last executing test programs:

2m11.96270955s ago: executing program 1 (id=5026):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x42, 0x8, 0x2, 0x0, 0x1}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r0, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r1}, 0x3f)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000007c0)={r0, &(0x7f00000004c0)="e4211d7d8ff8a3f31cd660d1a58a7d", &(0x7f0000000780)=@udp6=r1, 0x2}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$can_raw(0x1d, 0x3, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x7, 0x4932, 0x7f, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r4, &(0x7f0000000000), &(0x7f0000000040)=@udp, 0x2}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x8, 0xffffffffffffffff, 0x0, '\x00', r5}, 0x50)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x19, 0x8070bd2c, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x42bb7, 0x79269}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0xa}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e22}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0xcc93f1266b7358bf}, 0x8040)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r7=>0x0})
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x11, &(0x7f00000001c0)=@raw=[@alu={0x4, 0x1, 0xc, 0x9, 0x9, 0x30, 0xfffffffffffffff0}, @ldst={0x1, 0x3, 0x0, 0x7, 0x9, 0x80, 0x8}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x5}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}], &(0x7f0000000040)='GPL\x00', 0x0, 0x44, &(0x7f00000000c0)=""/68, 0x41100, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000300)=[r0, r0, r0, r0, 0xffffffffffffffff, r0, r0, r0, r0, r0], &(0x7f0000000340)=[{0x4, 0x3, 0x9, 0x8}, {0x5, 0x2, 0xc, 0x2}, {0x2, 0x4, 0x3, 0xb}], 0x10, 0x80}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x32600)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r9, 0x29, 0x48, &(0x7f00000003c0)=ANY=[@ANYBLOB="88ce5d508f"], 0x18)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r11}, 0x10)
r12 = accept4(r10, 0x0, 0x0, 0x800)
sendmmsg$alg(r12, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d06f147a61d797ea7ffeda95b76f5623", 0x7d}, {&(0x7f00000001c0)="66f7", 0x4}, {&(0x7f0000000300)='l3', 0x7fffef80}], 0x3}], 0x1, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r8, r7, 0x25, 0x14, @val=@iter={&(0x7f0000000380)=@map_fd=r0, 0x10}}, 0x20)

2m11.469891454s ago: executing program 1 (id=5029):
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2021, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xd, 0x20000000ec071, 0xffffffffffffffff, 0x0)
socket$inet6(0x10, 0x3, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x2b, 0x80801, 0x1)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ppoll(&(0x7f0000000580)=[{r1, 0x2000}], 0x1, &(0x7f00000005c0)={0x77359400}, &(0x7f0000000600)={[0x3]}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x3fc, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c)
r2 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x60}, 0x1, 0x0, 0x0, 0x4004000}, 0x4004)
getpeername$ax25(r2, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r5, 0x0, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000340)="5800000014001923fc834b80040d8c560a067f020000000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd001a0010000300080c10000000000000000000", 0x58}], 0x1)

2m11.092389559s ago: executing program 1 (id=5033):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000440)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2m10.931542437s ago: executing program 1 (id=5035):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.stat\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000140)=0x40, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_STATION(r4, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="786538ef2e6512ed7f6658d6474c00c41df5da056db99a846982", @ANYBLOB="01002dbd7000fedbdf6512000000080003aeeb71f99e87611cff7bc26b0afa1468ee6e485000be782001d7e5288da3acb03919ccfc26d1ddfa61d8275e78f1f9ed72b4bea57b5fa4c060e60a1d35bf1cd530f2c87d275afea2ce214ea73fb50e2633dd334e1f338ed906ec5704f8ba608ee0202a4d0cdab6134989cda724ad8ce85d7c53a79125f388d97430fcec56fb2756b0b0090bc8a535dc430bd3e7cd3cc8900134a6070b925efde9b9dd18a8de4560501e50a11903b159135e41c2ee126b9efd30d4223c5eef52942ae98bb7752c8c445f3c4b91472faaa599f35063c620e8b8ee4e9e6929605c124292a94cc0438fc819d39bd5c868823dbaa22ad7f6f404d7dc36f7c2a7c670917b913c038b2b53f93af035f42397c207ac7ca7", @ANYRESOCT=r0, @ANYBLOB="0a0006e92554130008021100000000", @ANYRES64=r0], 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'macsec0\x00', <r6=>0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote, r6}, 0x14)
r7 = socket(0x10, 0x3, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r9 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r10=>0x0})
connect$can_bcm(r9, &(0x7f00000000c0)={0x1d, r10}, 0x10)
sendmsg$can_bcm(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1, 0x840, 0x0, {}, {0x77359400}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "ef1d62ee7e923b0ad9cda5b28dd4753620a2f0271768a8284c18a4e2b5e44dc77098b18fd964df81213608ec503db52d42f1a78c97322f4ae4c8dc89cf2b1440"}}, 0x80}}, 0x0)
clock_gettime(0x0, &(0x7f00000010c0))
sendmsg$can_bcm(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)={0x1, 0x90, 0x80000, {0x77359400}, {}, {}, 0x1, @can={{}, 0x40, 0x1, 0x0, 0x0, "ce2a4fa7a0aa108b"}}, 0x48}}, 0x40884)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100d82dbdc5fd77baa4b6a03b60922a24740c050c91f6f9fc594aff0083074e16bf4a2800b56a86ea25006088af00270d1fdac37247db774f8bf2112c7884ab111c38e9d9e27edf2691b4b893dbb2c027c2f3de0e4c1ba9c91eaf37063b0b4312f6fe63443c77ab79047d5233da08512ddd1054f8c7c553689602243808d1f712bd5ad695a6aeda634191fd67ff2c974603b6fac4deebe955ee7dbbc7957e0b474fc058bfb651f9e7c656d93ce968dbe42557dc779e86c0b2b55056432befe83a1f905e5d12c7f092e15673", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r7], 0x40}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002d00)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
setsockopt$sock_timeval(r11, 0x1, 0x43, &(0x7f0000000140)={0x0, 0xea60}, 0x10)
sendmmsg$unix(r11, &(0x7f00000bd000), 0x318, 0x0)
close(0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af8fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13f8ff000000007a0a30ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0x7}, 0x10}, 0x1d)

2m10.562981856s ago: executing program 3 (id=5039):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
listen(r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

2m10.351619365s ago: executing program 3 (id=5041):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000bc0)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000500)='p', 0x1}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e25, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000001440)="95", 0x1}], 0x1}}], 0x2, 0x20000004) (fail_nth: 4)

