last executing test programs:

8.253135045s ago: executing program 0 (id=303):
unshare(0x8000400)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000005c0)="d800000019008111e0024f060d8107040a60000000030000001e55a12a00090008000699e3ffffff14000500fe80817806000567b8b7b94002000009080016060000000000008000d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb7b58ce287d3ca1dc9070091643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9a946ac3c47e276799f1ac76efb42a9ecbee5de6ccd44242f4d643", 0xd8}], 0x1}, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$rds(r1, &(0x7f0000000c80)={&(0x7f0000000280)={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f0000000a40)=[{&(0x7f00000002c0)=""/5, 0x5}, {&(0x7f0000000300)=""/179, 0xb3}, {&(0x7f0000000d00)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/208, 0xd0}, {&(0x7f00000003c0)=""/52, 0x34}, {&(0x7f0000000500)=""/103, 0x67}, {&(0x7f00000007c0)=""/117, 0x75}, {&(0x7f0000000840)=""/130, 0x82}, {&(0x7f0000000980)=""/177, 0xb1}, {&(0x7f0000000400)=""/24, 0x18}], 0xa, &(0x7f0000001d00)=[@mask_cswp={0x58, 0x114, 0x9, {{0x3, 0xd44}, &(0x7f0000000580)=0x9, &(0x7f0000000900)=0xffff, 0xd93, 0xfffffffffffffff4, 0x10000, 0xfffffffffffffffd, 0x55, 0x6}}, @rdma_dest={0x18, 0x114, 0x2, {0x5, 0x6}}, @rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000000b00)}, &(0x7f0000000b40), 0x1}}, @mask_fadd={0x58, 0x114, 0x8, {{0x6, 0x119e}, &(0x7f0000000b80)=0x101, &(0x7f0000000bc0)=0x2, 0x2182, 0xffffffffffffff29, 0x5, 0x8000000000000001, 0x0, 0x5}}, @mask_fadd={0x58, 0x114, 0x8, {{0x2, 0x4}, &(0x7f0000000c00)=0x5, &(0x7f0000000c40)=0x2, 0x9, 0x5, 0x400, 0x200, 0x40, 0x9}}], 0x150}, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f00000000c0)={0x0, 0x0})
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000001e80)={0x1, 0x14, '\x00', [@pad1, @calipso={0x7, 0x20, {0x3, 0x6, 0x3, 0xff, [0xfffffffffffffff7, 0x42, 0x38000000000000]}}, @jumbo={0xc2, 0x4, 0x2}, @jumbo={0xc2, 0x4, 0x1}, @generic={0x4c, 0x4e, "8cad4d7bfd189d753058852fd4da27f5930da44fe3a0c572bfb3475f73b60012d17a7b55c29591733fd7759fe92198b3bbbc3fb08f1129d1f8bb57d5e2da5ba80b6d8cf52fdaf1ad1661eab1123d"}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x9}, @hao={0xc9, 0x10, @local}]}, 0xa8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r4, &(0x7f0000001fc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001f80)={&(0x7f0000001f40)={0x2c, 0x0, 0x7, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x8}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x200000c5)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="20000000010a0103"], 0x20}}, 0xa291dae356942430)

7.859382s ago: executing program 0 (id=307):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="1802ffffff00000000000000007a00005bef0000009200000007d056009500000000000700000000bb228253cf0df6b97e8c579c8f7a73adeed61b69a7"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000140)={0x7, 0x7f, 0x4, 0x9, 0xc, 0x0, 0x626b, 0x3}, &(0x7f0000000180)={0xffffffffffffffb1, 0x9, 0x7, 0xc82, 0x5, 0x81, 0x100000001, 0x2}, &(0x7f00000001c0)={0x5, 0x7, 0x0, 0x8, 0x4, 0x2, 0x0, 0x6}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f0000000380)={&(0x7f0000000340)={[0x80000002]}, 0x8})
r0 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40088a01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000a4000000a4000000060000000400000000000008000000000300000000000002030000000f000000000000110300000000000000000000000000000300000000050000000400000006000000070000000200000604000000000000000900000006000000010000000f00000000000007000000000d000000060000060400000006926f69e08d3a945000000004000000010000000000000003000000020000000e000000000000001000000027540000003000613000"], &(0x7f0000000580)=""/24, 0xc2, 0x18, 0x0, 0x8, 0x10000, @value}, 0x28)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)={0x70, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl(r3, 0x8b29, &(0x7f0000000040))
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
connect$inet(r2, &(0x7f0000000540)={0x2, 0x0, @local}, 0x22)
splice(r2, 0x0, r1, 0x0, 0xe4d4, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f0000000200)=0x1, 0x12)
write$cgroup_int(r7, &(0x7f00000000c0), 0x12)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x220, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000500], 0x7, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000011000000000000000000a22a30456b880000145b41fe69e3ffff78616d3000000000000000000000000079616d3000000000000000000000000076657468315f742f5f626f6e640000000180c20000000000000000000180c20000000800000000000000b100000067010000900100007374617469737469630000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000646e61740000060000000000ff0300000000000000000000000000000000000010000000000000000180c20000000000bb8e66505c1aa6d062c3b52cffffffff000000006e666c6f670000000000000000000000000000000000000050000000121b6eb244c4f0fffbf04a000000007e4b000022569e338e2c551c2fc4a19597ba4c501c8b1f16fb7809c40aeea768e825383d2afb577ed2bb6dd99fd43741089cca6edb0041555449540000000000000000000000000626967e000000000000000000000008000000000000200000000000000000840200"/544]}, 0x298)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000f00)={0x34, 0xd, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x4e}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
read$alg(r7, &(0x7f0000000740)=""/216, 0xd8)

7.254140419s ago: executing program 2 (id=316):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000040)='cgrou}\xc5_\xa4p\x00'}, 0x30)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x70)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

7.147258111s ago: executing program 2 (id=318):
unshare(0x8000400)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000005c0)="d800000019008111e0024f060d8107040a60000000030000001e55a12a00090008000699e3ffffff14000500fe80817806000567b8b7b94002000009080016060000000000008000d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb7b58ce287d3ca1dc9070091643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9a946ac3c47e276799f1ac76efb42a9ecbee5de6ccd44242f4d643", 0xd8}], 0x1}, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$rds(r1, &(0x7f0000000c80)={&(0x7f0000000280)={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f0000000a40)=[{&(0x7f00000002c0)=""/5, 0x5}, {&(0x7f0000000300)=""/179, 0xb3}, {&(0x7f0000000d00)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/208, 0xd0}, {&(0x7f00000003c0)=""/52, 0x34}, {&(0x7f0000000500)=""/103, 0x67}, {&(0x7f00000007c0)=""/117, 0x75}, {&(0x7f0000000840)=""/130, 0x82}, {&(0x7f0000000980)=""/177, 0xb1}, {&(0x7f0000000400)=""/24, 0x18}], 0xa, &(0x7f0000001d00)=[@mask_cswp={0x58, 0x114, 0x9, {{0x3, 0xd44}, &(0x7f0000000580)=0x9, &(0x7f0000000900)=0xffff, 0xd93, 0xfffffffffffffff4, 0x10000, 0xfffffffffffffffd, 0x55, 0x6}}, @rdma_dest={0x18, 0x114, 0x2, {0x5, 0x6}}, @rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000000b00)}, &(0x7f0000000b40), 0x1}}, @mask_fadd={0x58, 0x114, 0x8, {{0x6, 0x119e}, &(0x7f0000000b80)=0x101, &(0x7f0000000bc0)=0x2, 0x2182, 0xffffffffffffff29, 0x5, 0x8000000000000001, 0x0, 0x5}}, @mask_fadd={0x58, 0x114, 0x8, {{0x2, 0x4}, &(0x7f0000000c00)=0x5, &(0x7f0000000c40)=0x2, 0x9, 0x5, 0x400, 0x200, 0x40, 0x9}}], 0x150}, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f00000000c0)={0x0, 0x0})
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000001e80)={0x1, 0x14, '\x00', [@pad1, @calipso={0x7, 0x20, {0x3, 0x6, 0x3, 0xff, [0xfffffffffffffff7, 0x42, 0x38000000000000]}}, @jumbo={0xc2, 0x4, 0x2}, @jumbo={0xc2, 0x4, 0x1}, @generic={0x4c, 0x4e, "8cad4d7bfd189d753058852fd4da27f5930da44fe3a0c572bfb3475f73b60012d17a7b55c29591733fd7759fe92198b3bbbc3fb08f1129d1f8bb57d5e2da5ba80b6d8cf52fdaf1ad1661eab1123d"}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x9}, @hao={0xc9, 0x10, @local}]}, 0xa8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000068000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0c000980080001400037"], 0xb0}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r4, &(0x7f0000001fc0)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001f80)={&(0x7f0000001f40)={0x2c, 0x0, 0x7, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x8}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x200000c5)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="20000000010a0103"], 0x20}}, 0xa291dae356942430)

6.032304826s ago: executing program 2 (id=320):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f0000003900)={r0, r0, 0x11, 0x2, &(0x7f0000000740)="0146", 0xf, 0x0, 0x7fff, 0x8, 0x2, 0x2, 0x10000000, 'syz1\x00'})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1100})
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)=ANY=[@ANYBLOB="34000000020605000000000000000078f8d495ee35000000000505000400000000000900020073797a32000000000c000780050015002400000041f5871a093c29b79cdfb0715cef1eeeb0d21e4e962ec20be1effdee2bd7810456675119a1139622e716f0d16f2b988d90b7aa3c158ed28517a777e9b3f43123bc516890db8b83bb3b623938b9028edc448969f90a3b202d476192903ecef2b24fa2dfd793506a3ae914a2b803059a240e07c23b99b73e6fd48c3bcf823811d04bafbb2bd7f3fda100b497bfcded3fa991bf2c8c42011eaa54025733e83185c2c5fd6750a15d4085ee8662661004079e9249f0ba206e479ee12a9f7fc607c4e04dce60b645149a507a3936bbfdf59f1ce4098bfcef569f2efba580f73062950067e65beac01532d01d140f320f62e6cbc521461b3571d84130dbbb0831be0ce3b628d15993af34851e82670c4ae442e8b4dc1a97d6ccec32419f7d81ab2f140393556e853b0b6b37ed3a2a672d2e4e6b0741f91e0850987b0938d753"], 0x34}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280000515"], 0x528}}, 0x4c000)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2717, 0x0, &(0x7f0000000000))

5.912047924s ago: executing program 2 (id=322):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40201, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000080)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff020000000000"], 0xffe)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000805800000000050000000000f053253620b82bd7fec51aba90fe51550971212e63451ecc5ad7ef4c94e28e1da1adfb12b5147646dde38cb1a2facb4c08dea9d486a616a1491af00d72203df482187af9569d48d923208cfb9a560ae949b923ee8f76dbb09e96f56e132346b6f0134ad6bddf21faa422dcaa528ec1bdfdb58eee3573c7315cd917ea37c46e9fb0785a36f5381d605e8090"], 0x50)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000f9850000008600000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000001c0)={r5, r4}, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
getsockopt$IP_SET_OP_VERSION(r0, 0x1, 0x53, &(0x7f0000000240), &(0x7f0000000280)=0x8)
socket$kcm(0x29, 0x5, 0x0)
socket$inet6(0xa, 0x3, 0xff)
r6 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r6)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
socket$nl_route(0x10, 0x3, 0x0)

5.23791751s ago: executing program 2 (id=331):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af0ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f00000000c0), 0x10)
splice(r2, 0x0, r4, 0x0, 0x1100000000f336, 0x0)
write(r3, &(0x7f0000000480)="b24867740ccedef7f2abafb164ff1b842e07efbb0214d4353d42820036f5b5b9244df3e99b4ebd3b0c5eaa6cb4b01f277f7c44fa4e96e72a8c", 0x39)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0xc00, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

4.89461123s ago: executing program 3 (id=332):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f0000003900)={r0, r0, 0x11, 0x2, &(0x7f0000000740)="0146", 0xf, 0x0, 0x7fff, 0x8, 0x2, 0x2, 0x10000000, 'syz1\x00'})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1100})
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)=ANY=[@ANYBLOB="34000000020605000000000000000078f8d495ee35000000000505000400000000000900020073797a32000000000c000780050015002400000041f5871a093c29b79cdfb0715cef1eeeb0d21e4e962ec20be1effdee2bd7810456675119a1139622e716f0d16f2b988d90b7aa3c158ed28517a777e9b3f43123bc516890db8b83bb3b623938b9028edc448969f90a3b202d476192903ecef2b24fa2dfd793506a3ae914a2b803059a240e07c23b99b73e6fd48c3bcf823811d04bafbb2bd7f3fda100b497bfcded3fa991bf2c8c42011eaa54025733e83185c2c5fd6750a15d4085ee8662661004079e9249f0ba206e479ee12a9f7fc607c4e04dce60b645149a507a3936bbfdf59f1ce4098bfcef569f2efba580f73062950067e65beac01532d01d140f320f62e6cbc521461b3571d84130dbbb0831be0ce3b628d15993af34851e82670c4ae442e8b4dc1a97d6ccec32419f7d81ab2f140393556e853b0b6b37ed3a2a672d2e4e6b0741f91e0850987b0938d753"], 0x34}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280000515"], 0x528}}, 0x4c000)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2717, 0x0, &(0x7f0000000000))

4.872676087s ago: executing program 3 (id=333):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x3c, r2, 0x1, 0x0, 0x80000, {{}, {@val={0x8, 0x3, r1}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xa07d}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x85}, @chandef_params]}, 0x3c}, 0x1, 0x0, 0x0, 0x48841}, 0x8854)

4.796434257s ago: executing program 3 (id=334):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x143082, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00', <r4=>0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c00000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000080)={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, 0x0, 0x0, 0x1, 0xb00, 0x0, 0x82680027, r4})

4.766538954s ago: executing program 0 (id=335):
syz_emit_ethernet(0x56, &(0x7f0000000600)={@broadcast, @local, @val={@void, {0x8100, 0x3, 0x1}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a27f2", 0x1c, 0x2c, 0x0, @remote, @private0, {[@routing={0x0, 0x0, 0x1, 0xe}], {{0x8000, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x20}}}}}}}, 0x0)
syz_emit_ethernet(0x4b, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@generic={0x1a, "78af2df60f8b35fb4bea0d59a706a8273158ae6bc2fb2625663ee49add66e0015539ddd50b00ee17aafcd141d0276a572a2fbe2485a1851113bccb850b"}}}, &(0x7f0000000080)={0x1, 0x4, [0xfbf, 0xb84, 0x6c, 0xec1]})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x86789000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$alg(0x26, 0x5, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$xdp(0x2c, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000380)=@newlink={0x50, 0x10, 0xc3b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e20}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x101}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e23}]}}}]}, 0x50}}, 0x0)
r4 = socket(0x1d, 0x2, 0x6)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
bind$alg(r2, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-aesni\x00'}, 0x58)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
r7 = socket(0x10, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, r8, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x80000001, 0x45}}}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2d}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x346}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x6}]]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x3c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)

4.677229279s ago: executing program 1 (id=336):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYBLOB="3c00000013000100"/18, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r2, @ANYBLOB="1400350064756d6d793000000000000000000000d17fdb9ee103e279c5edcfb98b7c7f665ec08c9667f4d8215457989790255cf5e98580c0a775596749f649baaf57fb8213afd33f0020004fcf7d088d1d99e59338d58d959585feab13ec84299e28ce4471a7e6fdd852e52d6944b62e847181b158ed1657136ee8324e66dad86806f55ac519f337c41679ec9bd77b17a104e039787f9910c7466d9dfec24ca052c62b80b043d492caed220ede1c1ed00d3cde6f65c60770fd7f8284d39bf28ec2c9e2a801cab59af38f7b4a5587a1db119c7c955475d61a4f3cdfde51c359b061c6b3c0ef943b84d03cb831d79300bd41ee8898fb0a9eeac92f015fe164ea000000"], 0x3c}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x0, @local}, {0x2, 0x0, @empty}, 0x200, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x5})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x304}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b680000000000000000a45b4e00", "0000ff00", "dfa27021fe106750"}, 0x38)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x0)
setsockopt$sock_int(r5, 0x1, 0x7, &(0x7f0000000040), 0x4)
ioctl$sock_SIOCSIFBR(r4, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_DEL_RULE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0x420, 0x3f4, 0x2, 0x70bd28, 0x25dfdbfe, {0x3, 0x2, 0x2c, [0x3, 0x4, 0x2, 0xfffffffd, 0xe, 0xfff, 0x0, 0x9, 0xa, 0x6, 0x0, 0x5, 0x8, 0xff, 0x3, 0x2, 0x1c, 0x1, 0x7, 0x1ff, 0x3, 0x3, 0x5, 0x8001, 0x0, 0x4c6f, 0x0, 0xfffffffd, 0x9, 0x3, 0xb, 0x9, 0xe, 0xc0, 0x3, 0x5, 0x40, 0x67, 0x1, 0x9, 0x7, 0x2, 0x101, 0x9, 0x7, 0x4, 0xae6, 0x2, 0x81, 0x1, 0x3c, 0xffff, 0x1, 0x2, 0x4, 0xd, 0x1, 0x5, 0x6, 0x5, 0x8, 0x2, 0xa, 0x5], [0x1000, 0x200, 0x7, 0x30000, 0x9, 0x7, 0x8, 0x5, 0x8, 0x0, 0x6, 0x73af, 0x1200, 0x40, 0x6, 0x1ff, 0x2, 0x0, 0x7fff, 0x7, 0x9, 0x60, 0x7, 0x7, 0x400, 0x8604, 0x6, 0x9c, 0x2, 0x52b, 0x73, 0x3ff, 0x10000, 0x3, 0x1, 0x7, 0x7, 0x1000000, 0x3, 0xfffffff6, 0xd, 0x2, 0x6, 0x1, 0x2, 0xffffffb3, 0x400, 0x9, 0x1000, 0x2, 0x2, 0x2, 0x45, 0x9, 0x6, 0x5, 0xfffffff8, 0x1, 0xdadf, 0x8, 0x326e, 0x1, 0x10001, 0x7fffffff], [0x6, 0xff, 0x9, 0x7, 0x7fff, 0x2, 0x2, 0x3, 0xc834, 0xa4, 0x5, 0x2, 0x1, 0xffffffff, 0x7, 0x40, 0x7ff, 0x80000000, 0x10, 0x9, 0x7, 0x200, 0x0, 0xce, 0x45d3babb, 0x5d82, 0x10001, 0x400, 0x9, 0xffff, 0x3, 0x400, 0x66, 0x4, 0xe, 0x2, 0x2, 0x10001, 0x2, 0x357, 0x8, 0x4, 0xa55e, 0x5, 0x5, 0x8, 0x8001, 0x8001, 0x5, 0xd622, 0x800, 0x4, 0x40, 0x81, 0xf4d5, 0xfffffffe, 0x40, 0x9, 0x8, 0x1, 0x3, 0x6, 0x5, 0x80000000], [0x2, 0x7, 0xaf09, 0x1ff, 0x4, 0x6, 0xffffff7f, 0x6, 0xad3, 0x0, 0x100, 0xffffffff, 0x6, 0xb, 0x4, 0x7c7, 0xe7, 0x2, 0x6, 0xb, 0x7ff, 0x81, 0x3ff, 0x45c5, 0x0, 0xa, 0x7, 0x6, 0x2, 0x10000, 0x3, 0x2, 0x9, 0x3, 0x6a, 0x4, 0x1, 0x4f35, 0x6b, 0x2, 0x6, 0x2, 0xc, 0xba2c, 0xfff, 0x3, 0x3, 0x4, 0x10000, 0x6, 0x1, 0x4, 0x4, 0x100, 0xd227, 0x1, 0x7, 0xc0f, 0x6, 0x9, 0x7, 0x10, 0x3]}}, 0x420}, 0x1, 0x0, 0x0, 0x240440c4}, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r9, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaa618e38850ee186dd6000000000580600fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e234e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="64020000907800001e04600c04020402080a0000000000000000220e9800af498a7a6313127232407c80067615774fdbb46eb86cc82205a4b5b6080a00000010000100010000000000000000"], 0x0)

