  408.661509][T15172] netlink: 'syz.6.2950': attribute type 2 has an invalid length.
[  408.699357][T15172] netlink: 6396 bytes leftover after parsing attributes in process `syz.6.2950'.
[  408.800724][T14920] 8021q: adding VLAN 0 to HW filter on device bond0
[  408.848089][T14920] 8021q: adding VLAN 0 to HW filter on device team0
[  408.887113][ T6174] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.894450][ T6174] bridge0: port 1(bridge_slave_0) entered forwarding state
[  408.957945][ T6181] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.965298][ T6181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  408.982535][T15180] FAULT_INJECTION: forcing a failure.
[  408.982535][T15180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  408.998448][T15180] CPU: 0 UID: 0 PID: 15180 Comm: syz.2.2953 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  408.998477][T15180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  408.998487][T15180] Call Trace:
[  408.998495][T15180]  <TASK>
[  408.998504][T15180]  dump_stack_lvl+0x189/0x250
[  408.998532][T15180]  ? __pfx____ratelimit+0x10/0x10
[  408.998557][T15180]  ? __pfx_dump_stack_lvl+0x10/0x10
[  408.998579][T15180]  ? __pfx__printk+0x10/0x10
[  408.998620][T15180]  should_fail_ex+0x414/0x560
[  408.998653][T15180]  _copy_to_user+0x31/0xb0
[  408.998679][T15180]  simple_read_from_buffer+0xe1/0x170
[  408.998708][T15180]  proc_fail_nth_read+0x1df/0x250
[  408.998737][T15180]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  408.998767][T15180]  ? rw_verify_area+0x258/0x650
[  408.998788][T15180]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  408.998816][T15180]  vfs_read+0x200/0x980
[  408.998844][T15180]  ? __pfx___mutex_lock+0x10/0x10
[  408.998869][T15180]  ? __pfx_vfs_read+0x10/0x10
[  408.998892][T15180]  ? __fget_files+0x2a/0x420
[  408.998922][T15180]  ? __fget_files+0x3a0/0x420
[  408.998944][T15180]  ? __fget_files+0x2a/0x420
[  408.998979][T15180]  ksys_read+0x145/0x250
[  408.999003][T15180]  ? __pfx_ksys_read+0x10/0x10
[  408.999020][T15180]  ? rcu_is_watching+0x15/0xb0
[  408.999047][T15180]  ? do_syscall_64+0xbe/0x3b0
[  408.999077][T15180]  do_syscall_64+0xfa/0x3b0
[  408.999099][T15180]  ? lockdep_hardirqs_on+0x9c/0x150
[  408.999130][T15180]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.999148][T15180]  ? clear_bhb_loop+0x60/0xb0
[  408.999171][T15180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.999189][T15180] RIP: 0033:0x7f240438d33c
[  408.999205][T15180] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  408.999222][T15180] RSP: 002b:00007f24051da030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  408.999243][T15180] RAX: ffffffffffffffda RBX: 00007f24045b5fa0 RCX: 00007f240438d33c
[  408.999258][T15180] RDX: 000000000000000f RSI: 00007f24051da0a0 RDI: 0000000000000007
[  408.999279][T15180] RBP: 00007f24051da090 R08: 0000000000000000 R09: 0000000000000000
[  408.999291][T15180] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  408.999303][T15180] R13: 0000000000000000 R14: 00007f24045b5fa0 R15: 00007ffd58dd6c68
[  408.999337][T15180]  </TASK>
[  409.061670][ T1857] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  409.183783][T14920] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  409.299181][T14920] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  409.361570][ T1857] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  409.406483][T15185] gretap2: entered promiscuous mode
[  409.411944][T15185] gretap2: entered allmulticast mode
[  410.014536][T14920] 8021q: adding VLAN 0 to HW filter on device batadv0
[  410.104193][T15209] netlink: 'syz.3.2964': attribute type 13 has an invalid length.
[  410.141673][T15209] netlink: 'syz.3.2964': attribute type 11 has an invalid length.
[  410.370638][T14920] veth0_vlan: entered promiscuous mode
[  410.396311][T14920] veth1_vlan: entered promiscuous mode
[  410.510031][T14920] veth0_macvtap: entered promiscuous mode
[  410.577428][T14920] veth1_macvtap: entered promiscuous mode
[  410.662016][T14920] batman_adv: batadv0: Interface activated: batadv_slave_0
[  410.701721][T14920] batman_adv: batadv0: Interface activated: batadv_slave_1
[  410.766752][   T65] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  410.791660][   T65] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  410.858184][ T1857] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  410.878418][ T6174] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  411.101630][T15230] __nla_validate_parse: 4 callbacks suppressed
[  411.101653][T15230] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2968'.
[  411.126687][T15232] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2969'.
[  411.278848][ T6174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  411.315854][ T6174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  411.429248][ T6174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  411.443450][ T6174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  411.783308][T15251] netlink: 72 bytes leftover after parsing attributes in process `syz.6.2975'.
[  412.469479][T15277] netlink: 828 bytes leftover after parsing attributes in process `syz.0.2985'.
[  413.177414][ T5859] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  413.190973][ T5859] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  413.209316][ T5859] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  413.233957][ T5859] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  413.243785][ T5859] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  413.262627][T15304] xt_TCPMSS: Only works on TCP SYN packets
[  413.549970][T15313] Bluetooth: MGMT ver 1.23
[  413.660858][T15315] netlink: 'syz.0.2998': attribute type 1 has an invalid length.
[  413.680326][T15315] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  413.990677][T15327] FAULT_INJECTION: forcing a failure.
[  413.990677][T15327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  414.037188][T15327] CPU: 1 UID: 0 PID: 15327 Comm: syz.7.3002 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  414.037218][T15327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  414.037229][T15327] Call Trace:
[  414.037237][T15327]  <TASK>
[  414.037245][T15327]  dump_stack_lvl+0x189/0x250
[  414.037283][T15327]  ? __pfx____ratelimit+0x10/0x10
[  414.037307][T15327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  414.037327][T15327]  ? __pfx__printk+0x10/0x10
[  414.037349][T15327]  ? __might_fault+0xb0/0x130
[  414.037384][T15327]  should_fail_ex+0x414/0x560
[  414.037417][T15327]  _copy_from_user+0x2d/0xb0
[  414.037438][T15327]  ___sys_sendmsg+0x158/0x2a0
[  414.037461][T15327]  ? __pfx____sys_sendmsg+0x10/0x10
[  414.037522][T15327]  ? __fget_files+0x2a/0x420
[  414.037545][T15327]  ? __fget_files+0x3a0/0x420
[  414.037579][T15327]  __x64_sys_sendmsg+0x19b/0x260
[  414.037600][T15327]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  414.037629][T15327]  ? __pfx_ksys_write+0x10/0x10
[  414.037646][T15327]  ? rcu_is_watching+0x15/0xb0
[  414.037673][T15327]  ? do_syscall_64+0xbe/0x3b0
[  414.037704][T15327]  do_syscall_64+0xfa/0x3b0
[  414.037728][T15327]  ? lockdep_hardirqs_on+0x9c/0x150
[  414.037752][T15327]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.037770][T15327]  ? clear_bhb_loop+0x60/0xb0
[  414.037793][T15327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.037810][T15327] RIP: 0033:0x7fcb8718e929
[  414.037827][T15327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  414.037844][T15327] RSP: 002b:00007fcb84ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  414.037866][T15327] RAX: ffffffffffffffda RBX: 00007fcb873b5fa0 RCX: 00007fcb8718e929
[  414.037880][T15327] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  414.037893][T15327] RBP: 00007fcb84ff6090 R08: 0000000000000000 R09: 0000000000000000
[  414.037905][T15327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  414.037916][T15327] R13: 0000000000000000 R14: 00007fcb873b5fa0 R15: 00007ffc001ba428
[  414.037949][T15327]  </TASK>
[  414.518158][T15339] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3006'.
[  414.531195][   T36] tipc: Disabling bearer <ib:ip6gre0>
[  414.980788][ T5849] Bluetooth: hci1: command 0x040f tx timeout
[  415.141859][   T36] tipc: Disabling bearer <eth:syzkaller0>
[  415.308899][ T5849] Bluetooth: hci3: command tx timeout
[  415.426218][   T36] bond1 (unregistering): Released all slaves
[  415.578570][   T36] bond0 (unregistering): Released all slaves
[  415.728144][   T36] bond2 (unregistering): Released all slaves
[  415.743565][   T36] bond3 (unregistering): Released all slaves
[  415.768494][T15301] chnl_net:caif_netlink_parms(): no params data found
[  415.969918][   T36] tipc: Left network mode
[  416.010876][T15358] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3014'.
[  416.101915][T15363] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3014'.
[  416.115191][T15363] netlink: 'syz.2.3014': attribute type 21 has an invalid length.
[  416.311129][T15370] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3016'.
[  416.514166][T15301] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.523932][T15301] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.541320][T15301] bridge_slave_0: entered allmulticast mode
[  416.577098][T15301] bridge_slave_0: entered promiscuous mode
[  416.624074][   T36] hsr_slave_0: left promiscuous mode
[  416.641284][   T36] hsr_slave_1: left promiscuous mode
[  416.739983][T15381] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3022'.
[  417.378942][ T5849] Bluetooth: hci3: command tx timeout
[  418.269654][T15301] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.277933][T15301] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.293876][T15301] bridge_slave_1: entered allmulticast mode
[  418.311775][T15301] bridge_slave_1: entered promiscuous mode
[  418.541453][T15301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.595413][T15301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.786271][T15301] team0: Port device team_slave_0 added
[  418.835039][T15301] team0: Port device team_slave_1 added
[  419.110348][T15301] batman_adv: batadv0: Adding interface: batadv_slave_0
[  419.146540][T15301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.239180][T15301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  419.289828][T15301] batman_adv: batadv0: Adding interface: batadv_slave_1
[  419.292559][T15427] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3033'.
[  419.298855][T15301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.298893][T15301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.456047][ T5849] Bluetooth: hci3: command tx timeout
[  419.500990][T15301] hsr_slave_0: entered promiscuous mode
[  419.508658][T15301] hsr_slave_1: entered promiscuous mode
[  419.516513][T15301] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  419.525846][T15301] Cannot create hsr debugfs directory
[  419.654637][   T36] IPVS: stop unused estimator thread 0...
[  420.050048][T15438] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3037'.
[  420.618672][T15301] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  420.644468][T15301] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  420.663033][T15453] syzkaller0: entered allmulticast mode
[  420.725435][T15301] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  420.763765][T15301] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  421.130988][T15301] 8021q: adding VLAN 0 to HW filter on device bond0
[  421.160616][T15470] batadv_slave_1: entered promiscuous mode
[  421.237260][T15474] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3049'.
[  421.269581][T15301] 8021q: adding VLAN 0 to HW filter on device team0
[  421.320590][ T3527] bridge0: port 1(bridge_slave_0) entered blocking state
[  421.328598][ T3527] bridge0: port 1(bridge_slave_0) entered forwarding state
[  421.373058][T15448] syzkaller0: left allmulticast mode
[  421.411247][ T3527] bridge0: port 2(bridge_slave_1) entered blocking state
[  421.418932][ T3527] bridge0: port 2(bridge_slave_1) entered forwarding state
[  421.535417][ T5849] Bluetooth: hci3: command tx timeout
[  421.632480][T15301] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  422.037475][T15493] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  422.282984][T15301] 8021q: adding VLAN 0 to HW filter on device batadv0
[  422.349528][T15505] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3059'.
[  422.466506][T15301] veth0_vlan: entered promiscuous mode
[  422.494441][T15301] veth1_vlan: entered promiscuous mode
[  422.614106][T15301] veth0_macvtap: entered promiscuous mode
[  422.643123][T15301] veth1_macvtap: entered promiscuous mode
[  422.681670][T15301] batman_adv: batadv0: Interface activated: batadv_slave_0
[  422.703071][T15301] batman_adv: batadv0: Interface activated: batadv_slave_1
[  422.740056][   T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  422.781548][   T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  422.878421][   T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  422.954601][   T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  423.197586][ T6174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.241849][ T6174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.391666][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.411017][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.427304][T15529] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3069'.