2m10.335789637s ago: executing program 1 (id=5042):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xd8, 0x1403, 0x100, 0x70bd25, 0x25dfdbff, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vlan0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ip_vti0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'rose0\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'syzkaller1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'dummy0\x00'}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4008000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000240)=0x60, 0x80c00)
ioctl$BTRFS_IOC_SNAP_DESTROY(r1, 0x5000940f, &(0x7f0000000280)={{r2}, "d0dd2413e97d62c6567225889b83d8c9d8024b26c00403c59d5a2d98e8fa8f107319a6992abccb90da307bfd507321c81cc5f391a5f2f2134537f77cea856b4afd1df0ab61be97ee596734b1e1db4446bfdcfea82e6a54f10d377af74de0eace76b3a67a0d59e30087f3858ecb8a060b708b9c62a0c350a56c6d4b9eb6134e996755eb577d1557086f0ba6c51fac70bd146e6cfeb3339e7d248884877cc49d6a01c17605c2ddd143957a6feed43fcc544dd186844777e58aaeea75e93f54fa766909391d0f9849e5f83a35525b6a982b6eafdccb7d84bd10680cad305d5567417dedcecce14d9f8bb4105af3c651626faab2925382cfa422f384fe2ff05a6227f3b365bd4611430e0fd022073a951dfd8b3bab10d79865ccc39e35690ca5d87e1382b5a85d23fe8a404c84956d39754b5e720540ed6bbbcf3cc7389b56ca30de8798bb3df4ad45c737d245c13c5eff3e760db90e24a9131c3a3b5c5ee9fb7dc7a8ac05279c1463383186ba34aee1f422bcb6211e72cee9585c7fe8832a1c65d324524708b04b62ec0e4768ffd474d6da7eb241b7429a353cf495bc89da5285b3ea04082cc07c3487bd9b26354eafe43bd9ff872cdccdc3b0fcd70fdeb653ade311ab7f29814b8a08c5fdfce534674f5b08408f3a45a9086e9bc57e2e4665ed199fa654097a69040ab78e28d1ac6c85968c8cc9d35c147953495eeb86f6848f3c329bfa0dd69a43de1c9237764b7750d2750da3b0ea103a530fc7d2edd0b71206f2ab27902d3cf3cb5fa34f7d8936f31237fb77b11304e37f51eb40d02ee1449d9d825d0faf68118e4dec763ced5221c9bbe3ee861320a4b37e3a439e8e079bcf1c9b20a28b86706a8e60c4f7e1c1c556caf3d3c62ba0da00935e1ea32e3ef1683b63504bdb3e5ec488d77d39f74ce4819918e3edfba35ea72405c353853fbfd3f86e5da275d9898fa328469d651e99448fe9ad3797156e42bf37927315387d5bee7f799486c0ce4ba38165db69bd5e1d6ead0d20ecd1f1f676119cb3f88300b7b0f3980d509db2777a428b9edbb62302880ba5073d19e629923b15a59549d7865803918bb02e580ecdb84cbfc6c3d9dd0db9204285bb24f1c9927b76cb45eeb9dbae2bb34834f5338e441a2d5769e381b5cf77a414eb4d5cd70cd4acd2f078700005c759feb28f9790abdf07229150ef502fd5e0de548a04124c1c66964f7a147c21a03597572fb384a0417d34ab05270bc8abf73af0533309c3cad09cba3fd8d8809c31e92a2a1a4d17f48cdda48950da41a43db7970d9a8bc173d303272a6c195455d89b406b96796ac700b1847e35e0b17c814c89f5c3cbff872f99e2e642f19511494cfa4da0c87a6c41550a5b3a120f9eeb6370182aca8c058ff7ce91836fb6b6be6b4ebeff3dde117127ce5e7e69f2abdaa786d9a60c37cb65f160690d079138658472a0a3c4b97163547984b086e0306e5973de54e5dc96021373a7eb898de3a18d0fc4eaefc577b0dd1ba0f6f96be9705d50a391f80c7361924583822709d8f10d19f504ea00dd8019588704fdc9d9246d7705d8f57b32d68cb2ce838b4a3cac7a2132a7974ac368dde621ef2120d18a46d2aa3f7b578e113446b1f7d23258d8342dbcb2d7584153078fcd76d34f31b035cda97b068ee8236e224127d3375054a5c8255a8702fd612625f0e64f08da69f840f4e9d0bd0855084d549ad000540708bcf383248ff769f15e39b035c45c3de926fbe0ffe71e9b7f4672979e625b7a29c134a10147c6fcdcdc4f2a9b53a3b162caf6e305003297b0e7a156edc69520b430157dcf52d431848aa5f9f6b4c8cf7bf3b460db562d869cd2d57330ff75b62e27bf82d64ab7ffc07291159897adcf727f053bfc8c786f34ddd251ea9278390d10c81dd484aa4e18b6470b8dcc10160af4428840ffa572caf0dfe0078f558952c586d391423bf8996590db3dab8cc2679f13fb3913c08eaecba0fd9e4cd319bf3b0539849685e57b17c767c649d76dc3828a94beab0514448000ce7c9ba82f62c5643927e5950ab4be119157a8182ea830cd38a7a46894b0a0396d07ef3d72c027f4798a123a3c010d745f637cf78ff85bf0fc47ee60932431361131d2f64567144149f8f374fb3f09974cd8429f1211375cc062751bca240748687ef12b3ff2cd60704dcc01e31c2f1c81086a48e1aaa9f4e07c56826e146acd968f07fe15cac9937ddb47978291f70de883ceebd8264751890fdbdaafcd51f501cc4f55191e317e421a0dfda03d925c3c43956c20bfe7b6d454a0e99bae81c34e9cc5329588ab980741b163f9ec4fa065c037fdaefd311a6bb027454e6c41501968204c1ad12c8a03c1b1c39ea94fc2996987bd316a62cdfe45f7f7182bfe9aef709f3be586b88674949c2b1e6dcb84fd9755bf16a7689e5ab55abb21bc83429cdc93549350dbd865826a0c467ad2905b8dd97a83446b6770d118246f83b3044791bb542cbdb40dc75589416823f1a70a6162822c12109048d7e017e21d80316a84289745db3792e4c260d641ef14ee9770595a247fe7b7312d5522093070caed825d71519e9d2d187074bf73cc4d1b035beb44e83cc5aa9364f9e217c9038fab4ade48159a5be853d1d5d7b78b1d7b91546f00b7e4151484434ca4ae88dfe94a03d9b62150d564862729d16d26537bba036594ae883d0c735d6e3800cbc2c3d06535ed2cd5bcb3f0b6672605c1fd56e9b016f0bf9ad66786903a20f87c7ba0ac2ce1c0ca413280a182ef450fce720927bc81b546d9c941c674390ef60e4cab8b8decdf12dc2d3b2f9df05255874c5e80476955bc3264d7117843f8ba121ad02ea861f239bf49a4eb0656fe9f874a1acb91692918ae4748cc725a9d86e823bf23a50992e5f1774ab72d6deacba12f1288139c573f76a96f39882bf487e22982f687aecc1b4c7360424368922317a5cf2d697aec6aac8e9a7507d107e4a4025e4cd55130abfc7e0fa287d9f52121604f67eeeaf15a4df71b4bc8ec9ffbbfd385fa8280aff385448561504430c0dda561f1b44bba60ca45b6e1dcaa97e5d8f3ea0ac1017b5e771bbbe7baf5f0c9f8d8aa469e510e14732746c2cb9117f456b6fe2239062f0ff0191881938eda5e8ad9b7e441990180b2f807d4416b8bf49191c1a6edef163ef271d08277d832fb46aeb26cc38a9bdc43f699ec56e23fbe96d766c7a1948427e8bd6798c23ce1a109d4b439b565925c9c8d48e9e2fe6e299d21398b6acd4eb0d135bbdd689e780b516d2157796520394d90d2ff11e98fa74ee4ccee1c682fa81a4e0ef2a395716f5972840fcf02311186b3e3315a67d815d71bec61e9bea6a91eba56efff493a2ad54c0dc0af587d43bc8cc6e7839ebb13a152cad490852fcc91dfdbdeac9f2d8e10ad6af654dda42eda3d76b2b7724e6131a892e34e269d58fef85e26559c1e6432f4f645f506e9b72421af20e09c0cb9cc8784f424e767a86f5c7a1798a348a211d148539239be1324059d5cce383c633d7323babdf8ba5255167e2efe12d9b1480c4bc40c819d9e7cfee52ef0b0d8febd097e18a2b1b77099f7e74f537de800bbedc116dd92541efd5043f8d2e3345d1daa81e01b7630d48e1c2ecad9280e3c9ca749f50c2013277912fc301677958657fdf9ae445878fc6789bf6ff0643f16f4ad6414577224620cf25f86359b4f838a2aa12d71c13cf15b2b9eea8859075f60f2e77eca12d655f06787c9499ccf234e9570b3ca413d6fba0644f4546e6a5c42b4dade70e8c5a57601186409a12610b892a3f2a420f8f1a23a7fb91b4a96650601d5fc5d3b9049e7986e65f85d80c3679141cc9726b2e53533c436f9d5be2d1a1cee72de1542b49f8ba84303389f077597cccad3412d4358a967eda0fef91a089f65d706785885970bf75bd996f8b2a532170dc587e015ba37e69f23e179d0d7684f1d69b0c52a97e0bab3e06a723eb7ba10fa1c0da1443716d2d786ad42bf36d58fc37a1df7e2cc96f17036651ca0ce5d4e36e4235f06994a9474084972db350a69bc39df35bbf3007516513022d6ee5a7405a8db990d1f748a22c2163d59583e635692041ed87ea31581e9f682a5819a7d514b19c2a78aac44ef68c2a8219070edea18ea7b8bff8c0656dee315b9400ea2f646a090e0f484f3bcf97a1080823ca273f4d6317ea4866cda21f3606e81f363beba03e4ae043e876dae3287560f7451f025156a6f72fc1a47d4b4e86080e4f07ff80ee2d3937b6954e231c7b0b5e08e20a778700780cf5c1e60ef5f2bc29a82b4fda3d1567ef6324df8f7fb2aa79c780d14af3f05366957c63c309b46575b5c7405d059358712f75257290d8410ff0ea334da21c649d472a010c31080335a904dbb34704cf94bc4f083101665ac1a215bb882c2db047e798524e04730e4b4220b6df050cfb3da50c9933a31dec4b0715297fcfa965e636c5d06f7745a04d91f7fcdc3d8adf5ad6deeaaf7331f4dcb8f8a725f403cba87dc5b67fd48ff1e891e314291e7e315befcf7ba1dfa0a66a523fa686b029dd2530b285749fe9aaa2469133430c88ca94371f4332953c06068712ed19159d5168b07d10a7e55d6ec80271b3263852476b6f06fb53e112b145bc26167bdb458d5acdf72f509417f4358d232409f6a134200897769f755652c9897dfef8dedb8efec5b2baa79ba62bbe8681034c7957538fb9f509cfa5eb56245ce3b894785f9c02f56fb8af631831bdccae1e5611e7a70b1c2139f09dd181f983196c514ba0858f1a79d867bc2bb98c428e6e298977c13eb1e9c679db01e9834d28bbc331be7af6d8e31340678e899d4aa8e60394131ad303af30b48b6ab2f939c999cc4a6a543e61ea453c697017c9b0174add165da874efbe5a4dad97e0988455810774cdae48bd54d27ddf4e864dbabcbd6027822125c76ce3f95a356d90e7bfc1753084730bec55aebb6ced45adebabc479339e4825b7b6f94b29fe646d96a4005aeee84b17c0dce52cbf7523ab6520901f89ea8ddc968d9ec0689c4bbe5cbc709721e0f9aafdaaa6ac965d6598f5751e3d43cf2f677590a5e32d0cad70dd98d259e36077153437305855ade9a53c4c74a6c1b18742983392c51a7e663a9fd725a56699f49cccf2303fe35a0b3a14c2f3a966a38fe8b3e9f9582a66a5810d23c96229dcee66ab15acd02e3077af5a8d75c1568a2faa6bfe55a418a89e8a778df6982ff8b061fd14ab61bc8e905bfe157ce0d119ff108d6a2b46a2c441c9df6b9f770ad6a5900d41fc5eb0abe322c94b3486046ffb53455698858bcb898d62e42c8d098d7857fba7cc5b3efa72ff98d48c0f000fdf49dad6f511fd51b9fea682c1b87cff36b5fb6e26ddcb2bd6f650badd2ec920443ad73c7ec4cd55df75db0ba74049570fce8f2c023eaa033e825f800f7d1ffc8520ca30ed4be89c53fcabd28e33caa537efe496388b309bc4aff280cf1aac3acbe61c2f8b217b06e395db42c84fec5f1c4549b79426ed1ea3f36dc3e12c46aaba0d244381a586461394a813cbd284f5a245ab6e9194fe46253c02106032b97d6c986bb4e552bb8464d4831321fe10f28d250a24adc8cc5a666b2895d4187fc6f3cc93371549434e7823656a76b8815699198a65d1d7726c4084484d9528eecc055779d3cbd760aa3f204b850e66448f66d4366896f0041558d43648e7c0a024607c072c5c57c5e1e3bcb932a0d669544e413410136e92052b7a15f16fe8162574266445abc465abc46b5bd1b241ec7769018fb9b"})
r3 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r3, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002680)=[{0x0}, {&(0x7f0000001300)=""/16, 0x10}, {&(0x7f0000001340)=""/25, 0x19}, {&(0x7f0000001380)=""/24, 0x18}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f00000023c0)=""/228, 0xe4}, {&(0x7f00000024c0)=""/135, 0x87}, {&(0x7f0000002580)=""/28, 0x1c}, {&(0x7f00000025c0)=""/174, 0xae}], 0x9, &(0x7f0000002840)=[@mask_cswp={0x58, 0x114, 0x9, {{0x4, 0x4}, &(0x7f0000002740)=0x2, &(0x7f0000002780)=0x8000000000000001, 0x6b, 0xfffffffffffffffb, 0x2, 0x20, 0x21, 0x5}}, @mask_cswp={0x58, 0x114, 0x9, {{0xa, 0x8}, &(0x7f00000027c0)=0x6, &(0x7f0000002800)=0x8000, 0x3, 0x10001, 0x401, 0xfffffffffffffffc, 0x20, 0x10000}}, @rdma_dest={0x18, 0x114, 0x2, {0x1ff, 0x69}}], 0xc8, 0x20000001}, 0xc840)
poll(&(0x7f0000002980)=[{r2, 0x21}, {r1, 0x4302}, {r0, 0x4008}, {r1, 0x4}, {r2, 0x2082}, {r3, 0x400}], 0x6, 0x15c)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000029c0)={<r4=>r0})
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000002ac0)={0x0, 0x3, 0x30}, 0xc)
connect$inet(r4, &(0x7f0000002b00)={0x2, 0x4e21, @multicast2}, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000002c80)={&(0x7f0000002b40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002c40)={&(0x7f0000002b80)={0xa0, 0x0, 0x8, 0x3, 0x0, 0x0, {0x1, 0x0, 0x7}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8863}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8035}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0xf}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}]}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_SCTP_SHUTDOWN_SENT={0x8, 0x5, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_SCTP_ESTABLISHED={0x8, 0x4, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_SCTP_ESTABLISHED={0x8, 0x4, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002cc0), r4)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000002d00)={<r7=>0x0}, &(0x7f0000002d40)=0x8)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r6, 0x84, 0x79, &(0x7f0000002d80)={r7, 0x7ce, 0x2}, 0x8)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r4, &(0x7f0000002e80)={&(0x7f0000002dc0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002e40)={&(0x7f0000002e00)={0x14, r5, 0x605, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x20008040)
r8 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000002f00), 0x2, 0x0)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$EXT4_IOC_MOVE_EXT(r8, 0xc028660f, &(0x7f0000002f40)={0x0, r9, 0xa, 0x2, 0x8, 0x1})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000002fc0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(r10, &(0x7f0000003080)={&(0x7f0000002f80)={0x10, 0x0, 0x0, 0xec0200}, 0xc, &(0x7f0000003040)={&(0x7f0000003000)={0x34, r11, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0xd, 0x1, ')\\({)#\'/\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}]}, 0x34}}, 0x40)
r12 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$bt_hci(r12, 0x0, 0x2, &(0x7f00000030c0)=""/117, &(0x7f0000003140)=0x75)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003180), r4)
pipe(&(0x7f00000031c0)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
write$tun(r13, &(0x7f0000003200)={@val={0x0, 0xf7}, @void, @ipv4=@igmp={{0x30, 0x4, 0x1, 0x32, 0x1c5, 0x68, 0x0, 0x7, 0x2, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@generic={0x88, 0x3, "1c"}, @lsrr={0x83, 0xf, 0x6a, [@empty, @multicast2, @multicast1]}, @timestamp_addr={0x44, 0x4c, 0x55, 0x1, 0x6, [{@private=0xa010101, 0x10001}, {@remote, 0xcb}, {@dev={0xac, 0x14, 0x14, 0x3d}, 0x3}, {@broadcast, 0x5}, {@local, 0x4}, {@remote, 0x7}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@loopback, 0xffff}, {@private=0xa010100, 0x400}]}, @ra={0x94, 0x4}, @generic={0x7, 0xb, "569bf327c80594d24f"}, @end, @lsrr={0x83, 0x17, 0x19, [@empty, @dev={0xac, 0x14, 0x14, 0x29}, @private=0xa010102, @empty, @remote]}, @lsrr={0x83, 0x1b, 0x70, [@broadcast, @multicast1, @remote, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @ssrr={0x89, 0xb, 0x34, [@private=0xa010102, @remote]}]}}, {0x13, 0x6, 0x0, @loopback, "72e361fe19af2cf5bd7e39bc528a3276d7c28ea6a018b34a37f2c084e7d91b65ba1b2668d568b12e5115d4f68d2576d32cbd0f214f611f44928e2a73432b0793e29633a5f6bf18e6363ab7db3e799097a9d977028ed283ab24df7d29982130c66d59c6fccf569afa9f42d8d2f2e2c761735c4467b169d752c800919e73a96cdb773414bb1648293bf6caf84a033488c152ea793e1d493e3c155087b7aabf7db5375f71f2c566788480ad5f65ebb5ba34d3f3a977fb77cc1ec6f1d99e004ed69277a197c76f529e964876bbd70859d59d65bec83b98d172bec467b91ce88eaa06713bbf6f014698380a17b544e0140252381182d56f20cfa110096fcd24"}}}, 0x1c9)

2m9.605818358s ago: executing program 1 (id=5045):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103b500040000000000000000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x8840)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r6)
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'blake2s-128-x86\x00'}, 0x58)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x222000, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000440)={'ip6tnl0\x00', 0x400})
r10 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r10, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r10, &(0x7f0000000200)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r10, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x21d, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x5, 0x2, 0x3}, {0xfffffffffffffffc}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in=@private=0xa010100, 0x0, 0x33}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x30}, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0x0, 0xfffffffc}}, 0xe8)
sendmmsg(r10, &(0x7f0000007fc0), 0x800001d, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r7, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r8, 0x200, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040005}, 0x800)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r11)
r13 = socket$key(0xf, 0x3, 0x2)
r14 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r15}, 0x10)
sendmsg$key(r13, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000080)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020a060003"], 0x18}}, 0x4000)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="010028bd7000070000000200000008000100", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
sendmsg$NFC_CMD_ENABLE_SE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r3, @ANYBLOB="08002cbd7000fcdbdf2511000000080015000000000008001500c000000008000100", @ANYRES32=r5, @ANYBLOB="08001500c0000000080015000200000008001500c000000008001500c0000000"], 0x4c}, 0x1, 0x0, 0x0, 0x48004}, 0x11)
r16 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_SECURITY(r16, 0x112, 0x4, &(0x7f00000001c0), 0x2)

2m9.575221421s ago: executing program 3 (id=5046):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r3)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x38, r5, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x38}}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000300)={'wpan1\x00', <r9=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)={0x1c, r8, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x804}, 0x40084)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x14, r2, 0x4, 0x70bd2d, 0x25dfdbfe}, 0x14}}, 0x4000885)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r10, 0x0)
mmap(&(0x7f000009e000/0x4000)=nil, 0x4000, 0x2800007, 0x8032, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), r1)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000280)={'wpan0\x00'})
socket$kcm(0x29, 0x2, 0x0)

2m9.44080825s ago: executing program 3 (id=5048):
unshare(0x28040680)
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$6lowpan_control(r0, &(0x7f00000000c0)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000006c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000006f7fd5df1a784d7076604cd59d3b9500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354f0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb223166e29e3efa5456c2d642122b8635a65de6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b91cb76ac2d9d55f8b923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d26657b0bd01eb851d6e792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad896adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca12064cd075f38f9e58c9c5f50e1622462b23bb643b418ecbfb1bdb3db13d8d6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100}, 0x10}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0xc)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000140)={r4})
bind$netlink(r4, &(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0x2f9, 0xffffca88, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x31, &(0x7f0000000040)=0x7, 0x4)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x121100, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000001040)=ANY=[@ANYBLOB="2c00000025000100fcffffff0400000008000000", @ANYRES32=r6, @ANYBLOB="14000700000000000000000000f7ffffac1e0001"], 0x2c}], 0x1}, 0x0)
r7 = getgid()
r8 = socket$netlink(0x10, 0x3, 0x2)
connect$netlink(r8, &(0x7f0000000040)=@kern={0x10, 0x0, 0x0, 0x2000}, 0xc)
sendmsg$nl_xfrm(r8, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000540)={&(0x7f00000001c0)=ANY=[@ANYRES64=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20008084}, 0x20000000)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x300, 0x0)
ioctl$TUNSETGROUP(r5, 0x400454ce, r7)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r10, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r9, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r10, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [<r11=>0xffffffffffffffff]}}], 0x18}, 0x2000)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, 0x0)

2m9.156508724s ago: executing program 3 (id=5052):
r0 = socket(0x15, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000001000000000000000009500000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES8=r1, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYBLOB], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1e}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xb, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000", 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x48}}, 0x48000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000100)=ANY=[], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000002c0), r0)
bind$bt_l2cap(r4, &(0x7f0000000000), 0xe)
listen(r4, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x2, @any, 0x0, 0x2}, 0xe)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$kcm(0x11, 0x3, 0x300)
setsockopt$sock_attach_bpf(r6, 0x1, 0x28, &(0x7f0000000040), 0x4)
recvmsg(r6, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000440)="5800000014001d2340834b80040d8d560a067ee500ff000000000000000058000b4824ca945f64009400140425010ebc000000000000008000f0fffeffe809005300fff5dd80000010000100080c10000000000000000100", 0x58}], 0x1)