2.168053211s ago: executing program 0 (id=339):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r0, 0x10c, 0x9, &(0x7f0000000040), &(0x7f0000001880)=0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a3000000000e4000000090a010400000000000000000700ffff08000a40000000000900020073797a30000000000900010073797a3000000000080005400000000da0001280200001800e000100636f6e6e6c696d69740000000c00028008000140000000087c0000800b00010064796e73657400006c0002800900010073797a30000000000800044000000017080005400000001008000340000000000c00064000000000000003ff080005400000000d280007800b0001006c6f6f6b75700000180002800900010073797a3100000000080002400000001208000540000000"], 0x12c}, 0x1, 0x0, 0x0, 0x4884}, 0x20050800)

2.097188444s ago: executing program 2 (id=341):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$unix(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000040)="f5c5", 0x2}], 0x1, 0x0, 0x0, 0xc048081}, 0x24008840)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x8000f28, 0x0)
splice(r4, 0x0, r3, 0x0, 0x7f, 0xe)
write(r2, 0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x80000)
r6 = socket$unix(0x1, 0x9b8f8b310d997c87, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)}, 0x10)
socket$inet_dccp(0x2, 0x6, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYRES32=r6, @ANYRES32=0x1, @ANYBLOB="0080", @ANYBLOB="f682943d6ca3426a7b866f6fcc578ad8d5b7f80deecf1d66125f8cca4e5b3ced6aa92470bd61f6842c8fc92b6f86ee43caf36aa3973d5dc867ddf8033cd5f921eef78423c339504189ed3d7ed15a7cbf62c784c9667d0df5eb1f872fd0fd9ddb2b30336cc7a7e96e6e10b3a92e53a19fe044119da012d25fea346e975ab064d01989d217c70ce48dc79316d3802b53f96044cd65e9f3e8c33dcba0897b1af4e4944f1c8521bdfcf16584c4b7d522a117", @ANYRES16=r1, @ANYBLOB="03000000000000000000000000000000000019000000000000000000"], 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f00000000c0)={'vcan0\x00', @multicast})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0f00000004000000040000000400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000b60020cd830f0e5db020000000000000000054344958b9c6502af9b66bd12859"], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r9}, &(0x7f00000002c0), 0x0}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

2.026698794s ago: executing program 0 (id=342):
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000000)="c5", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0x13}, 0x1c)
setsockopt$inet6_int(r2, 0x84, 0x24, 0x0, 0x0)
unshare(0x68040200)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r3, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f0000000880)={0xe0, r4, 0x8, 0x21000000, 0x25dfdbfd, {}, [@pci={{0x8}, {0x11}}, @pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @pci={{0x8}, {0x11}}]}, 0xe0}}, 0x20000845)
r5 = socket(0x10, 0x803, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x10, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7e}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
socket$nl_crypto(0x10, 0x3, 0x15)
recvmmsg(r5, 0x0, 0x0, 0x0, 0x0)
unshare(0x2a000200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
bind$bt_hci(r8, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x37, 0x800000, 0x8, 0x9, 0x8000})
write$bt_hci(r8, &(0x7f0000000080)=ANY=[], 0x6)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={<r9=>0x0, 0x2}, &(0x7f0000000040)=0xc)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f00000000c0)={r9, 0x3ff}, 0xc)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000340)={'wpan0\x00'})
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="68010000", @ANYRES16=r1, @ANYBLOB="010027bd7000fedbdf25170000000c00060001000000010000003c003080050002000500000024000300a1b663579e0affb1424003b8c316f397c910152b62eeb00010000000000000ef0c00000000000000006500000c0130800500020001000000040001800c000180080004000200000014000400975b94fafd1c5927b5c1192b4b9b0000050002002a0000001400040056a03aa265de405df5287244f8c95cf3b8000180080001000000000008000100000000005c00038008000200010000000c0004000203aaaaaaaaaaaa080002000200000006000100030000000c0004000201aaaaaaaaaaaa0c0004000201aaaaaaaaaaaac70002000300000008000200020000000c0004000203aaaa99aaaaaa080001000100000024000380060001000200000006000300a0aa000006000100ffff004006000300a2aa"], 0x168}, 0x1, 0x0, 0x0, 0x40014}, 0x8000)

2.006607098s ago: executing program 4 (id=343):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f0000003900)={r0, r0, 0x11, 0x2, &(0x7f0000000740)="0146", 0xf, 0x0, 0x7fff, 0x8, 0x2, 0x2, 0x10000000, 'syz1\x00'})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1100})
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)=ANY=[@ANYBLOB="34000000020605000000000000000078f8d495ee35000000000505000400000000000900020073797a32000000000c000780050015002400000041f5871a093c29b79cdfb0715cef1eeeb0d21e4e962ec20be1effdee2bd7810456675119a1139622e716f0d16f2b988d90b7aa3c158ed28517a777e9b3f43123bc516890db8b83bb3b623938b9028edc448969f90a3b202d476192903ecef2b24fa2dfd793506a3ae914a2b803059a240e07c23b99b73e6fd48c3bcf823811d04bafbb2bd7f3fda100b497bfcded3fa991bf2c8c42011eaa54025733e83185c2c5fd6750a15d4085ee8662661004079e9249f0ba206e479ee12a9f7fc607c4e04dce60b645149a507a3936bbfdf59f1ce4098bfcef569f2efba580f73062950067e65beac01532d01d140f320f62e6cbc521461b3571d84130dbbb0831be0ce3b628d15993af34851e82670c4ae442e8b4dc1a97d6ccec32419f7d81ab2f140393556e853b0b6b37ed3a2a672d2e4e6b0741f91e0850987b0938d753"], 0x34}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280000515"], 0x528}}, 0x4c000)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2717, 0x0, &(0x7f0000000000))

1.910467322s ago: executing program 4 (id=344):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000007300), 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e00000300003400080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7480000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYRESDEC=r3, @ANYRES32=r2], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x21, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc7a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='xen_mc_entry\x00', r4}, 0x18)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
readv(r1, &(0x7f00000003c0)=[{&(0x7f00000000c0)=""/229, 0xe5}], 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r6}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f00000001c0)={r7, 0x1, 0x6, 0x3cc})
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmmsg$alg(r9, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmsg(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r10, 0x0)
r11 = socket$l2tp6(0xa, 0x2, 0x73)
connect$l2tp6(r11, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)

947.528132ms ago: executing program 4 (id=345):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x3c, 0x0, 0x1, 0x0, 0x80000, {{}, {@val={0x8, 0x3, r1}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xa07d}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x85}, @chandef_params]}, 0x3c}, 0x1, 0x0, 0x0, 0x48841}, 0x8854)

932.336502ms ago: executing program 4 (id=346):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="cf0403000700000000fb5400000008000300", @ANYRES32=r3], 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

732.879562ms ago: executing program 1 (id=347):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{0x30, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10) (async)
r2 = socket$inet6(0xa, 0x80002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r4, 0x1}, 0x14}}, 0x0) (async)
r5 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r5, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) (async, rerun: 64)
listen(r5, 0x8) (rerun: 64)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendto$inet(r6, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x0, 0x6, 0xffffffff}, 0x10) (async)
sendto$inet6(r6, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0) (async, rerun: 32)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8) (async, rerun: 32)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x0, 0x7a}, 0x8) (async)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f00000005c0)={0x0, 0x2, 0xd}, 0x8)
setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000040)=0xd, 0x4) (async, rerun: 32)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c) (async, rerun: 32)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x30, r0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0xfffffffffffffe7f}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}]]}, 0x30}}, 0x0)

664.936167ms ago: executing program 3 (id=348):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000001ec0)=0x1)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
close(0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0, @ANYRES32=0x1, @ANYBLOB="0000000000b1c9960000ace0ac7400000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r3, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300)='@', 0x20000000}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f000001a4c0)='xdp_cpumap_kthread\x00', r4, 0x0, 0x1}, 0x18)
sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000006c0)=ANY=[@ANYRES16=r1], 0x114}], 0x1}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003d0007010000000000000000047c0000040000001c0001800600060088a80000100004"], 0x34}}, 0x0)
r6 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r6, 0x114, 0x271b, &(0x7f0000000440)=""/102400, &(0x7f00000000c0)=0x41)
r7 = socket$inet(0x2, 0x80000, 0x52fe)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000001f80)=@nat={'nat\x00', 0x1b, 0x5, 0x440, 0xd0, 0x1a8, 0xffffffff, 0x1a8, 0x0, 0x3a8, 0x3a8, 0xffffffff, 0x3a8, 0x3a8, 0x5, &(0x7f0000001f00), {[{{@ip={@remote, @loopback, 0xff000000, 0xff, 'veth0_to_bond\x00', 'pimreg1\x00', {}, {0xff}, 0x8, 0x2}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}, 0x400, 0xf, [0xb, 0x1, 0x5, 0x1a, 0xa, 0x3e, 0xd, 0x14, 0x36, 0x13, 0x1f, 0x4, 0x8, 0x7, 0x18, 0x3a], 0x2, 0x200}}}, {{@ip={@multicast1, @multicast1, 0xff000000, 0x0, 'vcan0\x00', 'pimreg0\x00', {0xff}, {}, 0x0, 0x2, 0x1}, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}, {0x410, 0xa02, 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1c, @local, @dev={0xac, 0x14, 0x14, 0x3f}, @port=0x4e23, @gre_key}}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@unspec=@devgroup={{0x38}, {0x4, 0x646a, 0x2, 0x8, 0x3}}, @common=@icmp={{0x28}, {0xb, "ad8d"}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @empty, 0x0, 0x10, [0x2b, 0x1b, 0x11, 0x11, 0x35, 0x37, 0x26, 0x2a, 0x25, 0x17, 0x26, 0x25, 0x2d, 0x37, 0x3f, 0x22], 0x0, 0x1}}}, {{@ip={@private=0xa010101, @private=0xa010101, 0xff, 0x0, 'pim6reg\x00', 'veth0_to_hsr\x00', {0xff}, {}, 0x73, 0x2, 0x10}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0xc, "22b1"}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x8, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @gre_key=0x3c2, @port=0x4e23}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4a0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r8, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe)
getsockopt$sock_buf(r8, 0x1, 0x1c, 0x0, &(0x7f0000000080))
r9 = socket$kcm(0x2, 0xa, 0x2)
recvmmsg(0xffffffffffffffff, &(0x7f0000001dc0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/10, 0xa}, {&(0x7f0000000100)=""/117, 0x75}, {&(0x7f0000000240)=""/95, 0x5f}, {&(0x7f00000001c0)=""/52, 0x34}, {&(0x7f00000002c0)=""/49, 0x31}], 0x5, &(0x7f0000000380)=""/7, 0x7}, 0x2000400}, {{&(0x7f00000003c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000580), 0x0, &(0x7f00000005c0)=""/245, 0xf5}, 0xf}, {{&(0x7f00000006c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, 0x0}, 0x401}], 0x3, 0x20, &(0x7f0000001e80)={0x77359400})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xe8001, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x2})
ioctl$TUNSETOFFLOAD(r10, 0x400454c9, 0xba98575a95aeb70d)
r11 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r11, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})

662.431095ms ago: executing program 4 (id=349):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000180)={@val={0x0, 0x9300}, @void, @eth={@broadcast, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr=0x64010102, @multicast1}, {0xa000, 0x4e20, 0x8}}}}}}, 0x2e)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0xffffffc9, &(0x7f0000000040)=[{&(0x7f0000000000), 0x1}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x10, &(0x7f0000001280), 0x4)
recvmsg(r7, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/54, 0x36}, 0x40)
socket$netlink(0x10, 0x3, 0x13)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r10=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r9, @ANYBLOB="01000000000000000000010000000c000597ff000000000000000c0002000000000000000000040007800c000800000000000000000008000a00000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r10, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB='\b'], 0x90}}, 0x0)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)={0x58, r9, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_BACKEND_IDENTIFIER={0x9, 0xa, '\xaa\xaa\xaa\xaa\xaa'}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x202}, @NBD_ATTR_BACKEND_IDENTIFIER={0xa, 0xa, '\\[&\\&('}]}, 0x58}, 0x1, 0x0, 0x0, 0x40011}, 0x1)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff000000000000000000000000cada53c844edbced6c15070f4f9bd0eb52cec2340dcbcf71831ccf8de3a9588d0fb808532fdd17ed5b6c81bc858b5bac3346325881d4d52c74165d661e5573b6958ea7257ba08e04e240a0096c4cc568cf2b26a46403c20f443eca95a9eac265ba03", @ANYRES32=0x0, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x48}}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @multicast1}], 0x10)

513.545324ms ago: executing program 1 (id=350):
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x2, 0x3, 0xff)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x9, &(0x7f0000000000)=0x1, 0x4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000340)='cgroup\x00'}, 0x30)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000340))
preadv(r2, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/11, 0x53}], 0x1, 0x4, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1000000, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000e40)="be1157d4b879db700057bd5de65652d973344710e7bbfb13ff8661b061a36b07bac70ee457c6961291491e6f57fae964d7c6b93ae9aea00ac92d9558b3abf27a30ad35646e775b79d78cf8c9acb5131274b52792c49c209ee24e16177a9ffdf5bf3986ec8db57dc9c0465ade406a6248f053ad3daf564297fe7cc5ad59c4e69796f29be092e782f549287de99977b3dd1090b9be2d5c1734742d3b69abe9f8fdb1ce58935f34e04b92f03296bd01c39978df749e98b3a9c37635544097e2cebf68e9fbc9b03b76f98dc9efba4b8e86e513f2edc5afa47e31b3e601a4811d1773ddb46f34185e64d03a91db3ab2a92ce6381fbabaee0b6e3dc437edd563d8276b09609ff100149a766615522bba4be8a8c261a53eb8e9dd6e830438b3b543d6ad6f37ed93ff44b79e05fdc99f2db9b557949ccde05825c8944c67fd83d53eec5e7c9d0b2d4d33616115da504c6d94fad8feb68c77e57337381ff8187ee088ce97e096d08606b5185da698fc07ef764907881fccfce1dc62ff25830fe9f3dfe3169bcca1a63df6fcae8309c1ce4581ee88e450d4ac7cb209658c4fb4e3a4bac9a29b281efeec81102ecffd0cb3a75dcb1bb58cfc49348795f40dea6593b395449834", 0x1c1}], 0x2}, 0x0)

447.507094ms ago: executing program 1 (id=351):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@private2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x16}, {0x0, 0x6faa}, {0x0, 0x0, 0x3e0}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010101, 0x0, 0x32}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x4}}, 0xe4)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@private2, @in=@remote, 0x800, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, {}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@loopback, 0x0, 0x6c}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x0, 0x1, 0xfb}}, 0xe8)
close(r1)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRESHEX=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r0, 0x0, 0x0, 0x0)
accept$inet6(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="41002cbd7000fbdbdf2505080000080002000000000008000300cd"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)

299.412151ms ago: executing program 1 (id=352):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r0, 0x10c, 0x9, &(0x7f0000000040), &(0x7f0000001880)=0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a3000000000e4000000090a010400000000000000000700ffff08000a40000000000900020073797a30000000000900010073797a3000000000080005400000000da0001280200001800e000100636f6e6e6c696d69740000000c00028008000140000000087c0000800b00010064796e73657400006c0002800900010073797a30000000000800044000000017080005400000001008000340000000000c00064000000000000003ff080005400000000d280007800b0001006c6f6f6b75700000180002800900010073797a3100000000080002400000001208000540000000"], 0x12c}, 0x1, 0x0, 0x0, 0x4884}, 0x20050800)