[  423.885416][T15549] syz.7.3074: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  423.902697][T15547] netlink: 'syz.3.2980': attribute type 2 has an invalid length.
[  423.932599][T15540] ipvlan3: entered promiscuous mode
[  423.946444][T15549] CPU: 0 UID: 0 PID: 15549 Comm: syz.7.3074 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  423.946477][T15549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  423.946489][T15549] Call Trace:
[  423.946498][T15549]  <TASK>
[  423.946507][T15549]  dump_stack_lvl+0x189/0x250
[  423.946543][T15549]  ? __pfx_dump_stack_lvl+0x10/0x10
[  423.946569][T15549]  ? __pfx__printk+0x10/0x10
[  423.946597][T15549]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  423.946623][T15549]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  423.946651][T15549]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  423.946681][T15549]  warn_alloc+0x214/0x310
[  423.946708][T15549]  ? stack_depot_save_flags+0x40/0x900
[  423.946736][T15549]  ? preempt_schedule_common+0x51/0xd0
[  423.946765][T15549]  ? __pfx_warn_alloc+0x10/0x10
[  423.946795][T15549]  ? kasan_save_track+0x4f/0x80
[  423.946819][T15549]  ? xskq_create+0x56/0x170
[  423.946840][T15549]  ? xsk_init_queue+0xb0/0x110
[  423.946861][T15549]  ? xsk_setsockopt+0x4dc/0x8d0
[  423.946880][T15549]  ? do_sock_setsockopt+0x257/0x3e0
[  423.946908][T15549]  ? __x64_sys_setsockopt+0x18b/0x220
[  423.946934][T15549]  ? do_syscall_64+0xfa/0x3b0
[  423.946957][T15549]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.946982][T15549]  __vmalloc_node_range_noprof+0x125/0x12f0
[  423.947043][T15549]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  423.947077][T15549]  ? __kasan_kmalloc+0x93/0xb0
[  423.947104][T15549]  vmalloc_user_noprof+0xad/0xf0
[  423.947130][T15549]  ? xskq_create+0xbf/0x170
[  423.947155][T15549]  xskq_create+0xbf/0x170
[  423.947184][T15549]  xsk_init_queue+0xb0/0x110
[  423.947221][T15549]  xsk_setsockopt+0x4dc/0x8d0
[  423.947249][T15549]  ? __pfx_xsk_setsockopt+0x10/0x10
[  423.947271][T15549]  ? __pfx_aa_sk_perm+0x10/0x10
[  423.947294][T15549]  ? __lock_acquire+0xab9/0xd20
[  423.947322][T15549]  ? aa_sock_opt_perm+0x74/0x110
[  423.947353][T15549]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  423.947378][T15549]  ? __pfx_xsk_setsockopt+0x10/0x10
[  423.947401][T15549]  do_sock_setsockopt+0x257/0x3e0
[  423.947434][T15549]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  423.947470][T15549]  ? __fget_files+0x2a/0x420
[  423.947506][T15549]  __x64_sys_setsockopt+0x18b/0x220
[  423.947544][T15549]  do_syscall_64+0xfa/0x3b0
[  423.947569][T15549]  ? lockdep_hardirqs_on+0x9c/0x150
[  423.947594][T15549]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.947613][T15549]  ? clear_bhb_loop+0x60/0xb0
[  423.947638][T15549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.947658][T15549] RIP: 0033:0x7fcb8718e929
[  423.947678][T15549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  423.947695][T15549] RSP: 002b:00007fcb84fd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  423.947718][T15549] RAX: ffffffffffffffda RBX: 00007fcb873b6080 RCX: 00007fcb8718e929
[  423.947732][T15549] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  423.947745][T15549] RBP: 00007fcb87210b39 R08: 0000000000000004 R09: 0000000000000000
[  423.947756][T15549] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  423.947769][T15549] R13: 0000000000000000 R14: 00007fcb873b6080 R15: 00007ffc001ba428
[  423.947805][T15549]  </TASK>
[  423.947813][T15549] Mem-Info:
[  423.986770][T15540] bridge0: port 1(ipvlan3) entered blocking state
[  424.040518][T15549] active_anon:4466 inactive_anon:0 isolated_anon:0
[  424.040518][T15549]  active_file:1987 inactive_file:39998 isolated_file:0
[  424.040518][T15549]  unevictable:768 dirty:217 writeback:0
[  424.040518][T15549]  slab_reclaimable:12043 slab_unreclaimable:126184
[  424.040518][T15549]  mapped:45853 shmem:1367 pagetables:1148
[  424.040518][T15549]  sec_pagetables:0 bounce:0
[  424.040518][T15549]  kernel_misc_reclaimable:0
[  424.040518][T15549]  free:1266512 free_pcp:12750 free_cma:0
[  424.046688][T15547] netlink: 6396 bytes leftover after parsing attributes in process `syz.3.2980'.
[  424.099330][T15549] Node 0 active_anon:17888kB inactive_anon:0kB active_file:7948kB inactive_file:159792kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:183412kB dirty:868kB writeback:0kB shmem:3920kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13136kB pagetables:4512kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  424.185733][T15540] bridge0: port 1(ipvlan3) entered disabled state
[  424.421448][T15549] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:104kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  424.460861][T15540] ipvlan3: entered allmulticast mode
[  424.467418][T15549] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  424.510482][T15540] ipvlan3: left allmulticast mode
[  424.532432][T15549] lowmem_reserve[]: 0 2498 2499 2499 2499
[  424.541336][T15549] Node 0 DMA32 free:1140840kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:18236kB inactive_anon:0kB active_file:7948kB inactive_file:158220kB unevictable:1536kB writepending:892kB present:3129332kB managed:2558272kB mlocked:0kB bounce:0kB free_pcp:37896kB local_pcp:19748kB free_cma:0kB
[  424.635329][T15549] lowmem_reserve[]: 0 0 1 1 1
[  424.640466][T15549] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1576kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  424.686460][T15549] lowmem_reserve[]: 0 0 0 0 0
[  424.739292][T15549] Node 1 Normal free:3909528kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:11876kB local_pcp:4832kB free_cma:0kB
[  424.799434][T15549] lowmem_reserve[]: 0 0 0 0 0
[  424.810674][T15549] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  424.891875][T15549] Node 0 DMA32: 916*4kB (UME) 702*8kB (UME) 233*16kB (M) 145*32kB (UME) 58*64kB (M) 36*128kB (UM) 44*256kB (UM) 61*512kB (UME) 19*1024kB (UM) 10*2048kB (UE) 252*4096kB (UM) = 1140592kB
[  424.954554][T15549] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  425.044868][T15549] Node 1 Normal: 148*4kB (UME) 51*8kB (UME) 43*16kB (UME) 184*32kB (UME) 54*64kB (UME) 17*128kB (UME) 2*256kB (M) 3*512kB (ME) 3*1024kB (UME) 2*2048kB (UE) 949*4096kB (M) = 3909528kB
[  425.176767][T15549] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  425.241635][T15549] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  425.298269][T15549] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  425.349605][T15549] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  425.376755][T15549] 43352 total pagecache pages
[  425.384366][T15549] 0 pages in swap cache
[  425.404993][T15549] Free swap  = 124996kB
[  425.409481][T15549] Total swap = 124996kB
[  425.413861][T15549] 2097051 pages RAM
[  425.434772][T15549] 0 pages HighMem/MovableOnly
[  425.439797][T15549] 425441 pages reserved
[  425.444466][T15549] 0 pages cma reserved
[  426.032700][ T5859] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  426.043952][ T5859] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  426.053800][ T5859] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  426.065548][ T5859] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  426.099204][ T5859] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  426.222101][T15590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3085'.
[  426.265318][T15590] ip6gretap0: entered promiscuous mode
[  426.279303][T15590] ip6gretap0: left promiscuous mode
[  426.368415][T15597] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3084'.
[  426.392026][T15598] netlink: 'syz.0.3087': attribute type 2 has an invalid length.
[  426.468475][T15598] netlink: 6396 bytes leftover after parsing attributes in process `syz.0.3087'.
[  426.922574][T15583] chnl_net:caif_netlink_parms(): no params data found
[  427.418755][T15583] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.454537][T15583] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.495407][T15583] bridge_slave_0: entered allmulticast mode
[  427.503664][T15583] bridge_slave_0: entered promiscuous mode
[  427.532961][T15583] bridge0: port 2(bridge_slave_1) entered blocking state
[  427.555962][T15583] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.563535][T15583] bridge_slave_1: entered allmulticast mode
[  427.591109][T15583] bridge_slave_1: entered promiscuous mode
[  427.763607][T15583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  427.824339][T15640] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3100'.
[  427.827192][T15583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  427.983734][T15583] team0: Port device team_slave_0 added
[  428.056658][T15583] team0: Port device team_slave_1 added
[  428.177730][ T5849] Bluetooth: hci8: command tx timeout
[  428.234630][T15583] batman_adv: batadv0: Adding interface: batadv_slave_0
[  428.242719][T15583] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  428.336456][T15583] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  428.389353][T15583] batman_adv: batadv0: Adding interface: batadv_slave_1
[  428.411830][T15660] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  428.416532][T15583] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  428.467203][T15666] FAULT_INJECTION: forcing a failure.
[  428.467203][T15666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  428.492642][T15660] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  428.511922][T15666] CPU: 0 UID: 0 PID: 15666 Comm: syz.7.3107 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  428.511953][T15666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  428.511966][T15666] Call Trace:
[  428.511975][T15666]  <TASK>
[  428.511984][T15666]  dump_stack_lvl+0x189/0x250
[  428.512014][T15666]  ? __pfx____ratelimit+0x10/0x10
[  428.512038][T15666]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.512060][T15666]  ? __pfx__printk+0x10/0x10
[  428.512086][T15666]  ? __might_fault+0xb0/0x130
[  428.512122][T15666]  should_fail_ex+0x414/0x560
[  428.512152][T15666]  _copy_from_user+0x2d/0xb0
[  428.512176][T15666]  generic_map_update_batch+0x51b/0x7f0
[  428.512226][T15666]  ? __pfx_generic_map_update_batch+0x10/0x10
[  428.512250][T15666]  ? __fget_files+0x2a/0x420
[  428.512282][T15666]  ? __pfx_generic_map_update_batch+0x10/0x10
[  428.512304][T15666]  bpf_map_do_batch+0x369/0x5f0
[  428.512332][T15666]  __sys_bpf+0x384/0x860
[  428.512361][T15666]  ? __pfx___sys_bpf+0x10/0x10
[  428.512404][T15666]  ? ksys_write+0x22a/0x250
[  428.512429][T15666]  ? __pfx_ksys_write+0x10/0x10
[  428.512448][T15666]  ? rcu_is_watching+0x15/0xb0
[  428.512478][T15666]  __x64_sys_bpf+0x7c/0x90
[  428.512505][T15666]  do_syscall_64+0xfa/0x3b0
[  428.512529][T15666]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.512553][T15666]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.512572][T15666]  ? clear_bhb_loop+0x60/0xb0
[  428.512595][T15666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.512613][T15666] RIP: 0033:0x7fcb8718e929
[  428.512636][T15666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.512653][T15666] RSP: 002b:00007fcb84ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  428.512674][T15666] RAX: ffffffffffffffda RBX: 00007fcb873b5fa0 RCX: 00007fcb8718e929
[  428.512687][T15666] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  428.512699][T15666] RBP: 00007fcb84ff6090 R08: 0000000000000000 R09: 0000000000000000
[  428.512710][T15666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  428.512721][T15666] R13: 0000000000000000 R14: 00007fcb873b5fa0 R15: 00007ffc001ba428
[  428.512754][T15666]  </TASK>
[  428.514868][T15583] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  429.006189][T15583] hsr_slave_0: entered promiscuous mode
[  429.032635][T15583] hsr_slave_1: entered promiscuous mode
[  429.046557][T15679] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3112'.