2m9.024816341s ago: executing program 0 (id=5053):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
listen(r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {0x0}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

2m8.971193345s ago: executing program 3 (id=5055):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='svc_unregister\x00', r1, 0x0, 0xfaf}, 0x18)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='svc_unregister\x00', r3, 0x0, 0xfaf}, 0x18)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="1400000025000100000000000000040006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
write$rfkill(r0, &(0x7f00000002c0)={0x6, 0x0, 0x3, 0x1}, 0x8)

2m8.769708961s ago: executing program 0 (id=5056):
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2021, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xd, 0x20000000ec071, 0xffffffffffffffff, 0x0)
socket$inet6(0x10, 0x3, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x2b, 0x80801, 0x1)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ppoll(&(0x7f0000000580)=[{r1, 0x2000}], 0x1, &(0x7f00000005c0)={0x77359400}, &(0x7f0000000600)={[0x3]}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x3fc, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c)
r2 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4004000}, 0x4004)
getpeername$ax25(r2, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r5, 0x0, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000340)="5800000014001923fc834b80040d8c560a067f020000000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd001a0010000300080c10000000000000000000", 0x58}], 0x1)

2m8.243369946s ago: executing program 0 (id=5059):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
ioctl$SIOCPNGETOBJECT(r0, 0x89e0, &(0x7f0000000040)=0x6)
ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000140)={{r1}, 0x3, &(0x7f00000000c0)=[0x75ebafb6, 0x9, 0x4], 0x5, 0xd, 0x1})

2m7.988066118s ago: executing program 0 (id=5063):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000080), 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.stat\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000140)=0x40, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_STATION(r5, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="786538ef2e6512ed7f6658d6474c00c41df5da056db99a846982", @ANYBLOB="01002dbd7000fedbdf6512000000080003aeeb71f99e87611cff7bc26b0afa1468ee6e485000be782001d7e5288da3acb03919ccfc26d1ddfa61d8275e78f1f9ed72b4bea57b5fa4c060e60a1d35bf1cd530f2c87d275afea2ce214ea73fb50e2633dd334e1f338ed906ec5704f8ba608ee0202a4d0cdab6134989cda724ad8ce85d7c53a79125f388d97430fcec56fb2756b0b0090bc8a535dc430bd3e7cd3cc8900134a6070b925efde9b9dd18a8de4560501e50a11903b159135e41c2ee126b9efd30d4223c5eef52942ae98bb7752c8c445f3c4b91472faaa599f35063c620e8b8ee4e9e6929605c124292a94cc0438fc819d39bd5c868823dbaa22ad7f6f404d7dc36f7c2a7c670917b913c038b2b53f93af035f42397c207ac7ca7", @ANYRESOCT=r1, @ANYBLOB="0a0006e92554130008021100000000", @ANYRES64=r1], 0x3c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'macsec0\x00', <r7=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote, r7}, 0x14)
r8 = socket(0x10, 0x3, 0x0)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r10 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r10, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r11=>0x0})
connect$can_bcm(r10, &(0x7f00000000c0)={0x1d, r11}, 0x10)
sendmsg$can_bcm(r10, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1, 0x840, 0x0, {}, {0x77359400}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "ef1d62ee7e923b0ad9cda5b28dd4753620a2f0271768a8284c18a4e2b5e44dc77098b18fd964df81213608ec503db52d42f1a78c97322f4ae4c8dc89cf2b1440"}}, 0x80}}, 0x0)
clock_gettime(0x0, &(0x7f00000010c0))
sendmsg$can_bcm(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)={0x1, 0x90, 0x80000, {0x77359400}, {}, {}, 0x1, @can={{}, 0x40, 0x1, 0x0, 0x0, "ce2a4fa7a0aa108b"}}, 0x48}}, 0x40884)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100d82dbdc5fd77baa4b6a03b60922a24740c050c91f6f9fc594aff0083074e16bf4a2800b56a86ea25006088af00270d1fdac37247db774f8bf2112c7884ab111c38e9d9e27edf2691b4b893dbb2c027c2f3de0e4c1ba9c91eaf37063b0b4312f6fe63443c77ab79047d5233da08512ddd1054f8c7c553689602243808d1f712bd5ad695a6aeda634191fd67ff2c974603b6fac4deebe955ee7dbbc7957e0b474fc058bfb651f9e7c656d93ce968dbe42557dc779e86c0b2b55056432befe83a1f905e5d12c7f092e15673", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r8], 0x40}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002d00)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
setsockopt$sock_timeval(r12, 0x1, 0x43, &(0x7f0000000140)={0x0, 0xea60}, 0x10)
sendmmsg$unix(r12, &(0x7f00000bd000), 0x318, 0x0)
close(0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af8fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13f8ff000000007a0a30ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0x7}, 0x10}, 0x1d)

2m7.756167101s ago: executing program 2 (id=5064):
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, 0x0, 0x20000000)
socket$packet(0x11, 0x3, 0x300)
r0 = socket(0x11, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x2, 0x6, @broadcast}, 0x14)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

2m7.648184834s ago: executing program 2 (id=5065):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e20, @rand_addr=0x64010100}, {0x306, @remote}, 0x0, {0x2, 0x4e22, @multicast1}, 'veth0_to_team\x00'}) (fail_nth: 3)

2m7.268571455s ago: executing program 2 (id=5066):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
listen(r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {0x0}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

2m7.265998566s ago: executing program 0 (id=5067):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
unshare(0x6a040000)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0x12)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ipvlan1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x6, @random="790c7edd3d8d"}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x0, 0x2000001, {0x0, 0x0, 0x0, r2, {0x7}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0)
r4 = socket(0x8, 0x3, 0x0)
ioctl$IMGETCOUNT(r4, 0x40106183, &(0x7f0000000000))

2m7.178794913s ago: executing program 2 (id=5069):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000000000)=0x7, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000001500)=""/17, &(0x7f0000000180)=0x11)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x0, &(0x7f0000000040)=0x47c1, 0xfffffffffffffe16)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x801, 0xf84, 0x3}, 0x1c)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2m6.906338286s ago: executing program 2 (id=5071):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r3)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x38, r5, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xffff}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x38}}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000300)={'wpan1\x00', <r9=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)={0x1c, r8, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x804}, 0x40084)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x5c, r2, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x1}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xfffe}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0xb}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x4}]}, 0x5c}}, 0x4000885)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r10, 0x0)
mmap(&(0x7f000009e000/0x4000)=nil, 0x4000, 0x2800007, 0x8032, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), r1)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000280)={'wpan0\x00'})
socket$kcm(0x29, 0x2, 0x0)

2m6.830523154s ago: executing program 2 (id=5072):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, 0x0, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f00000005c0)={0x8, {{0xa, 0x4e24, 0x5, @mcast2, 0x6d00}}, {{0xa, 0x4620, 0xfffffff8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8000}}}, 0x108)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x801, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r2, 0x2)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_buf(r4, 0x1, 0x39, 0xffffffffffffffff, &(0x7f0000000100))
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000008000000000000095000000002b190017163b5b1300cb87f183b310d21d6d7a7e55e7cc990f6e712f452668775bd83a2063eebfb28acac360ea56557e98c00f1a5cce782a9cc01d125fa55bba77510e8833df6f927842bdc08f777856e4de2a67d8f0e70bdd3ed1ce8f00001c2345c71c04c492c7090001fba66194c4799d2e1dd08df818cd03956564bf2252bc4e1d4606f194b8d52f998f2668f0ac13accec93fac1bce87cda3c9d3934141ab49e3634c630ae5c7d518858f527f5f1d229c219560e022a423815200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)="9c2a243dd44b74479d0ff63aa37a6b0f7b8e0ca0dfdc84e6f96ade74d7b2e2f4dad7604b43985a5df1f5f7e5387d2068bd86b82fef09cb184b1a743513d89f", 0x3f)
ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0)
ioctl$FIOCLEX(r3, 0x5451)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x2, 0x80, 0x1, 0x9}, 0x0, &(0x7f00000002c0)={0x3ff, 0xfffffffffffffffe, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000003c0), 0xffffffffffffffff)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000400)={<r8=>0x0, @local, @multicast2}, &(0x7f0000000440)=0xc)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0xd871021}, 0xc, &(0x7f00000004c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r7, @ANYBLOB="040027bd7000fddbdf2502000000040001805000068014000400fc02000000000000000000000000000114000400fe8000000000000000000000000000aa050002000100000014000400fc02000000000000000000000000000108000700", @ANYRES32=r8, @ANYBLOB="2810068014dd0400ff020000000002000000060005004e2100000c0006800800070000000000005b301c3f0000000000715b5c0f23947713637a84cdffb231f1946370ce1ac62a3a9663d4b8a96316790a96a8465d4e8c1112f0a10a64cefe4877a19c6e8d01d5e5dc5b27245ea84c8b4dcc000000000000", @ANYRES32=0x0, @ANYBLOB="080003000200000008000400ff000000"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
write$bt_hci(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x6)
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x50, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0xc}, 0x10, 0x0, r6}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r11 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r9, r10, 0x26, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000480)=r11, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={r11, 0x0, 0x0}, 0x10)
clock_gettime(0x0, &(0x7f0000000200))
socket$inet_sctp(0x2, 0x1, 0x84)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3, 0xfd}, 0x8)
write$rfkill(r1, &(0x7f0000000340)={0x6, 0x0, 0x3, 0x0, 0x1}, 0x8)

2m6.687509185s ago: executing program 0 (id=5073):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@delchain={0x24, 0x65, 0x8, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xb, 0x2}, {0xb, 0x6}, {0x6, 0xc5b377f61037765b}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="f80000003e000701feffffff00000000017c0000040042800c00018006000600800a0000d1000280cb00"], 0xf8}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd700000000000010000000500040002000000050002000a000000040000"], 0x28}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@typedef={0x1, 0x0, 0x0, 0x8, 0x3}, @ptr, @type_tag={0x1, 0x0, 0x0, 0x12, 0x2}]}, {0x0, [0x2e]}}, 0x0, 0x3f, 0x0, 0x1}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[], &(0x7f0000000f40)=""/4089, 0x3f, 0xff9, 0x1}, 0x28)
writev(r1, &(0x7f0000000180), 0x100000000000003c)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet(0x2b, 0x801, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000852b1262fac55aa5e000000000000000f9ffffff00fe00000001000084080000000600000001000000030000000000feffffff2d000000"], &(0x7f0000000380)=""/3, 0x46, 0x3, 0x1}, 0x20)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYBLOB="a0ff0300092297dcaeb4f31f259c2a4a6e4d5fe3a6066c2328e3adc25f8a3d67c2cdd8e553ac8164a1b5b1eb9ec8cadc54d8d074ba16eb842390ab245dc59285017f680eaced17d6f68d6d2bc25713593dd03e3cf5b2104ed0c31545f91a8f54e88d19d2663ebe7eda62b21d1a396baf25fef6fc5b27e991de2c7b5047b6f9c478d567b876a7ce72b6c4dedffe4d26e278034055be44fd54e1acaa6fe909c8fe2edab6fb21d7079d55bf0bb6ba097463eea291d2fd66a95a1abe476f2ac191a2fe8831d91953c10d5c018c81c662645b9d81e14e1619ebc132a2562c510cd4e85d2aef1e86b21d6cc1c5a057657b32d88f86954c664c788473a367e7e23571bf4204c3ead7874437c5bfc34c679e832fcf80f2ea2c9a3d83ec540714d87114bebebb", @ANYRES32, @ANYBLOB], 0x1c}}, 0x20000080)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c2000003e000701feffffff00000000017c00000400428000000800028004001280000000000000000000009184183f4a223b0adc519226b6092dab417d629b93b16a9f765dcc01e24e48f21f6cf452f6b1cd4bd34deb22646a3bf786ba872c64f37d36e5b418c6d27a66a730487e266f5734bacd5dc9c0764821b595b631b158556c221db6ed5e00fb3368f33874da76df5edb6b9318f488c1f14190312373268f4de553b51640f16459dbc9a183c13075c1fd19c7b014bf0275"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x1a8, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2}, {0x0, 0xd}, {0x0, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x174, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_POLICE={0x4}, @TCA_BPF_ACT={0x164, 0x1, [@m_mirred={0x160, 0x11, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0xf1, 0xffffffffffffffff, 0x6}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x3, 0x8, 0xe, 0x4}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x5c, 0x7, 0xfff, 0x1}, 0x4}}]}, {0xd1, 0x6, "319bb848351b002738b6c4c50b9141bebb58a1fd9f04e35af9c32268b29dfa1c25c9502b51b55eff39526a56fd0f6d8f94d05679ea0836ee4adecfe3236d2d9a2d17310974eb3856d00a1028999d09c1f69183f20defc6d04e2c20de3729c15f156d19b570d01b6142387bd42a81ccacf99246c39d5c0d6e393d44dab6dd2521c8f0dd94491c7577458990a9641f0c88b8c57718b8f2c791c8d35eeee9461545ee2dd6d5371b63e2755d125610f6fb5c23db3466b1c9e7b9a79e2f269e7e897258f89199853270075498a6c432"}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1d8}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x884}, 0x20000080)
r7 = socket(0x10, 0x803, 0x0)
sendto(r7, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c02ef1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)

17.585399094s ago: executing program 32 (id=5045):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103b500040000000000000000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x8840)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), r6)
bind$alg(0xffffffffffffffff, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'blake2s-128-x86\x00'}, 0x58)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x222000, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000440)={'ip6tnl0\x00', 0x400})
r10 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r10, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r10, &(0x7f0000000200)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r10, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x21d, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x5, 0x2, 0x3}, {0xfffffffffffffffc}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in=@private=0xa010100, 0x0, 0x33}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x30}, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0x0, 0xfffffffc}}, 0xe8)
sendmmsg(r10, &(0x7f0000007fc0), 0x800001d, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r7, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r8, 0x200, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040005}, 0x800)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r11)
r13 = socket$key(0xf, 0x3, 0x2)
r14 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r15}, 0x10)
sendmsg$key(r13, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000080)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020a060003"], 0x18}}, 0x4000)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="010028bd7000070000000200000008000100", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
sendmsg$NFC_CMD_ENABLE_SE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r3, @ANYBLOB="08002cbd7000fcdbdf2511000000080015000000000008001500c000000008000100", @ANYRES32=r5, @ANYBLOB="08001500c0000000080015000200000008001500c000000008001500c0000000"], 0x4c}, 0x1, 0x0, 0x0, 0x48004}, 0x11)
r16 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_SECURITY(r16, 0x112, 0x4, &(0x7f00000001c0), 0x2)