209.069836ms ago: executing program 3 (id=353):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x6c, 0x30, 0x9, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x36, &(0x7f00000000c0)=[{0x7}, {0x3, 0x5, 0x2c, 0x4}, {0xfac3, 0x2, 0x4, 0x2}, {0x77cf, 0x7f, 0x1, 0x80000001}, {0x7, 0x11, 0xcf, 0x7}]})
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, &(0x7f0000000040)=ANY=[], 0x6)
sendmmsg$inet(r1, &(0x7f00000015c0)=[{{&(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000000)="80979e50", 0x4}, {0x0}], 0x2}}, {{&(0x7f0000000080)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000014c0)=[{0xfffffffffffffffc}, {&(0x7f0000001640)="1d520d2e3fd0e4be81a7181daa49dcca2af9df3aa7d32062fb7e551a1a17c8d76dd87ca43fb6a47f625de6c699e027f8eef4befdba447721f0183be46dab400fe2ef5942647ddbda5cfc83f9841b02facecb1968cf32bc94686ec67e82351496754d1a14114c7e4de98e76ebde5a3667f566d4c0f31c8d3f2f9ca8ef6f0aded65e5db2011144385835ff8f55aa4b4cfc5a628d817fa232074f4b586e83bd64299e34673c0b04529771c9272757d100000000000000032220a5b2e426f64d8d31f835ba3caba42d730bae24239db9bf28ae4389177ba988da874f2bcbdfef4a0d1d77a86ea37e3ce024a432a3084560e4e8bfbd6f287b4fb9cfafbf67236317e2ff5e2c9b2f37801f7dabdf9ea5b6f4ce4b43cf4b9d8e025b79d785556958192f49eaa68d323ba88bbe1e225675b7d17b2c77f7a989a8eebfff866c2c108c4be2661d5ed4234c8dd6286aa28c7f963d663b42a2a16a8acf700bb95164d40cd5a5afbffb822f9df7442b69da393c05539127775699d26e3aa22e20db48a20f3cbca410dc26b027cf64cee9129345545824ab4e6fb0293e8924815ce559fb6d650d946cae1475fd514db351efe6c2008644bead4ae7843406af7ebfeaa773dd93f6290efe4f1c636d6f14887d6beba4ed07d53f3ee68d12108d25aae5af500d88b22b53d45bfab7162307a78253d9d2b8396114b7e8026529919497cc8a", 0x1fc}, {&(0x7f0000000180)}, {&(0x7f00000001c0)="efa7749acf3297d53488f96a7050b6aedb971531a087fd25585eb131cb2e058969f5b8e812a337cb2d1ae7531e1223fb77d9d160952eb709809138e1b774e88fafc0ca17404e4179d7f92235fb8ceab2a36db8ad1409510e8f8cc4354e0d96bc87f89a8f862be2249daa147ff83dfd045849ef71de43bfbc70928cbe95bf77ad892cab06d37df1dc12a8f24889abfa4f47067fad7bc9a9ab01dd643d9f998aa3d81f7a3f9e554722de190e0ea8", 0xad}, {&(0x7f0000000280)="51e579c8bd911e75629fc80d7d48d98d14478ce6d07a2c9502faa4dc8eb7fe28b7faa9e4c4c71e3c47b87895019038e7ea27ed173d1785e39a7269c52df861809bfd5285a137c836d21b47e085777ad5655a9c45e1ea5612649b9fe654b9e4ff97efed2d741ca7fc281312af535ea47f90b36d2a46bf276f2522a44e8b4749df9a38f095c70615303880e828a03d433a9769a090820ae0545a44d62dd2212e5d", 0xa0}, {&(0x7f0000000340)="4f70f47542593b86259d97ae327a4aede84c8be76237145b6f9b87325030874d028cdfb736860934ffbd687e19909b9cf0a907a595d2684402bb8993f76a5a4ad9f8870ef2127cca8ee6a0f50de0d2e73356c592e5191b95d6922780e44f5d34906a786470f2bfda03f79efac0a84393eef9fdd45ed580f2d63bbc18be4c95eea4037bc4095f2df48416358a1f8bb278fefedfdee613b590f5394047dc674c85d3ded6f8addc896728c2e73cd9a28b168d6a0ee30846bc0aa022", 0xba}, {&(0x7f00000004c0)="b0c156203e6605590c3367b84e23eba194ff5db3acf751bcf2d242cc43ebb30efede201af64f4c1a304e7483b06583fce3ef4875c4cb5571121e69e6d678312be751b49b76fdfd13e0852462ddc1c9a2f70f385124a57c6fadc98b3dd3792fc4631ad1ea0da5e99893034361f8047ceb39432a84cdb9fa9e8aa51b57fb35414f7926c953f92a99dd778add2d916b4a5e0faba98b52d08131270d09b541890eadbbf5db3941e651571a67282c9319201b73d58816b5072379efebfdd7074fe8e931868653aa698f601d6a3f6a83c5e9c4c51f13df811523b651e9d9efd35d3c09cd067c22aa00bc4324b24f1b981260c11c06a2ccf5bcef06bb858a11f287888ebe1b54d31f888445a80fca88e8fc770a9d3ca8279b6bfb0853b10ff56f4c4ba29b3de3227bca3399746b67445c7bd39d36ebf55d327c32e78d9a13a27c12e61ff93674eaad8d01278d59feee5e504e978684969586cc0f61af7f6b781bc1c16092e53dac6ecca1a482bf78df9b78f8bf77d04418aa35140fba3752cea841e316232ad9f28be3e9321f73cdbc943f6fd9b91ab64b5eda7ff3214db7af4ebfc88963c9fb197fc812da6cae32a74df0bc88f8a8de28c52948886c76d6c3b3c56a51a3c1d715f66c3ea98223ebbb4085697985ce76305a4fff61c9616dfbf316bc541e0ff90c67900736321c77bf8fc96b1ddcb43ad2e73ce5d55eb989e14219f6b01e50960c455a2de1c6958882afec4730d152094dd0f4e659c59be5054500bac49f8ce1aba25f745b364836252bfa6cd755143ce2015ab1464e0460a185a3583beabbbfd3332a290f70f4c2d589b9eb89aa0fc3dff8909648e498f921d853a7fe59dda4d4fb8c251c951638ba9b06635560ef99e9a4c0889477c58cbbca4e87f79d98eb3a67f650455d2fbb03342c3ec6066ca09ebde054fc508859a434c66a572a6db62c485bee5f7946af94711862c0999b1b1fbefb38bfa4f8eb06207db41fa2ca93eccdaec1dc8cafd7cfc72fb0a395ce46a4cef00bc84f9e7be6f081d5e29f4e21705bf32d76eba68efe663d75cb00c79a4bdce9c12f433cd2b9499d772612b8ee7bb83994003d87e61cfa63356a86a7674b1468d41dcdc36d90d298d679b658a5b4b7605503c4050568cb2ec580e3b36c62c1c616c6440f370983680439ddd237e6e2be9ed5f99e1ff9b4e66574418c88b5902330e595fb05b45c1147a9a4ffe3e3677dd53e57ae20e11d505d453b01043f40f79479cea40ca806e7a9ff92441114b3d759fcffde0ae8379eecbde393f51db79adddddf70d138151a4b38fc7b564d2cbf07e2554f77b8f4825df1dbc1023cf958bd9ddfe5becb563278f4a6d64889ec60a0ba7f1dd7877f193c2cf0e7e33d21e2bd7c14de7e7f11aa46d4cd6fc0d187b8222b3b1d5b0f255f5b8efc569a804adae74fc4a356ddbe2fc7d895fbe11914eec42edd76e320a9052570cff1e0b3a501c20076144a99e265b5d82b5dbc5db852125741b87fad163b115b472d88ff04b7c21e653200f87f8783e38fdcbfd4f2c9fc49e2bccfc7d3ee85e0ee18a51e23c793fd8f827f6212ab9683c5d799ce10bd05f77b1d7db5a1a34219fcae4cb4d74dd69bd93cb466e2d814fdd11cada79fb452cac104ca37a272beff13ce26126f641da8015f808f8c8fd9d679a3662947e0aa4ed1a1455af100a4f648c05a4fddc207eb7a4f704f0c9c81b6ce7f95fec81f7452b3179f5ad1b988d8e43fbfec4a74f417800bd9a2d50610dac4db214a3371271aabd0e1b2ab4f714c406d0e7eb2dcb473b495c18fd690b686fbb382e3dc383960957437c8f521ef6073b01b9f154cad6827c97d039d5e25c83a62ddae6266de4eb04de311c992094ba772028b4dc31b61f5bc9e6f2feb1eb0aa699de4f3312daec5f4306636f55283ab2a289bbdb4f94085b57618644a149898dc945e58b8c8d184759e7ac647151d2a2c23ad36e4dbd2bbe9ae504e781df871a16304142c519ba0dea57f95a859f8b13d7f6e6db57a97daf90d4da0a6ac9cd14ab508d00d3a164621583476f1041a630258f74c78c63f49d756a26c39aa49f52ba4c1ccb3005e999a308ea06ae1bdb7d3bfd5f55d9842f7bfc0a6417bb81a1cf55473c3a371f4f68af31040c2c4f46eb9f8d8e5114f078b7c08f6cdf7876dc897bb3a3db9be0ac22b4eb61233829247feef7c3b9ad61846533f8dfb6e169536bc3a07ffb6072c85fe50fc1cda8a15af1da0ff901fe3f22c2eccf4bc1067d7ba67438a4370ef577f50ccc4cf8b7a1b0744e9e8bedb80f2511cd1ef95fdcde87f8c443d8a81e3d7b668d5201d8abae4897990395f1ab93ee5ce0e80df7b20417ae789dbff493b1c8a3a96c48b5fd46426faa167bbd74bb6cda1d72506188be9d57012723869fe5d54a9c0e13b25869ab47669d8d0640aca98c6836bdf0d75c9f2fcd068b5526f415dc78cf846ae52a7f741df7b0fa34fda9b4e011367b567b2d9647a5e8a48285a46c1f76218007acce94208c3d7e14c7254761a80a019993e97d5e33fb98f5f20a8d1d7faf771edd02e22e698fc44a53959337b5a5294ea5011dcfcb89bb0ed8930e5ad10478346fad5f5a8847cf4ce88385ea126032cb54ef0d168d471b83a8ec20de078442d5da845c8e6f567f8e3a3ed40e0a255861176ce8927c620f73b156689e4c711855e41989a2b598a38ea0aa0346b737e4252f5466727f29f3d68698bc8dfd813e8c7c7b47d72d79f1bab31d829a9c6b0a9107ecdc3de9498e98511aafe070d1a599c3613fe0ccf2632a98313cac1252b50bd1f7648d5c29198368e3f37404ab3f52aa0f515aa074c90242a2a0b17da7063a7c3485b46f4a8603ef0b940cd96bbc0ad18f059d3e71305df0254540e9709c59c4c179f4bd9d012f79394adab9172a434fc40f0cc30b87fcea9f7ff734433a2bae2fbd2e4b34cfca33fd489c21bc43351a123d0b2f21534f3e449f08bef8c009d63f029686c28ede9c4132b6fe1e8c8212308e9a94ee5c0bfc50bcb04ae70cc9a253f000323af2602a6ce3bf6f3d6d7185875bd066360f7108169a517df35271a95fdd2a22b1091656f09f031874e08580113e766b8128230949758bd9be87bbf812ff708b6488e722a81a4ed78512ac417c3b7ab9c7019dbd72e7cee9d0be8411bc3583b9651090960ece9eadfafe6344799078134dc4ad71b5c4eb820c5d437a5877ff0aa5088acae64c1cfa23a45c7cdbee9c201cbf4170c919066d4ae47aa838902cb0c50126333ab15364abd905f51c281781c3edadc905917188b9ee86d26f91158818227c12b7084f7baf38549b224db4ef3569bd73f8dd59d2ad02ce62b069d2f3d3a3d8f3aa54153a4ef06cd87a6f9ec404d74603d3b2dac10fb8107b9f9eb2963dd45e16897e2c6fc1f5d9cc9472699ff68545f5bda49964988c0282a357275a2134d81406717b65e637c21ef8ba6571e20de1a9dceaa1635b4035749d27bbbd7704c11f3a278d101c84523044a15ed6fae2b315f6b624743ff62a193a1ea7dcc94ab2f41611344ff226a29dab5eeb2c5cf3b14a994575c682202db7baec0f9217244b362e43b26cc088d9beb22fa568fc5fbb985d70e887f4c4bc395919d7e5bea5106c20a999e802d4a7ebd8195d2f23ef99676fd6d3a619a7aafd69a984309b575681cc89a61cb80c888633ba318a511a652eb37885f681e9a49910d6acff754958c907f5a6b59ea7e45d684da8442431a40e38fb4d95c698b52e426f1d3bc534508f4eae6bf1eb42f7e47a9c51be1e3acefd9670b27f99eda40989b2bd9e5fc0c9333e59c655b7cd9624bfbe8648bd60732ca31f206425f01df1219f4137f0c09a22dc93e8bfffdd6275f327ccaa1982f121cbfa72641cd636a62054d399d96b0d2009b61561d1a17bb1650a84ddec3a42d99e778f37a263dff27ad571ac25734ab1d9ac5dfab717a03ee6215780ba4a3d94abba2d70f47c80ecbe32bb09e1e37253b29c587d9aa1162864c3c39ee74c629343ef936aa686f664115bc2c23fb475a8260e74de947cfc249dd1ccc1f538c91c46b80ba279fb86d10e22b4e682dbe55b6ad062b99ade568087bd06c9beb6ba11d21e62e1aa09401ced94fe6d554a64decf9c5fe96ecc8dd15669e0e129730d6620c03715d062255785802479d08a4d8605d5fc51a7fe88d6473e91f3081d34b210882c63687620569e92a259fc96641d70c8597f5492c88850b053460f46d47de5b754e8781048f204b5ce0a7e67998a9ff85a3469e6a2cb1899e4da1f1f50bac4a32abdfde4341f088c64a612b44e595b09dd656f6482d8ace04763ba072d179c7b1fa94aec8c3d66a1eede958b5977cc28ca4a0546acd59e1d19b5eca5097909d7109863c4ca40471c909cd9aa3088a4882f8591492491c30c782fb5f10f1eedabd506fec234b7109d63d3f6406ef7500924cc2b43ba4900a39bb1363e6432dc4358677e4717bf9a5fa2b57edf22dacb7c0665c651f528264ac4125cfea1d4b59332799119c9e77adaaa8c487ff4d9ffc6ecff2258f86901c70a858445a900fe8bdc8e3b5c97a9bcf43e073c50e64cb7c74dcb1b5cd398a436e6d68b9094ad08ce5e200819b11af77dfc188a6fc6131c41a9403b6ff4c39e6663dc354d65200b5267e4221de02c8dd628449ad8529f049b08d27b8408e3cd8ed5220685e0f1787b7e03557d65a467ee1838244439f9ab853b0f86ad628f65334bf85196ad25623e9ce7204becdd2a71a6e310e9c5133f2f48e249df762f5acbfa8cc72c83cef023bfd1e9714b9f7744a8ada300a2d8bb4b968c1eaef12ad8682e2e2e33d51ab18d8a1948bc30787bcbbd8da4b89216cf34c0f318947f8c736dfe89f1d17276ca5ee6acfcccb60683f91d03d6d296d7d33a71d6e68d3e57c937ac9fb5018c4b81fb6966faa93a068bc6ad9d61799113d16135676c91ed1f66b3bdfccdf672b85b1ab8e7d46b69c13d92943c10f07f543968a7ccfc95fb1774e86f158b97d5f6e3536789a250b77a53b2d0446672c36b0607a40fe2bae4376b1fd92061df8a7317310e6158abea97867fd8c1b87aa351b9c1fad2962e05c664cb34278ef8c21fb1006da31fdfaf7735233dca6ffb114d1dbc72f6ddc30705671f4bc60261a499b659dd36d67dfe7ebbcf621d311575ded8dd991f367c49f88fbea852a4c0184f43daf4e178aaec67ccb746b3a987ab91437bc79f5fe591de859571aa32ae219bfdefcd24c7d2d4c6a913fad834326a16fef9e477f6116e79030c28d2f4d5e17473a84160992b345ef52d1ba2e02408ec54b6c794bab4e24aba2787d3cbc5ac7d6739c8b3be8441776f09693ccbe0d14e3451807f39c993901bf1b4f12ac2c534f76bd238d6b68d65e21f64a7858061c5bdc04289d2aab9c9316e48648a1f73c1f6d285ef6c7a54913ba9271581481c323a650c29be2c348ede6d4664624d17bc1017e1f2fc57390d4450e3ce97551bde615a40990314a33ddda8ff6307c51b1caf85a0a504cdff94eb9f53d69e64f0b924bf2c58caef61cc0d80e178a32206ee5a46d0fe8cac10b1d697f6dca6eec9c3c47eea7b8edb2a419b18bf984a56ad0ddfd062e7db4cc2bc403c78828407c150cb46d206f43e023f829390c1f4b8015a4aaecbddf931b0d5bdbba9cbd397beacc01a24501f9a461cb7134b49d6b53eba69eec00050fb2d6e0667b52c8c6dec7ba2282cd1583e00b4e55d836b1e3e67abad1b0e7d4bffc0179928f59bc3b19a986f6932c8c6151e46ad9ebf29b911dbf3c127373d331ca1458", 0x1000}], 0x7, &(0x7f0000001540)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x8c}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x10}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x81}}], 0x60}}], 0x2, 0x449c4)

165.345757ms ago: executing program 1 (id=354):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe)
writev(r0, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000600)="1c8a8ee8172a689c01c010c4124307315f1ef1581f2914cfffca4b88eb51cdc82a8028708060a130dd1167eb72bade8844235b70c92e1ef326e6ca534e9185b4a306efbaaa08eca588be80ad404e98f51c784ec34def2c39b7e5e0341ea4e32981a8794eeff8261abe98cb6899db222741efc895eba5084ed1f5ad3a9c75b18908e556e3b32c489cd972585c7b6b0e756f136878f08f1f582b5baacc299901e9e8402ad94c5dac9be9106213461e4c2b69344752124976ee06534917b85f6125bbc128d7265571adc7c0752195238e0b71e64b2c914fd6fc63cf92600da617784f7479aebd86e88c85e7607430ff224e13ec8fe2a4295ffe71922ff0fb41850b544f52c6365b1d0fe0dce064bcef7abdd037115deef792b6c244212db1b08249df97537e3a82522992b797d51e9f6ff23c596a910d93fe1586c6c2f723879fe3d4cfe7e8c4db27c378221b4ccf234b8ac74d2a49f1bfbf0b6cb42c1085f336dfe4d2ed66eb5b21f836b5aebbff609b468487384b8c5bf98222e5f10b8273d6d4441eeafc6d2e3513a731b8c6e9130dee3428cd1b560773f5ff934be2f675c9c766e3bbc0fb09ddedf6eb95edd211a32b86dc6e1dcda2f934757837496d557451f71515c74d2b8d774f515c9f4137ef9162eefb95b77fac1f32ded0acb9c2b5abd3fad147532132a94b17ddc67a2dec8699f9e04a29c06b4890ea0ce7819456042b165ba7f0ad1ff9ab08976edadf1ac6f88a22ccf6997f063ed8eb11527d981bc9afc3d0ef557c37a23da2722b9f832b24f750a2349e109e0adac6a8feb453d2a4d5b7b1c66445d193d6e7e2e0900d234d569c5fb318eca7cb7b20913edeea671555354174595bc0cb7c783f548c2495fdd62a0c90002a20c3813d9a0dcc29c6c7acf8b9ab2d8bd7948ad163c660fc1af8a08fb32b8c215bfa728506576fc8b0f424e3772343adfcb480408c308e6be53fb4a708af274395d2d620b492b63a24d4ff2b5e16f4bdb7cc40e1d1258f7cb641bfab016c567a5e6dfd8bf915f2c0f877b8d1afc1ff1c86918b3b4b18c83725bf3c72c2d6727a5d05f5e407607c16d4c7c3d22ca7d65b5559f2fd5306cdc0c03973686ef0679b254cf42050ce3b05d68821614821674747c6b4fa8035e1890a0215db541fc651e007349daf194218d2a09da50e281c2b96866b4ef6a8200366be33b75cdb2562b664c3c7e224669c6273a01cd3bad128cc84abe0dc80b89bbb9e27b22339070f1d04ecaa2aefd6d6042d5154658fe329bdd85a575c397dbe6620313d064caa43129d5681f4ea6544d0eadf88538f5350997e16be552aa3fa8ffd1f6ed436e24e19b0e190c57f676e4fb82d1b9264d11f7a4a81921f152efcbfac0c4bb8b90f76e09dbd4c6444fb64c1d42bbc192fa16a219025c4750d22e1f52044d428b634", 0x3f6}], 0x2)