[  429.050058][T15583] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  429.104545][T15583] Cannot create hsr debugfs directory
[  429.302687][T15690] FAULT_INJECTION: forcing a failure.
[  429.302687][T15690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.367431][T15690] CPU: 1 UID: 0 PID: 15690 Comm: syz.7.3118 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  429.367463][T15690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  429.367475][T15690] Call Trace:
[  429.367484][T15690]  <TASK>
[  429.367492][T15690]  dump_stack_lvl+0x189/0x250
[  429.367522][T15690]  ? __pfx____ratelimit+0x10/0x10
[  429.367548][T15690]  ? __pfx_dump_stack_lvl+0x10/0x10
[  429.367572][T15690]  ? __pfx__printk+0x10/0x10
[  429.367597][T15690]  ? __might_fault+0xb0/0x130
[  429.367631][T15690]  should_fail_ex+0x414/0x560
[  429.367663][T15690]  _copy_from_user+0x2d/0xb0
[  429.367692][T15690]  generic_map_update_batch+0x572/0x7f0
[  429.367730][T15690]  ? __pfx_generic_map_update_batch+0x10/0x10
[  429.367754][T15690]  ? __fget_files+0x2a/0x420
[  429.367785][T15690]  ? __pfx_generic_map_update_batch+0x10/0x10
[  429.367808][T15690]  bpf_map_do_batch+0x369/0x5f0
[  429.367834][T15690]  __sys_bpf+0x384/0x860
[  429.367862][T15690]  ? __pfx___sys_bpf+0x10/0x10
[  429.367921][T15690]  ? ksys_write+0x22a/0x250
[  429.367941][T15690]  ? __pfx_ksys_write+0x10/0x10
[  429.367955][T15690]  ? rcu_is_watching+0x15/0xb0
[  429.367978][T15690]  __x64_sys_bpf+0x7c/0x90
[  429.368002][T15690]  do_syscall_64+0xfa/0x3b0
[  429.368024][T15690]  ? lockdep_hardirqs_on+0x9c/0x150
[  429.368048][T15690]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.368065][T15690]  ? clear_bhb_loop+0x60/0xb0
[  429.368086][T15690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.368103][T15690] RIP: 0033:0x7fcb8718e929
[  429.368121][T15690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.368136][T15690] RSP: 002b:00007fcb84ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  429.368224][T15690] RAX: ffffffffffffffda RBX: 00007fcb873b5fa0 RCX: 00007fcb8718e929
[  429.368238][T15690] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  429.368250][T15690] RBP: 00007fcb84ff6090 R08: 0000000000000000 R09: 0000000000000000
[  429.368261][T15690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  429.368273][T15690] R13: 0000000000000000 R14: 00007fcb873b5fa0 R15: 00007ffc001ba428
[  429.368378][T15690]  </TASK>
[  429.760548][T15583] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  429.773829][T15583] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  429.985872][T15583] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.044120][T15583] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  430.173589][T15583] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.205720][T15583] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  430.264752][ T5859] Bluetooth: hci8: command tx timeout
[  430.391502][T15583] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.411092][T15583] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  431.264541][T15583] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  431.341382][T15583] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  431.374576][T15583] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  431.382540][T15743] netlink: 828 bytes leftover after parsing attributes in process `syz.0.3136'.
[  431.413382][T15583] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  431.577774][T15755] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3137'.
[  431.587266][T15755] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3137'.
[  431.596429][T15755] netlink: 'syz.6.3137': attribute type 13 has an invalid length.
[  431.605846][T15755] netlink: 'syz.6.3137': attribute type 11 has an invalid length.
[  432.336415][ T5859] Bluetooth: hci8: command 0x040f tx timeout
[  432.412954][T15771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3143'.
[  432.573340][T15583] 8021q: adding VLAN 0 to HW filter on device bond0
[  432.702124][T15583] 8021q: adding VLAN 0 to HW filter on device team0
[  432.763604][ T6174] bridge0: port 1(bridge_slave_0) entered blocking state
[  432.770989][ T6174] bridge0: port 1(bridge_slave_0) entered forwarding state
[  432.859447][ T3548] bridge0: port 2(bridge_slave_1) entered blocking state
[  432.866713][ T3548] bridge0: port 2(bridge_slave_1) entered forwarding state
[  432.982642][T15785] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3148'.
[  432.992847][T15785] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.020402][T15795] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3150'.
[  433.211342][T15583] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  433.319371][T15805] FAULT_INJECTION: forcing a failure.
[  433.319371][T15805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.370586][T15805] CPU: 0 UID: 0 PID: 15805 Comm: syz.0.3153 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  433.370615][T15805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  433.370626][T15805] Call Trace:
[  433.370634][T15805]  <TASK>
[  433.370643][T15805]  dump_stack_lvl+0x189/0x250
[  433.370671][T15805]  ? __pfx____ratelimit+0x10/0x10
[  433.370697][T15805]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.370719][T15805]  ? __pfx__printk+0x10/0x10
[  433.370743][T15805]  ? __might_fault+0xb0/0x130
[  433.370778][T15805]  should_fail_ex+0x414/0x560
[  433.370812][T15805]  _copy_from_user+0x2d/0xb0
[  433.370836][T15805]  generic_map_update_batch+0x51b/0x7f0
[  433.370876][T15805]  ? __pfx_generic_map_update_batch+0x10/0x10
[  433.370900][T15805]  ? __fget_files+0x2a/0x420
[  433.370933][T15805]  ? __pfx_generic_map_update_batch+0x10/0x10
[  433.370956][T15805]  bpf_map_do_batch+0x369/0x5f0
[  433.370982][T15805]  __sys_bpf+0x384/0x860
[  433.371014][T15805]  ? __pfx___sys_bpf+0x10/0x10
[  433.371058][T15805]  ? ksys_write+0x22a/0x250
[  433.371083][T15805]  ? __pfx_ksys_write+0x10/0x10
[  433.371101][T15805]  ? rcu_is_watching+0x15/0xb0
[  433.371133][T15805]  __x64_sys_bpf+0x7c/0x90
[  433.371160][T15805]  do_syscall_64+0xfa/0x3b0
[  433.371188][T15805]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.371217][T15805]  ? asm_sysvec_call_function_single+0x1a/0x20
[  433.371235][T15805]  ? clear_bhb_loop+0x60/0xb0
[  433.371259][T15805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.371277][T15805] RIP: 0033:0x7f9afc18e929
[  433.371295][T15805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.371312][T15805] RSP: 002b:00007f9afd053038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  433.371335][T15805] RAX: ffffffffffffffda RBX: 00007f9afc3b5fa0 RCX: 00007f9afc18e929
[  433.371349][T15805] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  433.371361][T15805] RBP: 00007f9afd053090 R08: 0000000000000000 R09: 0000000000000000
[  433.371373][T15805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  433.371384][T15805] R13: 0000000000000000 R14: 00007f9afc3b5fa0 R15: 00007ffd7f83e6b8
[  433.371415][T15805]  </TASK>
[  433.736081][T15810] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3156'.
[  434.009120][T15583] 8021q: adding VLAN 0 to HW filter on device batadv0
[  434.065068][T15827] xt_l2tp: invalid flags combination: 4
[  434.185078][T15823] syzkaller0: entered promiscuous mode
[  434.191321][T15823] syzkaller0: entered allmulticast mode
[  434.296078][T15583] veth0_vlan: entered promiscuous mode
[  434.353647][T15837] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3163'.
[  434.417429][ T5849] Bluetooth: hci8: command 0x040f tx timeout
[  434.463714][T15843] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3165'.
[  434.554539][T15583] veth1_vlan: entered promiscuous mode
[  434.591657][T15845] netlink: 52 bytes leftover after parsing attributes in process `syz.6.3166'.
[  434.603758][T15843] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  434.714624][T15583] veth0_macvtap: entered promiscuous mode
[  434.741470][T15847] FAULT_INJECTION: forcing a failure.
[  434.741470][T15847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  434.747680][T15583] veth1_macvtap: entered promiscuous mode
[  434.772640][T15847] CPU: 1 UID: 0 PID: 15847 Comm: syz.6.3167 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  434.772672][T15847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  434.772684][T15847] Call Trace:
[  434.772693][T15847]  <TASK>
[  434.772701][T15847]  dump_stack_lvl+0x189/0x250
[  434.772730][T15847]  ? __pfx____ratelimit+0x10/0x10
[  434.772755][T15847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  434.772778][T15847]  ? __pfx__printk+0x10/0x10
[  434.772803][T15847]  ? __might_fault+0xb0/0x130
[  434.772837][T15847]  should_fail_ex+0x414/0x560
[  434.772868][T15847]  _copy_from_user+0x2d/0xb0
[  434.772891][T15847]  generic_map_update_batch+0x572/0x7f0
[  434.772931][T15847]  ? __pfx_generic_map_update_batch+0x10/0x10
[  434.772954][T15847]  ? __fget_files+0x2a/0x420
[  434.772986][T15847]  ? __pfx_generic_map_update_batch+0x10/0x10
[  434.773010][T15847]  bpf_map_do_batch+0x369/0x5f0
[  434.773036][T15847]  __sys_bpf+0x384/0x860
[  434.773066][T15847]  ? __pfx___sys_bpf+0x10/0x10
[  434.773108][T15847]  ? ksys_write+0x22a/0x250
[  434.773132][T15847]  ? __pfx_ksys_write+0x10/0x10
[  434.773151][T15847]  ? rcu_is_watching+0x15/0xb0
[  434.773182][T15847]  __x64_sys_bpf+0x7c/0x90
[  434.773219][T15847]  do_syscall_64+0xfa/0x3b0
[  434.773243][T15847]  ? lockdep_hardirqs_on+0x9c/0x150
[  434.773267][T15847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.773285][T15847]  ? clear_bhb_loop+0x60/0xb0
[  434.773309][T15847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.773327][T15847] RIP: 0033:0x7f782eb8e929
[  434.773345][T15847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.773361][T15847] RSP: 002b:00007f782f9ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  434.773382][T15847] RAX: ffffffffffffffda RBX: 00007f782edb5fa0 RCX: 00007f782eb8e929
[  434.773396][T15847] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  434.773408][T15847] RBP: 00007f782f9ae090 R08: 0000000000000000 R09: 0000000000000000
[  434.773420][T15847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  434.773431][T15847] R13: 0000000000000000 R14: 00007f782edb5fa0 R15: 00007ffd8297e568
[  434.773465][T15847]  </TASK>
[  435.088820][T15583] batman_adv: batadv0: Interface activated: batadv_slave_0
[  435.102187][T15583] batman_adv: batadv0: Interface activated: batadv_slave_1
[  435.125468][ T6174] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  435.221208][ T6174] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  435.303150][ T6174] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  435.345526][ T6174] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  435.422521][T15859] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3175'.
[  435.449996][T15862] ip6gre1: entered allmulticast mode
[  435.481075][T15864] FAULT_INJECTION: forcing a failure.