17.585335744s ago: executing program 33 (id=5055):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='svc_unregister\x00', r1, 0x0, 0xfaf}, 0x18)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='svc_unregister\x00', r3, 0x0, 0xfaf}, 0x18)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="1400000025000100000000000000040006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
write$rfkill(r0, &(0x7f00000002c0)={0x6, 0x0, 0x3, 0x1}, 0x8)

17.584465673s ago: executing program 34 (id=5073):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@delchain={0x24, 0x65, 0x8, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xb, 0x2}, {0xb, 0x6}, {0x6, 0xc5b377f61037765b}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="f80000003e000701feffffff00000000017c0000040042800c00018006000600800a0000d1000280cb00"], 0xf8}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd700000000000010000000500040002000000050002000a000000040000"], 0x28}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@typedef={0x1, 0x0, 0x0, 0x8, 0x3}, @ptr, @type_tag={0x1, 0x0, 0x0, 0x12, 0x2}]}, {0x0, [0x2e]}}, 0x0, 0x3f, 0x0, 0x1}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[], &(0x7f0000000f40)=""/4089, 0x3f, 0xff9, 0x1}, 0x28)
writev(r1, &(0x7f0000000180), 0x100000000000003c)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet(0x2b, 0x801, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000852b1262fac55aa5e000000000000000f9ffffff00fe00000001000084080000000600000001000000030000000000feffffff2d000000"], &(0x7f0000000380)=""/3, 0x46, 0x3, 0x1}, 0x20)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYBLOB="a0ff0300092297dcaeb4f31f259c2a4a6e4d5fe3a6066c2328e3adc25f8a3d67c2cdd8e553ac8164a1b5b1eb9ec8cadc54d8d074ba16eb842390ab245dc59285017f680eaced17d6f68d6d2bc25713593dd03e3cf5b2104ed0c31545f91a8f54e88d19d2663ebe7eda62b21d1a396baf25fef6fc5b27e991de2c7b5047b6f9c478d567b876a7ce72b6c4dedffe4d26e278034055be44fd54e1acaa6fe909c8fe2edab6fb21d7079d55bf0bb6ba097463eea291d2fd66a95a1abe476f2ac191a2fe8831d91953c10d5c018c81c662645b9d81e14e1619ebc132a2562c510cd4e85d2aef1e86b21d6cc1c5a057657b32d88f86954c664c788473a367e7e23571bf4204c3ead7874437c5bfc34c679e832fcf80f2ea2c9a3d83ec540714d87114bebebb", @ANYRES32, @ANYBLOB], 0x1c}}, 0x20000080)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c2000003e000701feffffff00000000017c00000400428000000800028004001280000000000000000000009184183f4a223b0adc519226b6092dab417d629b93b16a9f765dcc01e24e48f21f6cf452f6b1cd4bd34deb22646a3bf786ba872c64f37d36e5b418c6d27a66a730487e266f5734bacd5dc9c0764821b595b631b158556c221db6ed5e00fb3368f33874da76df5edb6b9318f488c1f14190312373268f4de553b51640f16459dbc9a183c13075c1fd19c7b014bf0275"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x1a8, 0x65, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2}, {0x0, 0xd}, {0x0, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x174, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_POLICE={0x4}, @TCA_BPF_ACT={0x164, 0x1, [@m_mirred={0x160, 0x11, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0xf1, 0xffffffffffffffff, 0x6}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x3, 0x8, 0xe, 0x4}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x5c, 0x7, 0xfff, 0x1}, 0x4}}]}, {0xd1, 0x6, "319bb848351b002738b6c4c50b9141bebb58a1fd9f04e35af9c32268b29dfa1c25c9502b51b55eff39526a56fd0f6d8f94d05679ea0836ee4adecfe3236d2d9a2d17310974eb3856d00a1028999d09c1f69183f20defc6d04e2c20de3729c15f156d19b570d01b6142387bd42a81ccacf99246c39d5c0d6e393d44dab6dd2521c8f0dd94491c7577458990a9641f0c88b8c57718b8f2c791c8d35eeee9461545ee2dd6d5371b63e2755d125610f6fb5c23db3466b1c9e7b9a79e2f269e7e897258f89199853270075498a6c432"}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1d8}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x884}, 0x20000080)
r7 = socket(0x10, 0x803, 0x0)
sendto(r7, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000000ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c02ef1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)

17.583991634s ago: executing program 35 (id=5072):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, 0x0, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f00000005c0)={0x8, {{0xa, 0x4e24, 0x5, @mcast2, 0x6d00}}, {{0xa, 0x4620, 0xfffffff8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8000}}}, 0x108)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x801, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r2, 0x2)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_buf(r4, 0x1, 0x39, 0xffffffffffffffff, &(0x7f0000000100))
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000008000000000000095000000002b190017163b5b1300cb87f183b310d21d6d7a7e55e7cc990f6e712f452668775bd83a2063eebfb28acac360ea56557e98c00f1a5cce782a9cc01d125fa55bba77510e8833df6f927842bdc08f777856e4de2a67d8f0e70bdd3ed1ce8f00001c2345c71c04c492c7090001fba66194c4799d2e1dd08df818cd03956564bf2252bc4e1d4606f194b8d52f998f2668f0ac13accec93fac1bce87cda3c9d3934141ab49e3634c630ae5c7d518858f527f5f1d229c219560e022a423815200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)="9c2a243dd44b74479d0ff63aa37a6b0f7b8e0ca0dfdc84e6f96ade74d7b2e2f4dad7604b43985a5df1f5f7e5387d2068bd86b82fef09cb184b1a743513d89f", 0x3f)
ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0)
ioctl$FIOCLEX(r3, 0x5451)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x2, 0x80, 0x1, 0x9}, 0x0, &(0x7f00000002c0)={0x3ff, 0xfffffffffffffffe, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000003c0), 0xffffffffffffffff)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000400)={<r8=>0x0, @local, @multicast2}, &(0x7f0000000440)=0xc)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0xd871021}, 0xc, &(0x7f00000004c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r7, @ANYBLOB="040027bd7000fddbdf2502000000040001805000068014000400fc02000000000000000000000000000114000400fe8000000000000000000000000000aa050002000100000014000400fc02000000000000000000000000000108000700", @ANYRES32=r8, @ANYBLOB="2810068014dd0400ff020000000002000000060005004e2100000c0006800800070000000000005b301c3f0000000000715b5c0f23947713637a84cdffb231f1946370ce1ac62a3a9663d4b8a96316790a96a8465d4e8c1112f0a10a64cefe4877a19c6e8d01d5e5dc5b27245ea84c8b4dcc000000000000", @ANYRES32=0x0, @ANYBLOB="080003000200000008000400ff000000"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
write$bt_hci(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x6)
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x50, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0xc}, 0x10, 0x0, r6}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r11 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r9, r10, 0x26, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000480)=r11, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={r11, 0x0, 0x0}, 0x10)
clock_gettime(0x0, &(0x7f0000000200))
socket$inet_sctp(0x2, 0x1, 0x84)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3, 0xfd}, 0x8)
write$rfkill(r1, &(0x7f0000000340)={0x6, 0x0, 0x3, 0x0, 0x1}, 0x8)

15.433116524s ago: executing program 4 (id=5108):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = epoll_create1(0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$igmp(0x2, 0x3, 0x2)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000000))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x10000802, 0x80, 0x0, 0x40000}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000005200010004000000000000001c0000001400", @ANYRES16=r3], 0x28}}, 0x0)
getsockopt$inet6_int(r2, 0x29, 0xc9, 0xffffffffffffffff, &(0x7f0000000000))
epoll_wait(r1, &(0x7f000000affb)=[{}], 0x1, 0x7fff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000fdff100000000000000000008500000011000000850000000e0000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_emit_ethernet(0x7a, &(0x7f00000004c0)={@local, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "92c01f", 0x44, 0x2f, 0x0, @remote, @ipv4={'\x00', '\xff\xff', @private}, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21}, {}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x80}}}, {0x8, 0x22eb, 0x4}}}}}}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xa0000004})

15.307423856s ago: executing program 4 (id=5109):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r0, 0x1, 0x53, &(0x7f0000000240)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000300)=0x2c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x2, 0x8, 0xff1, 0x41000, 0xffffffffffffffff, 0x82f, '\x00', r2, 0xffffffffffffffff, 0x5, 0x5, 0x4}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="400000b29e29d1582b61c6002652703400"/33, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
unshare(0x22020400)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x1000, 0x9, 0x3, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xb, 0x7, 0xbed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x2, 0x180000, 0x4007, 0x8b, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x2, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0x2, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x5, 0x20006, 0x5, 0x2, 0xb, 0x2, 0xd9a, 0xd, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0xffffffff]}})
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0)
recvmmsg$unix(r4, &(0x7f0000012b80)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000640)=""/20, 0x14}, {0x0}], 0x2}}], 0x1, 0x60, 0x0)

15.194915592s ago: executing program 4 (id=5110):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r1, @ANYBLOB="01030000000000000b3e1f"], 0x30}, 0x1, 0x0, 0x0, 0x44005}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r0)

15.154412502s ago: executing program 4 (id=5111):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r0, 0x0, 0xfffffffffffffffe}, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000340)={0x0, 0x2, 0x30, 0x3, 0xfffffffffffffffe}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r4, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r5], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r4, {0xfff2}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

15.097732955s ago: executing program 4 (id=5112):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001280)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f00000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b839994fb484510bef2e488fbac2fe6faaf75e5cc4815bd2051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dcab772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f015d885b4b8ffc0fa3f880287c862137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7fc6edc76600000000826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3bf97ff8836d000000000000000000000000000000000000000000250d623b48a29e330900b8c552202407804f1ba1817256caf1090b71f2928ed030f3c8194cc3cbf48e2f4c9248c4c00a32d4873da3b7d66b1ce6f72aab16c923b16c4bfdbb24fb17bd198139c21c46065c6922fd705e670d0b5d6d495a773b872e8f88"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f00, 0xe, 0x0, &(0x7f00000007c0)="9f44948721919580684010a40566", 0x0, 0x7ff, 0x0, 0xb1, 0xb, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf20", 0x0, 0x0, 0xffffffff}, 0x50)
r1 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000e00)={{r1}, 0x0, 0x18, @inherit={0x48, &(0x7f0000000640)={0x1, 0x0, 0x3, 0xc, {0x9, 0xa881, 0x4, 0x1, 0x6}}}, @subvolid})

15.031349663s ago: executing program 4 (id=5113):
socket$inet6(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r1, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000300)=@ethtool_rxnfc={0x2f, 0x2, 0x6, {0xe, @usr_ip6_spec={@empty, @dev={0xfe, 0x80, '\x00', 0x24}, 0xfffffff8, 0x3d, 0xe}, {0x0, @remote, 0xe, 0x4, [0x7, 0x6]}, @ah_ip4_spec={@remote, @initdev={0xac, 0x1e, 0x40, 0x0}, 0x0, 0x5}, {0x0, @broadcast, 0x8, 0x5, [0xf, 0x9]}, 0xff, 0x3}}})
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$rds(0x15, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000440)={0x0, 0x0, 0x3, 0xfffffffffffffff9, 0x9, 0x0, 0x8000000000, 0x800000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
r6 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r6, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r7 = accept4(r6, 0x0, 0x0, 0x80000)
setsockopt(r7, 0x84, 0x7f, &(0x7f00000001c0)="020000000980ffff", 0x8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000540)={'sit0\x00', 0x0, 0x40, 0x7800, 0xa, 0x7, {{0x16, 0x4, 0x1, 0x1, 0x58, 0x64, 0x0, 0x1, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, {[@lsrr={0x83, 0x1b, 0x6b, [@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @multicast2]}, @ssrr={0x89, 0x7, 0x9, [@multicast1]}, @ssrr={0x89, 0x13, 0x3e, [@multicast2, @empty, @empty, @loopback]}, @rr={0x7, 0xb, 0x78, [@loopback, @local]}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f00000003c0)={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x306, @multicast}, 0x14, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'team0\x00'})
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r4, 0x28, 0x1, &(0x7f0000000180)=0x5, 0x8)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x390, 0x1d0, 0x5802, 0x294, 0x0, 0x294, 0x310, 0x378, 0x378, 0x310, 0x378, 0x3, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, [0xffffff00, 0xff, 0xff000000, 0xff000000], [0xff, 0xff, 0xff, 0xff000000], 'veth0_to_hsr\x00', 'vlan0\x00', {0xff}, {0xff}, 0x0, 0x0, 0x2, 0x80}, 0x0, 0xa8, 0x1d0, 0x52020000}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0xe5f6, 'system_u:object_r:etc_aliases_t:s0\x00'}}}, {{@ipv6={@loopback, @remote, [], [0x0, 0x0, 0x0, 0xffffffff], 'ip6erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x81}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x3, 0x1, 0x0, 'netbios-ns\x00', {0x5}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0)

0s ago: executing program 36 (id=5113):
socket$inet6(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r1, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000300)=@ethtool_rxnfc={0x2f, 0x2, 0x6, {0xe, @usr_ip6_spec={@empty, @dev={0xfe, 0x80, '\x00', 0x24}, 0xfffffff8, 0x3d, 0xe}, {0x0, @remote, 0xe, 0x4, [0x7, 0x6]}, @ah_ip4_spec={@remote, @initdev={0xac, 0x1e, 0x40, 0x0}, 0x0, 0x5}, {0x0, @broadcast, 0x8, 0x5, [0xf, 0x9]}, 0xff, 0x3}}})
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$rds(0x15, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000440)={0x0, 0x0, 0x3, 0xfffffffffffffff9, 0x9, 0x0, 0x8000000000, 0x800000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
r6 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r6, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r7 = accept4(r6, 0x0, 0x0, 0x80000)
setsockopt(r7, 0x84, 0x7f, &(0x7f00000001c0)="020000000980ffff", 0x8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000540)={'sit0\x00', 0x0, 0x40, 0x7800, 0xa, 0x7, {{0x16, 0x4, 0x1, 0x1, 0x58, 0x64, 0x0, 0x1, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, {[@lsrr={0x83, 0x1b, 0x6b, [@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @multicast2]}, @ssrr={0x89, 0x7, 0x9, [@multicast1]}, @ssrr={0x89, 0x13, 0x3e, [@multicast2, @empty, @empty, @loopback]}, @rr={0x7, 0xb, 0x78, [@loopback, @local]}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f00000003c0)={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x306, @multicast}, 0x14, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'team0\x00'})
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r4, 0x28, 0x1, &(0x7f0000000180)=0x5, 0x8)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x390, 0x1d0, 0x5802, 0x294, 0x0, 0x294, 0x310, 0x378, 0x378, 0x310, 0x378, 0x3, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, [0xffffff00, 0xff, 0xff000000, 0xff000000], [0xff, 0xff, 0xff, 0xff000000], 'veth0_to_hsr\x00', 'vlan0\x00', {0xff}, {0xff}, 0x0, 0x0, 0x2, 0x80}, 0x0, 0xa8, 0x1d0, 0x52020000}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0xe5f6, 'system_u:object_r:etc_aliases_t:s0\x00'}}}, {{@ipv6={@loopback, @remote, [], [0x0, 0x0, 0x0, 0xffffffff], 'ip6erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x81}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x3, 0x1, 0x0, 'netbios-ns\x00', {0x5}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0)

kernel console output (not intermixed with test programs):