144.715487ms ago: executing program 4 (id=355):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000180)=0x200000, 0x4)
getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, 0x0, &(0x7f0000000400))
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(0x0, r4)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r5, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x1c}}, 0x4000081)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x0)
r7 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r7, 0x1, 0x23, 0x0, 0x0)
r8 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r8, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x10)
bind$inet(r7, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r7, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=""/127, 0x7f}}], 0x1, 0x0, 0x0)
sendto$inet(r7, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_int(r7, 0x0, 0x36, &(0x7f0000000080)=0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)

106.750375ms ago: executing program 0 (id=356):
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1e0000000000000005000000ef00000004000000", @ANYRES32, @ANYBLOB="00000000ebff00000000000000000000e2ff0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000240)={'syztnl0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x10, 0x8, 0xfb, 0x8001, {{0x5, 0x4, 0x3, 0x5, 0x14, 0x65, 0x0, 0x2, 0x29, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
socket(0x10, 0x2, 0x0)
r5 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000480)={'ip6_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', r6, 0x29, 0x9, 0xbc, 0x0, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, 0x10, 0x0, 0xe7, 0x2}})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x40, 0x400, 0x5, 0x80, 0x7}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000711227000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
accept4$unix(r0, 0x0, &(0x7f00000000c0), 0x800)
r8 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x16, 0x2, &(0x7f0000000040)=@raw=[@call={0x85, 0x0, 0x0, 0x8b}, @exit], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f00000006c0)={'gretap0\x00', &(0x7f0000000000)=@ethtool_gfeatures})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'pimreg\x00'})