[  435.481075][T15864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.513318][ T6174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  435.533162][ T6174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  435.541391][T15864] CPU: 0 UID: 0 PID: 15864 Comm: syz.3.3174 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  435.541421][T15864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  435.541433][T15864] Call Trace:
[  435.541441][T15864]  <TASK>
[  435.541448][T15864]  dump_stack_lvl+0x189/0x250
[  435.541478][T15864]  ? __pfx____ratelimit+0x10/0x10
[  435.541503][T15864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.541525][T15864]  ? __pfx__printk+0x10/0x10
[  435.541550][T15864]  ? __might_fault+0xb0/0x130
[  435.541585][T15864]  should_fail_ex+0x414/0x560
[  435.541618][T15864]  _copy_from_iter+0x1db/0x16f0
[  435.541643][T15864]  ? rcu_is_watching+0x15/0xb0
[  435.541666][T15864]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  435.541691][T15864]  ? __pfx__copy_from_iter+0x10/0x10
[  435.541712][T15864]  ? __build_skb_around+0x257/0x3e0
[  435.541743][T15864]  ? netlink_sendmsg+0x642/0xb30
[  435.541767][T15864]  ? skb_put+0x11b/0x210
[  435.541798][T15864]  netlink_sendmsg+0x6b2/0xb30
[  435.541834][T15864]  ? __pfx_netlink_sendmsg+0x10/0x10
[  435.541864][T15864]  ? aa_sock_msg_perm+0x94/0x160
[  435.541892][T15864]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  435.541919][T15864]  ? __pfx_netlink_sendmsg+0x10/0x10
[  435.541958][T15864]  __sock_sendmsg+0x219/0x270
[  435.541984][T15864]  ____sys_sendmsg+0x505/0x830
[  435.542020][T15864]  ? __pfx_____sys_sendmsg+0x10/0x10
[  435.542059][T15864]  ? import_iovec+0x74/0xa0
[  435.542085][T15864]  ___sys_sendmsg+0x21f/0x2a0
[  435.542105][T15864]  ? __pfx____sys_sendmsg+0x10/0x10
[  435.542166][T15864]  ? __fget_files+0x2a/0x420
[  435.542188][T15864]  ? __fget_files+0x3a0/0x420
[  435.542223][T15864]  __x64_sys_sendmsg+0x19b/0x260
[  435.542244][T15864]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  435.542274][T15864]  ? __pfx_ksys_write+0x10/0x10
[  435.542292][T15864]  ? rcu_is_watching+0x15/0xb0
[  435.542319][T15864]  ? do_syscall_64+0xbe/0x3b0
[  435.542348][T15864]  do_syscall_64+0xfa/0x3b0
[  435.542371][T15864]  ? lockdep_hardirqs_on+0x9c/0x150
[  435.542395][T15864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.542419][T15864]  ? clear_bhb_loop+0x60/0xb0
[  435.542442][T15864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.542459][T15864] RIP: 0033:0x7f5c4198e929
[  435.542476][T15864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.542492][T15864] RSP: 002b:00007f5c428a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  435.542513][T15864] RAX: ffffffffffffffda RBX: 00007f5c41bb5fa0 RCX: 00007f5c4198e929
[  435.542526][T15864] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[  435.542538][T15864] RBP: 00007f5c428a0090 R08: 0000000000000000 R09: 0000000000000000
[  435.542549][T15864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.542560][T15864] R13: 0000000000000000 R14: 00007f5c41bb5fa0 R15: 00007ffe3c2e59e8
[  435.542592][T15864]  </TASK>
[  435.600582][ T3548] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  435.715958][T15872] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3177'.
[  435.827167][ T3548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  435.943193][T15876] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check.
[  435.980649][T15872] xt_l2tp: unknown flags: 10
[  436.481102][T15902] netlink: 'syz.3.3185': attribute type 2 has an invalid length.
[  436.501025][ T5849] Bluetooth: hci8: command 0x040f tx timeout
[  436.546991][T15902] netlink: 6396 bytes leftover after parsing attributes in process `syz.3.3185'.
[  436.906552][T15914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3188'.
[  436.993496][T15916] IPVS: set_ctl: invalid protocol: 8345 172.30.1.1:20003
[  437.024974][T15916] Cannot find add_set index 3 as target
[  437.102682][T15916] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  437.241714][T15925] FAULT_INJECTION: forcing a failure.
[  437.241714][T15925] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.270396][T15925] CPU: 0 UID: 0 PID: 15925 Comm: syz.2.3194 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  437.270429][T15925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.270441][T15925] Call Trace:
[  437.270449][T15925]  <TASK>
[  437.270457][T15925]  dump_stack_lvl+0x189/0x250
[  437.270488][T15925]  ? __pfx____ratelimit+0x10/0x10
[  437.270513][T15925]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.270536][T15925]  ? __pfx__printk+0x10/0x10
[  437.270562][T15925]  ? __might_fault+0xb0/0x130
[  437.270599][T15925]  should_fail_ex+0x414/0x560
[  437.270633][T15925]  _copy_from_user+0x2d/0xb0
[  437.270656][T15925]  generic_map_update_batch+0x572/0x7f0
[  437.270696][T15925]  ? __pfx_generic_map_update_batch+0x10/0x10
[  437.270721][T15925]  ? __fget_files+0x2a/0x420
[  437.270754][T15925]  ? __pfx_generic_map_update_batch+0x10/0x10
[  437.270777][T15925]  bpf_map_do_batch+0x369/0x5f0
[  437.270804][T15925]  __sys_bpf+0x384/0x860
[  437.270835][T15925]  ? __pfx___sys_bpf+0x10/0x10
[  437.270879][T15925]  ? ksys_write+0x22a/0x250
[  437.270903][T15925]  ? __pfx_ksys_write+0x10/0x10
[  437.270920][T15925]  ? rcu_is_watching+0x15/0xb0
[  437.270953][T15925]  __x64_sys_bpf+0x7c/0x90
[  437.270981][T15925]  do_syscall_64+0xfa/0x3b0
[  437.271005][T15925]  ? lockdep_hardirqs_on+0x9c/0x150
[  437.271029][T15925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.271047][T15925]  ? clear_bhb_loop+0x60/0xb0
[  437.271072][T15925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.271089][T15925] RIP: 0033:0x7fec1f98e929
[  437.271108][T15925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.271124][T15925] RSP: 002b:00007fec20854038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  437.271146][T15925] RAX: ffffffffffffffda RBX: 00007fec1fbb5fa0 RCX: 00007fec1f98e929
[  437.271169][T15925] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  437.271182][T15925] RBP: 00007fec20854090 R08: 0000000000000000 R09: 0000000000000000
[  437.271194][T15925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  437.271205][T15925] R13: 0000000000000000 R14: 00007fec1fbb5fa0 R15: 00007ffd7be3cff8
[  437.271238][T15925]  </TASK>
[  437.676357][T15930] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  437.792264][   T36] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  437.806020][   T36] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  437.815054][T14974] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  437.955132][T14974] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  438.165303][T14974] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  438.242676][T15957] __nla_validate_parse: 4 callbacks suppressed
[  438.242701][T15957] netlink: 828 bytes leftover after parsing attributes in process `syz.3.3205'.
[  438.771877][T15968] FAULT_INJECTION: forcing a failure.
[  438.771877][T15968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  438.795728][T15969] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3209'.
[  438.805717][T15968] CPU: 1 UID: 0 PID: 15968 Comm: syz.2.3208 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  438.805749][T15968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  438.805760][T15968] Call Trace:
[  438.805768][T15968]  <TASK>
[  438.805778][T15968]  dump_stack_lvl+0x189/0x250
[  438.805808][T15968]  ? __pfx____ratelimit+0x10/0x10
[  438.805834][T15968]  ? __pfx_dump_stack_lvl+0x10/0x10
[  438.805857][T15968]  ? __pfx__printk+0x10/0x10
[  438.805882][T15968]  ? __might_fault+0xb0/0x130
[  438.805927][T15968]  should_fail_ex+0x414/0x560
[  438.805961][T15968]  _copy_from_user+0x2d/0xb0
[  438.805984][T15968]  generic_map_update_batch+0x51b/0x7f0
[  438.806024][T15968]  ? __pfx_generic_map_update_batch+0x10/0x10
[  438.806048][T15968]  ? __fget_files+0x2a/0x420
[  438.806082][T15968]  ? __pfx_generic_map_update_batch+0x10/0x10
[  438.806105][T15968]  bpf_map_do_batch+0x369/0x5f0
[  438.806131][T15968]  __sys_bpf+0x384/0x860
[  438.806160][T15968]  ? __pfx___sys_bpf+0x10/0x10
[  438.806204][T15968]  ? ksys_write+0x22a/0x250
[  438.806229][T15968]  ? __pfx_ksys_write+0x10/0x10
[  438.806247][T15968]  ? rcu_is_watching+0x15/0xb0
[  438.806278][T15968]  __x64_sys_bpf+0x7c/0x90
[  438.806305][T15968]  do_syscall_64+0xfa/0x3b0
[  438.806329][T15968]  ? lockdep_hardirqs_on+0x9c/0x150
[  438.806353][T15968]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.806372][T15968]  ? clear_bhb_loop+0x60/0xb0
[  438.806395][T15968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.806414][T15968] RIP: 0033:0x7fec1f98e929
[  438.806431][T15968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.806447][T15968] RSP: 002b:00007fec20854038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  438.806468][T15968] RAX: ffffffffffffffda RBX: 00007fec1fbb5fa0 RCX: 00007fec1f98e929
[  438.806483][T15968] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  438.806495][T15968] RBP: 00007fec20854090 R08: 0000000000000000 R09: 0000000000000000
[  438.806506][T15968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  438.806518][T15968] R13: 0000000000000000 R14: 00007fec1fbb5fa0 R15: 00007ffd7be3cff8
[  438.806551][T15968]  </TASK>
[  438.807309][T15970] netlink: 'syz.6.3210': attribute type 3 has an invalid length.
[  438.935211][T15969] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3209'.
[  438.960322][T15972] netlink: 'syz.3.3211': attribute type 9 has an invalid length.
[  439.048257][T15969] netlink: 'syz.7.3209': attribute type 13 has an invalid length.
[  439.079575][T15982] IPv6: Can't replace route, no match found
[  439.137464][T15969] netlink: 'syz.7.3209': attribute type 11 has an invalid length.
[  439.431771][T15994] netlink: 'syz.6.3218': attribute type 2 has an invalid length.
[  439.471212][T15994] netlink: 6396 bytes leftover after parsing attributes in process `syz.6.3218'.
[  439.593358][T16004] FAULT_INJECTION: forcing a failure.
[  439.593358][T16004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.636329][T16004] CPU: 1 UID: 0 PID: 16004 Comm: syz.3.3222 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  439.636360][T16004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  439.636372][T16004] Call Trace:
[  439.636379][T16004]  <TASK>
[  439.636388][T16004]  dump_stack_lvl+0x189/0x250
[  439.636417][T16004]  ? __pfx____ratelimit+0x10/0x10
[  439.636443][T16004]  ? __pfx_dump_stack_lvl+0x10/0x10
[  439.636466][T16004]  ? __pfx__printk+0x10/0x10
[  439.636492][T16004]  ? __might_fault+0xb0/0x130
[  439.636529][T16004]  should_fail_ex+0x414/0x560
[  439.636563][T16004]  _copy_from_user+0x2d/0xb0
[  439.636586][T16004]  generic_map_update_batch+0x572/0x7f0
[  439.636627][T16004]  ? __pfx_generic_map_update_batch+0x10/0x10
[  439.636652][T16004]  ? __fget_files+0x2a/0x420
[  439.636685][T16004]  ? __pfx_generic_map_update_batch+0x10/0x10
[  439.636709][T16004]  bpf_map_do_batch+0x369/0x5f0
[  439.636735][T16004]  __sys_bpf+0x384/0x860
[  439.636767][T16004]  ? __pfx___sys_bpf+0x10/0x10
[  439.636808][T16004]  ? ksys_write+0x22a/0x250
[  439.636832][T16004]  ? __pfx_ksys_write+0x10/0x10
[  439.636851][T16004]  ? rcu_is_watching+0x15/0xb0
[  439.636882][T16004]  __x64_sys_bpf+0x7c/0x90
[  439.636909][T16004]  do_syscall_64+0xfa/0x3b0
[  439.636932][T16004]  ? lockdep_hardirqs_on+0x9c/0x150
[  439.636956][T16004]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.636975][T16004]  ? clear_bhb_loop+0x60/0xb0
[  439.636999][T16004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.637017][T16004] RIP: 0033:0x7f5c4198e929
[  439.637035][T16004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.637052][T16004] RSP: 002b:00007f5c428a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  439.637073][T16004] RAX: ffffffffffffffda RBX: 00007f5c41bb5fa0 RCX: 00007f5c4198e929
[  439.637086][T16004] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  439.637105][T16004] RBP: 00007f5c428a0090 R08: 0000000000000000 R09: 0000000000000000
[  439.637117][T16004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  439.637128][T16004] R13: 0000000000000000 R14: 00007f5c41bb5fa0 R15: 00007ffe3c2e59e8
[  439.637169][T16004]  </TASK>
[  440.057031][T16015] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3227'.