46985][T24789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  836.179038][T24789] CPU: 0 UID: 0 PID: 24789 Comm: syz.3.4021 Not tainted syzkaller #0 PREEMPT(full) 
[  836.179069][T24789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  836.179083][T24789] Call Trace:
[  836.179092][T24789]  <TASK>
[  836.179102][T24789]  dump_stack_lvl+0x189/0x250
[  836.179132][T24789]  ? __pfx____ratelimit+0x10/0x10
[  836.179167][T24789]  ? __pfx_dump_stack_lvl+0x10/0x10
[  836.179192][T24789]  ? __pfx__printk+0x10/0x10
[  836.179221][T24789]  ? __might_fault+0xb0/0x130
[  836.179261][T24789]  should_fail_ex+0x414/0x560
[  836.179299][T24789]  _copy_from_user+0x2d/0xb0
[  836.179328][T24789]  ___sys_sendmsg+0x158/0x2a0
[  836.179360][T24789]  ? __pfx____sys_sendmsg+0x10/0x10
[  836.179425][T24789]  ? __fget_files+0x2a/0x420
[  836.179456][T24789]  ? __fget_files+0x3a0/0x420
[  836.179498][T24789]  __x64_sys_sendmsg+0x19b/0x260
[  836.179529][T24789]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  836.179568][T24789]  ? __pfx_ksys_write+0x10/0x10
[  836.179593][T24789]  ? rcu_is_watching+0x15/0xb0
[  836.179619][T24789]  ? do_syscall_64+0xbe/0x3b0
[  836.179645][T24789]  do_syscall_64+0xfa/0x3b0
[  836.179666][T24789]  ? lockdep_hardirqs_on+0x9c/0x150
[  836.179699][T24789]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.179721][T24789]  ? clear_bhb_loop+0x60/0xb0
[  836.179748][T24789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.179770][T24789] RIP: 0033:0x7f624058eec9
[  836.179790][T24789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  836.179809][T24789] RSP: 002b:00007f6241443038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  836.179839][T24789] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058eec9
[  836.179855][T24789] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  836.179870][T24789] RBP: 00007f6241443090 R08: 0000000000000000 R09: 0000000000000000
[  836.179884][T24789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  836.179898][T24789] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[  836.179931][T24789]  </TASK>
[  837.125658][T24813] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4029'.
[  837.164660][T24813] netlink: 1 bytes leftover after parsing attributes in process `syz.0.4029'.
[  837.258431][T24823] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4032'.
[  837.433328][T24837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4035'.
[  838.535699][T24883] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4048'.
[  838.739521][T24891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4050'.
[  839.183087][T24915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4057'.
[  839.636114][T24940] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4064'.
[  840.017469][T24957] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4067'.
[  840.231952][T24954] netlink: 256 bytes leftover after parsing attributes in process `syz.2.4069'.
[  841.855928][T25025] netlink: 'syz.4.4093': attribute type 1 has an invalid length.
[  841.899516][T25028] netlink: 'syz.0.4090': attribute type 10 has an invalid length.
[  841.926308][T25000] FAULT_INJECTION: forcing a failure.
[  841.926308][T25000] name failslab, interval 1, probability 0, space 0, times 0
[  841.953747][T25033] netlink: 'syz.0.4090': attribute type 10 has an invalid length.
[  841.976356][T25000] CPU: 1 UID: 0 PID: 25000 Comm: syz.2.4081 Not tainted syzkaller #0 PREEMPT(full) 
[  841.976389][T25000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  841.976403][T25000] Call Trace:
[  841.976413][T25000]  <TASK>
[  841.976423][T25000]  dump_stack_lvl+0x189/0x250
[  841.976455][T25000]  ? __pfx____ratelimit+0x10/0x10
[  841.976491][T25000]  ? __pfx_dump_stack_lvl+0x10/0x10
[  841.976517][T25000]  ? __pfx__printk+0x10/0x10
[  841.976553][T25000]  ? __pfx___might_resched+0x10/0x10
[  841.976593][T25000]  should_fail_ex+0x414/0x560
[  841.976631][T25000]  should_failslab+0xa8/0x100
[  841.976665][T25000]  kmem_cache_alloc_noprof+0x73/0x3c0
[  841.976694][T25000]  ? taskstats_exit+0x14a/0xa30
[  841.976727][T25000]  taskstats_exit+0x14a/0xa30
[  841.976753][T25000]  ? do_exit+0x352/0x2300
[  841.976782][T25000]  ? seccomp_filter_release+0xe3/0x120
[  841.976821][T25000]  do_exit+0x630/0x2300
[  841.976861][T25000]  ? do_raw_spin_lock+0x121/0x290
[  841.976891][T25000]  ? __pfx_do_exit+0x10/0x10
[  841.976938][T25000]  do_group_exit+0x21c/0x2d0
[  841.976966][T25000]  ? lockdep_hardirqs_on+0x9c/0x150
[  841.977005][T25000]  get_signal+0x1286/0x1340
[  841.977063][T25000]  arch_do_signal_or_restart+0x9a/0x750
[  841.977097][T25000]  ? __fget_files+0x3a0/0x420
[  841.977139][T25000]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  841.977191][T25000]  ? exit_to_user_mode_loop+0x40/0x110
[  841.977227][T25000]  exit_to_user_mode_loop+0x75/0x110
[  841.977259][T25000]  do_syscall_64+0x2bd/0x3b0
[  841.977280][T25000]  ? lockdep_hardirqs_on+0x9c/0x150
[  841.977314][T25000]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.977337][T25000]  ? clear_bhb_loop+0x60/0xb0
[  841.977365][T25000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.977388][T25000] RIP: 0033:0x7f130f58eec9
[  841.977407][T25000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  841.977427][T25000] RSP: 002b:00007f1310438038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  841.977451][T25000] RAX: fffffffffffffe00 RBX: 00007f130f7e6090 RCX: 00007f130f58eec9
[  841.977469][T25000] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  841.977482][T25000] RBP: 00007f1310438090 R08: 0000000000000000 R09: 0000000000000000
[  841.977496][T25000] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  841.977509][T25000] R13: 00007f130f7e6128 R14: 00007f130f7e6090 R15: 00007ffdbc6d3738
[  841.977545][T25000]  </TASK>
[  842.226125][T25033] batadv0: entered promiscuous mode
[  842.231518][T25033] batadv0: entered allmulticast mode
[  842.238613][T25033] bond0: (slave batadv0): Releasing backup interface
[  842.259764][T25033] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  842.421337][T25041] netlink: 'syz.2.4096': attribute type 10 has an invalid length.
[  842.433244][T25035] __nla_validate_parse: 8 callbacks suppressed
[  842.433264][T25035] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4095'.
[  842.693451][T25055] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4101'.
[  843.093729][T25067] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4104'.
[  843.412094][T25076] netlink: 'syz.3.4106': attribute type 10 has an invalid length.
[  843.420736][T25076] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4106'.
[  843.535730][T25080] sctp: [Deprecated]: syz.4.4107 (pid 25080) Use of int in maxseg socket option.
[  843.535730][T25080] Use struct sctp_assoc_value instead
[  843.563794][T25076] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  844.461053][T25115] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4120'.
[  844.694032][T25129] netlink: 'syz.3.4121': attribute type 10 has an invalid length.
[  844.736343][T25129] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4121'.
[  844.765808][T25126] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4123'.
[  844.788311][T25131] netlink: 'syz.0.4124': attribute type 13 has an invalid length.
[  844.828862][T25129] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  844.985647][T25131] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  845.484508][T25141] netlink: 344 bytes leftover after parsing attributes in process `syz.2.4127'.
[  845.530897][T25145] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4128'.
[  846.009039][T25173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4136'.
[  875.721989][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  937.162365][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  951.997950][T25192] netlink: 344 bytes leftover after parsing attributes in process `syz.4.4142'.
[  952.266812][T25193] netlink: 'syz.2.4140': attribute type 10 has an invalid length.
[  952.331759][T25193] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4140'.
[  952.343896][T25201] netlink: 'syz.3.4144': attribute type 1 has an invalid length.
[  952.388631][T25201] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4144'.
[  952.450017][T25193] batadv0: entered promiscuous mode
[  952.459609][T25193] batadv0: entered allmulticast mode
[  952.466482][T25193] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  952.658929][T25210] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  952.692474][T25214] netlink: 'syz.3.4148': attribute type 13 has an invalid length.
[  952.721749][T25210] netlink: 'syz.4.4147': attribute type 4 has an invalid length.
[  952.935830][T25222] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  952.982598][T25224] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4151'.
[  953.040745][T25206] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4145'.
[  953.075688][T25206] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4145'.
[  953.466453][T25241] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4157'.
[  953.585215][T25246] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4158'.
[  954.340876][T25276] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4169'.
[  954.354400][T25284] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4167'.
[  955.350779][T25318] netlink: 'syz.1.4183': attribute type 1 has an invalid length.
[  955.479537][ T5187] Bluetooth: hci4: command 0x0406 tx timeout
[  956.719872][ T5187] block nbd0: Receive control failed (result -11)
[  957.463370][T25397] __nla_validate_parse: 6 callbacks suppressed
[  957.463395][T25397] netlink: 256 bytes leftover after parsing attributes in process `syz.2.4200'.
[  957.499320][T25397] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4200'.
[  957.560657][ T5187] Bluetooth: hci4: command 0x0406 tx timeout
[  957.913945][T25414] ip6gre1: entered allmulticast mode
[  958.165025][T25425] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4211'.
[  958.371752][T25416] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4210'.
[  958.381375][T25416] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4210'.
[  958.456824][T25432] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4214'.
[  958.760157][T25441] ipvlan0: entered promiscuous mode
[  959.270575][T25457] netlink: 'syz.2.4221': attribute type 2 has an invalid length.
[  959.280038][T25457] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4221'.
[  959.350425][T25455] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4223'.
[  959.640349][T25465] FAULT_INJECTION: forcing a failure.
[  959.640349][T25465] name failslab, interval 1, probability 0, space 0, times 0
[  959.700386][T25465] CPU: 0 UID: 0 PID: 25465 Comm: syz.3.4226 Not tainted syzkaller #0 PREEMPT(full) 
[  959.700420][T25465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  959.700435][T25465] Call Trace:
[  959.700445][T25465]  <TASK>
[  959.700456][T25465]  dump_stack_lvl+0x189/0x250
[  959.700489][T25465]  ? __pfx____ratelimit+0x10/0x10
[  959.700526][T25465]  ? __pfx_dump_stack_lvl+0x10/0x10
[  959.700554][T25465]  ? __pfx__printk+0x10/0x10
[  959.700591][T25465]  ? __pfx___might_resched+0x10/0x10
[  959.700631][T25465]  should_fail_ex+0x414/0x560
[  959.700670][T25465]  should_failslab+0xa8/0x100
[  959.700704][T25465]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  959.700735][T25465]  ? __alloc_skb+0x112/0x2d0
[  959.700764][T25465]  __alloc_skb+0x112/0x2d0
[  959.700817][T25465]  __ip6_append_data+0x2c16/0x3f30
[  959.700865][T25465]  ? __pfx_ping_getfrag+0x10/0x10
[  959.700910][T25465]  ? __pfx___ip6_append_data+0x10/0x10
[  959.700933][T25465]  ? __pfx_ip6_mtu+0x10/0x10
[  959.700967][T25465]  ip6_append_data+0x1c1/0x380
[  959.700997][T25465]  ? __pfx_ping_getfrag+0x10/0x10
[  959.701024][T25465]  ping_v6_sendmsg+0xe0e/0x1210
[  959.701058][T25465]  ? __pfx_ping_v6_sendmsg+0x10/0x10
[  959.701079][T25465]  ? __pfx___might_resched+0x10/0x10
[  959.701133][T25465]  ? aa_sk_perm+0x81e/0x950
[  959.701174][T25465]  ? __pfx_aa_sk_perm+0x10/0x10
[  959.701205][T25465]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  959.701231][T25465]  ? __fget_files+0x2a/0x420
[  959.701264][T25465]  ? sock_rps_record_flow+0x19/0x410
[  959.701315][T25465]  ? inet_sendmsg+0x2f4/0x370
[  959.701338][T25465]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  959.701372][T25465]  __sock_sendmsg+0x19c/0x270
[  959.701413][T25465]  __sys_sendto+0x3bd/0x520
[  959.701444][T25465]  ? __pfx___sys_sendto+0x10/0x10
[  959.701469][T25465]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  959.701508][T25465]  ? __fget_files+0x3a0/0x420
[  959.701556][T25465]  ? ksys_write+0x22a/0x250
[  959.701588][T25465]  ? __pfx_ksys_write+0x10/0x10
[  959.701615][T25465]  ? rcu_is_watching+0x15/0xb0
[  959.701644][T25465]  __x64_sys_sendto+0xde/0x100
[  959.701675][T25465]  do_syscall_64+0xfa/0x3b0
[  959.701697][T25465]  ? lockdep_hardirqs_on+0x9c/0x150
[  959.701731][T25465]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.701755][T25465]  ? clear_bhb_loop+0x60/0xb0
[  959.701785][T25465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.701809][T25465] RIP: 0033:0x7f624058eec9
[  959.701848][T25465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  959.701870][T25465] RSP: 002b:00007f6241443038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  959.701896][T25465] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058eec9
[  959.701921][T25465] RDX: 000000000000ffd8 RSI: 0000200000000080 RDI: 0000000000000003
[  959.701938][T25465] RBP: 00007f6241443090 R08: 0000000000000000 R09: 0000000000000000