0s ago: executing program 3 (id=357):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0xf5, &(0x7f0000000100)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x1a, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_HANDLE={0xc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.130' (ED25519) to the list of known hosts.
[   69.097181][ T5820] cgroup: Unknown subsys name 'net'
[   69.208638][ T5820] cgroup: Unknown subsys name 'cpuset'
[   69.217188][ T5820] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   70.634649][ T5820] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   71.488692][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[   71.495082][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[   74.611275][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   74.620469][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   74.628523][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   74.636067][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   74.643976][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   74.676504][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   74.693300][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   74.710339][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   74.710979][ T5848] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   74.720344][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   74.725732][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   74.732162][ T5840] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   74.740568][ T5848] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   74.746393][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   74.753342][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   74.759568][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   74.767071][ T5848] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   74.778622][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   74.781183][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   74.796369][ T5146] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   74.800416][ T5848] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   74.803885][ T5146] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   74.810808][ T5848] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   74.825241][ T5848] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   74.825555][ T5850] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   74.839414][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   74.839477][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   74.841042][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   74.862128][ T5845] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   74.872938][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   75.102413][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.112753][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.148201][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.159103][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.196084][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.209234][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.216990][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.224832][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.237678][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   75.292055][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.321359][ T5859] Bluetooth: MGMT ver 1.23
[   75.324828][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.339627][ T3551] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.350485][ T3551] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.385182][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.393437][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.397864][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.401941][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.460737][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.494035][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.510579][ T3551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.521236][ T3551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.751836][ T5867] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   75.818910][ T5870] syz.4.5 uses obsolete (PF_INET,SOCK_PACKET)
[   76.003712][ T5878] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[   76.036219][ T5879] netlink: 'syz.4.5': attribute type 9 has an invalid length.
[   76.312701][ T5888] tipc: Started in network mode
[   76.326325][ T5888] tipc: Node identity 3638a63d953b, cluster identity 4711
[   76.333821][ T5888] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   76.566194][ T5891] syzkaller0: entered promiscuous mode
[   76.581971][ T5891] syzkaller0: entered allmulticast mode
[   76.596544][ T5891] tipc: Resetting bearer <eth:syzkaller0>
[   76.780565][ T5900] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   76.794222][ T5887] tipc: Resetting bearer <eth:syzkaller0>
[   76.856366][ T5845] Bluetooth: hci1: command tx timeout
[   76.875977][ T5902] Zero length message leads to an empty skb
[   76.925536][ T5845] Bluetooth: hci0: command tx timeout
[   76.931360][ T5845] Bluetooth: hci4: command tx timeout
[   76.935394][ T5842] Bluetooth: hci3: command tx timeout
[   76.937403][ T5850] Bluetooth: hci2: command tx timeout
[   77.386305][ T5853] tipc: Node number set to 2734925373
[   77.592090][ T5912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12'.
[   78.469278][ T5887] tipc: Disabling bearer <eth:syzkaller0>
[   78.672794][ T5923] openvswitch: netlink: IP tunnel dst address not specified
[   78.788763][ T5928] netlink: 96 bytes leftover after parsing attributes in process `syz.0.14'.
[   78.926229][ T5850] Bluetooth: hci1: command tx timeout
[   79.005940][ T5850] Bluetooth: hci2: command tx timeout
[   79.005960][ T5845] Bluetooth: hci4: command tx timeout
[   79.011391][ T5850] Bluetooth: hci3: command tx timeout
[   79.016968][ T5836] Bluetooth: hci0: command tx timeout
[   79.600125][ T5942] netlink: 'syz.3.18': attribute type 1 has an invalid length.
[   79.897185][ T5951] warning: `syz.0.20' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   80.055668][ T5959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21'.
[   80.098157][ T5959] nr0: entered promiscuous mode
[   80.117048][ T5959] netlink: 96 bytes leftover after parsing attributes in process `syz.3.21'.
[   80.162955][ T5959] vlan0: entered allmulticast mode
[   80.199796][ T5964] netlink: 16 bytes leftover after parsing attributes in process `syz.0.22'.
[   80.253391][ T5968] netlink: 'syz.2.24': attribute type 27 has an invalid length.
[   80.267194][ T5964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22'.
[   80.390198][ T5977] netlink: 1296 bytes leftover after parsing attributes in process `syz.2.24'.
[   80.441372][ T5977] openvswitch: netlink: Flow key attr not present in new flow.
[   80.657671][ T5985] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   80.897439][ T5991] netlink: 4 bytes leftover after parsing attributes in process `syz.4.28'.
[   81.005547][ T5845] Bluetooth: hci1: command tx timeout
[   81.086128][ T5845] Bluetooth: hci4: command tx timeout
[   81.091932][ T5836] Bluetooth: hci0: command tx timeout
[   81.095522][ T5850] Bluetooth: hci3: command tx timeout
[   81.097629][ T5836] Bluetooth: hci2: command tx timeout
[   81.720748][ T6002] openvswitch: netlink: Invalid VLAN frame
[   81.916443][ T6022] netlink: 20 bytes leftover after parsing attributes in process `syz.0.33'.
[   82.935246][ T6011] syzkaller0: entered promiscuous mode
[   82.943017][ T6011] syzkaller0: entered allmulticast mode
[   82.952281][ T6002] syzkaller1: entered promiscuous mode
[   82.957860][ T6002] syzkaller1: entered allmulticast mode
[   83.086792][ T5836] Bluetooth: hci1: command tx timeout
[   83.167383][ T5836] Bluetooth: hci2: command tx timeout
[   83.167497][ T5845] Bluetooth: hci4: command tx timeout
[   83.175547][ T5842] Bluetooth: hci0: command tx timeout
[   83.184094][ T5836] Bluetooth: hci3: command tx timeout
[   84.012443][ T6035] netlink: 16 bytes leftover after parsing attributes in process `syz.1.37'.
[   84.021595][ T6035] netlink: 28 bytes leftover after parsing attributes in process `syz.1.37'.
[   84.037025][ T6035] ip6gretap0: entered allmulticast mode
[   84.288430][ T6054] netlink: 48 bytes leftover after parsing attributes in process `syz.2.39'.
[   84.339740][ T6054] netlink: 96 bytes leftover after parsing attributes in process `syz.2.39'.
[   84.375013][ T6054] vlan0: entered allmulticast mode
[   84.393628][ T6058] netlink: 28 bytes leftover after parsing attributes in process `syz.4.43'.
[   84.402862][ T6058] netlink: 28 bytes leftover after parsing attributes in process `syz.4.43'.
[   84.548950][ T6062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.45'.
[   84.562187][ T6062] netlink: 12 bytes leftover after parsing attributes in process `syz.4.45'.
[   84.847856][ T6078] FAULT_INJECTION: forcing a failure.
[   84.847856][ T6078] name failslab, interval 1, probability 0, space 0, times 1
[   84.885808][ T6078] CPU: 0 UID: 0 PID: 6078 Comm: syz.4.47 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[   84.885836][ T6078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   84.885852][ T6078] Call Trace:
[   84.885858][ T6078]  <TASK>
[   84.885866][ T6078]  dump_stack_lvl+0x241/0x360
[   84.885909][ T6078]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.885937][ T6078]  ? __pfx__printk+0x10/0x10
[   84.885965][ T6078]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[   84.885997][ T6078]  ? __pfx___might_resched+0x10/0x10
[   84.886022][ T6078]  should_fail_ex+0x3b0/0x4e0
[   84.886046][ T6078]  should_failslab+0xac/0x100
[   84.886076][ T6078]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[   84.886106][ T6078]  ? scm_fp_dup+0x5d/0x3b0
[   84.886140][ T6078]  kmemdup_noprof+0x2a/0x60
[   84.886160][ T6078]  scm_fp_dup+0x5d/0x3b0
[   84.886184][ T6078]  ? unix_stream_read_actor+0x7b/0xb0
[   84.886211][ T6078]  unix_stream_read_generic+0xcc7/0x26b0
[   84.886240][ T6078]  ? mt_find+0x2a9/0x920
[   84.886293][ T6078]  ? __pfx_unix_stream_read_generic+0x10/0x10
[   84.886340][ T6078]  unix_stream_recvmsg+0x22b/0x2c0
[   84.886368][ T6078]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[   84.886392][ T6078]  ? __pfx_unix_stream_read_actor+0x10/0x10
[   84.886417][ T6078]  ? iovec_from_user+0x61/0x240
[   84.886450][ T6078]  ? __import_iovec+0x3a8/0x870
[   84.886477][ T6078]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[   84.886503][ T6078]  sock_recvmsg_nosec+0x18e/0x1d0
[   84.886535][ T6078]  ____sys_recvmsg+0x3cd/0x480
[   84.886567][ T6078]  ? __pfx_____sys_recvmsg+0x10/0x10
[   84.886602][ T6078]  ? do_recvmmsg+0x44e/0xab0
[   84.886625][ T6078]  ? __might_fault+0xaa/0x120
[   84.886651][ T6078]  do_recvmmsg+0x426/0xab0
[   84.886685][ T6078]  ? __pfx_do_recvmmsg+0x10/0x10
[   84.886729][ T6078]  ? ksys_write+0x22a/0x2b0
[   84.886751][ T6078]  ? __pfx_lock_release+0x10/0x10
[   84.886782][ T6078]  ? sb_end_write+0xe9/0x1c0
[   84.886810][ T6078]  ? vfs_write+0x730/0xd30
[   84.886833][ T6078]  ? __mutex_unlock_slowpath+0x227/0x800
[   84.886872][ T6078]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   84.886902][ T6078]  ? __fget_files+0x2a/0x410
[   84.886944][ T6078]  __x64_sys_recvmmsg+0x199/0x250
[   84.886971][ T6078]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[   84.886996][ T6078]  ? do_syscall_64+0x100/0x230
[   84.887028][ T6078]  ? do_syscall_64+0xb6/0x230
[   84.887048][ T6078]  do_syscall_64+0xf3/0x230
[   84.887064][ T6078]  ? clear_bhb_loop+0x35/0x90
[   84.887087][ T6078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.887111][ T6078] RIP: 0033:0x7efdf858cda9
[   84.887131][ T6078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.887145][ T6078] RSP: 002b:00007efdf945e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   84.887164][ T6078] RAX: ffffffffffffffda RBX: 00007efdf87a5fa0 RCX: 00007efdf858cda9
[   84.887177][ T6078] RDX: 0000000000000700 RSI: 0000000020001140 RDI: 0000000000000004
[   84.887187][ T6078] RBP: 00007efdf945e090 R08: 0000000000000000 R09: 0000000000000000
[   84.887198][ T6078] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[   84.887208][ T6078] R13: 0000000000000000 R14: 00007efdf87a5fa0 R15: 00007ffee028a2b8
[   84.887235][ T6078]  </TASK>
[   85.128216][ T6084] openvswitch: netlink: Invalid VLAN frame
[   85.246893][ T6088] netlink: 1744 bytes leftover after parsing attributes in process `syz.0.52'.
[   85.382270][ T6092] ip6t_srh: unknown srh match flags  4000
[   85.581892][ T6083] syzkaller1: entered promiscuous mode
[   85.588334][ T6083] syzkaller1: entered allmulticast mode
[   85.837762][ T6108] tipc: Started in network mode
[   85.852170][ T6108] tipc: Node identity be118edb81e8, cluster identity 4711
[   85.865868][ T6108] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   85.910634][ T6108] syzkaller0: entered promiscuous mode
[   85.916461][ T6108] syzkaller0: entered allmulticast mode
[   85.922671][ T6108] tipc: Resetting bearer <eth:syzkaller0>
[   85.949688][ T6107] tipc: Resetting bearer <eth:syzkaller0>
[   86.030869][ T6114] Bluetooth: MGMT ver 1.23
[   86.310021][ T6129] FAULT_INJECTION: forcing a failure.
[   86.310021][ T6129] name failslab, interval 1, probability 0, space 0, times 0
[   86.322879][ T6129] CPU: 1 UID: 0 PID: 6129 Comm: syz.0.62 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[   86.322925][ T6129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   86.322937][ T6129] Call Trace:
[   86.322945][ T6129]  <TASK>
[   86.322953][ T6129]  dump_stack_lvl+0x241/0x360
[   86.322991][ T6129]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.323021][ T6129]  ? __pfx__printk+0x10/0x10
[   86.323052][ T6129]  ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0
[   86.323094][ T6129]  ? __pfx___might_resched+0x10/0x10
[   86.323122][ T6129]  should_fail_ex+0x3b0/0x4e0
[   86.323147][ T6129]  should_failslab+0xac/0x100
[   86.323178][ T6129]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[   86.323211][ T6129]  ? __request_module+0x2d5/0x640
[   86.323246][ T6129]  kstrdup+0x39/0xb0
[   86.323267][ T6129]  __request_module+0x2d5/0x640
[   86.323299][ T6129]  ? capable+0x79/0xe0
[   86.323320][ T6129]  ? __pfx___request_module+0x10/0x10
[   86.323352][ T6129]  ? __pfx_lock_release+0x10/0x10
[   86.323384][ T6129]  ? apparmor_capable+0x13b/0x1b0
[   86.323415][ T6129]  ? bpf_lsm_capable+0x9/0x10
[   86.323437][ T6129]  ? security_capable+0x7e/0x2d0
[   86.323464][ T6129]  ? dev_load+0x21/0x1f0
[   86.323488][ T6129]  dev_load+0x18f/0x1f0
[   86.323514][ T6129]  dev_ioctl+0x772/0x1340
[   86.323544][ T6129]  sock_do_ioctl+0x240/0x460
[   86.323574][ T6129]  ? __pfx_sock_do_ioctl+0x10/0x10
[   86.323618][ T6129]  sock_ioctl+0x626/0x8e0
[   86.323646][ T6129]  ? __pfx_sock_ioctl+0x10/0x10
[   86.323672][ T6129]  ? __fget_files+0x2a/0x410
[   86.323705][ T6129]  ? __fget_files+0x2a/0x410
[   86.323737][ T6129]  ? __pfx_sock_ioctl+0x10/0x10
[   86.323765][ T6129]  __se_sys_ioctl+0xf5/0x170
[   86.323789][ T6129]  do_syscall_64+0xf3/0x230
[   86.323809][ T6129]  ? clear_bhb_loop+0x35/0x90
[   86.323835][ T6129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.323856][ T6129] RIP: 0033:0x7fde6c78cda9
[   86.323873][ T6129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.323888][ T6129] RSP: 002b:00007fde6d577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.323908][ T6129] RAX: ffffffffffffffda RBX: 00007fde6c9a6080 RCX: 00007fde6c78cda9
[   86.323922][ T6129] RDX: 0000000020000b00 RSI: 0000000000008946 RDI: 0000000000000003
[   86.323933][ T6129] RBP: 00007fde6d577090 R08: 0000000000000000 R09: 0000000000000000
[   86.323945][ T6129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.323956][ T6129] R13: 0000000000000000 R14: 00007fde6c9a6080 R15: 00007ffe9808c6f8
[   86.323983][ T6129]  </TASK>
[   86.851327][    T9] cfg80211: failed to load regulatory.db
[   86.948069][ T5853] tipc: Node number set to 1073319643
[   87.264432][ T6107] tipc: Disabling bearer <eth:syzkaller0>
[   87.472633][ T6136] netlink: 144 bytes leftover after parsing attributes in process `syz.3.64'.
[   87.746408][ T6146] netlink: 'syz.0.63': attribute type 1 has an invalid length.
[   87.786783][ T6153] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[   87.844671][ T6142] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   88.388031][ T6177] openvswitch: netlink: Invalid VLAN frame
[   88.671995][ T6177] syzkaller1: entered promiscuous mode
[   88.693779][ T6177] syzkaller1: entered allmulticast mode
[   88.708855][ T1150] syzkaller1: tun_net_xmit 70
[   89.697223][ T6221] __nla_validate_parse: 3 callbacks suppressed
[   89.697240][ T6221] netlink: 4 bytes leftover after parsing attributes in process `syz.4.78'.
[   89.738124][ T6221] netlink: 4 bytes leftover after parsing attributes in process `syz.4.78'.
[   89.763026][ T6221] netlink: 32 bytes leftover after parsing attributes in process `syz.4.78'.
[   89.941710][ T6229] netlink: 8 bytes leftover after parsing attributes in process `syz.4.79'.
[   90.128023][ T6238] netlink: 84 bytes leftover after parsing attributes in process `syz.3.80'.
[   90.496717][ T6255] FAULT_INJECTION: forcing a failure.
[   90.496717][ T6255] name failslab, interval 1, probability 0, space 0, times 0
[   90.546306][ T6255] CPU: 1 UID: 0 PID: 6255 Comm: syz.1.85 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[   90.546334][ T6255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   90.546345][ T6255] Call Trace:
[   90.546351][ T6255]  <TASK>
[   90.546358][ T6255]  dump_stack_lvl+0x241/0x360
[   90.546390][ T6255]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.546415][ T6255]  ? __pfx__printk+0x10/0x10
[   90.546439][ T6255]  ? __kmalloc_node_noprof+0xb9/0x4d0
[   90.546465][ T6255]  ? __pfx___might_resched+0x10/0x10
[   90.546488][ T6255]  should_fail_ex+0x3b0/0x4e0
[   90.546510][ T6255]  should_failslab+0xac/0x100
[   90.546535][ T6255]  __kmalloc_node_noprof+0xe1/0x4d0
[   90.546560][ T6255]  ? __kvmalloc_node_noprof+0x72/0x190
[   90.546578][ T6255]  ? is_bpf_text_address+0x26/0x2a0
[   90.546604][ T6255]  __kvmalloc_node_noprof+0x72/0x190
[   90.546624][ T6255]  bpf_test_run_xdp_live+0x21d/0x2230
[   90.546644][ T6255]  ? arch_stack_walk+0xfd/0x150
[   90.546677][ T6255]  ? stack_trace_save+0x118/0x1d0
[   90.546697][ T6255]  ? __pfx_stack_trace_save+0x10/0x10
[   90.546716][ T6255]  ? stack_depot_save_flags+0x37/0x940
[   90.546742][ T6255]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[   90.546760][ T6255]  ? mark_lock+0x9a/0x360
[   90.546825][ T6255]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   90.546856][ T6255]  ? __might_fault+0xc6/0x120
[   90.546877][ T6255]  ? _copy_from_user+0x95/0xb0
[   90.546902][ T6255]  ? bpf_test_init+0x15a/0x180
[   90.546919][ T6255]  ? xdp_convert_md_to_buff+0x5b/0x330
[   90.546941][ T6255]  bpf_prog_test_run_xdp+0x805/0x11e0
[   90.546966][ T6255]  ? __pfx_lock_release+0x10/0x10
[   90.546995][ T6255]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.547016][ T6255]  ? __fget_files+0x2a/0x410
[   90.547043][ T6255]  ? __fget_files+0x2a/0x410
[   90.547071][ T6255]  ? fput+0x21b/0x290
[   90.547095][ T6255]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   90.547116][ T6255]  bpf_prog_test_run+0x2e4/0x360
[   90.547140][ T6255]  __sys_bpf+0x48d/0x810
[   90.547159][ T6255]  ? __pfx___sys_bpf+0x10/0x10
[   90.547188][ T6255]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   90.547212][ T6255]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   90.547234][ T6255]  ? do_syscall_64+0x100/0x230
[   90.547254][ T6255]  __x64_sys_bpf+0x7c/0x90
[   90.547271][ T6255]  do_syscall_64+0xf3/0x230
[   90.547288][ T6255]  ? clear_bhb_loop+0x35/0x90
[   90.547310][ T6255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.547328][ T6255] RIP: 0033:0x7f44db58cda9
[   90.547343][ T6255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.547357][ T6255] RSP: 002b:00007f44dc475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.547375][ T6255] RAX: ffffffffffffffda RBX: 00007f44db7a5fa0 RCX: 00007f44db58cda9
[   90.547388][ T6255] RDX: 0000000000000050 RSI: 0000000020000140 RDI: 000000000000000a
[   90.547398][ T6255] RBP: 00007f44dc475090 R08: 0000000000000000 R09: 0000000000000000