[  440.111987][T16015] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3227'.
[  440.148754][T16015] netlink: 'syz.7.3227': attribute type 13 has an invalid length.
[  440.157858][T16015] netlink: 'syz.7.3227': attribute type 11 has an invalid length.
[  440.640903][T16038] netlink: 148 bytes leftover after parsing attributes in process `syz.7.3236'.
[  440.645369][T16028] syzkaller0: entered allmulticast mode
[  440.672660][T16035] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  440.790245][T16035] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  441.107184][T16058] netlink: 'syz.0.3241': attribute type 2 has an invalid length.
[  441.153674][T16058] netlink: 6396 bytes leftover after parsing attributes in process `syz.0.3241'.
[  442.179480][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  442.901422][ T5849] Bluetooth: hci8: command 0x040f tx timeout
[  444.264010][T16074] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3243'.
[  444.293777][T16074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3243'.
[  444.326913][T16074] netlink: 'syz.0.3243': attribute type 13 has an invalid length.
[  444.354541][T16074] netlink: 'syz.0.3243': attribute type 11 has an invalid length.
[  444.695547][ T3527] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.718871][ T3527] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.768745][ T3527] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.851905][ T3527] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.903259][T16097] netlink: 'syz.7.3248': attribute type 16 has an invalid length.
[  444.953188][T16097] netlink: 'syz.7.3248': attribute type 17 has an invalid length.
[  444.970257][T16097] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.977628][T16097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  444.986333][T16097] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.993558][T16097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  445.032235][T16097] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  446.040181][T16133] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  448.125316][T16201] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3285'.
[  448.210737][T16203] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3285'.
[  448.220918][T16197] syzkaller0: entered promiscuous mode
[  448.220962][T16197] syzkaller0: entered allmulticast mode
[  449.401497][T16227] netlink: 'syz.2.3292': attribute type 1 has an invalid length.
[  451.139838][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  451.897502][T16242] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3298'.
[  452.374207][T16265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3304'.
[  452.575589][ T5849] Bluetooth: hci5: command 0x0406 tx timeout
[  452.688610][T16272] netlink: 'syz.0.3306': attribute type 21 has an invalid length.
[  453.149647][T16282] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3311'.
[  453.182238][T16282] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3311'.
[  453.508450][T16295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3315'.
[  453.543523][T16298] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3316'.
[  453.578576][T16295] team_slave_0: entered promiscuous mode
[  453.584569][T16295] team_slave_1: entered promiscuous mode
[  453.619529][T16295] team_slave_0: left promiscuous mode
[  453.625195][T16295] team_slave_1: left promiscuous mode
[  453.826081][T16312] netlink: 828 bytes leftover after parsing attributes in process `syz.0.3321'.
[  453.979219][T16317] netlink: 'syz.2.3323': attribute type 10 has an invalid length.
[  453.989441][T16317] bridge0: port 3(netdevsim0) entered blocking state
[  453.997109][T16317] bridge0: port 3(netdevsim0) entered disabled state
[  454.004371][T16317] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  454.046443][T16317] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  454.046829][T16321] openvswitch: netlink: Message has 16 unknown bytes.
[  454.056582][T16317] bridge0: port 3(netdevsim0) entered blocking state
[  454.070294][T16317] bridge0: port 3(netdevsim0) entered forwarding state
[  454.460009][T16335] mac80211_hwsim hwsim32 wlan0: entered promiscuous mode
[  454.480319][T16335] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  454.570715][T16343] netlink: 'syz.7.3331': attribute type 1 has an invalid length.
[  454.601532][T16343] netlink: 224 bytes leftover after parsing attributes in process `syz.7.3331'.
[  454.799635][T16349] tipc: Started in network mode
[  454.828708][T16349] tipc: Node identity aaaaaaaaaa3a, cluster identity 4711
[  454.847158][T16349] tipc: Enabled bearer <eth:macvtap0>, priority 21
[  454.997683][T16353] netlink: 828 bytes leftover after parsing attributes in process `syz.2.3335'.
[  455.112018][T16355] netlink: 100 bytes leftover after parsing attributes in process `syz.7.3336'.
[  455.398092][T16364] netlink: 'syz.3.3340': attribute type 1 has an invalid length.
[  455.406248][T16364] netlink: 'syz.3.3340': attribute type 3 has an invalid length.
[  455.414096][T16364] netlink: 'syz.3.3340': attribute type 1 has an invalid length.
[  455.444583][T16364] NCSI netlink: No device for ifindex 0
[  455.979466][T14974] tipc: Node number set to 9480874
[  456.551613][T16406] tipc: Started in network mode
[  456.571833][T16406] tipc: Node identity befb7d29b0dd, cluster identity 4711
[  456.614978][T16406] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  456.971983][T16424] vlan0: entered promiscuous mode
[  457.009074][T16424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  457.075570][T16424] __nla_validate_parse: 5 callbacks suppressed
[  457.075590][T16424] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3360'.
[  457.249626][T16434] netlink: 828 bytes leftover after parsing attributes in process `syz.2.3364'.
[  457.318223][T16441] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3366'.
[  457.413354][T16447] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3367'.
[  457.697377][ T5849] Bluetooth: hci6: command 0x0406 tx timeout
[  457.724883][T14971] tipc: Node number set to 237403433
[  457.976714][T16472] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  458.008061][T16472] batadv_slave_1: entered promiscuous mode
[  458.261127][T16486] openvswitch: netlink: Flow actions attr not present in new flow.
[  458.390364][T16493] netlink: 'syz.7.3383': attribute type 1 has an invalid length.
[  458.403945][T16493] netlink: 224 bytes leftover after parsing attributes in process `syz.7.3383'.
[  458.511729][T16498] netlink: 1041 bytes leftover after parsing attributes in process `syz.6.3384'.
[  458.683541][T16506] FAULT_INJECTION: forcing a failure.
[  458.683541][T16506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  458.700313][T16506] CPU: 1 UID: 0 PID: 16506 Comm: syz.7.3386 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  458.700345][T16506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  458.700356][T16506] Call Trace:
[  458.700364][T16506]  <TASK>
[  458.700373][T16506]  dump_stack_lvl+0x189/0x250
[  458.700401][T16506]  ? __pfx____ratelimit+0x10/0x10
[  458.700427][T16506]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.700450][T16506]  ? __pfx__printk+0x10/0x10
[  458.700476][T16506]  ? __might_fault+0xb0/0x130
[  458.700513][T16506]  should_fail_ex+0x414/0x560
[  458.700545][T16506]  _copy_from_user+0x2d/0xb0
[  458.700568][T16506]  ___sys_sendmsg+0x158/0x2a0
[  458.700591][T16506]  ? __pfx____sys_sendmsg+0x10/0x10
[  458.700652][T16506]  ? __fget_files+0x2a/0x420
[  458.700676][T16506]  ? __fget_files+0x3a0/0x420
[  458.700711][T16506]  __sys_sendmmsg+0x227/0x430
[  458.700736][T16506]  ? __pfx___sys_sendmmsg+0x10/0x10
[  458.700751][T16506]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  458.700806][T16506]  ? ksys_write+0x22a/0x250
[  458.700830][T16506]  ? __pfx_ksys_write+0x10/0x10
[  458.700849][T16506]  ? rcu_is_watching+0x15/0xb0
[  458.700881][T16506]  __x64_sys_sendmmsg+0xa0/0xc0
[  458.700903][T16506]  do_syscall_64+0xfa/0x3b0
[  458.700927][T16506]  ? lockdep_hardirqs_on+0x9c/0x150
[  458.700948][T16506]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.700966][T16506]  ? clear_bhb_loop+0x60/0xb0
[  458.700989][T16506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.701006][T16506] RIP: 0033:0x7fcb8718e929
[  458.701025][T16506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.701042][T16506] RSP: 002b:00007fcb84ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  458.701064][T16506] RAX: ffffffffffffffda RBX: 00007fcb873b5fa0 RCX: 00007fcb8718e929
[  458.701087][T16506] RDX: 0000000000000001 RSI: 0000200000000500 RDI: 0000000000000004
[  458.701099][T16506] RBP: 00007fcb84ff6090 R08: 0000000000000000 R09: 0000000000000000
[  458.701112][T16506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.701124][T16506] R13: 0000000000000000 R14: 00007fcb873b5fa0 R15: 00007ffc001ba428
[  458.701157][T16506]  </TASK>
[  459.100282][T16515] netlink: 'syz.3.3389': attribute type 1 has an invalid length.
[  459.213232][T16515] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  459.236696][T16515] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  459.303882][T16526] gretap1: entered promiscuous mode
[  459.333555][T16526] bond1: (slave gretap1): making interface the new active one
[  459.394693][T16526] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  459.419735][T16532] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3394'.
[  459.491597][T16515] macvlan2: entered promiscuous mode
[  459.516161][T16515] macvlan2: entered allmulticast mode
[  459.541291][T16515] bond1: entered promiscuous mode
[  459.554427][T16515] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  459.572189][T16515] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  459.589145][T16515] bond1: left promiscuous mode
[  459.946428][T16542] can: request_module (can-proto-3) failed.
[  460.009622][T16549] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3398'.
[  460.136620][T16553] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3399'.
[  460.149951][T16553] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3399'.
[  460.310824][T16558] FAULT_INJECTION: forcing a failure.
[  460.310824][T16558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.384846][T16558] CPU: 1 UID: 0 PID: 16558 Comm: syz.7.3402 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  460.384876][T16558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  460.384886][T16558] Call Trace:
[  460.384893][T16558]  <TASK>
[  460.384901][T16558]  dump_stack_lvl+0x189/0x250
[  460.384929][T16558]  ? __pfx____ratelimit+0x10/0x10
[  460.384953][T16558]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.384971][T16558]  ? __pfx__printk+0x10/0x10
[  460.385011][T16558]  should_fail_ex+0x414/0x560
[  460.385043][T16558]  _copy_from_user+0x2d/0xb0
[  460.385066][T16558]  __copy_msghdr+0x3c5/0x5b0
[  460.385097][T16558]  ___sys_sendmsg+0x1a5/0x2a0
[  460.385115][T16558]  ? __pfx____sys_sendmsg+0x10/0x10
[  460.385170][T16558]  ? __fget_files+0x2a/0x420
[  460.385191][T16558]  ? __fget_files+0x3a0/0x420
[  460.385222][T16558]  __sys_sendmmsg+0x227/0x430
[  460.385241][T16558]  ? __pfx___sys_sendmmsg+0x10/0x10
[  460.385252][T16558]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  460.385300][T16558]  ? ksys_write+0x22a/0x250
[  460.385325][T16558]  ? __pfx_ksys_write+0x10/0x10
[  460.385343][T16558]  ? rcu_is_watching+0x15/0xb0
[  460.385370][T16558]  __x64_sys_sendmmsg+0xa0/0xc0
[  460.385391][T16558]  do_syscall_64+0xfa/0x3b0
[  460.385415][T16558]  ? lockdep_hardirqs_on+0x9c/0x150
[  460.385438][T16558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.385457][T16558]  ? clear_bhb_loop+0x60/0xb0
[  460.385480][T16558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.385498][T16558] RIP: 0033:0x7fcb8718e929
[  460.385516][T16558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.385532][T16558] RSP: 002b:00007fcb84ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  460.385553][T16558] RAX: ffffffffffffffda RBX: 00007fcb873b5fa0 RCX: 00007fcb8718e929
[  460.385567][T16558] RDX: 0000000000000001 RSI: 0000200000000500 RDI: 0000000000000004
[  460.385578][T16558] RBP: 00007fcb84ff6090 R08: 0000000000000000 R09: 0000000000000000
[  460.385590][T16558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  460.385601][T16558] R13: 0000000000000000 R14: 00007fcb873b5fa0 R15: 00007ffc001ba428
[  460.385633][T16558]  </TASK>
[  460.493295][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  461.102665][T16574] IPv6: Can't replace route, no match found
[  461.143174][T16577] netlink: 'syz.0.3408': attribute type 1 has an invalid length.