[  959.701953][T25465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  959.701968][T25465] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[  959.702006][T25465]  </TASK>
[  960.846713][T25499] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4237'.
[  961.001256][T25508] netlink: 'syz.2.4240': attribute type 1 has an invalid length.
[  961.023359][T25508] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4240'.
[  962.196700][T25558] netlink: 'syz.1.4257': attribute type 4 has an invalid length.
[  962.676315][T25542] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  962.685958][T25555] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  962.824301][T25584] __nla_validate_parse: 4 callbacks suppressed
[  962.824326][T25584] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4267'.
[  962.846854][T25581] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4265'.
[  962.857353][T25581] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4265'.
[  962.935466][T25586] 
: renamed from bond_slave_0 (while UP)
[  963.031583][T25588] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4268'.
[  963.199760][T25594] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4269'.
[  963.264961][T25598] netlink: 'syz.3.4272': attribute type 1 has an invalid length.
[  963.285835][T25598] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4272'.
[  963.832358][T25626] FAULT_INJECTION: forcing a failure.
[  963.832358][T25626] name failslab, interval 1, probability 0, space 0, times 0
[  963.863502][T25626] CPU: 1 UID: 0 PID: 25626 Comm: syz.1.4282 Not tainted syzkaller #0 PREEMPT(full) 
[  963.863545][T25626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  963.863558][T25626] Call Trace:
[  963.863567][T25626]  <TASK>
[  963.863578][T25626]  dump_stack_lvl+0x189/0x250
[  963.863608][T25626]  ? __pfx____ratelimit+0x10/0x10
[  963.863645][T25626]  ? __pfx_dump_stack_lvl+0x10/0x10
[  963.863668][T25626]  ? __pfx__printk+0x10/0x10
[  963.863701][T25626]  ? __pfx___might_resched+0x10/0x10
[  963.863739][T25626]  should_fail_ex+0x414/0x560
[  963.863777][T25626]  should_failslab+0xa8/0x100
[  963.863808][T25626]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  963.863841][T25626]  ? __alloc_skb+0x112/0x2d0
[  963.863870][T25626]  __alloc_skb+0x112/0x2d0
[  963.863901][T25626]  netlink_sendmsg+0x5c6/0xb30
[  963.863948][T25626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  963.863977][T25626]  ? aa_sock_msg_perm+0xf1/0x1d0
[  963.864011][T25626]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  963.864032][T25626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  963.864060][T25626]  __sock_sendmsg+0x219/0x270
[  963.864098][T25626]  ____sys_sendmsg+0x505/0x830
[  963.864133][T25626]  ? __pfx_____sys_sendmsg+0x10/0x10
[  963.864172][T25626]  ? import_iovec+0x74/0xa0
[  963.864204][T25626]  ___sys_sendmsg+0x21f/0x2a0
[  963.864235][T25626]  ? __pfx____sys_sendmsg+0x10/0x10
[  963.864302][T25626]  ? __fget_files+0x2a/0x420
[  963.864333][T25626]  ? __fget_files+0x3a0/0x420
[  963.864373][T25626]  __x64_sys_sendmsg+0x19b/0x260
[  963.864406][T25626]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  963.864447][T25626]  ? __pfx_ksys_write+0x10/0x10
[  963.864473][T25626]  ? rcu_is_watching+0x15/0xb0
[  963.864499][T25626]  ? do_syscall_64+0xbe/0x3b0
[  963.864526][T25626]  do_syscall_64+0xfa/0x3b0
[  963.864546][T25626]  ? lockdep_hardirqs_on+0x9c/0x150
[  963.864579][T25626]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  963.864601][T25626]  ? clear_bhb_loop+0x60/0xb0
[  963.864627][T25626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  963.864647][T25626] RIP: 0033:0x7f36adf8eec9
[  963.864668][T25626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  963.864687][T25626] RSP: 002b:00007f36aeea0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  963.864710][T25626] RAX: ffffffffffffffda RBX: 00007f36ae1e5fa0 RCX: 00007f36adf8eec9
[  963.864727][T25626] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  963.864741][T25626] RBP: 00007f36aeea0090 R08: 0000000000000000 R09: 0000000000000000
[  963.864754][T25626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  963.864766][T25626] R13: 00007f36ae1e6038 R14: 00007f36ae1e5fa0 R15: 00007fff9bbaea78
[  963.864802][T25626]  </TASK>
[  964.188006][T25632] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4285'.
[  964.319556][T25638] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4285'.
[  964.777872][T25652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4293'.
[  964.831503][T25655] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4295'.
[  965.187322][T25673] FAULT_INJECTION: forcing a failure.
[  965.187322][T25673] name failslab, interval 1, probability 0, space 0, times 0
[  965.228241][T25673] CPU: 1 UID: 0 PID: 25673 Comm: syz.2.4301 Not tainted syzkaller #0 PREEMPT(full) 
[  965.228290][T25673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  965.228306][T25673] Call Trace:
[  965.228317][T25673]  <TASK>
[  965.228328][T25673]  dump_stack_lvl+0x189/0x250
[  965.228362][T25673]  ? __pfx____ratelimit+0x10/0x10
[  965.228400][T25673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  965.228433][T25673]  ? __pfx__printk+0x10/0x10
[  965.228460][T25673]  ? netlink_unicast+0x82f/0x9e0
[  965.228486][T25673]  ? ___sys_sendmsg+0x21f/0x2a0
[  965.228515][T25673]  ? do_syscall_64+0xfa/0x3b0
[  965.228554][T25673]  should_fail_ex+0x414/0x560
[  965.228594][T25673]  should_failslab+0xa8/0x100
[  965.228641][T25673]  kmem_cache_alloc_noprof+0x73/0x3c0
[  965.228673][T25673]  ? skb_clone+0x212/0x3a0
[  965.228712][T25673]  skb_clone+0x212/0x3a0
[  965.228751][T25673]  __netlink_deliver_tap+0x404/0x850
[  965.228796][T25673]  ? netlink_deliver_tap+0x2e/0x1b0
[  965.228826][T25673]  netlink_deliver_tap+0x19c/0x1b0
[  965.228856][T25673]  netlink_sendskb+0x68/0x140
[  965.228885][T25673]  netlink_unicast+0x397/0x9e0
[  965.228907][T25673]  ? __asan_memcpy+0x40/0x70
[  965.228945][T25673]  ? __pfx_netlink_unicast+0x10/0x10
[  965.228982][T25673]  netlink_rcv_skb+0x28c/0x470
[  965.229011][T25673]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  965.229040][T25673]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  965.229082][T25673]  ? netlink_deliver_tap+0x2e/0x1b0
[  965.229119][T25673]  netlink_unicast+0x82f/0x9e0
[  965.229155][T25673]  ? __pfx_netlink_unicast+0x10/0x10
[  965.229183][T25673]  ? netlink_sendmsg+0x642/0xb30
[  965.229208][T25673]  ? skb_put+0x11b/0x210
[  965.229242][T25673]  netlink_sendmsg+0x805/0xb30
[  965.229284][T25673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  965.229317][T25673]  ? aa_sock_msg_perm+0xf1/0x1d0
[  965.229359][T25673]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  965.229386][T25673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  965.229416][T25673]  __sock_sendmsg+0x219/0x270
[  965.229460][T25673]  ____sys_sendmsg+0x505/0x830
[  965.229499][T25673]  ? __pfx_____sys_sendmsg+0x10/0x10
[  965.229544][T25673]  ? import_iovec+0x74/0xa0
[  965.229581][T25673]  ___sys_sendmsg+0x21f/0x2a0
[  965.229625][T25673]  ? __pfx____sys_sendmsg+0x10/0x10
[  965.229705][T25673]  ? __fget_files+0x2a/0x420
[  965.229739][T25673]  ? __fget_files+0x3a0/0x420
[  965.229790][T25673]  __x64_sys_sendmsg+0x19b/0x260
[  965.229823][T25673]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  965.229866][T25673]  ? __pfx_ksys_write+0x10/0x10
[  965.229895][T25673]  ? rcu_is_watching+0x15/0xb0
[  965.229923][T25673]  ? do_syscall_64+0xbe/0x3b0
[  965.229953][T25673]  do_syscall_64+0xfa/0x3b0
[  965.229976][T25673]  ? lockdep_hardirqs_on+0x9c/0x150
[  965.230011][T25673]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.230034][T25673]  ? clear_bhb_loop+0x60/0xb0
[  965.230064][T25673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.230088][T25673] RIP: 0033:0x7f130f58eec9
[  965.230112][T25673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  965.230132][T25673] RSP: 002b:00007f1310459038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  965.230159][T25673] RAX: ffffffffffffffda RBX: 00007f130f7e5fa0 RCX: 00007f130f58eec9
[  965.230176][T25673] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  965.230191][T25673] RBP: 00007f1310459090 R08: 0000000000000000 R09: 0000000000000000
[  965.230207][T25673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  965.230220][T25673] R13: 00007f130f7e6038 R14: 00007f130f7e5fa0 R15: 00007ffdbc6d3738
[  965.230256][T25673]  </TASK>
[  965.681652][   T30] audit: type=1800 audit(1758928081.282:8): pid=25674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4300" name="x000000000000000500000000000000000000005" dev="tmpfs" ino=4576 res=0 errno=0
[  965.706649][   T30] audit: type=1804 audit(1758928081.282:9): pid=25674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4300" name="x000000000000000500000000000000000000005" dev="tmpfs" ino=4576 res=1 errno=0
[  965.857633][T25686] tipc: Can't bind to reserved service type 1
[  966.246757][T25711] bond0: (slave bond_slave_0): Releasing backup interface
[  966.285974][T25711] bond0: (slave bond_slave_1): Releasing backup interface
[  966.311784][T25711] team0: Port device team_slave_0 removed
[  966.333705][T25711] team0: Port device team_slave_1 removed
[  966.343604][T25711] batman_adv: batadv0: Removing interface: batadv_slave_0
[  966.360321][T25711] batman_adv: batadv0: Removing interface: batadv_slave_1
[  966.370235][T25711] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  966.922645][T25736] netlink: 'syz.2.4322': attribute type 1 has an invalid length.
[  967.882505][T25756] __nla_validate_parse: 12 callbacks suppressed
[  967.882529][T25756] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4326'.
[  967.920541][T25755] netlink: 'syz.2.4327': attribute type 1 has an invalid length.
[  967.938599][T25755] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4327'.
[  967.978362][T25760] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4326'.
[  968.795517][T25785] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4337'.
[  968.856492][T25789] netlink: 'syz.4.4340': attribute type 13 has an invalid length.
[  968.904109][T25795] FAULT_INJECTION: forcing a failure.
[  968.904109][T25795] name failslab, interval 1, probability 0, space 0, times 0
[  968.938034][T25795] CPU: 1 UID: 0 PID: 25795 Comm: syz.3.4342 Not tainted syzkaller #0 PREEMPT(full) 
[  968.938070][T25795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  968.938087][T25795] Call Trace:
[  968.938097][T25795]  <TASK>
[  968.938109][T25795]  dump_stack_lvl+0x189/0x250
[  968.938142][T25795]  ? __pfx____ratelimit+0x10/0x10
[  968.938186][T25795]  ? __pfx_dump_stack_lvl+0x10/0x10
[  968.938214][T25795]  ? __pfx__printk+0x10/0x10
[  968.938253][T25795]  ? __pfx___might_resched+0x10/0x10
[  968.938289][T25795]  ? fs_reclaim_acquire+0x7d/0x100
[  968.938332][T25795]  should_fail_ex+0x414/0x560
[  968.938373][T25795]  should_failslab+0xa8/0x100
[  968.938408][T25795]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  968.938440][T25795]  ? __alloc_skb+0x112/0x2d0
[  968.938473][T25795]  __alloc_skb+0x112/0x2d0
[  968.938504][T25795]  netlink_ack+0x146/0xa50
[  968.938528][T25795]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  968.938552][T25795]  ? ref_tracker_free+0x63a/0x7d0
[  968.938597][T25795]  ? __asan_memcpy+0x40/0x70
[  968.938623][T25795]  ? __pfx_ref_tracker_free+0x10/0x10
[  968.938673][T25795]  netlink_rcv_skb+0x28c/0x470
[  968.938702][T25795]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  968.938730][T25795]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  968.938772][T25795]  ? netlink_deliver_tap+0x2e/0x1b0
[  968.938808][T25795]  netlink_unicast+0x82f/0x9e0
[  968.938843][T25795]  ? __pfx_netlink_unicast+0x10/0x10
[  968.938869][T25795]  ? netlink_sendmsg+0x642/0xb30
[  968.938895][T25795]  ? skb_put+0x11b/0x210
[  968.938927][T25795]  netlink_sendmsg+0x805/0xb30
[  968.938967][T25795]  ? __pfx_netlink_sendmsg+0x10/0x10
[  968.938997][T25795]  ? __lock_acquire+0xab9/0xd20
[  968.939029][T25795]  ? aa_sock_msg_perm+0xf1/0x1d0
[  968.939069][T25795]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  968.939094][T25795]  ? __pfx_netlink_sendmsg+0x10/0x10
[  968.939123][T25795]  __sock_sendmsg+0x219/0x270
[  968.939165][T25795]  sock_write_iter+0x258/0x330
[  968.939204][T25795]  ? __pfx_sock_write_iter+0x10/0x10
[  968.939252][T25795]  ? bpf_lsm_file_permission+0x9/0x20
[  968.939278][T25795]  ? security_file_permission+0x75/0x290
[  968.939320][T25795]  vfs_write+0x5c9/0xb30
[  968.939354][T25795]  ? __pfx_sock_write_iter+0x10/0x10
[  968.939389][T25795]  ? __pfx_vfs_write+0x10/0x10
[  968.939430][T25795]  ? __fget_files+0x2a/0x420
[  968.939475][T25795]  ksys_write+0x145/0x250
[  968.939506][T25795]  ? __pfx_ksys_write+0x10/0x10
[  968.939532][T25795]  ? rcu_is_watching+0x15/0xb0
[  968.939560][T25795]  ? do_syscall_64+0xbe/0x3b0
[  968.939599][T25795]  do_syscall_64+0xfa/0x3b0
[  968.939622][T25795]  ? lockdep_hardirqs_on+0x9c/0x150
[  968.939658][T25795]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  968.939680][T25795]  ? clear_bhb_loop+0x60/0xb0
[  968.939710][T25795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  968.939733][T25795] RIP: 0033:0x7f624058eec9
[  968.939756][T25795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  968.939778][T25795] RSP: 002b:00007f6241443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  968.939803][T25795] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058eec9
[  968.939821][T25795] RDX: 0000000000000024 RSI: 0000200000000200 RDI: 0000000000000003
[  968.939836][T25795] RBP: 00007f6241443090 R08: 0000000000000000 R09: 0000000000000000