[   90.547409][ T6255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.547418][ T6255] R13: 0000000000000000 R14: 00007f44db7a5fa0 R15: 00007ffd8e140228
[   90.547444][ T6255]  </TASK>
[   91.427502][ T6273] netlink: 56 bytes leftover after parsing attributes in process `syz.3.88'.
[   91.626152][ T6280] netlink: 24 bytes leftover after parsing attributes in process `syz.3.90'.
[   92.285181][ T6306] trusted_key: syz.1.97 sent an empty control message without MSG_MORE.
[   92.316153][ T6304] openvswitch: netlink: Invalid VLAN frame
[   92.451971][ T6317] netlink: 'syz.0.95': attribute type 1 has an invalid length.
[   92.675724][ T6304] syzkaller1: entered promiscuous mode
[   92.688972][ T6304] syzkaller1: entered allmulticast mode
[   92.711941][ T1150] syzkaller1: tun_net_xmit 70
[   92.765529][ T6324] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   92.848122][ T6326] syzkaller0: entered promiscuous mode
[   92.870771][ T6326] syzkaller0: entered allmulticast mode
[   92.913593][ T6326] tipc: Resetting bearer <eth:syzkaller0>
[   92.946204][ T6333] netlink: 8 bytes leftover after parsing attributes in process `syz.4.103'.
[   92.962490][ T6322] tipc: Resetting bearer <eth:syzkaller0>
[   93.303954][ T6347] netlink: 16 bytes leftover after parsing attributes in process `syz.1.106'.
[   94.205277][ T6322] tipc: Disabling bearer <eth:syzkaller0>
[   94.236276][ T6348] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   94.248014][ T6354] IPv6: Can't replace route, no match found
[   94.327786][ T6364] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.108'.
[   94.527555][ T6368] tipc: Started in network mode
[   94.536299][ T6368] tipc: Node identity 46620bc806bd, cluster identity 4711
[   94.543553][ T6368] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   94.652860][ T6368] syzkaller0: entered promiscuous mode
[   94.675496][ T6368] syzkaller0: entered allmulticast mode
[   94.682375][ T6368] tipc: Resetting bearer <eth:syzkaller0>
[   94.686737][ T6389] netlink: 'syz.0.113': attribute type 1 has an invalid length.
[   94.767258][ T6378] netlink: 'syz.3.114': attribute type 1 has an invalid length.
[   94.775760][ T6378] __nla_validate_parse: 4 callbacks suppressed
[   94.775780][ T6378] netlink: 224 bytes leftover after parsing attributes in process `syz.3.114'.
[   95.183610][ T6367] tipc: Resetting bearer <eth:syzkaller0>
[   95.615451][ T3073] tipc: Node number set to 1088359368
[   96.430205][ T6386] Set syz1 is full, maxelem 65536 reached
[   96.554382][ T6417] netlink: 48 bytes leftover after parsing attributes in process `syz.1.119'.
[   96.972558][ T6367] tipc: Disabling bearer <eth:syzkaller0>
[   97.004740][ T6414] netlink: 240 bytes leftover after parsing attributes in process `syz.1.119'.
[   97.118096][ T6427] x_tables: duplicate underflow at hook 2
[   97.363024][ T3073] hid-generic 0005:7FFF:0008.0001: unknown main item tag 0x0
[   97.389074][ T3073] hid-generic 0005:7FFF:0008.0001: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa
[   97.558616][ T6452] netlink: 144 bytes leftover after parsing attributes in process `syz.2.129'.
[   97.566986][ T6453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.127'.
[   97.597853][ T6454] netlink: 16 bytes leftover after parsing attributes in process `syz.1.126'.
[   97.691709][ T6461] FAULT_INJECTION: forcing a failure.
[   97.691709][ T6461] name failslab, interval 1, probability 0, space 0, times 0
[   97.699734][ T6462] netlink: 12 bytes leftover after parsing attributes in process `syz.2.129'.
[   97.735011][ T6461] CPU: 1 UID: 0 PID: 6461 Comm: syz.3.130 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[   97.735048][ T6461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   97.735058][ T6461] Call Trace:
[   97.735067][ T6461]  <TASK>
[   97.735075][ T6461]  dump_stack_lvl+0x241/0x360
[   97.735109][ T6461]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.735142][ T6461]  ? __pfx__printk+0x10/0x10
[   97.735178][ T6461]  should_fail_ex+0x3b0/0x4e0
[   97.735202][ T6461]  should_failslab+0xac/0x100
[   97.735229][ T6461]  ? dst_alloc+0x12b/0x190
[   97.735246][ T6461]  kmem_cache_alloc_noprof+0x70/0x380
[   97.735278][ T6461]  dst_alloc+0x12b/0x190
[   97.735302][ T6461]  ip_route_output_key_hash_rcu+0x13cc/0x2390
[   97.735339][ T6461]  ip_route_output_key_hash+0x193/0x2b0
[   97.735359][ T6461]  ? mark_lock+0x9a/0x360
[   97.735383][ T6461]  ? ip_route_output_key_hash+0xdf/0x2b0
[   97.735404][ T6461]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[   97.735437][ T6461]  __ip4_datagram_connect+0x8b8/0x1260
[   97.735473][ T6461]  __ip6_datagram_connect+0x194/0x1230
[   97.735504][ T6461]  ? __pfx___ip6_datagram_connect+0x10/0x10
[   97.735524][ T6461]  ? ip6_datagram_connect_v6_only+0x55/0xa0
[   97.735547][ T6461]  ? __pfx___local_bh_enable_ip+0x10/0x10
[   97.735563][ T6461]  ? do_raw_spin_unlock+0x13c/0x8b0
[   97.735591][ T6461]  ip6_datagram_connect_v6_only+0x63/0xa0
[   97.735615][ T6461]  __sys_connect+0x288/0x2d0
[   97.735633][ T6461]  ? __fget_files+0x2a/0x410
[   97.735657][ T6461]  ? __pfx___sys_connect+0x10/0x10
[   97.735688][ T6461]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   97.735713][ T6461]  ? do_syscall_64+0x100/0x230
[   97.735735][ T6461]  __x64_sys_connect+0x7a/0x90
[   97.735754][ T6461]  do_syscall_64+0xf3/0x230
[   97.735771][ T6461]  ? clear_bhb_loop+0x35/0x90
[   97.735793][ T6461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.735812][ T6461] RIP: 0033:0x7fa07ff8cda9
[   97.735827][ T6461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.735841][ T6461] RSP: 002b:00007fa080d8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   97.735859][ T6461] RAX: ffffffffffffffda RBX: 00007fa0801a5fa0 RCX: 00007fa07ff8cda9
[   97.735870][ T6461] RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000003
[   97.735881][ T6461] RBP: 00007fa080d8c090 R08: 0000000000000000 R09: 0000000000000000
[   97.735891][ T6461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.735901][ T6461] R13: 0000000000000000 R14: 00007fa0801a5fa0 R15: 00007fff517c13f8
[   97.735927][ T6461]  </TASK>
[   98.443078][ T6477] netlink: 28 bytes leftover after parsing attributes in process `syz.1.136'.
[   98.727812][ T6487] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.901687][ T6491] bond0: (slave veth1): Enslaving as an active interface with an up link
[   99.117420][ T6505] netlink: 16 bytes leftover after parsing attributes in process `syz.3.143'.
[   99.119207][ T6498] syzkaller1: entered promiscuous mode
[   99.136456][ T6505] netlink: 16 bytes leftover after parsing attributes in process `syz.3.143'.
[   99.145568][ T6498] syzkaller1: entered allmulticast mode
[   99.571000][ T6519] FAULT_INJECTION: forcing a failure.
[   99.571000][ T6519] name failslab, interval 1, probability 0, space 0, times 0
[   99.614875][ T6524] Illegal XDP return value 934765963 on prog  (id 57) dev N/A, expect packet loss!
[   99.635413][ T6519] CPU: 1 UID: 0 PID: 6519 Comm: syz.0.149 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[   99.635438][ T6519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   99.635449][ T6519] Call Trace:
[   99.635455][ T6519]  <TASK>
[   99.635463][ T6519]  dump_stack_lvl+0x241/0x360
[   99.635498][ T6519]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.635524][ T6519]  ? __pfx__printk+0x10/0x10
[   99.635550][ T6519]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[   99.635579][ T6519]  ? __pfx___might_resched+0x10/0x10
[   99.635604][ T6519]  should_fail_ex+0x3b0/0x4e0
[   99.635626][ T6519]  should_failslab+0xac/0x100
[   99.635653][ T6519]  kmem_cache_alloc_node_noprof+0x77/0x380
[   99.635680][ T6519]  ? __alloc_skb+0x1c3/0x440
[   99.635702][ T6519]  __alloc_skb+0x1c3/0x440
[   99.635734][ T6519]  ? __pfx___alloc_skb+0x10/0x10
[   99.635754][ T6519]  ? netlink_autobind+0xd6/0x2f0
[   99.635775][ T6519]  ? netlink_autobind+0x2b0/0x2f0
[   99.635800][ T6519]  netlink_sendmsg+0x638/0xcb0
[   99.635831][ T6519]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.635856][ T6519]  ? aa_sock_msg_perm+0x91/0x160
[   99.635881][ T6519]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.635900][ T6519]  __sock_sendmsg+0x221/0x270
[   99.635928][ T6519]  ____sys_sendmsg+0x52a/0x7e0
[   99.635956][ T6519]  ? __pfx_____sys_sendmsg+0x10/0x10
[   99.635976][ T6519]  ? __fget_files+0x2a/0x410
[   99.636005][ T6519]  ? __fget_files+0x2a/0x410
[   99.636039][ T6519]  __sys_sendmsg+0x269/0x350
[   99.636064][ T6519]  ? __pfx___sys_sendmsg+0x10/0x10
[   99.636095][ T6519]  ? do_sys_openat2+0x17a/0x1d0
[   99.636144][ T6519]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.636170][ T6519]  ? do_syscall_64+0x100/0x230
[   99.636189][ T6519]  ? do_syscall_64+0xb6/0x230
[   99.636208][ T6519]  do_syscall_64+0xf3/0x230
[   99.636224][ T6519]  ? clear_bhb_loop+0x35/0x90
[   99.636247][ T6519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.636265][ T6519] RIP: 0033:0x7fde6c78cda9
[   99.636281][ T6519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.636295][ T6519] RSP: 002b:00007fde6d598038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   99.636314][ T6519] RAX: ffffffffffffffda RBX: 00007fde6c9a5fa0 RCX: 00007fde6c78cda9
[   99.636327][ T6519] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004
[   99.636337][ T6519] RBP: 00007fde6d598090 R08: 0000000000000000 R09: 0000000000000000
[   99.636348][ T6519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.636358][ T6519] R13: 0000000000000000 R14: 00007fde6c9a5fa0 R15: 00007ffe9808c6f8
[   99.636384][ T6519]  </TASK>
[   99.971801][ T6536] netlink: 16 bytes leftover after parsing attributes in process `syz.4.154'.
[  100.024191][ T6534] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.032964][ T6534] FAULT_INJECTION: forcing a failure.
[  100.032964][ T6534] name failslab, interval 1, probability 0, space 0, times 0
[  100.045685][ T6534] CPU: 1 UID: 0 PID: 6534 Comm: syz.2.155 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  100.045708][ T6534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  100.045720][ T6534] Call Trace:
[  100.045727][ T6534]  <TASK>
[  100.045735][ T6534]  dump_stack_lvl+0x241/0x360
[  100.045769][ T6534]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.045794][ T6534]  ? __pfx__printk+0x10/0x10
[  100.045820][ T6534]  ? __kmalloc_cache_noprof+0x48/0x390
[  100.045850][ T6534]  ? __pfx___might_resched+0x10/0x10
[  100.045877][ T6534]  should_fail_ex+0x3b0/0x4e0
[  100.045901][ T6534]  should_failslab+0xac/0x100
[  100.045944][ T6534]  __kmalloc_cache_noprof+0x70/0x390
[  100.045971][ T6534]  ? rtnl_newlink+0x12e/0x2210
[  100.046001][ T6534]  rtnl_newlink+0x12e/0x2210
[  100.046034][ T6534]  ? __lock_acquire+0x1397/0x2100
[  100.046060][ T6534]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.046087][ T6534]  ? __pfx_validate_chain+0x10/0x10
[  100.046134][ T6534]  ? validate_chain+0x11e/0x5920
[  100.046163][ T6534]  ? __pfx_lock_acquire+0x10/0x10
[  100.046190][ T6534]  ? __pfx_lock_release+0x10/0x10
[  100.046218][ T6534]  ? __pfx_validate_chain+0x10/0x10
[  100.046247][ T6534]  ? mark_lock+0x9a/0x360
[  100.046276][ T6534]  ? __lock_acquire+0x1397/0x2100
[  100.046326][ T6534]  ? rcu_read_unlock+0x87/0xa0
[  100.046349][ T6534]  ? __pfx_lock_release+0x10/0x10
[  100.046384][ T6534]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.046411][ T6534]  rtnetlink_rcv_msg+0x791/0xcf0
[  100.046435][ T6534]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  100.046462][ T6534]  ? __lock_acquire+0x1397/0x2100
[  100.046486][ T6534]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  100.046525][ T6534]  netlink_rcv_skb+0x1e3/0x430
[  100.046547][ T6534]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  100.046572][ T6534]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  100.046611][ T6534]  ? netlink_deliver_tap+0x2e/0x1b0
[  100.046634][ T6534]  netlink_unicast+0x7f6/0x990
[  100.046660][ T6534]  ? __pfx_netlink_unicast+0x10/0x10
[  100.046677][ T6534]  ? __virt_addr_valid+0x45f/0x530
[  100.046702][ T6534]  ? __phys_addr_symbol+0x2f/0x70
[  100.046726][ T6534]  ? __check_object_size+0x47a/0x730
[  100.046757][ T6534]  netlink_sendmsg+0x8e4/0xcb0
[  100.046789][ T6534]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.046814][ T6534]  ? aa_sock_msg_perm+0x91/0x160
[  100.046839][ T6534]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.046860][ T6534]  __sock_sendmsg+0x221/0x270
[  100.046890][ T6534]  ____sys_sendmsg+0x52a/0x7e0
[  100.046927][ T6534]  ? __pfx_____sys_sendmsg+0x10/0x10
[  100.046947][ T6534]  ? __fget_files+0x2a/0x410
[  100.046978][ T6534]  ? __fget_files+0x2a/0x410
[  100.047014][ T6534]  __sys_sendmsg+0x269/0x350
[  100.047041][ T6534]  ? __pfx___sys_sendmsg+0x10/0x10
[  100.047073][ T6534]  ? do_sys_openat2+0x17a/0x1d0
[  100.047120][ T6534]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  100.047144][ T6534]  ? do_syscall_64+0x100/0x230
[  100.047164][ T6534]  ? do_syscall_64+0xb6/0x230
[  100.047185][ T6534]  do_syscall_64+0xf3/0x230
[  100.047203][ T6534]  ? clear_bhb_loop+0x35/0x90
[  100.047236][ T6534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.047272][ T6534] RIP: 0033:0x7ff933f8cda9
[  100.047302][ T6534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.047316][ T6534] RSP: 002b:00007ff934e4d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.047335][ T6534] RAX: ffffffffffffffda RBX: 00007ff9341a5fa0 RCX: 00007ff933f8cda9
[  100.047347][ T6534] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  100.047357][ T6534] RBP: 00007ff934e4d090 R08: 0000000000000000 R09: 0000000000000000
[  100.047368][ T6534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.047378][ T6534] R13: 0000000000000000 R14: 00007ff9341a5fa0 R15: 00007ffe60242388
[  100.047404][ T6534]  </TASK>
[  100.629234][ T6546] netlink: 144 bytes leftover after parsing attributes in process `syz.2.159'.
[  100.812431][ T6547] netlink: 12 bytes leftover after parsing attributes in process `syz.2.159'.
[  101.220528][ T6564] netlink: 188 bytes leftover after parsing attributes in process `syz.1.165'.
[  101.285535][ T6564] netlink: 'syz.1.165': attribute type 1 has an invalid length.
[  101.707351][ T6580] netlink: 'syz.0.171': attribute type 1 has an invalid length.
[  101.790250][ T6580] 8021q: adding VLAN 0 to HW filter on device bond1
[  101.886675][ T6594] netlink: 16 bytes leftover after parsing attributes in process `syz.3.173'.
[  102.161791][ T6601] IPVS: set_ctl: invalid protocol: 21 172.30.1.5:10
[  102.282882][ T6601] netlink: 8 bytes leftover after parsing attributes in process `syz.4.176'.
[  102.397492][ T6601] bridge0: port 1(ipvlan0) entered blocking state
[  102.409019][ T6601] bridge0: port 1(ipvlan0) entered disabled state
[  102.423762][ T6601] ipvlan0: entered allmulticast mode
[  102.447960][ T6601] bridge0: entered allmulticast mode
[  102.467849][ T6601] ipvlan0: left allmulticast mode
[  102.473023][ T6601] bridge0: left allmulticast mode
[  102.572009][ T6622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.183'.
[  102.730899][ T6628] netlink: 144 bytes leftover after parsing attributes in process `syz.3.185'.
[  102.767877][ T6631] netlink: 96 bytes leftover after parsing attributes in process `syz.0.186'.
[  102.818252][ T6635] FAULT_INJECTION: forcing a failure.
[  102.818252][ T6635] name failslab, interval 1, probability 0, space 0, times 0
[  102.896267][ T6635] CPU: 0 UID: 0 PID: 6635 Comm: syz.4.187 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  102.896297][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  102.896309][ T6635] Call Trace:
[  102.896316][ T6635]  <TASK>
[  102.896324][ T6635]  dump_stack_lvl+0x241/0x360
[  102.896364][ T6635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.896393][ T6635]  ? __pfx__printk+0x10/0x10
[  102.896422][ T6635]  ? __kmalloc_noprof+0xb5/0x4c0
[  102.896451][ T6635]  ? __pfx___might_resched+0x10/0x10
[  102.896472][ T6635]  ? aa_get_newest_label+0xff/0x6f0
[  102.896498][ T6635]  should_fail_ex+0x3b0/0x4e0
[  102.896523][ T6635]  should_failslab+0xac/0x100
[  102.896553][ T6635]  __kmalloc_noprof+0xdd/0x4c0
[  102.896586][ T6635]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  102.896615][ T6635]  ? apparmor_capable+0x13b/0x1b0
[  102.896645][ T6635]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  102.896689][ T6635]  genl_rcv_msg+0x802/0xec0
[  102.896726][ T6635]  ? __pfx_genl_rcv_msg+0x10/0x10
[  102.896782][ T6635]  ? __pfx_lock_acquire+0x10/0x10
[  102.896807][ T6635]  ? __pfx_l2tp_nl_cmd_session_modify+0x10/0x10
[  102.896837][ T6635]  ? __pfx___might_resched+0x10/0x10
[  102.896869][ T6635]  netlink_rcv_skb+0x1e3/0x430
[  102.896893][ T6635]  ? __pfx_genl_rcv_msg+0x10/0x10
[  102.896922][ T6635]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  102.896975][ T6635]  genl_rcv+0x28/0x40
[  102.897000][ T6635]  netlink_unicast+0x7f6/0x990
[  102.897028][ T6635]  ? __pfx_netlink_unicast+0x10/0x10
[  102.897045][ T6635]  ? __virt_addr_valid+0x45f/0x530
[  102.897072][ T6635]  ? __phys_addr_symbol+0x2f/0x70
[  102.897097][ T6635]  ? __check_object_size+0x47a/0x730
[  102.897129][ T6635]  netlink_sendmsg+0x8e4/0xcb0
[  102.897164][ T6635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.897192][ T6635]  ? aa_sock_msg_perm+0x91/0x160
[  102.897219][ T6635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.897240][ T6635]  __sock_sendmsg+0x221/0x270
[  102.897272][ T6635]  ____sys_sendmsg+0x52a/0x7e0
[  102.897323][ T6635]  ? __pfx_____sys_sendmsg+0x10/0x10
[  102.897344][ T6635]  ? __fget_files+0x2a/0x410
[  102.897396][ T6635]  ? __fget_files+0x2a/0x410
[  102.897435][ T6635]  __sys_sendmsg+0x269/0x350
[  102.897464][ T6635]  ? __pfx___sys_sendmsg+0x10/0x10
[  102.897502][ T6635]  ? do_sys_openat2+0x17a/0x1d0
[  102.897561][ T6635]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.897589][ T6635]  ? do_syscall_64+0x100/0x230
[  102.897612][ T6635]  ? do_syscall_64+0xb6/0x230
[  102.897634][ T6635]  do_syscall_64+0xf3/0x230
[  102.897653][ T6635]  ? clear_bhb_loop+0x35/0x90
[  102.897687][ T6635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.897708][ T6635] RIP: 0033:0x7efdf858cda9
[  102.897727][ T6635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.897743][ T6635] RSP: 002b:00007efdf945e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.897764][ T6635] RAX: ffffffffffffffda RBX: 00007efdf87a5fa0 RCX: 00007efdf858cda9
[  102.897780][ T6635] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  102.897791][ T6635] RBP: 00007efdf945e090 R08: 0000000000000000 R09: 0000000000000000
[  102.897803][ T6635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.897814][ T6635] R13: 0000000000000000 R14: 00007efdf87a5fa0 R15: 00007ffee028a2b8
[  102.897845][ T6635]  </TASK>
[  103.259434][ T6640] netlink: 12 bytes leftover after parsing attributes in process `syz.3.185'.
[  103.851220][ T6670] FAULT_INJECTION: forcing a failure.
[  103.851220][ T6670] name failslab, interval 1, probability 0, space 0, times 0
[  103.881721][ T6670] CPU: 0 UID: 0 PID: 6670 Comm: syz.4.193 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  103.881747][ T6670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  103.881758][ T6670] Call Trace:
[  103.881764][ T6670]  <TASK>
[  103.881772][ T6670]  dump_stack_lvl+0x241/0x360
[  103.881808][ T6670]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.881837][ T6670]  ? __pfx__printk+0x10/0x10
[  103.881865][ T6670]  ? __kmalloc_cache_noprof+0x48/0x390
[  103.881896][ T6670]  ? __pfx___might_resched+0x10/0x10
[  103.881924][ T6670]  should_fail_ex+0x3b0/0x4e0
[  103.881949][ T6670]  should_failslab+0xac/0x100
[  103.881978][ T6670]  __kmalloc_cache_noprof+0x70/0x390
[  103.882005][ T6670]  ? wakeup_source_register+0x57/0x250
[  103.882032][ T6670]  wakeup_source_register+0x57/0x250
[  103.882058][ T6670]  ep_insert+0xd99/0x1ab0
[  103.882095][ T6670]  ? __pfx_ep_insert+0x10/0x10
[  103.882138][ T6670]  do_epoll_ctl+0x8bc/0xf80
[  103.882169][ T6670]  __x64_sys_epoll_ctl+0x161/0x1a0
[  103.882195][ T6670]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  103.882218][ T6670]  ? do_syscall_64+0x100/0x230
[  103.882259][ T6670]  ? do_syscall_64+0xb6/0x230
[  103.882282][ T6670]  do_syscall_64+0xf3/0x230
[  103.882301][ T6670]  ? clear_bhb_loop+0x35/0x90
[  103.882328][ T6670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.882348][ T6670] RIP: 0033:0x7efdf858cda9