[  461.266430][T16586] FAULT_INJECTION: forcing a failure.
[  461.266430][T16586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  461.285808][T16584] bond1: (slave gretap1): making interface the new active one
[  461.294618][T16584] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  461.312209][T16586] CPU: 0 UID: 0 PID: 16586 Comm: syz.2.3410 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  461.312229][T16586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  461.312237][T16586] Call Trace:
[  461.312241][T16586]  <TASK>
[  461.312247][T16586]  dump_stack_lvl+0x189/0x250
[  461.312266][T16586]  ? __pfx____ratelimit+0x10/0x10
[  461.312281][T16586]  ? __pfx_dump_stack_lvl+0x10/0x10
[  461.312295][T16586]  ? __pfx__printk+0x10/0x10
[  461.312311][T16586]  ? __might_fault+0xb0/0x130
[  461.312331][T16586]  should_fail_ex+0x414/0x560
[  461.312350][T16586]  _copy_from_user+0x2d/0xb0
[  461.312364][T16586]  generic_map_update_batch+0x51b/0x7f0
[  461.312388][T16586]  ? __pfx_generic_map_update_batch+0x10/0x10
[  461.312403][T16586]  ? __fget_files+0x2a/0x420
[  461.312422][T16586]  ? __pfx_generic_map_update_batch+0x10/0x10
[  461.312436][T16586]  bpf_map_do_batch+0x369/0x5f0
[  461.312451][T16586]  __sys_bpf+0x384/0x860
[  461.312470][T16586]  ? __pfx___sys_bpf+0x10/0x10
[  461.312495][T16586]  ? ksys_write+0x22a/0x250
[  461.312509][T16586]  ? __pfx_ksys_write+0x10/0x10
[  461.312527][T16586]  __x64_sys_bpf+0x7c/0x90
[  461.312543][T16586]  do_syscall_64+0xfa/0x3b0
[  461.312557][T16586]  ? lockdep_hardirqs_on+0x9c/0x150
[  461.312572][T16586]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.312583][T16586]  ? clear_bhb_loop+0x60/0xb0
[  461.312596][T16586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.312607][T16586] RIP: 0033:0x7fec1f98e929
[  461.312618][T16586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  461.312628][T16586] RSP: 002b:00007fec20854038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  461.312641][T16586] RAX: ffffffffffffffda RBX: 00007fec1fbb5fa0 RCX: 00007fec1f98e929
[  461.312650][T16586] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  461.312657][T16586] RBP: 00007fec20854090 R08: 0000000000000000 R09: 0000000000000000
[  461.312664][T16586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  461.312670][T16586] R13: 0000000000000000 R14: 00007fec1fbb5fa0 R15: 00007ffd7be3cff8
[  461.312689][T16586]  </TASK>
[  461.858457][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  462.213793][T16617] netlink: 'syz.2.3420': attribute type 10 has an invalid length.
[  462.289233][T16617] bridge0: port 3(netdevsim0) entered disabled state
[  462.332754][T16617] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  462.361409][T16617] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  462.390588][T16617] bridge0: port 3(netdevsim0) entered disabled state
[  462.449339][T16617] batman_adv: batadv0: Adding interface: netdevsim0
[  462.475250][T16617] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.564284][T16617] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  463.109016][T16656] ipt_ECN: cannot use operation on non-tcp rule
[  463.228525][T16661] __nla_validate_parse: 75 callbacks suppressed
[  463.228548][T16661] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3435'.
[  463.794387][T16685] xt_CT: You must specify a L4 protocol and not use inversions on it
[  463.854481][T16686] FAULT_INJECTION: forcing a failure.
[  463.854481][T16686] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  463.874915][T16686] CPU: 1 UID: 0 PID: 16686 Comm: syz.6.3445 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  463.874946][T16686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  463.874957][T16686] Call Trace:
[  463.874965][T16686]  <TASK>
[  463.874974][T16686]  dump_stack_lvl+0x189/0x250
[  463.875005][T16686]  ? __pfx____ratelimit+0x10/0x10
[  463.875040][T16686]  ? __pfx_dump_stack_lvl+0x10/0x10
[  463.875063][T16686]  ? __pfx__printk+0x10/0x10
[  463.875088][T16686]  ? __might_fault+0xb0/0x130
[  463.875121][T16686]  should_fail_ex+0x414/0x560
[  463.875152][T16686]  _copy_from_user+0x2d/0xb0
[  463.875176][T16686]  generic_map_update_batch+0x51b/0x7f0
[  463.875217][T16686]  ? __pfx_generic_map_update_batch+0x10/0x10
[  463.875242][T16686]  ? __fget_files+0x2a/0x420
[  463.875275][T16686]  ? __pfx_generic_map_update_batch+0x10/0x10
[  463.875299][T16686]  bpf_map_do_batch+0x369/0x5f0
[  463.875325][T16686]  __sys_bpf+0x384/0x860
[  463.875357][T16686]  ? __pfx___sys_bpf+0x10/0x10
[  463.875402][T16686]  ? ksys_write+0x22a/0x250
[  463.875427][T16686]  ? __pfx_ksys_write+0x10/0x10
[  463.875445][T16686]  ? rcu_is_watching+0x15/0xb0
[  463.875477][T16686]  __x64_sys_bpf+0x7c/0x90
[  463.875505][T16686]  do_syscall_64+0xfa/0x3b0
[  463.875528][T16686]  ? lockdep_hardirqs_on+0x9c/0x150
[  463.875552][T16686]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.875571][T16686]  ? clear_bhb_loop+0x60/0xb0
[  463.875594][T16686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.875612][T16686] RIP: 0033:0x7f782eb8e929
[  463.875631][T16686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.875646][T16686] RSP: 002b:00007f782f9ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  463.875667][T16686] RAX: ffffffffffffffda RBX: 00007f782edb5fa0 RCX: 00007f782eb8e929
[  463.875680][T16686] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  463.875693][T16686] RBP: 00007f782f9ae090 R08: 0000000000000000 R09: 0000000000000000
[  463.875705][T16686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  463.875716][T16686] R13: 0000000000000000 R14: 00007f782edb5fa0 R15: 00007ffd8297e568
[  463.875750][T16686]  </TASK>
[  464.415157][T16698] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3447'.
[  464.489876][T16705] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3449'.
[  464.867463][T16715] netlink: 828 bytes leftover after parsing attributes in process `syz.0.3453'.
[  465.339478][T16726] netlink: 'syz.7.3457': attribute type 4 has an invalid length.
[  465.676954][T16733] netlink: 'syz.7.3459': attribute type 10 has an invalid length.
[  465.699022][T16733] team0: Port device dummy0 added
[  466.083757][T16752] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3468'.
[  466.195087][   T30] audit: type=1800 audit(1752557199.412:6): pid=16759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3468" name="@" dev="tmpfs" ino=1340 res=0 errno=0
[  466.926914][T16779] FAULT_INJECTION: forcing a failure.
[  466.926914][T16779] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  466.956198][T16779] CPU: 1 UID: 0 PID: 16779 Comm: syz.3.3473 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  466.956230][T16779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  466.956241][T16779] Call Trace:
[  466.956249][T16779]  <TASK>
[  466.956258][T16779]  dump_stack_lvl+0x189/0x250
[  466.956287][T16779]  ? __pfx____ratelimit+0x10/0x10
[  466.956314][T16779]  ? __pfx_dump_stack_lvl+0x10/0x10
[  466.956337][T16779]  ? __pfx__printk+0x10/0x10
[  466.956364][T16779]  ? __might_fault+0xb0/0x130
[  466.956400][T16779]  should_fail_ex+0x414/0x560
[  466.956434][T16779]  _copy_from_user+0x2d/0xb0
[  466.956458][T16779]  generic_map_update_batch+0x51b/0x7f0
[  466.956499][T16779]  ? __pfx_generic_map_update_batch+0x10/0x10
[  466.956524][T16779]  ? __fget_files+0x2a/0x420
[  466.956556][T16779]  ? __pfx_generic_map_update_batch+0x10/0x10
[  466.956579][T16779]  bpf_map_do_batch+0x369/0x5f0
[  466.956607][T16779]  __sys_bpf+0x384/0x860
[  466.956639][T16779]  ? __pfx___sys_bpf+0x10/0x10
[  466.956683][T16779]  ? ksys_write+0x22a/0x250
[  466.956708][T16779]  ? __pfx_ksys_write+0x10/0x10
[  466.956727][T16779]  ? rcu_is_watching+0x15/0xb0
[  466.956759][T16779]  __x64_sys_bpf+0x7c/0x90
[  466.956787][T16779]  do_syscall_64+0xfa/0x3b0
[  466.956819][T16779]  ? lockdep_hardirqs_on+0x9c/0x150
[  466.956844][T16779]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.956863][T16779]  ? clear_bhb_loop+0x60/0xb0
[  466.956887][T16779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.956905][T16779] RIP: 0033:0x7f5c4198e929
[  466.956924][T16779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.956941][T16779] RSP: 002b:00007f5c428a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  466.956963][T16779] RAX: ffffffffffffffda RBX: 00007f5c41bb5fa0 RCX: 00007f5c4198e929
[  466.956977][T16779] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  466.956990][T16779] RBP: 00007f5c428a0090 R08: 0000000000000000 R09: 0000000000000000
[  466.957002][T16779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  466.957014][T16779] R13: 0000000000000000 R14: 00007f5c41bb5fa0 R15: 00007ffe3c2e59e8
[  466.957048][T16779]  </TASK>
[  467.615744][T16794] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3480'.
[  467.893744][T16799] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3479'.
[  468.342023][T16805] netlink: 'syz.3.3483': attribute type 4 has an invalid length.
[  468.368646][T16806] netlink: 'syz.3.3483': attribute type 4 has an invalid length.
[  468.415454][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  469.231309][T16833] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3493'.
[  469.635849][T16846] FAULT_INJECTION: forcing a failure.
[  469.635849][T16846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.676774][T16846] CPU: 1 UID: 0 PID: 16846 Comm: syz.7.3497 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  469.676825][T16846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.676836][T16846] Call Trace:
[  469.676851][T16846]  <TASK>
[  469.676859][T16846]  dump_stack_lvl+0x189/0x250
[  469.676889][T16846]  ? __pfx____ratelimit+0x10/0x10
[  469.676915][T16846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.676946][T16846]  ? __pfx__printk+0x10/0x10
[  469.676973][T16846]  ? __might_fault+0xb0/0x130
[  469.677008][T16846]  should_fail_ex+0x414/0x560
[  469.677039][T16846]  _copy_from_user+0x2d/0xb0
[  469.677063][T16846]  generic_map_update_batch+0x51b/0x7f0
[  469.677104][T16846]  ? __pfx_generic_map_update_batch+0x10/0x10
[  469.677128][T16846]  ? __fget_files+0x2a/0x420
[  469.677161][T16846]  ? __pfx_generic_map_update_batch+0x10/0x10
[  469.677185][T16846]  bpf_map_do_batch+0x369/0x5f0
[  469.677212][T16846]  __sys_bpf+0x384/0x860
[  469.677243][T16846]  ? __pfx___sys_bpf+0x10/0x10
[  469.677287][T16846]  ? ksys_write+0x22a/0x250
[  469.677312][T16846]  ? __pfx_ksys_write+0x10/0x10
[  469.677331][T16846]  ? rcu_is_watching+0x15/0xb0
[  469.677362][T16846]  __x64_sys_bpf+0x7c/0x90
[  469.677396][T16846]  do_syscall_64+0xfa/0x3b0
[  469.677422][T16846]  ? lockdep_hardirqs_on+0x9c/0x150
[  469.677445][T16846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.677464][T16846]  ? clear_bhb_loop+0x60/0xb0
[  469.677488][T16846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.677505][T16846] RIP: 0033:0x7fcb8718e929
[  469.677524][T16846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.677541][T16846] RSP: 002b:00007fcb84ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  469.677563][T16846] RAX: ffffffffffffffda RBX: 00007fcb873b5fa0 RCX: 00007fcb8718e929
[  469.677577][T16846] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  469.677589][T16846] RBP: 00007fcb84ff6090 R08: 0000000000000000 R09: 0000000000000000
[  469.677602][T16846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  469.677613][T16846] R13: 0000000000000000 R14: 00007fcb873b5fa0 R15: 00007ffc001ba428
[  469.677647][T16846]  </TASK>
[  471.504423][T16889] syzkaller0: entered promiscuous mode
[  471.510490][T16889] syzkaller0: entered allmulticast mode
[  471.644142][T16895] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3515'.