[  968.939851][T25795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  968.939866][T25795] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[  968.939915][T25795]  </TASK>
[  969.389738][T25797] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  969.437822][T25804] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4344'.
[  969.543025][T25809] team_slave_0: entered promiscuous mode
[  969.549349][T25809] team_slave_1: entered promiscuous mode
[  969.557065][T25809] macsec2: entered promiscuous mode
[  969.564340][T25809] team0: entered promiscuous mode
[  969.573154][T25809] team0: Device macsec2 is already an upper device of the team interface
[  969.666604][T25809] team0: left promiscuous mode
[  969.675085][T25809] team_slave_0: left promiscuous mode
[  969.680666][T25809] team_slave_1: left promiscuous mode
[  969.721459][T25817] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4348'.
[  970.199530][T25834] netlink: 210176 bytes leftover after parsing attributes in process `syz.3.4356'.
[  970.223001][T25834] netlink: zone id is out of range
[  970.228280][T25834] netlink: zone id is out of range
[  970.245340][T25834] netlink: zone id is out of range
[  970.251401][T25834] netlink: zone id is out of range
[  970.256873][T25834] netlink: zone id is out of range
[  970.263501][T25834] netlink: zone id is out of range
[  970.269694][T25834] netlink: zone id is out of range
[  970.275347][T25834] netlink: zone id is out of range
[  970.281063][T25834] netlink: zone id is out of range
[  970.383758][T25836] netlink: 'syz.4.4357': attribute type 10 has an invalid length.
[  970.474942][T25836] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4357'.
[  970.685037][T25848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4360'.
[  970.810381][T25856] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4362'.
[  971.267341][T25861] macvtap1: entered allmulticast mode
[  971.292304][T25861] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode
[  971.347372][T25861] mac80211_hwsim hwsim10 wlan0: left allmulticast mode
[  971.709963][T25883] FAULT_INJECTION: forcing a failure.
[  971.709963][T25883] name failslab, interval 1, probability 0, space 0, times 0
[  971.746714][T25883] CPU: 1 UID: 0 PID: 25883 Comm: syz.4.4371 Not tainted syzkaller #0 PREEMPT(full) 
[  971.746746][T25883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  971.746761][T25883] Call Trace:
[  971.746771][T25883]  <TASK>
[  971.746781][T25883]  dump_stack_lvl+0x189/0x250
[  971.746812][T25883]  ? __pfx____ratelimit+0x10/0x10
[  971.746849][T25883]  ? __pfx_dump_stack_lvl+0x10/0x10
[  971.746875][T25883]  ? __pfx__printk+0x10/0x10
[  971.746912][T25883]  ? __pfx___might_resched+0x10/0x10
[  971.746943][T25883]  ? fs_reclaim_acquire+0x7d/0x100
[  971.746982][T25883]  should_fail_ex+0x414/0x560
[  971.747018][T25883]  should_failslab+0xa8/0x100
[  971.747118][T25883]  __kmalloc_noprof+0xcb/0x4f0
[  971.747146][T25883]  ? bpf_test_init+0x9f/0x150
[  971.747174][T25883]  bpf_test_init+0x9f/0x150
[  971.747201][T25883]  bpf_prog_test_run_xdp+0x49e/0x10e0
[  971.747245][T25883]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  971.747276][T25883]  ? __fget_files+0x2a/0x420
[  971.747315][T25883]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  971.747341][T25883]  bpf_prog_test_run+0x2c4/0x340
[  971.747377][T25883]  __sys_bpf+0x581/0x870
[  971.747406][T25883]  ? __pfx___sys_bpf+0x10/0x10
[  971.747447][T25883]  ? ksys_write+0x22a/0x250
[  971.747476][T25883]  ? __pfx_ksys_write+0x10/0x10
[  971.747499][T25883]  ? rcu_is_watching+0x15/0xb0
[  971.747529][T25883]  __x64_sys_bpf+0x7c/0x90
[  971.747555][T25883]  do_syscall_64+0xfa/0x3b0
[  971.747576][T25883]  ? lockdep_hardirqs_on+0x9c/0x150
[  971.747609][T25883]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.747632][T25883]  ? clear_bhb_loop+0x60/0xb0
[  971.747658][T25883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.747681][T25883] RIP: 0033:0x7fba90d8eec9
[  971.747702][T25883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.747722][T25883] RSP: 002b:00007fba91b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  971.747746][T25883] RAX: ffffffffffffffda RBX: 00007fba90fe5fa0 RCX: 00007fba90d8eec9
[  971.747763][T25883] RDX: 0000000000000050 RSI: 0000200000000280 RDI: 000000000000000a
[  971.747777][T25883] RBP: 00007fba91b8b090 R08: 0000000000000000 R09: 0000000000000000
[  971.747792][T25883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.747805][T25883] R13: 00007fba90fe6038 R14: 00007fba90fe5fa0 R15: 00007ffe92595a38
[  971.747841][T25883]  </TASK>
[  972.967786][T25925] FAULT_INJECTION: forcing a failure.
[  972.967786][T25925] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  973.005301][T25925] CPU: 0 UID: 0 PID: 25925 Comm: syz.3.4386 Not tainted syzkaller #0 PREEMPT(full) 
[  973.005348][T25925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  973.005363][T25925] Call Trace:
[  973.005372][T25925]  <TASK>
[  973.005383][T25925]  dump_stack_lvl+0x189/0x250
[  973.005414][T25925]  ? __pfx____ratelimit+0x10/0x10
[  973.005451][T25925]  ? __pfx_dump_stack_lvl+0x10/0x10
[  973.005476][T25925]  ? __pfx__printk+0x10/0x10
[  973.005506][T25925]  ? __might_fault+0xb0/0x130
[  973.005548][T25925]  should_fail_ex+0x414/0x560
[  973.005586][T25925]  _copy_from_iter+0x1de/0x1790
[  973.005618][T25925]  ? rcu_is_watching+0x15/0xb0
[  973.005641][T25925]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  973.005671][T25925]  ? __pfx__copy_from_iter+0x10/0x10
[  973.005697][T25925]  ? __build_skb_around+0x257/0x3e0
[  973.005728][T25925]  ? netlink_sendmsg+0x642/0xb30
[  973.005751][T25925]  ? skb_put+0x11b/0x210
[  973.005780][T25925]  netlink_sendmsg+0x6b2/0xb30
[  973.005817][T25925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  973.005847][T25925]  ? aa_sock_msg_perm+0xf1/0x1d0
[  973.005885][T25925]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  973.005907][T25925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  973.005934][T25925]  __sock_sendmsg+0x219/0x270
[  973.005973][T25925]  ____sys_sendmsg+0x505/0x830
[  973.006018][T25925]  ? __pfx_____sys_sendmsg+0x10/0x10
[  973.006058][T25925]  ? import_iovec+0x74/0xa0
[  973.006088][T25925]  ___sys_sendmsg+0x21f/0x2a0
[  973.006120][T25925]  ? __pfx____sys_sendmsg+0x10/0x10
[  973.006186][T25925]  ? __fget_files+0x2a/0x420
[  973.006217][T25925]  ? __fget_files+0x3a0/0x420
[  973.006263][T25925]  __x64_sys_sendmsg+0x19b/0x260
[  973.006299][T25925]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  973.006339][T25925]  ? __pfx_ksys_write+0x10/0x10
[  973.006365][T25925]  ? rcu_is_watching+0x15/0xb0
[  973.006392][T25925]  ? do_syscall_64+0xbe/0x3b0
[  973.006421][T25925]  do_syscall_64+0xfa/0x3b0
[  973.006442][T25925]  ? lockdep_hardirqs_on+0x9c/0x150
[  973.006476][T25925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  973.006499][T25925]  ? clear_bhb_loop+0x60/0xb0
[  973.006525][T25925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  973.006548][T25925] RIP: 0033:0x7f624058eec9
[  973.006568][T25925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  973.006586][T25925] RSP: 002b:00007f6241443038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  973.006609][T25925] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058eec9
[  973.006626][T25925] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  973.006658][T25925] RBP: 00007f6241443090 R08: 0000000000000000 R09: 0000000000000000
[  973.006671][T25925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  973.006683][T25925] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[  973.006717][T25925]  </TASK>
[  973.310664][T25933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  973.341689][T25935] __nla_validate_parse: 9 callbacks suppressed
[  973.341716][T25935] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4390'.
[  973.393705][T25935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4390'.
[  973.411606][T25935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4390'.
[  973.641924][T25945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4393'.
[  974.050965][T25958] FAULT_INJECTION: forcing a failure.
[  974.050965][T25958] name failslab, interval 1, probability 0, space 0, times 0
[  974.104688][T25958] CPU: 1 UID: 0 PID: 25958 Comm: syz.1.4396 Not tainted syzkaller #0 PREEMPT(full) 
[  974.104724][T25958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  974.104739][T25958] Call Trace:
[  974.104749][T25958]  <TASK>
[  974.104761][T25958]  dump_stack_lvl+0x189/0x250
[  974.104794][T25958]  ? __pfx____ratelimit+0x10/0x10
[  974.104841][T25958]  ? __pfx_dump_stack_lvl+0x10/0x10
[  974.104867][T25958]  ? __pfx__printk+0x10/0x10
[  974.104928][T25958]  ? __pfx___might_resched+0x10/0x10
[  974.104970][T25958]  should_fail_ex+0x414/0x560
[  974.105011][T25958]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  974.105037][T25958]  should_failslab+0xa8/0x100
[  974.105074][T25958]  __kvmalloc_node_noprof+0x161/0x5f0
[  974.105109][T25958]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  974.105142][T25958]  bpf_test_run_xdp_live+0x1b5/0x1b10
[  974.105176][T25958]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  974.105210][T25958]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  974.105248][T25958]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  974.105275][T25958]  ? 0xffffffffa02057c0
[  974.105297][T25958]  ? 0xffffffffa02057c0
[  974.105376][T25958]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  974.105416][T25958]  ? _copy_from_user+0x94/0xb0
[  974.105447][T25958]  ? bpf_test_init+0x113/0x150
[  974.105470][T25958]  ? xdp_convert_md_to_buff+0x5b/0x330
[  974.105501][T25958]  bpf_prog_test_run_xdp+0x75b/0x10e0
[  974.105549][T25958]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  974.105583][T25958]  ? __fget_files+0x2a/0x420
[  974.105625][T25958]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  974.105654][T25958]  bpf_prog_test_run+0x2c4/0x340
[  974.105692][T25958]  __sys_bpf+0x581/0x870
[  974.105726][T25958]  ? __pfx___sys_bpf+0x10/0x10
[  974.105772][T25958]  ? ksys_write+0x22a/0x250
[  974.105806][T25958]  ? __pfx_ksys_write+0x10/0x10
[  974.105854][T25958]  ? rcu_is_watching+0x15/0xb0
[  974.105886][T25958]  __x64_sys_bpf+0x7c/0x90
[  974.105914][T25958]  do_syscall_64+0xfa/0x3b0
[  974.105938][T25958]  ? lockdep_hardirqs_on+0x9c/0x150
[  974.105975][T25958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.106000][T25958]  ? clear_bhb_loop+0x60/0xb0
[  974.106030][T25958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.106055][T25958] RIP: 0033:0x7f36adf8eec9
[  974.106075][T25958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  974.106096][T25958] RSP: 002b:00007f36aeea0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  974.106122][T25958] RAX: ffffffffffffffda RBX: 00007f36ae1e5fa0 RCX: 00007f36adf8eec9
[  974.106140][T25958] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  974.106157][T25958] RBP: 00007f36aeea0090 R08: 0000000000000000 R09: 0000000000000000
[  974.106173][T25958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  974.106187][T25958] R13: 00007f36ae1e6038 R14: 00007f36ae1e5fa0 R15: 00007fff9bbaea78
[  974.106225][T25958]  </TASK>
[  974.461106][T25961] netlink: 'syz.4.4399': attribute type 13 has an invalid length.
[  974.523373][T25961] netlink: 'syz.4.4399': attribute type 17 has an invalid length.
[  974.542853][T25961] net_ratelimit: 4 callbacks suppressed
[  974.542869][T25961] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  975.083272][T25986] netlink: 'syz.4.4405': attribute type 10 has an invalid length.
[  975.349464][T25986] batadv0: left promiscuous mode
[  975.366272][T25986] batadv0: left allmulticast mode
[  975.386640][T25986] 8021q: adding VLAN 0 to HW filter on device batadv0
[  975.441858][T25986] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  976.099672][T26014] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4409'.
[  976.757769][T26033] netlink: 'syz.1.4414': attribute type 10 has an invalid length.
[  976.771061][T26033] 8021q: adding VLAN 0 to HW filter on device team0
[  976.781547][T26033] bond0: (slave team0): Enslaving as an active interface with an up link
[  977.059553][T26048] netlink: 'syz.3.4423': attribute type 1 has an invalid length.
[  977.110832][T26045] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  977.165939][T26045] netlink: 'syz.0.4421': attribute type 4 has an invalid length.
[  977.207454][T26050] netlink: 'syz.1.4422': attribute type 10 has an invalid length.
[  977.360522][T26058] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4426'.
[  977.628091][T26071] netlink: 'syz.3.4430': attribute type 1 has an invalid length.
[  977.646539][T26069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4429'.
[  977.662353][T26071] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4430'.
[  978.100671][T26089] netlink: 'syz.2.4434': attribute type 10 has an invalid length.
[  978.151723][T26089] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4434'.
[  978.198806][T26092] netlink: 'syz.3.4436': attribute type 1 has an invalid length.
[  978.208004][T26089] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  978.341552][T26094] bond1: (slave vxcan5): The slave device specified does not support setting the MAC address
[  978.356744][T26094] bond1: (slave vxcan5): Error -95 calling set_mac_address
[  978.375022][T26081] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4432'.
[  978.406174][T26081] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4432'.
[  978.440867][T26099] netlink: 1041 bytes leftover after parsing attributes in process `syz.4.4437'.