[  103.882366][ T6670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.882383][ T6670] RSP: 002b:00007efdf943d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  103.882404][ T6670] RAX: ffffffffffffffda RBX: 00007efdf87a6080 RCX: 00007efdf858cda9
[  103.882418][ T6670] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000006
[  103.882430][ T6670] RBP: 00007efdf943d090 R08: 0000000000000000 R09: 0000000000000000
[  103.882442][ T6670] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  103.882454][ T6670] R13: 0000000000000000 R14: 00007efdf87a6080 R15: 00007ffee028a2b8
[  103.882485][ T6670]  </TASK>
[  104.241111][ T6668] openvswitch: netlink: Invalid VLAN frame
[  104.363222][ T6668] syzkaller1: entered promiscuous mode
[  104.369846][ T6668] syzkaller1: entered allmulticast mode
[  104.379214][   T11] syzkaller1: tun_net_xmit 70
[  104.550148][ T6688] syzkaller0: tun_chr_ioctl cmd 1074025677
[  104.557196][ T6688] syzkaller0: linktype set to 6
[  104.727869][ T6695] FAULT_INJECTION: forcing a failure.
[  104.727869][ T6695] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  104.779712][ T6695] CPU: 0 UID: 0 PID: 6695 Comm: syz.2.199 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  104.779740][ T6695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  104.779751][ T6695] Call Trace:
[  104.779757][ T6695]  <TASK>
[  104.779765][ T6695]  dump_stack_lvl+0x241/0x360
[  104.779799][ T6695]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.779826][ T6695]  ? __pfx__printk+0x10/0x10
[  104.779858][ T6695]  should_fail_ex+0x3b0/0x4e0
[  104.779880][ T6695]  _copy_to_user+0x31/0xb0
[  104.779908][ T6695]  generic_map_lookup_batch+0x95d/0xf90
[  104.779934][ T6695]  ? __pfx_lock_release+0x10/0x10
[  104.779969][ T6695]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  104.779993][ T6695]  ? __fget_files+0x395/0x410
[  104.780016][ T6695]  ? __fget_files+0x2a/0x410
[  104.780045][ T6695]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  104.780073][ T6695]  bpf_map_do_batch+0x288/0x660
[  104.780100][ T6695]  __sys_bpf+0x654/0x810
[  104.780121][ T6695]  ? __pfx___sys_bpf+0x10/0x10
[  104.780152][ T6695]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  104.780177][ T6695]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  104.780201][ T6695]  ? do_syscall_64+0x100/0x230
[  104.780223][ T6695]  __x64_sys_bpf+0x7c/0x90
[  104.780241][ T6695]  do_syscall_64+0xf3/0x230
[  104.780265][ T6695]  ? clear_bhb_loop+0x35/0x90
[  104.780289][ T6695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.780307][ T6695] RIP: 0033:0x7ff933f8cda9
[  104.780323][ T6695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.780337][ T6695] RSP: 002b:00007ff934e2c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  104.780356][ T6695] RAX: ffffffffffffffda RBX: 00007ff9341a6080 RCX: 00007ff933f8cda9
[  104.780369][ T6695] RDX: 0000000000000038 RSI: 0000000020000300 RDI: 0000000000000018
[  104.780379][ T6695] RBP: 00007ff934e2c090 R08: 0000000000000000 R09: 0000000000000000
[  104.780390][ T6695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.780400][ T6695] R13: 0000000000000000 R14: 00007ff9341a6080 R15: 00007ffe60242388
[  104.780426][ T6695]  </TASK>
[  105.133825][ T6712] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  105.221054][ T6714] __nla_validate_parse: 2 callbacks suppressed
[  105.221075][ T6714] netlink: 144 bytes leftover after parsing attributes in process `syz.2.206'.
[  105.521220][ T6728] FAULT_INJECTION: forcing a failure.
[  105.521220][ T6728] name failslab, interval 1, probability 0, space 0, times 0
[  105.616576][ T6726] syzkaller0: entered promiscuous mode
[  105.622289][ T6726] syzkaller0: entered allmulticast mode
[  105.628508][ T6728] CPU: 0 UID: 0 PID: 6728 Comm: syz.4.208 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  105.628528][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  105.628538][ T6728] Call Trace:
[  105.628544][ T6728]  <TASK>
[  105.628552][ T6728]  dump_stack_lvl+0x241/0x360
[  105.628584][ T6728]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.628607][ T6728]  ? __pfx__printk+0x10/0x10
[  105.628630][ T6728]  ? __kmalloc_cache_noprof+0x48/0x390
[  105.628657][ T6728]  ? __pfx___might_resched+0x10/0x10
[  105.628682][ T6728]  should_fail_ex+0x3b0/0x4e0
[  105.628705][ T6728]  should_failslab+0xac/0x100
[  105.628732][ T6728]  __kmalloc_cache_noprof+0x70/0x390
[  105.628756][ T6728]  ? __request_module+0x2b9/0x640
[  105.628780][ T6728]  __request_module+0x2b9/0x640
[  105.628803][ T6728]  ? crypto_alg_mod_lookup+0xb5/0x760
[  105.628825][ T6728]  ? __pfx___request_module+0x10/0x10
[  105.628845][ T6728]  ? __up_read+0x2c2/0x6b0
[  105.628862][ T6728]  ? __pfx___up_read+0x10/0x10
[  105.628876][ T6728]  ? __asan_memset+0x23/0x50
[  105.628899][ T6728]  ? crypto_alg_lookup+0x2dc/0x360
[  105.628923][ T6728]  crypto_alg_mod_lookup+0xe7/0x760
[  105.628946][ T6728]  crypto_type_has_alg+0x2c/0x60
[  105.628966][ T6728]  xfrm_ealg_get_byid+0x215/0x2a0
[  105.628987][ T6728]  pfkey_add+0x1244/0x3030
[  105.629017][ T6728]  ? __pfx_pfkey_add+0x10/0x10
[  105.629034][ T6728]  ? pfkey_broadcast+0x45/0x400
[  105.629057][ T6728]  ? pfkey_broadcast+0x3e3/0x400
[  105.629085][ T6728]  pfkey_sendmsg+0xbcc/0x1050
[  105.629111][ T6728]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  105.629139][ T6728]  ? __pfx_aa_sk_perm+0x10/0x10
[  105.629154][ T6728]  ? __pfx_lock_release+0x10/0x10
[  105.629174][ T6728]  ? __import_iovec+0x590/0x870
[  105.629199][ T6728]  ? aa_sock_msg_perm+0x91/0x160
[  105.629221][ T6728]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  105.629236][ T6728]  __sock_sendmsg+0x221/0x270
[  105.629264][ T6728]  ____sys_sendmsg+0x52a/0x7e0
[  105.629305][ T6728]  ? __pfx_____sys_sendmsg+0x10/0x10
[  105.629323][ T6728]  ? __fget_files+0x2a/0x410
[  105.629350][ T6728]  ? __fget_files+0x2a/0x410
[  105.629380][ T6728]  __sys_sendmsg+0x269/0x350
[  105.629403][ T6728]  ? __pfx___sys_sendmsg+0x10/0x10
[  105.629434][ T6728]  ? do_sys_openat2+0x17a/0x1d0
[  105.629508][ T6728]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  105.629530][ T6728]  ? do_syscall_64+0x100/0x230
[  105.629549][ T6728]  ? do_syscall_64+0xb6/0x230
[  105.629568][ T6728]  do_syscall_64+0xf3/0x230
[  105.629581][ T6728]  ? clear_bhb_loop+0x35/0x90
[  105.629601][ T6728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.629616][ T6728] RIP: 0033:0x7efdf858cda9
[  105.629629][ T6728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.629641][ T6728] RSP: 002b:00007efdf945e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.629658][ T6728] RAX: ffffffffffffffda RBX: 00007efdf87a5fa0 RCX: 00007efdf858cda9
[  105.629669][ T6728] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000008
[  105.629679][ T6728] RBP: 00007efdf945e090 R08: 0000000000000000 R09: 0000000000000000
[  105.629689][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  105.629698][ T6728] R13: 0000000000000000 R14: 00007efdf87a5fa0 R15: 00007ffee028a2b8
[  105.629723][ T6728]  </TASK>
[  106.319401][ T6764] FAULT_INJECTION: forcing a failure.
[  106.319401][ T6764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.333356][ T6764] CPU: 0 UID: 0 PID: 6764 Comm: syz.1.211 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  106.333384][ T6764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  106.333395][ T6764] Call Trace:
[  106.333402][ T6764]  <TASK>
[  106.333410][ T6764]  dump_stack_lvl+0x241/0x360
[  106.333447][ T6764]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.333476][ T6764]  ? __pfx__printk+0x10/0x10
[  106.333517][ T6764]  ? __pfx_lock_release+0x10/0x10
[  106.333554][ T6764]  should_fail_ex+0x3b0/0x4e0
[  106.333575][ T6764]  _copy_from_iter+0x1e9/0x1c20
[  106.333600][ T6764]  ? __virt_addr_valid+0x183/0x530
[  106.333633][ T6764]  ? __alloc_skb+0x28f/0x440
[  106.333652][ T6764]  ? __pfx__copy_from_iter+0x10/0x10
[  106.333679][ T6764]  ? __virt_addr_valid+0x183/0x530
[  106.333703][ T6764]  ? __virt_addr_valid+0x183/0x530
[  106.333726][ T6764]  ? __virt_addr_valid+0x45f/0x530
[  106.333751][ T6764]  ? __phys_addr_symbol+0x2f/0x70
[  106.333776][ T6764]  ? __check_object_size+0x47a/0x730
[  106.333808][ T6764]  netlink_sendmsg+0x73d/0xcb0
[  106.333843][ T6764]  ? __pfx_netlink_sendmsg+0x10/0x10
[  106.333870][ T6764]  ? aa_sock_msg_perm+0x91/0x160
[  106.333897][ T6764]  ? __pfx_netlink_sendmsg+0x10/0x10
[  106.333918][ T6764]  __sock_sendmsg+0x221/0x270
[  106.333949][ T6764]  ____sys_sendmsg+0x52a/0x7e0
[  106.333979][ T6764]  ? __pfx_____sys_sendmsg+0x10/0x10
[  106.334000][ T6764]  ? __fget_files+0x2a/0x410
[  106.334031][ T6764]  ? __fget_files+0x2a/0x410
[  106.334068][ T6764]  __sys_sendmsg+0x269/0x350
[  106.334095][ T6764]  ? __pfx___sys_sendmsg+0x10/0x10
[  106.334169][ T6764]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  106.334196][ T6764]  ? do_syscall_64+0x100/0x230
[  106.334216][ T6764]  ? do_syscall_64+0xb6/0x230
[  106.334236][ T6764]  do_syscall_64+0xf3/0x230
[  106.334265][ T6764]  ? clear_bhb_loop+0x35/0x90
[  106.334287][ T6764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.334305][ T6764] RIP: 0033:0x7f44db58cda9
[  106.334320][ T6764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.334334][ T6764] RSP: 002b:00007f44dc475038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  106.334353][ T6764] RAX: ffffffffffffffda RBX: 00007f44db7a5fa0 RCX: 00007f44db58cda9
[  106.334366][ T6764] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  106.334376][ T6764] RBP: 00007f44dc475090 R08: 0000000000000000 R09: 0000000000000000
[  106.334387][ T6764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.334397][ T6764] R13: 0000000000000000 R14: 00007f44db7a5fa0 R15: 00007ffd8e140228
[  106.334422][ T6764]  </TASK>
[  106.426135][ T6768] netlink: 8 bytes leftover after parsing attributes in process `syz.2.213'.
[  108.281857][ T6820] netlink: 20 bytes leftover after parsing attributes in process `syz.1.229'.
[  108.292184][ T6820] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  108.299497][ T6820] IPv6: NLM_F_CREATE should be set when creating new route
[  108.306811][ T6820] IPv6: NLM_F_CREATE should be set when creating new route
[  108.314539][ T6821] netlink: 20 bytes leftover after parsing attributes in process `syz.1.229'.
[  108.327543][ T6821] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  108.642389][ T6830] ip6t_srh: unknown srh match flags  4000
[  109.004914][ T6847] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  109.362633][ T6860] netlink: 12 bytes leftover after parsing attributes in process `syz.4.243'.
[  109.519535][ T6865] netlink: 8 bytes leftover after parsing attributes in process `syz.2.245'.
[  109.544683][ T6868] FAULT_INJECTION: forcing a failure.
[  109.544683][ T6868] name failslab, interval 1, probability 0, space 0, times 0
[  109.566085][ T6868] CPU: 0 UID: 0 PID: 6868 Comm: syz.4.247 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  109.566115][ T6868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  109.566136][ T6868] Call Trace:
[  109.566144][ T6868]  <TASK>
[  109.566152][ T6868]  dump_stack_lvl+0x241/0x360
[  109.566191][ T6868]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.566222][ T6868]  ? __pfx__printk+0x10/0x10
[  109.566252][ T6868]  ? __kmalloc_cache_noprof+0x48/0x390
[  109.566284][ T6868]  ? __pfx___might_resched+0x10/0x10
[  109.566322][ T6868]  should_fail_ex+0x3b0/0x4e0
[  109.566346][ T6868]  should_failslab+0xac/0x100
[  109.566375][ T6868]  __kmalloc_cache_noprof+0x70/0x390
[  109.566402][ T6868]  ? ieee80211_start_roc_work+0x196/0xfe0
[  109.566430][ T6868]  ieee80211_start_roc_work+0x196/0xfe0
[  109.566466][ T6868]  ieee80211_remain_on_channel+0xda/0x120
[  109.566493][ T6868]  rdev_remain_on_channel+0x12f/0x2f0
[  109.566525][ T6868]  nl80211_remain_on_channel+0x4ab/0x710
[  109.566561][ T6868]  ? __pfx_nl80211_remain_on_channel+0x10/0x10
[  109.566609][ T6868]  genl_rcv_msg+0xb14/0xec0
[  109.566646][ T6868]  ? __pfx_genl_rcv_msg+0x10/0x10
[  109.566699][ T6868]  ? __pfx_lock_acquire+0x10/0x10
[  109.566723][ T6868]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  109.566748][ T6868]  ? __pfx_nl80211_remain_on_channel+0x10/0x10
[  109.566776][ T6868]  ? __pfx_nl80211_post_doit+0x10/0x10
[  109.566804][ T6868]  ? __pfx___might_resched+0x10/0x10
[  109.566835][ T6868]  netlink_rcv_skb+0x1e3/0x430
[  109.566858][ T6868]  ? __pfx_genl_rcv_msg+0x10/0x10
[  109.566886][ T6868]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  109.566936][ T6868]  genl_rcv+0x28/0x40
[  109.566960][ T6868]  netlink_unicast+0x7f6/0x990
[  109.566987][ T6868]  ? __pfx_netlink_unicast+0x10/0x10
[  109.567004][ T6868]  ? __virt_addr_valid+0x45f/0x530
[  109.567029][ T6868]  ? __phys_addr_symbol+0x2f/0x70
[  109.567053][ T6868]  ? __check_object_size+0x47a/0x730
[  109.567084][ T6868]  netlink_sendmsg+0x8e4/0xcb0
[  109.567119][ T6868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  109.567152][ T6868]  ? aa_sock_msg_perm+0x91/0x160
[  109.567179][ T6868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  109.567200][ T6868]  __sock_sendmsg+0x221/0x270
[  109.567231][ T6868]  ____sys_sendmsg+0x52a/0x7e0
[  109.567262][ T6868]  ? __pfx_____sys_sendmsg+0x10/0x10
[  109.567282][ T6868]  ? __fget_files+0x2a/0x410
[  109.567313][ T6868]  ? __fget_files+0x2a/0x410
[  109.567350][ T6868]  __sys_sendmsg+0x269/0x350
[  109.567377][ T6868]  ? __pfx___sys_sendmsg+0x10/0x10
[  109.567413][ T6868]  ? do_sys_openat2+0x17a/0x1d0
[  109.567467][ T6868]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  109.567494][ T6868]  ? do_syscall_64+0x100/0x230
[  109.567515][ T6868]  ? do_syscall_64+0xb6/0x230
[  109.567536][ T6868]  do_syscall_64+0xf3/0x230
[  109.567554][ T6868]  ? clear_bhb_loop+0x35/0x90
[  109.567578][ T6868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.567598][ T6868] RIP: 0033:0x7efdf858cda9
[  109.567614][ T6868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.567629][ T6868] RSP: 002b:00007efdf945e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.567649][ T6868] RAX: ffffffffffffffda RBX: 00007efdf87a5fa0 RCX: 00007efdf858cda9
[  109.567662][ T6868] RDX: 0000000000000000 RSI: 0000000020002040 RDI: 0000000000000003
[  109.567673][ T6868] RBP: 00007efdf945e090 R08: 0000000000000000 R09: 0000000000000000
[  109.567684][ T6868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.567695][ T6868] R13: 0000000000000000 R14: 00007efdf87a5fa0 R15: 00007ffee028a2b8
[  109.567724][ T6868]  </TASK>
[  110.338619][ T6894] ip6t_srh: unknown srh match flags  4000
[  110.437283][ T6906] netlink: 16 bytes leftover after parsing attributes in process `syz.0.258'.
[  110.470755][ T6906] netlink: 'syz.0.258': attribute type 1 has an invalid length.
[  110.480331][ T6906] netlink: 224 bytes leftover after parsing attributes in process `syz.0.258'.
[  110.527891][ T6911] netlink: 'syz.1.259': attribute type 1 has an invalid length.
[  110.630874][ T6915] netlink: 12 bytes leftover after parsing attributes in process `syz.2.261'.
[  110.801760][ T6922] FAULT_INJECTION: forcing a failure.
[  110.801760][ T6922] name failslab, interval 1, probability 0, space 0, times 0
[  110.829745][ T6922] CPU: 1 UID: 0 PID: 6922 Comm: syz.2.263 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  110.829778][ T6922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  110.829790][ T6922] Call Trace:
[  110.829804][ T6922]  <TASK>
[  110.829812][ T6922]  dump_stack_lvl+0x241/0x360
[  110.829853][ T6922]  ? __pfx_dump_stack_lvl+0x10/0x10
[  110.829884][ T6922]  ? __pfx__printk+0x10/0x10
[  110.829915][ T6922]  ? __kmalloc_cache_noprof+0x48/0x390
[  110.829949][ T6922]  ? __pfx___might_resched+0x10/0x10
[  110.829971][ T6922]  ? lockdep_init_map_type+0xa1/0x910
[  110.830002][ T6922]  should_fail_ex+0x3b0/0x4e0
[  110.830029][ T6922]  should_failslab+0xac/0x100
[  110.830061][ T6922]  __kmalloc_cache_noprof+0x70/0x390
[  110.830091][ T6922]  ? nft_trans_table_add+0x57/0x400
[  110.830123][ T6922]  nft_trans_table_add+0x57/0x400
[  110.830157][ T6922]  nf_tables_newtable+0x1143/0x1e10
[  110.830196][ T6922]  ? __pfx_nf_tables_newtable+0x10/0x10
[  110.830231][ T6922]  ? __nla_parse+0x40/0x60
[  110.830260][ T6922]  nfnetlink_rcv+0x14e3/0x2ab0
[  110.830289][ T6922]  ? __pfx_validate_chain+0x10/0x10
[  110.830355][ T6922]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  110.830395][ T6922]  ? __lock_acquire+0x1397/0x2100
[  110.830461][ T6922]  ? netlink_deliver_tap+0x2e/0x1b0
[  110.830486][ T6922]  ? __pfx_lock_release+0x10/0x10
[  110.830529][ T6922]  ? netlink_deliver_tap+0x2e/0x1b0
[  110.830556][ T6922]  netlink_unicast+0x7f6/0x990
[  110.830587][ T6922]  ? __pfx_netlink_unicast+0x10/0x10
[  110.830606][ T6922]  ? __virt_addr_valid+0x45f/0x530
[  110.830634][ T6922]  ? __phys_addr_symbol+0x2f/0x70
[  110.830661][ T6922]  ? __check_object_size+0x47a/0x730
[  110.830701][ T6922]  netlink_sendmsg+0x8e4/0xcb0
[  110.830739][ T6922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.830769][ T6922]  ? aa_sock_msg_perm+0x91/0x160
[  110.830804][ T6922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  110.830826][ T6922]  __sock_sendmsg+0x221/0x270
[  110.830860][ T6922]  ____sys_sendmsg+0x52a/0x7e0
[  110.830895][ T6922]  ? __pfx_____sys_sendmsg+0x10/0x10
[  110.830917][ T6922]  ? __fget_files+0x2a/0x410
[  110.830952][ T6922]  ? __fget_files+0x2a/0x410
[  110.830992][ T6922]  __sys_sendmsg+0x269/0x350
[  110.831023][ T6922]  ? __pfx___sys_sendmsg+0x10/0x10
[  110.831062][ T6922]  ? do_sys_openat2+0x17a/0x1d0
[  110.831122][ T6922]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  110.831151][ T6922]  ? do_syscall_64+0x100/0x230
[  110.831176][ T6922]  ? do_syscall_64+0xb6/0x230
[  110.831199][ T6922]  do_syscall_64+0xf3/0x230
[  110.831219][ T6922]  ? clear_bhb_loop+0x35/0x90
[  110.831245][ T6922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.831266][ T6922] RIP: 0033:0x7ff933f8cda9
[  110.831285][ T6922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.831301][ T6922] RSP: 002b:00007ff934e4d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.831323][ T6922] RAX: ffffffffffffffda RBX: 00007ff9341a5fa0 RCX: 00007ff933f8cda9
[  110.831338][ T6922] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003
[  110.831351][ T6922] RBP: 00007ff934e4d090 R08: 0000000000000000 R09: 0000000000000000
[  110.831363][ T6922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.831375][ T6922] R13: 0000000000000000 R14: 00007ff9341a5fa0 R15: 00007ffe60242388
[  110.831407][ T6922]  </TASK>
[  111.214667][ T6928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.265'.
[  111.227577][ T6928] netlink: 24 bytes leftover after parsing attributes in process `syz.1.265'.
[  111.450211][ T6940] FAULT_INJECTION: forcing a failure.
[  111.450211][ T6940] name failslab, interval 1, probability 0, space 0, times 0
[  111.469639][ T6940] CPU: 0 UID: 0 PID: 6940 Comm: syz.0.268 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  111.469666][ T6940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  111.469678][ T6940] Call Trace:
[  111.469684][ T6940]  <TASK>
[  111.469692][ T6940]  dump_stack_lvl+0x241/0x360
[  111.469729][ T6940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.469756][ T6940]  ? __pfx__printk+0x10/0x10
[  111.469785][ T6940]  ? __kmalloc_cache_noprof+0x48/0x390
[  111.469815][ T6940]  ? __pfx___might_resched+0x10/0x10
[  111.469835][ T6940]  ? stack_depot_save_flags+0x37/0x940
[  111.469861][ T6940]  should_fail_ex+0x3b0/0x4e0
[  111.469885][ T6940]  should_failslab+0xac/0x100
[  111.469914][ T6940]  __kmalloc_cache_noprof+0x70/0x390
[  111.469942][ T6940]  ? nf_tables_newflowtable+0xa7f/0x23d0
[  111.469971][ T6940]  nf_tables_newflowtable+0xa7f/0x23d0
[  111.470019][ T6940]  ? __pfx_nf_tables_newflowtable+0x10/0x10
[  111.470044][ T6940]  ? nfnl_pernet+0x23/0x240
[  111.470069][ T6940]  ? __pfx_lock_release+0x10/0x10
[  111.470109][ T6940]  ? __nla_parse+0x40/0x60
[  111.470136][ T6940]  nfnetlink_rcv+0x14e3/0x2ab0
[  111.470161][ T6940]  ? __pfx_validate_chain+0x10/0x10
[  111.470221][ T6940]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  111.470259][ T6940]  ? __lock_acquire+0x1397/0x2100
[  111.470317][ T6940]  ? netlink_deliver_tap+0x2e/0x1b0
[  111.470340][ T6940]  ? __pfx_lock_release+0x10/0x10
[  111.470378][ T6940]  ? netlink_deliver_tap+0x2e/0x1b0