[  473.088050][ T5849] Bluetooth: hci7: command 0x0405 tx timeout
[  474.177798][   T31] INFO: task syz.5.2148:12518 blocked for more than 143 seconds.
[  474.187892][   T31]       Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0
[  474.201399][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  474.211437][   T31] task:syz.5.2148      state:D stack:26904 pid:12518 tgid:12511 ppid:12070  task_flags:0x400140 flags:0x00004004
[  474.226432][   T31] Call Trace:
[  474.229866][   T31]  <TASK>
[  474.232985][   T31]  __schedule+0x16f5/0x4d00
[  474.238051][   T31]  ? __lock_acquire+0xab9/0xd20
[  474.243034][   T31]  ? schedule+0x165/0x360
[  474.247533][   T31]  ? __pfx___schedule+0x10/0x10
[  474.252880][   T31]  ? schedule+0x91/0x360
[  474.257425][   T31]  schedule+0x165/0x360
[  474.261826][   T31]  schedule_preempt_disabled+0x13/0x30
[  474.267834][   T31]  __mutex_lock+0x724/0xe80
[  474.272634][   T31]  ? __mutex_lock+0x51b/0xe80
[  474.277536][   T31]  ? nfsd_nl_listener_get_doit+0x10a/0x5e0
[  474.283683][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  474.289526][   T31]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  474.298539][   T31]  ? __nlmsg_put+0xef/0x1b0
[  474.303244][   T31]  ? genlmsg_put+0x137/0x2e0
[  474.314028][   T31]  nfsd_nl_listener_get_doit+0x10a/0x5e0
[  474.329956][   T31]  ? __dev_queue_xmit+0x27b/0x3b50
[  474.339386][   T31]  ? genl_family_rcv_msg_attrs_parse+0x13b/0x2a0
[  474.353519][   T31]  genl_family_rcv_msg_doit+0x212/0x300
[  474.364029][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  474.376196][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  474.383076][   T31]  genl_rcv_msg+0x60e/0x790
[  474.399873][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  474.408493][   T31]  ? __pfx_nfsd_nl_listener_get_doit+0x10/0x10
[  474.416773][   T31]  netlink_rcv_skb+0x205/0x470
[  474.422238][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  474.432706][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  474.439455][   T31]  ? down_read+0x1ad/0x2e0
[  474.444344][   T31]  genl_rcv+0x28/0x40
[  474.448780][   T31]  netlink_unicast+0x759/0x8e0
[  474.454184][   T31]  netlink_sendmsg+0x805/0xb30
[  474.459522][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  474.465264][   T31]  ? aa_sock_msg_perm+0x94/0x160
[  474.470628][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  474.476196][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  474.481820][   T31]  __sock_sendmsg+0x219/0x270
[  474.486793][   T31]  ____sys_sendmsg+0x505/0x830
[  474.492073][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  474.499574][   T31]  ? import_iovec+0x74/0xa0
[  474.505301][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  474.514015][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  474.526516][   T31]  ? __fget_files+0x2a/0x420
[  474.533845][   T31]  ? __fget_files+0x3a0/0x420
[  474.539969][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  474.546111][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  474.552425][   T31]  ? rcu_is_watching+0x15/0xb0
[  474.561453][   T31]  ? do_syscall_64+0xbe/0x3b0
[  474.573435][   T31]  do_syscall_64+0xfa/0x3b0
[  474.600652][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  474.609341][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.623429][   T31]  ? clear_bhb_loop+0x60/0xb0
[  474.631370][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.646281][   T31] RIP: 0033:0x7f35ea18e929
[  474.651049][   T31] RSP: 002b:00007f35e7fb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  474.660613][   T31] RAX: ffffffffffffffda RBX: 00007f35ea3b6160 RCX: 00007f35ea18e929
[  474.669249][   T31] RDX: 0000000000000010 RSI: 0000200000001540 RDI: 000000000000000a
[  474.677965][   T31] RBP: 00007f35ea210b39 R08: 0000000000000000 R09: 0000000000000000
[  474.686520][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  474.694840][   T31] R13: 0000000000000000 R14: 00007f35ea3b6160 R15: 00007ffd87141f88
[  474.703232][   T31]  </TASK>
[  474.708707][   T31] INFO: task syz.1.2242:12834 blocked for more than 143 seconds.
[  474.716846][   T31]       Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0
[  474.725503][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  474.737018][   T31] task:syz.1.2242      state:D stack:25352 pid:12834 tgid:12832 ppid:5848   task_flags:0x400140 flags:0x00004004
[  474.749636][   T31] Call Trace:
[  474.753118][   T31]  <TASK>
[  474.759280][   T31]  __schedule+0x16f5/0x4d00
[  474.764346][   T31]  ? __lock_acquire+0xab9/0xd20
[  474.770384][   T31]  ? schedule+0x165/0x360
[  474.775048][   T31]  ? __pfx___schedule+0x10/0x10
[  474.793717][   T31]  ? schedule+0x91/0x360
[  474.800854][   T31]  schedule+0x165/0x360
[  474.813381][   T31]  schedule_preempt_disabled+0x13/0x30
[  474.837238][   T31]  __mutex_lock+0x724/0xe80
[  474.843619][   T31]  ? __mutex_lock+0x51b/0xe80
[  474.849579][   T31]  ? nfsd_nl_listener_set_doit+0x137/0x1690
[  474.856360][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  474.861783][   T31]  ? __asan_memset+0x22/0x50
[  474.868466][   T31]  ? ____sys_sendmsg+0x505/0x830
[  474.874134][   T31]  ? ___sys_sendmsg+0x21f/0x2a0
[  474.881346][   T31]  ? __x64_sys_sendmsg+0x19b/0x260
[  474.888199][   T31]  nfsd_nl_listener_set_doit+0x137/0x1690
[  474.895012][   T31]  ? __pfx___nla_validate_parse+0x10/0x10
[  474.901774][   T31]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  474.909344][   T31]  ? __nla_parse+0x40/0x60
[  474.914436][   T31]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  474.921661][   T31]  genl_family_rcv_msg_doit+0x212/0x300
[  474.927962][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  474.934391][   T31]  ? bpf_lsm_capable+0x9/0x20
[  474.941193][   T31]  ? security_capable+0x7e/0x2e0
[  474.946641][   T31]  genl_rcv_msg+0x60e/0x790
[  474.952228][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  474.958224][   T31]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  474.965243][   T31]  netlink_rcv_skb+0x205/0x470
[  474.970462][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  474.976284][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  474.982397][   T31]  ? down_read+0x1ad/0x2e0
[  474.987214][   T31]  genl_rcv+0x28/0x40
[  474.991374][   T31]  netlink_unicast+0x759/0x8e0
[  474.996986][   T31]  netlink_sendmsg+0x805/0xb30
[  475.002159][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.008436][   T31]  ? aa_sock_msg_perm+0x94/0x160
[  475.013580][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  475.019193][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.025063][   T31]  __sock_sendmsg+0x219/0x270
[  475.030993][   T31]  ____sys_sendmsg+0x505/0x830
[  475.039163][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  475.045737][   T31]  ? import_iovec+0x74/0xa0
[  475.050734][   T31]  ___sys_sendmsg+0x21f/0x2a0
[  475.056498][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  475.062647][   T31]  ? __fget_files+0x2a/0x420
[  475.068758][   T31]  ? __fget_files+0x3a0/0x420
[  475.073642][   T31]  __x64_sys_sendmsg+0x19b/0x260
[  475.078909][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  475.085464][   T31]  ? rcu_is_watching+0x15/0xb0
[  475.090913][   T31]  ? do_syscall_64+0xbe/0x3b0
[  475.095945][   T31]  do_syscall_64+0xfa/0x3b0
[  475.100952][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  475.106705][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.113278][   T31]  ? clear_bhb_loop+0x60/0xb0
[  475.119027][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.125398][   T31] RIP: 0033:0x7fab9558e929
[  475.130290][   T31] RSP: 002b:00007fab9643f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  475.139922][   T31] RAX: ffffffffffffffda RBX: 00007fab957b5fa0 RCX: 00007fab9558e929
[  475.149168][   T31] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[  475.157767][   T31] RBP: 00007fab95610b39 R08: 0000000000000000 R09: 0000000000000000
[  475.166070][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  475.174237][   T31] R13: 0000000000000000 R14: 00007fab957b5fa0 R15: 00007fff1cf46e18
[  475.182994][   T31]  </TASK>
[  475.186629][   T31] 
[  475.186629][   T31] Showing all locks held in the system:
[  475.195606][   T31] 1 lock held by khungtaskd/31:
[  475.200783][   T31]  #0: ffffffff8e13f160 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  475.263289][   T31] 2 locks held by kworker/u8:6/3466:
[  475.282022][   T31] 3 locks held by kworker/u8:7/3527:
[  475.303530][   T31]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  475.338918][   T31]  #1: ffffc9000b7a7bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  475.352464][   T31]  #2: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  475.362528][   T31] 2 locks held by getty/5607:
[  475.367550][   T31]  #0: ffff888034eba0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  475.377879][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  475.396884][   T31] 2 locks held by kworker/u9:3/5857:
[  475.402293][   T31]  #0: ffff8880253ad948 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  475.418024][   T31]  #1: ffffc9000441fbc0 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  475.430785][   T31] 2 locks held by syz.4.1887/11621:
[  475.436563][   T31]  #0: ffffffff8f5854b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  475.445476][   T31]  #1: ffffffff8e41d588 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690
[  475.457121][   T31] 2 locks held by syz.5.2148/12518:
[  475.462738][   T31]  #0: ffffffff8f5854b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  475.471241][   T31]  #1: ffffffff8e41d588 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_get_doit+0x10a/0x5e0
[  475.493018][   T31] 2 locks held by syz.1.2242/12834:
[  475.500070][   T31]  #0: ffffffff8f5854b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  475.519557][   T31]  #1: ffffffff8e41d588 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x137/0x1690
[  475.543988][   T31] 1 lock held by syz.3.3502/16857:
[  475.549393][   T31] 2 locks held by syz.0.3514/16888:
[  475.555517][   T31]  #0: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  475.565289][   T31]  #1: ffffffff8e144c78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  475.576583][   T31] 1 lock held by syz.6.3515/16891:
[  475.581963][   T31]  #0: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: xsk_bind+0x156/0xf90
[  475.590983][   T31] 1 lock held by syz.6.3515/16895:
[  475.602757][   T31]  #0: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dellink+0x331/0x710
[  475.612650][   T31] 2 locks held by syz.6.3515/16900:
[  475.620719][   T31]  #0: ffffffff8f5854b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  475.629860][   T31]  #1: ffffffff8f5852c8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  475.639355][   T31] 1 lock held by syz.6.3515/16903:
[  475.644578][   T31]  #0: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[  475.655346][   T31] 3 locks held by syz.2.3518/16899:
[  475.662213][   T31]  #0: ffffffff8f5854b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  475.670678][   T31]  #1: ffffffff8f5852c8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  475.679875][   T31]  #2: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: nl802154_pre_doit+0xbc/0xa00
[  475.689662][   T31] 1 lock held by syz.7.3519/16902:
[  475.695487][   T31]  #0: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x37a/0x1df0
[  475.712892][   T31] 1 lock held by syz.7.3519/16904:
[  475.718417][   T31]  #0: ffffffff8f520508 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[  475.728157][   T31] 
[  475.730548][   T31] =============================================
[  475.730548][   T31] 
[  475.754845][   T31] NMI backtrace for cpu 1
[  475.754870][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  475.754893][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.754903][   T31] Call Trace:
[  475.754910][   T31]  <TASK>
[  475.754920][   T31]  dump_stack_lvl+0x189/0x250
[  475.754947][   T31]  ? __wake_up_klogd+0xd9/0x110
[  475.754976][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  475.754999][   T31]  ? __pfx__printk+0x10/0x10
[  475.755037][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  475.755062][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  475.755079][   T31]  ? _printk+0xcf/0x120
[  475.755109][   T31]  ? __pfx__printk+0x10/0x10
[  475.755136][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  475.755157][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  475.755182][   T31]  watchdog+0xfee/0x1030
[  475.755204][   T31]  ? watchdog+0x1de/0x1030
[  475.755231][   T31]  kthread+0x70e/0x8a0
[  475.755256][   T31]  ? __pfx_watchdog+0x10/0x10
[  475.755270][   T31]  ? __pfx_kthread+0x10/0x10
[  475.755295][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  475.755316][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  475.755337][   T31]  ? __pfx_kthread+0x10/0x10
[  475.755362][   T31]  ret_from_fork+0x3fc/0x770
[  475.755385][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  475.755411][   T31]  ? __switch_to_asm+0x39/0x70
[  475.755434][   T31]  ? __switch_to_asm+0x33/0x70
[  475.755455][   T31]  ? __pfx_kthread+0x10/0x10
[  475.755482][   T31]  ret_from_fork_asm+0x1a/0x30
[  475.755521][   T31]  </TASK>
[  475.755531][   T31] Sending NMI from CPU 1 to CPUs 0:
[  475.932051][    C0] NMI backtrace for cpu 0
[  475.932072][    C0] CPU: 0 UID: 0 PID: 16857 Comm: syz.3.3502 Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  475.932092][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.932100][    C0] RIP: 0010:__lock_acquire+0x6cf/0xd20
[  475.932123][    C0] Code: 25 00 00 45 31 ff 85 c0 0f 84 f5 05 00 00 83 3d 16 ea 0d 18 00 75 13 48 63 44 24 20 48 0f a3 05 a7 5a 0a 12 0f 83 15 05 00 00 <31> ed 48 8b 3c 24 4c 8b bf e0 0a 00 00 48 83 7c 24 28 00 75 1e 83
[  475.932136][    C0] RSP: 0018:ffffc9000dace488 EFLAGS: 00000047
[  475.932152][    C0] RAX: 0000000000000007 RBX: 0000000000000001 RCX: ffffffff9349a868
[  475.932163][    C0] RDX: 0000000000000008 RSI: ffff888025c38b18 RDI: ffff888025c38000
[  475.932174][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8172aae5
[  475.932184][    C0] R10: ffffc9000dace6d8 R11: ffffffff81ad03a0 R12: 0000000000000004
[  475.932194][    C0] R13: 0000000000000001 R14: ffff888025c38b18 R15: 0000000000000000
[  475.932204][    C0] FS:  00007f5c428a06c0(0000) GS:ffff888125c11000(0000) knlGS:0000000000000000
[  475.932217][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  475.932228][    C0] CR2: 0000555557c965c8 CR3: 0000000064316000 CR4: 00000000003526f0
[  475.932244][    C0] Call Trace:
[  475.932250][    C0]  <TASK>
[  475.932260][    C0]  ? unwind_next_frame+0xa5/0x2390
[  475.932278][    C0]  lock_acquire+0x120/0x360
[  475.932292][    C0]  ? unwind_next_frame+0xa5/0x2390
[  475.932311][    C0]  ? unwind_next_frame+0xa5/0x2390
[  475.932327][    C0]  ? __sock_sendmsg+0x219/0x270
[  475.932344][    C0]  ? unwind_next_frame+0xa5/0x2390
[  475.932359][    C0]  unwind_next_frame+0xc2/0x2390
[  475.932375][    C0]  ? unwind_next_frame+0xa5/0x2390
[  475.932393][    C0]  ? unwind_next_frame+0xa5/0x2390
[  475.932409][    C0]  ? netlink_sendmsg+0x805/0xb30
[  475.932430][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  475.932468][    C0]  arch_stack_walk+0x11c/0x150
[  475.932488][    C0]  ? __sock_sendmsg+0x219/0x270
[  475.932506][    C0]  stack_trace_save+0x9c/0xe0
[  475.932524][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  475.932544][    C0]  ? __lock_acquire+0xab9/0xd20
[  475.932560][    C0]  kasan_save_track+0x3e/0x80
[  475.932575][    C0]  ? kasan_save_track+0x3e/0x80
[  475.932597][    C0]  ? kasan_save_free_info+0x46/0x50
[  475.932616][    C0]  ? __kasan_slab_free+0x62/0x70
[  475.932630][    C0]  ? kfree+0x18e/0x440
[  475.932645][    C0]  ? hash_ip4_resize+0x1757/0x1990
[  475.932664][    C0]  ? call_ad+0x44b/0xb00
[  475.932678][    C0]  ? ip_set_ad+0x791/0x930
[  475.932693][    C0]  ? nfnetlink_rcv_msg+0xb4d/0x1130
[  475.932715][    C0]  ? netlink_rcv_skb+0x205/0x470
[  475.932738][    C0]  ? nfnetlink_rcv+0x26a/0x2520
[  475.932752][    C0]  ? netlink_unicast+0x759/0x8e0
[  475.932767][    C0]  ? netlink_sendmsg+0x805/0xb30
[  475.932785][    C0]  ? __sock_sendmsg+0x219/0x270
[  475.932816][    C0]  kasan_save_free_info+0x46/0x50
[  475.932836][    C0]  __kasan_slab_free+0x62/0x70
[  475.932851][    C0]  ? hash_ip4_resize+0x1757/0x1990
[  475.932870][    C0]  kfree+0x18e/0x440
[  475.932884][    C0]  ? hash_ip4_resize+0x57d/0x1990
[  475.932904][    C0]  hash_ip4_resize+0x1757/0x1990
[  475.932923][    C0]  ? hash_ip4_resize+0x57d/0x1990
[  475.932954][    C0]  call_ad+0x44b/0xb00
[  475.932972][    C0]  ? __pfx_call_ad+0x10/0x10
[  475.932993][    C0]  ? __nla_parse+0x40/0x60
[  475.933017][    C0]  ip_set_ad+0x791/0x930
[  475.933036][    C0]  ? __pfx_ip_set_ad+0x10/0x10
[  475.933050][    C0]  ? __mutex_lock+0x330/0xe80
[  475.933084][    C0]  nfnetlink_rcv_msg+0xb4d/0x1130
[  475.933100][    C0]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  475.933122][    C0]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  475.933137][    C0]  ? kasan_save_free_info+0x46/0x50
[  475.933174][    C0]  netlink_rcv_skb+0x205/0x470
[  475.933192][    C0]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  475.933208][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  475.933231][    C0]  ? bpf_lsm_capable+0x9/0x20
[  475.933247][    C0]  ? security_capable+0x7e/0x2e0
[  475.933269][    C0]  nfnetlink_rcv+0x26a/0x2520
[  475.933285][    C0]  ? __dev_queue_xmit+0x1d79/0x3b50
[  475.933305][    C0]  ? __dev_queue_xmit+0x27b/0x3b50
[  475.933319][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.933337][    C0]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  475.933352][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  475.933372][    C0]  ? ref_tracker_free+0x63a/0x7d0
[  475.933392][    C0]  ? __copy_skb_header+0xa7/0x550
[  475.933407][    C0]  ? __pfx_ref_tracker_free+0x10/0x10
[  475.933433][    C0]  ? skb_clone+0x246/0x3a0
[  475.933449][    C0]  ? __netlink_deliver_tap+0x807/0x850
[  475.933467][    C0]  ? netlink_deliver_tap+0x2e/0x1b0
[  475.933488][    C0]  ? netlink_deliver_tap+0x2e/0x1b0
[  475.933505][    C0]  ? netlink_deliver_tap+0x2e/0x1b0
[  475.933525][    C0]  netlink_unicast+0x759/0x8e0
[  475.933545][    C0]  netlink_sendmsg+0x805/0xb30
[  475.933568][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.933588][    C0]  ? aa_sock_msg_perm+0x94/0x160
[  475.933608][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  475.933629][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.933647][    C0]  __sock_sendmsg+0x219/0x270
[  475.933665][    C0]  ____sys_sendmsg+0x505/0x830
[  475.933688][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[  475.933712][    C0]  ? import_iovec+0x74/0xa0
[  475.933729][    C0]  ___sys_sendmsg+0x21f/0x2a0
[  475.933743][    C0]  ? __pfx____sys_sendmsg+0x10/0x10
[  475.933849][    C0]  ? __fget_files+0x2a/0x420
[  475.933881][    C0]  ? __fget_files+0x3a0/0x420
[  475.933903][    C0]  __x64_sys_sendmsg+0x19b/0x260
[  475.933921][    C0]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  475.933939][    C0]  ? rcu_is_watching+0x15/0xb0
[  475.933959][    C0]  ? do_syscall_64+0xbe/0x3b0
[  475.933980][    C0]  do_syscall_64+0xfa/0x3b0
[  475.933998][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  475.934025][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.934040][    C0]  ? clear_bhb_loop+0x60/0xb0
[  475.934056][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.934070][    C0] RIP: 0033:0x7f5c4198e929
[  475.934086][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.934099][    C0] RSP: 002b:00007f5c428a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  475.934117][    C0] RAX: ffffffffffffffda RBX: 00007f5c41bb5fa0 RCX: 00007f5c4198e929
[  475.934129][    C0] RDX: 0000000004000084 RSI: 0000200000000000 RDI: 000000000000000e
[  475.934140][    C0] RBP: 00007f5c41a10b39 R08: 0000000000000000 R09: 0000000000000000
[  475.934150][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  475.934160][    C0] R13: 0000000000000000 R14: 00007f5c41bb5fa0 R15: 00007ffe3c2e59e8
[  475.934177][    C0]  </TASK>
[  475.955719][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  475.955748][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller-01411-g08a305b2a5b8 #0 PREEMPT(full) 
[  475.955770][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.955781][   T31] Call Trace:
[  475.955789][   T31]  <TASK>
[  475.955799][   T31]  dump_stack_lvl+0x99/0x250
[  475.955825][   T31]  ? __asan_memcpy+0x40/0x70
[  475.955844][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  475.955864][   T31]  ? __pfx__printk+0x10/0x10
[  475.955900][   T31]  panic+0x2db/0x790
[  475.955925][   T31]  ? __pfx_panic+0x10/0x10
[  475.955943][   T31]  ? __pfx_delay_tsc+0x10/0x10
[  475.955960][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  475.955986][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  475.956004][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  475.956031][   T31]  watchdog+0x102d/0x1030
[  475.956051][   T31]  ? watchdog+0x1de/0x1030
[  475.956076][   T31]  kthread+0x70e/0x8a0
[  475.956103][   T31]  ? __pfx_watchdog+0x10/0x10
[  475.956118][   T31]  ? __pfx_kthread+0x10/0x10
[  475.956144][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  475.956164][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  475.956183][   T31]  ? __pfx_kthread+0x10/0x10
[  475.956207][   T31]  ret_from_fork+0x3fc/0x770
[  475.956229][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  475.956253][   T31]  ? __switch_to_asm+0x39/0x70
[  475.956273][   T31]  ? __switch_to_asm+0x33/0x70
[  475.956293][   T31]  ? __pfx_kthread+0x10/0x10
[  475.956318][   T31]  ret_from_fork_asm+0x1a/0x30
[  475.956354][   T31]  </TASK>
[  476.759208][   T31] Kernel Offset: disabled
[  476.763540][   T31] Rebooting in 86400 seconds..