[  111.470403][ T6940]  netlink_unicast+0x7f6/0x990
[  111.470431][ T6940]  ? __pfx_netlink_unicast+0x10/0x10
[  111.470447][ T6940]  ? __virt_addr_valid+0x45f/0x530
[  111.470473][ T6940]  ? __phys_addr_symbol+0x2f/0x70
[  111.470497][ T6940]  ? __check_object_size+0x47a/0x730
[  111.470528][ T6940]  netlink_sendmsg+0x8e4/0xcb0
[  111.470562][ T6940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  111.470601][ T6940]  ? aa_sock_msg_perm+0x91/0x160
[  111.470626][ T6940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  111.470645][ T6940]  __sock_sendmsg+0x221/0x270
[  111.470674][ T6940]  ____sys_sendmsg+0x52a/0x7e0
[  111.470703][ T6940]  ? __pfx_____sys_sendmsg+0x10/0x10
[  111.470722][ T6940]  ? __fget_files+0x2a/0x410
[  111.470767][ T6940]  ? __fget_files+0x2a/0x410
[  111.470803][ T6940]  __sys_sendmsg+0x269/0x350
[  111.470830][ T6940]  ? __pfx___sys_sendmsg+0x10/0x10
[  111.470865][ T6940]  ? do_sys_openat2+0x17a/0x1d0
[  111.470920][ T6940]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  111.470947][ T6940]  ? do_syscall_64+0x100/0x230
[  111.470969][ T6940]  ? do_syscall_64+0xb6/0x230
[  111.471014][ T6940]  do_syscall_64+0xf3/0x230
[  111.471034][ T6940]  ? clear_bhb_loop+0x35/0x90
[  111.471059][ T6940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.471080][ T6940] RIP: 0033:0x7fde6c78cda9
[  111.471098][ T6940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.471114][ T6940] RSP: 002b:00007fde6d598038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  111.471136][ T6940] RAX: ffffffffffffffda RBX: 00007fde6c9a5fa0 RCX: 00007fde6c78cda9
[  111.471151][ T6940] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  111.471163][ T6940] RBP: 00007fde6d598090 R08: 0000000000000000 R09: 0000000000000000
[  111.471175][ T6940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  111.471186][ T6940] R13: 0000000000000000 R14: 00007fde6c9a5fa0 R15: 00007ffe9808c6f8
[  111.471217][ T6940]  </TASK>
[  111.808850][ T6946] sctp: [Deprecated]: syz.4.269 (pid 6946) Use of int in max_burst socket option.
[  111.808850][ T6946] Use struct sctp_assoc_value instead
[  111.970207][ T6954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.273'.
[  111.991164][ T6949] syzkaller0: entered promiscuous mode
[  111.997353][ T6949] syzkaller0: entered allmulticast mode
[  112.069547][ T6958] openvswitch: netlink: Invalid VLAN frame
[  113.507176][ T6962] netlink: 144 bytes leftover after parsing attributes in process `syz.4.275'.
[  113.520395][ T6958] syzkaller1: entered promiscuous mode
[  113.528163][ T6958] syzkaller1: entered allmulticast mode
[  113.651639][ T6976] netlink: 8 bytes leftover after parsing attributes in process `syz.4.278'.
[  113.670163][ T6976] netlink: 'syz.4.278': attribute type 30 has an invalid length.
[  113.682811][ T6976] netlink: 12 bytes leftover after parsing attributes in process `syz.4.278'.
[  113.686395][ T6982] netlink: 144 bytes leftover after parsing attributes in process `syz.1.281'.
[  114.254632][ T7002] syzkaller0: entered promiscuous mode
[  114.269581][ T7002] syzkaller0: entered allmulticast mode
[  114.552658][ T7023] netlink: 'syz.0.296': attribute type 7 has an invalid length.
[  114.573249][ T7023] netlink: 'syz.0.296': attribute type 8 has an invalid length.
[  115.963357][ T7040] FAULT_INJECTION: forcing a failure.
[  115.963357][ T7040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.986021][ T7040] CPU: 1 UID: 0 PID: 7040 Comm: syz.3.300 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  115.986051][ T7040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  115.986063][ T7040] Call Trace:
[  115.986070][ T7040]  <TASK>
[  115.986078][ T7040]  dump_stack_lvl+0x241/0x360
[  115.986114][ T7040]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.986143][ T7040]  ? __pfx__printk+0x10/0x10
[  115.986174][ T7040]  ? snprintf+0xda/0x120
[  115.986201][ T7040]  should_fail_ex+0x3b0/0x4e0
[  115.986224][ T7040]  _copy_to_user+0x31/0xb0
[  115.986257][ T7040]  simple_read_from_buffer+0xca/0x150
[  115.986287][ T7040]  proc_fail_nth_read+0x1e9/0x250
[  115.986317][ T7040]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  115.986346][ T7040]  ? rw_verify_area+0x55e/0x6f0
[  115.986367][ T7040]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  115.986393][ T7040]  vfs_read+0x1fc/0xb70
[  115.986415][ T7040]  ? fdget_pos+0x254/0x320
[  115.986444][ T7040]  ? __pfx___mutex_lock+0x10/0x10
[  115.986475][ T7040]  ? __pfx_vfs_read+0x10/0x10
[  115.986493][ T7040]  ? do_sys_openat2+0x17a/0x1d0
[  115.986526][ T7040]  ? __fget_files+0x2a/0x410
[  115.986556][ T7040]  ? __fget_files+0x395/0x410
[  115.986605][ T7040]  ? __fget_files+0x2a/0x410
[  115.986641][ T7040]  ksys_read+0x18f/0x2b0
[  115.986664][ T7040]  ? __pfx_ksys_read+0x10/0x10
[  115.986685][ T7040]  ? do_syscall_64+0x100/0x230
[  115.986706][ T7040]  ? do_syscall_64+0xb6/0x230
[  115.986727][ T7040]  do_syscall_64+0xf3/0x230
[  115.986745][ T7040]  ? clear_bhb_loop+0x35/0x90
[  115.986769][ T7040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.986789][ T7040] RIP: 0033:0x7fa07ff8b7bc
[  115.986806][ T7040] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  115.986821][ T7040] RSP: 002b:00007fa080d8c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  115.986841][ T7040] RAX: ffffffffffffffda RBX: 00007fa0801a5fa0 RCX: 00007fa07ff8b7bc
[  115.986855][ T7040] RDX: 000000000000000f RSI: 00007fa080d8c0a0 RDI: 0000000000000006
[  115.986866][ T7040] RBP: 00007fa080d8c090 R08: 0000000000000000 R09: 0000000000000000
[  115.986878][ T7040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  115.986888][ T7040] R13: 0000000000000000 R14: 00007fa0801a5fa0 R15: 00007fff517c13f8
[  115.986916][ T7040]  </TASK>
[  116.044453][ T7043] __nla_validate_parse: 4 callbacks suppressed
[  116.044475][ T7043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.302'.
[  116.148699][ T7046] openvswitch: netlink: Invalid VLAN frame
[  116.431988][ T7065] netlink: 16 bytes leftover after parsing attributes in process `syz.2.305'.
[  116.443211][ T7048] netlink: 144 bytes leftover after parsing attributes in process `syz.0.303'.
[  116.461403][ T7050] syzkaller1: entered promiscuous mode
[  116.471063][ T7050] syzkaller1: entered allmulticast mode
[  116.522364][ T7059] netlink: 'syz.2.305': attribute type 1 has an invalid length.
[  116.538637][ T7059] netlink: 224 bytes leftover after parsing attributes in process `syz.2.305'.
[  116.669552][ T7069] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.677640][ T7069] bridge0: port 1(bond0) entered blocking state
[  116.684095][ T7069] bridge0: port 1(bond0) entered disabled state
[  116.691615][ T7069] bond0: entered allmulticast mode
[  116.700043][ T7069] bond0: entered promiscuous mode
[  116.719983][   T46] hid-generic 0005:7FFF:0008.0002: item fetching failed at offset 0/1
[  116.761509][   T46] hid-generic 0005:7FFF:0008.0002: probe with driver hid-generic failed with error -22
[  117.106620][ T7099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.315'.
[  117.110539][ T7085] syzkaller0: entered promiscuous mode
[  117.135522][ T7085] syzkaller0: entered allmulticast mode
[  117.408435][ T7113] openvswitch: netlink: Invalid VLAN frame
[  118.316231][ T7105] netlink: 144 bytes leftover after parsing attributes in process `syz.2.318'.
[  118.453098][ T7123] openvswitch: netlink: IPv4 tun info is not correct
[  118.616767][ T7135] netlink: 548 bytes leftover after parsing attributes in process `syz.4.325'.
[  118.769219][ T7145] netlink: 8 bytes leftover after parsing attributes in process `syz.4.327'.
[  119.764188][ T7168] syzkaller0: entered promiscuous mode
[  119.815426][ T7168] syzkaller0: entered allmulticast mode
[  119.833528][ T7178] netlink: 16 bytes leftover after parsing attributes in process `syz.1.336'.
[  119.888083][ T7174] netlink: 'syz.1.336': attribute type 1 has an invalid length.
[  119.897557][ T7174] netlink: 224 bytes leftover after parsing attributes in process `syz.1.336'.
[  120.616054][ T5842] Bluetooth: hci4: command 0x0405 tx timeout
[  122.286532][ T7187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.339'.
[  122.326748][ T5836] Bluetooth: hci4: link tx timeout
[  122.332108][ T5836] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  123.483027][ T7216] netlink: 36 bytes leftover after parsing attributes in process `syz.4.346'.
[  123.860385][ T7227] openvswitch: netlink: Invalid VLAN frame
[  123.983518][ T7227] syzkaller1: entered promiscuous mode
[  123.995910][ T7227] syzkaller1: entered allmulticast mode
[  123.997361][ T7235] netlink: 8 bytes leftover after parsing attributes in process `syz.4.349'.
[  124.013407][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.4.349'.
[  124.027230][ T7235] netlink: 32 bytes leftover after parsing attributes in process `syz.4.349'.
[  124.036767][ T3551] syzkaller1: tun_net_xmit 70
[  124.064857][ T7224] netlink: 40 bytes leftover after parsing attributes in process `syz.4.349'.
[  124.162543][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.1.352'.
[  124.361306][ T5842] Bluetooth: hci4: link tx timeout
[  124.370277][ T5842] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  124.381226][ T5842] ==================================================================
[  124.389405][ T5842] BUG: KASAN: slab-use-after-free in hci_disconnect+0x208/0x2d0
[  124.397337][ T5842] Read of size 1 at addr ffff88805fe8403d by task kworker/u9:4/5842
[  124.405335][ T5842] 
[  124.407681][ T5842] CPU: 1 UID: 0 PID: 5842 Comm: kworker/u9:4 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  124.407705][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  124.407718][ T5842] Workqueue: hci4 hci_tx_work
[  124.407753][ T5842] Call Trace:
[  124.407760][ T5842]  <TASK>
[  124.407768][ T5842]  dump_stack_lvl+0x241/0x360
[  124.407800][ T5842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.407828][ T5842]  ? __pfx__printk+0x10/0x10
[  124.407854][ T5842]  ? _printk+0xd5/0x120
[  124.407887][ T5842]  ? __virt_addr_valid+0x183/0x530
[  124.407912][ T5842]  ? __virt_addr_valid+0x183/0x530
[  124.407937][ T5842]  print_report+0x169/0x550
[  124.407963][ T5842]  ? __virt_addr_valid+0x183/0x530
[  124.407986][ T5842]  ? __virt_addr_valid+0x183/0x530
[  124.408009][ T5842]  ? __virt_addr_valid+0x45f/0x530
[  124.408032][ T5842]  ? __phys_addr+0xba/0x170
[  124.408057][ T5842]  ? hci_disconnect+0x208/0x2d0
[  124.408082][ T5842]  kasan_report+0x143/0x180
[  124.408107][ T5842]  ? hci_disconnect+0x208/0x2d0
[  124.408135][ T5842]  hci_disconnect+0x208/0x2d0
[  124.408161][ T5842]  ? __pfx_hci_disconnect+0x10/0x10
[  124.408186][ T5842]  ? hci_sched_esco+0x336/0x440
[  124.408212][ T5842]  ? __rcu_read_unlock+0xa1/0x110
[  124.408237][ T5842]  ? __check_timeout+0x181/0x550
[  124.408260][ T5842]  __check_timeout+0x3a5/0x550
[  124.408284][ T5842]  ? __check_timeout+0x181/0x550
[  124.408311][ T5842]  hci_tx_work+0xb68/0x1590
[  124.408334][ T5842]  ? __pfx_lock_acquire+0x10/0x10
[  124.408358][ T5842]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  124.408384][ T5842]  ? __pfx_hci_tx_work+0x10/0x10
[  124.408410][ T5842]  ? process_scheduled_works+0x976/0x1840
[  124.408431][ T5842]  process_scheduled_works+0xa66/0x1840
[  124.408465][ T5842]  ? __pfx_process_scheduled_works+0x10/0x10
[  124.408490][ T5842]  ? assign_work+0x364/0x3d0
[  124.408511][ T5842]  worker_thread+0x870/0xd30
[  124.408539][ T5842]  ? __kthread_parkme+0x169/0x1d0
[  124.408562][ T5842]  ? __pfx_worker_thread+0x10/0x10
[  124.408583][ T5842]  kthread+0x7a9/0x920
[  124.408606][ T5842]  ? __pfx_kthread+0x10/0x10
[  124.408631][ T5842]  ? __pfx_worker_thread+0x10/0x10
[  124.408652][ T5842]  ? __pfx_kthread+0x10/0x10
[  124.408675][ T5842]  ? __pfx_kthread+0x10/0x10
[  124.408700][ T5842]  ? __pfx_kthread+0x10/0x10
[  124.408723][ T5842]  ? _raw_spin_unlock_irq+0x23/0x50
[  124.408747][ T5842]  ? lockdep_hardirqs_on+0x99/0x150
[  124.408774][ T5842]  ? __pfx_kthread+0x10/0x10
[  124.408799][ T5842]  ret_from_fork+0x4b/0x80
[  124.408819][ T5842]  ? __pfx_kthread+0x10/0x10
[  124.408844][ T5842]  ret_from_fork_asm+0x1a/0x30
[  124.408870][ T5842]  </TASK>
[  124.408877][ T5842] 
[  124.660337][ T5842] Allocated by task 5842:
[  124.664659][ T5842]  kasan_save_track+0x3f/0x80
[  124.669342][ T5842]  __kasan_kmalloc+0x98/0xb0
[  124.673933][ T5842]  __kmalloc_cache_noprof+0x243/0x390
[  124.679317][ T5842]  __hci_conn_add+0x2f9/0x1890
[  124.684093][ T5842]  le_conn_complete_evt+0x2f6/0x12e0
[  124.689396][ T5842]  hci_le_conn_complete_evt+0x18c/0x420
[  124.694941][ T5842]  hci_event_packet+0xa55/0x1540
[  124.699873][ T5842]  hci_rx_work+0x3f3/0xdb0
[  124.704286][ T5842]  process_scheduled_works+0xa66/0x1840
[  124.709827][ T5842]  worker_thread+0x870/0xd30
[  124.714417][ T5842]  kthread+0x7a9/0x920
[  124.718531][ T5842]  ret_from_fork+0x4b/0x80
[  124.722967][ T5842]  ret_from_fork_asm+0x1a/0x30
[  124.727731][ T5842] 
[  124.730047][ T5842] Freed by task 5836:
[  124.734016][ T5842]  kasan_save_track+0x3f/0x80
[  124.738702][ T5842]  kasan_save_free_info+0x40/0x50
[  124.743728][ T5842]  __kasan_slab_free+0x59/0x70
[  124.748494][ T5842]  kfree+0x196/0x430
[  124.752387][ T5842]  device_release+0x99/0x1c0
[  124.756970][ T5842]  kobject_put+0x22f/0x480
[  124.761382][ T5842]  hci_conn_del+0x8c4/0xc40
[  124.765885][ T5842]  hci_conn_failed+0x319/0x400
[  124.770645][ T5842]  hci_abort_conn_sync+0x56c/0x11f0
[  124.775846][ T5842]  hci_cmd_sync_work+0x22b/0x400
[  124.780789][ T5842]  process_scheduled_works+0xa66/0x1840
[  124.786345][ T5842]  worker_thread+0x870/0xd30
[  124.790944][ T5842]  kthread+0x7a9/0x920
[  124.795009][ T5842]  ret_from_fork+0x4b/0x80
[  124.799425][ T5842]  ret_from_fork_asm+0x1a/0x30
[  124.804194][ T5842] 
[  124.806520][ T5842] The buggy address belongs to the object at ffff88805fe84000
[  124.806520][ T5842]  which belongs to the cache kmalloc-8k of size 8192
[  124.820576][ T5842] The buggy address is located 61 bytes inside of
[  124.820576][ T5842]  freed 8192-byte region [ffff88805fe84000, ffff88805fe86000)
[  124.834419][ T5842] 
[  124.836758][ T5842] The buggy address belongs to the physical page:
[  124.843175][ T5842] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5fe80
[  124.851955][ T5842] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  124.860469][ T5842] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  124.868028][ T5842] page_type: f5(slab)
[  124.872014][ T5842] raw: 00fff00000000040 ffff88801ac42280 dead000000000122 0000000000000000
[  124.880601][ T5842] raw: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[  124.889192][ T5842] head: 00fff00000000040 ffff88801ac42280 dead000000000122 0000000000000000
[  124.897862][ T5842] head: 0000000000000000 0000000000020002 00000001f5000000 0000000000000000
[  124.906525][ T5842] head: 00fff00000000003 ffffea00017fa001 ffffffffffffffff 0000000000000000
[  124.915191][ T5842] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  124.923866][ T5842] page dumped because: kasan: bad access detected
[  124.930292][ T5842] page_owner tracks the page as allocated
[  124.936006][ T5842] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5842, tgid 5842 (kworker/u9:4), ts 74891000120, free_ts 24089257292
[  124.957368][ T5842]  post_alloc_hook+0x1f3/0x230
[  124.962133][ T5842]  get_page_from_freelist+0x365c/0x37a0
[  124.967680][ T5842]  __alloc_pages_noprof+0x292/0x710
[  124.972881][ T5842]  alloc_pages_mpol_noprof+0x3e1/0x780
[  124.978377][ T5842]  alloc_slab_page+0x6a/0x110
[  124.983055][ T5842]  allocate_slab+0x5a/0x2b0
[  124.987562][ T5842]  ___slab_alloc+0xc27/0x14a0
[  124.992236][ T5842]  __slab_alloc+0x58/0xa0
[  124.996569][ T5842]  __kmalloc_cache_noprof+0x27b/0x390
[  125.001953][ T5842]  __hci_conn_add+0x2f9/0x1890
[  125.006721][ T5842]  hci_conn_request_evt+0x5e8/0xdb0
[  125.011929][ T5842]  hci_event_packet+0xac2/0x1540
[  125.016871][ T5842]  hci_rx_work+0x3f3/0xdb0
[  125.021292][ T5842]  process_scheduled_works+0xa66/0x1840
[  125.026838][ T5842]  worker_thread+0x870/0xd30
[  125.031425][ T5842]  kthread+0x7a9/0x920
[  125.035537][ T5842] page last free pid 1 tgid 1 stack trace:
[  125.041353][ T5842]  free_unref_page+0xd3f/0x1010
[  125.046205][ T5842]  free_contig_range+0x14c/0x430
[  125.051145][ T5842]  destroy_args+0x92/0x910
[  125.055569][ T5842]  debug_vm_pgtable+0x4be/0x550
[  125.060427][ T5842]  do_one_initcall+0x248/0x870
[  125.065200][ T5842]  do_initcall_level+0x157/0x210
[  125.070143][ T5842]  do_initcalls+0x3f/0x80
[  125.074476][ T5842]  kernel_init_freeable+0x435/0x5d0
[  125.079683][ T5842]  kernel_init+0x1d/0x2b0
[  125.084014][ T5842]  ret_from_fork+0x4b/0x80
[  125.088437][ T5842]  ret_from_fork_asm+0x1a/0x30
[  125.093205][ T5842] 
[  125.095535][ T5842] Memory state around the buggy address:
[  125.101164][ T5842]  ffff88805fe83f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  125.109223][ T5842]  ffff88805fe83f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  125.117289][ T5842] >ffff88805fe84000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.125345][ T5842]                                         ^
[  125.131232][ T5842]  ffff88805fe84080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.139288][ T5842]  ffff88805fe84100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  125.147367][ T5842] ==================================================================
[  125.157639][ T5842] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  125.164863][ T5842] CPU: 1 UID: 0 PID: 5842 Comm: kworker/u9:4 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0
[  125.175385][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  125.185510][ T5842] Workqueue: hci4 hci_tx_work
[  125.190239][ T5842] Call Trace:
[  125.193550][ T5842]  <TASK>
[  125.196501][ T5842]  dump_stack_lvl+0x241/0x360
[  125.201203][ T5842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  125.206406][ T5842]  ? __pfx__printk+0x10/0x10
[  125.211000][ T5842]  ? preempt_schedule+0xe1/0xf0
[  125.215871][ T5842]  ? vscnprintf+0x5d/0x90
[  125.220221][ T5842]  panic+0x349/0x880
[  125.224139][ T5842]  ? check_panic_on_warn+0x21/0xb0
[  125.229255][ T5842]  ? __pfx_panic+0x10/0x10
[  125.233678][ T5842]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  125.239665][ T5842]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  125.245994][ T5842]  ? print_report+0x502/0x550
[  125.250675][ T5842]  check_panic_on_warn+0x86/0xb0
[  125.255617][ T5842]  ? hci_disconnect+0x208/0x2d0
[  125.260475][ T5842]  end_report+0x77/0x160
[  125.264803][ T5842]  kasan_report+0x154/0x180
[  125.269308][ T5842]  ? hci_disconnect+0x208/0x2d0
[  125.274174][ T5842]  hci_disconnect+0x208/0x2d0
[  125.278851][ T5842]  ? __pfx_hci_disconnect+0x10/0x10
[  125.284052][ T5842]  ? hci_sched_esco+0x336/0x440
[  125.288921][ T5842]  ? __rcu_read_unlock+0xa1/0x110
[  125.293964][ T5842]  ? __check_timeout+0x181/0x550
[  125.298905][ T5842]  __check_timeout+0x3a5/0x550
[  125.303671][ T5842]  ? __check_timeout+0x181/0x550
[  125.308614][ T5842]  hci_tx_work+0xb68/0x1590
[  125.313118][ T5842]  ? __pfx_lock_acquire+0x10/0x10
[  125.318149][ T5842]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  125.324150][ T5842]  ? __pfx_hci_tx_work+0x10/0x10
[  125.329091][ T5842]  ? process_scheduled_works+0x976/0x1840
[  125.334828][ T5842]  process_scheduled_works+0xa66/0x1840
[  125.340402][ T5842]  ? __pfx_process_scheduled_works+0x10/0x10
[  125.346391][ T5842]  ? assign_work+0x364/0x3d0
[  125.350986][ T5842]  worker_thread+0x870/0xd30
[  125.355586][ T5842]  ? __kthread_parkme+0x169/0x1d0
[  125.360617][ T5842]  ? __pfx_worker_thread+0x10/0x10
[  125.365732][ T5842]  kthread+0x7a9/0x920
[  125.369809][ T5842]  ? __pfx_kthread+0x10/0x10
[  125.374404][ T5842]  ? __pfx_worker_thread+0x10/0x10
[  125.379535][ T5842]  ? __pfx_kthread+0x10/0x10
[  125.384139][ T5842]  ? __pfx_kthread+0x10/0x10
[  125.388738][ T5842]  ? __pfx_kthread+0x10/0x10
[  125.393332][ T5842]  ? _raw_spin_unlock_irq+0x23/0x50
[  125.398539][ T5842]  ? lockdep_hardirqs_on+0x99/0x150
[  125.403772][ T5842]  ? __pfx_kthread+0x10/0x10
[  125.408376][ T5842]  ret_from_fork+0x4b/0x80
[  125.412795][ T5842]  ? __pfx_kthread+0x10/0x10
[  125.417390][ T5842]  ret_from_fork_asm+0x1a/0x30
[  125.422171][ T5842]  </TASK>
[  125.425544][ T5842] Kernel Offset: disabled
[  125.429903][ T5842] Rebooting in 86400 seconds..