[  978.449564][T26097] macvlan2: entered promiscuous mode
[  978.455741][T26097] macvlan2: entered allmulticast mode
[  978.463832][T26097] bond1: entered promiscuous mode
[  978.475637][T26097] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  978.493367][T26097] bond1: left promiscuous mode
[  978.556932][T26096] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4435'.
[  978.583952][T26096] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4435'.
[  978.664513][T26092] bond1: (slave bridge0): Enslaving as an active interface with a down link
[  978.819120][T26101] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  978.854026][T26104] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  978.855234][T26112] FAULT_INJECTION: forcing a failure.
[  978.855234][T26112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  978.876417][T26112] CPU: 1 UID: 0 PID: 26112 Comm: syz.2.4441 Not tainted syzkaller #0 PREEMPT(full) 
[  978.876448][T26112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  978.876476][T26112] Call Trace:
[  978.876484][T26112]  <TASK>
[  978.876494][T26112]  dump_stack_lvl+0x189/0x250
[  978.876524][T26112]  ? __pfx____ratelimit+0x10/0x10
[  978.876559][T26112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  978.876583][T26112]  ? __pfx__printk+0x10/0x10
[  978.876625][T26112]  should_fail_ex+0x414/0x560
[  978.876661][T26112]  _copy_from_user+0x2d/0xb0
[  978.876690][T26112]  sctp_setsockopt+0x19f/0x1200
[  978.876720][T26112]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  978.876744][T26112]  do_sock_setsockopt+0x17c/0x1b0
[  978.876774][T26112]  __x64_sys_setsockopt+0x13f/0x1b0
[  978.876808][T26112]  do_syscall_64+0xfa/0x3b0
[  978.876830][T26112]  ? lockdep_hardirqs_on+0x9c/0x150
[  978.876864][T26112]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.876886][T26112]  ? clear_bhb_loop+0x60/0xb0
[  978.876914][T26112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.876942][T26112] RIP: 0033:0x7f130f58eec9
[  978.876963][T26112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  978.876983][T26112] RSP: 002b:00007f1310459038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  978.877007][T26112] RAX: ffffffffffffffda RBX: 00007f130f7e5fa0 RCX: 00007f130f58eec9
[  978.877024][T26112] RDX: 0000000000000022 RSI: 0000000000000084 RDI: 0000000000000004
[  978.877038][T26112] RBP: 00007f1310459090 R08: 0000000000000010 R09: 0000000000000000
[  978.877052][T26112] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[  978.877067][T26112] R13: 00007f130f7e6038 R14: 00007f130f7e5fa0 R15: 00007ffdbc6d3738
[  978.877103][T26112]  </TASK>
[  979.305238][T26122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4444'.
[  979.429725][T26131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4448'.
[  979.596605][T26136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4446'.
[  980.073801][T26147] bond0: (slave wlan1): Releasing backup interface
[  980.286257][T26151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4453'.
[  980.531084][T26157] FAULT_INJECTION: forcing a failure.
[  980.531084][T26157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  980.573701][T26157] CPU: 1 UID: 0 PID: 26157 Comm: syz.1.4457 Not tainted syzkaller #0 PREEMPT(full) 
[  980.573735][T26157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  980.573750][T26157] Call Trace:
[  980.573759][T26157]  <TASK>
[  980.573769][T26157]  dump_stack_lvl+0x189/0x250
[  980.573800][T26157]  ? __pfx____ratelimit+0x10/0x10
[  980.573837][T26157]  ? __pfx_dump_stack_lvl+0x10/0x10
[  980.573861][T26157]  ? __pfx__printk+0x10/0x10
[  980.573892][T26157]  ? __might_fault+0xb0/0x130
[  980.573935][T26157]  should_fail_ex+0x414/0x560
[  980.573972][T26157]  _copy_from_user+0x2d/0xb0
[  980.574001][T26157]  ___sys_sendmsg+0x158/0x2a0
[  980.574034][T26157]  ? __pfx____sys_sendmsg+0x10/0x10
[  980.574104][T26157]  ? __fget_files+0x2a/0x420
[  980.574136][T26157]  ? __fget_files+0x3a0/0x420
[  980.574180][T26157]  __sys_sendmmsg+0x227/0x430
[  980.574215][T26157]  ? __pfx___sys_sendmmsg+0x10/0x10
[  980.574241][T26157]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  980.574295][T26157]  ? ksys_write+0x22a/0x250
[  980.574327][T26157]  ? __pfx_ksys_write+0x10/0x10
[  980.574352][T26157]  ? rcu_is_watching+0x15/0xb0
[  980.574381][T26157]  __x64_sys_sendmmsg+0xa0/0xc0
[  980.574424][T26157]  do_syscall_64+0xfa/0x3b0
[  980.574446][T26157]  ? lockdep_hardirqs_on+0x9c/0x150
[  980.574480][T26157]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  980.574503][T26157]  ? clear_bhb_loop+0x60/0xb0
[  980.574530][T26157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  980.574552][T26157] RIP: 0033:0x7f36adf8eec9
[  980.574574][T26157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  980.574594][T26157] RSP: 002b:00007f36aeea0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  980.574618][T26157] RAX: ffffffffffffffda RBX: 00007f36ae1e5fa0 RCX: 00007f36adf8eec9
[  980.574635][T26157] RDX: 0000000000000002 RSI: 0000200000000bc0 RDI: 0000000000000005
[  980.574650][T26157] RBP: 00007f36aeea0090 R08: 0000000000000000 R09: 0000000000000000
[  980.574663][T26157] R10: 0000000020000004 R11: 0000000000000246 R12: 0000000000000001
[  980.574678][T26157] R13: 00007f36ae1e6038 R14: 00007f36ae1e5fa0 R15: 00007fff9bbaea78
[  980.574714][T26157]  </TASK>
[  981.140246][T26160] netlink: 256 bytes leftover after parsing attributes in process `syz.4.4456'.
[  981.260136][T26172] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  981.517099][T26187] FAULT_INJECTION: forcing a failure.
[  981.517099][T26187] name failslab, interval 1, probability 0, space 0, times 0
[  981.548993][T26187] CPU: 1 UID: 0 PID: 26187 Comm: syz.4.4467 Not tainted syzkaller #0 PREEMPT(full) 
[  981.549026][T26187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  981.549041][T26187] Call Trace:
[  981.549050][T26187]  <TASK>
[  981.549060][T26187]  dump_stack_lvl+0x189/0x250
[  981.549091][T26187]  ? __pfx____ratelimit+0x10/0x10
[  981.549126][T26187]  ? __pfx_dump_stack_lvl+0x10/0x10
[  981.549152][T26187]  ? __pfx__printk+0x10/0x10
[  981.549188][T26187]  ? __pfx___might_resched+0x10/0x10
[  981.549221][T26187]  ? fs_reclaim_acquire+0x7d/0x100
[  981.549260][T26187]  should_fail_ex+0x414/0x560
[  981.549298][T26187]  ? page_pool_create_percpu+0x32a/0xbe0
[  981.549329][T26187]  should_failslab+0xa8/0x100
[  981.549371][T26187]  __kvmalloc_node_noprof+0x161/0x5f0
[  981.549402][T26187]  ? page_pool_create_percpu+0x32a/0xbe0
[  981.549441][T26187]  page_pool_create_percpu+0x32a/0xbe0
[  981.549475][T26187]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  981.549507][T26187]  bpf_test_run_xdp_live+0x1ca/0x1b10
[  981.549538][T26187]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  981.549568][T26187]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  981.549604][T26187]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  981.549629][T26187]  ? 0xffffffffa02057c0
[  981.549651][T26187]  ? 0xffffffffa02057c0
[  981.549724][T26187]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  981.549760][T26187]  ? _copy_from_user+0x94/0xb0
[  981.549788][T26187]  ? bpf_test_init+0x113/0x150
[  981.549810][T26187]  ? xdp_convert_md_to_buff+0x5b/0x330
[  981.549838][T26187]  bpf_prog_test_run_xdp+0x75b/0x10e0
[  981.549882][T26187]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  981.549913][T26187]  ? __fget_files+0x2a/0x420
[  981.549953][T26187]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  981.549984][T26187]  bpf_prog_test_run+0x2c4/0x340
[  981.550019][T26187]  __sys_bpf+0x581/0x870
[  981.550050][T26187]  ? __pfx___sys_bpf+0x10/0x10
[  981.550093][T26187]  ? ksys_write+0x22a/0x250
[  981.550124][T26187]  ? __pfx_ksys_write+0x10/0x10
[  981.550150][T26187]  ? rcu_is_watching+0x15/0xb0
[  981.550181][T26187]  __x64_sys_bpf+0x7c/0x90
[  981.550206][T26187]  do_syscall_64+0xfa/0x3b0
[  981.550228][T26187]  ? lockdep_hardirqs_on+0x9c/0x150
[  981.550263][T26187]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.550285][T26187]  ? clear_bhb_loop+0x60/0xb0
[  981.550313][T26187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.550341][T26187] RIP: 0033:0x7fba90d8eec9
[  981.550361][T26187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  981.550381][T26187] RSP: 002b:00007fba91b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  981.550406][T26187] RAX: ffffffffffffffda RBX: 00007fba90fe5fa0 RCX: 00007fba90d8eec9
[  981.550423][T26187] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  981.550437][T26187] RBP: 00007fba91b8b090 R08: 0000000000000000 R09: 0000000000000000
[  981.550451][T26187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  981.550465][T26187] R13: 00007fba90fe6038 R14: 00007fba90fe5fa0 R15: 00007ffe92595a38
[  981.550500][T26187]  </TASK>
[  981.550841][T26187] page_pool_create_percpu() gave up with errno -12
[  982.268797][T26206] bond2: entered promiscuous mode
[  982.273994][T26206] bond2: entered allmulticast mode
[  982.279712][T26206] 8021q: adding VLAN 0 to HW filter on device bond2
[  982.311515][T26206] veth1_macvtap: left promiscuous mode
[  982.745957][T26225] FAULT_INJECTION: forcing a failure.
[  982.745957][T26225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  982.775167][T26225] CPU: 1 UID: 0 PID: 26225 Comm: syz.4.4476 Not tainted syzkaller #0 PREEMPT(full) 
[  982.775201][T26225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  982.775216][T26225] Call Trace:
[  982.775226][T26225]  <TASK>
[  982.775236][T26225]  dump_stack_lvl+0x189/0x250
[  982.775282][T26225]  ? __pfx____ratelimit+0x10/0x10
[  982.775317][T26225]  ? __pfx_dump_stack_lvl+0x10/0x10
[  982.775343][T26225]  ? __pfx__printk+0x10/0x10
[  982.775373][T26225]  ? __might_fault+0xb0/0x130
[  982.775413][T26225]  should_fail_ex+0x414/0x560
[  982.775451][T26225]  _copy_from_user+0x2d/0xb0
[  982.775480][T26225]  __sys_bpf+0x1ed/0x870
[  982.775511][T26225]  ? __pfx___sys_bpf+0x10/0x10
[  982.775555][T26225]  ? ksys_write+0x22a/0x250
[  982.775585][T26225]  ? __pfx_ksys_write+0x10/0x10
[  982.775611][T26225]  ? rcu_is_watching+0x15/0xb0
[  982.775641][T26225]  __x64_sys_bpf+0x7c/0x90
[  982.775666][T26225]  do_syscall_64+0xfa/0x3b0
[  982.775687][T26225]  ? lockdep_hardirqs_on+0x9c/0x150
[  982.775721][T26225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  982.775744][T26225]  ? clear_bhb_loop+0x60/0xb0
[  982.775771][T26225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  982.775793][T26225] RIP: 0033:0x7fba90d8eec9
[  982.775814][T26225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  982.775834][T26225] RSP: 002b:00007fba91b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  982.775857][T26225] RAX: ffffffffffffffda RBX: 00007fba90fe5fa0 RCX: 00007fba90d8eec9
[  982.775874][T26225] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  982.775889][T26225] RBP: 00007fba91b8b090 R08: 0000000000000000 R09: 0000000000000000
[  982.775903][T26225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  982.775917][T26225] R13: 00007fba90fe6038 R14: 00007fba90fe5fa0 R15: 00007ffe92595a38
[  982.775953][T26225]  </TASK>
[  982.980441][ T3534] af_packet: tpacket_rcv: packet too big, clamped from 66 to 4294967286. macoff=82
[  983.277639][T26239] netlink: 'syz.2.4481': attribute type 13 has an invalid length.
[  983.551869][T26247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  983.641591][T26256] __nla_validate_parse: 5 callbacks suppressed
[  983.641614][T26256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4485'.
[  984.089448][T26260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4488'.
[  984.186590][T26258] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4486'.
[  984.205642][T26258] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4486'.
[  984.217722][T26265] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4489'.
[  985.114935][T26300] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  985.152400][T26303] syzkaller0: entered promiscuous mode
[  985.160446][T26303] syzkaller0: entered allmulticast mode
[  985.173297][T26295] syzkaller0: mtu less than device minimum
[  985.184859][T26293] tipc: Resetting bearer <eth:syzkaller0>
[  985.273287][T26293] tipc: Disabling bearer <eth:syzkaller0>
[  985.347189][T26312] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  985.821570][T26329] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4506'.
[  985.880159][T26329] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4506'.
[  986.299085][   T30] audit: type=1800 audit(1758928101.902:10): pid=26346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4513" name=5D80CEFF4AA6DC5F710E8DF1F7582C892AF8D26C5BD9C07CAA9E7DED20F3F5CE5E3A882A02450DCF19 dev="tmpfs" ino=4793 res=0 errno=0
[  986.399082][   T30] audit: type=1800 audit(1758928101.952:11): pid=26346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4513" name=5D80CEFF4AA6DC5F710E8DF1F7582C892AF8D26C5BD9C07CAA9E7DED20F3F5CE5E3A882A02450DCF19 dev="tmpfs" ino=4793 res=0 errno=0
[  986.474061][T26350] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4515'.
[  986.549934][T26356] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.4518'.
[  986.560056][T26356] netlink: zone id is out of range
[  986.565252][T26356] netlink: zone id is out of range
[  986.572545][T26356] netlink: zone id is out of range
[  986.578094][T26356] netlink: zone id is out of range
[  986.590931][T26356] netlink: zone id is out of range
[  986.606147][T26356] netlink: zone id is out of range
[  986.612094][T26356] netlink: zone id is out of range
[  986.617892][T26356] netlink: zone id is out of range
[  986.624427][T26356] netlink: zone id is out of range
[  986.774020][T26364] netlink: 'syz.4.4520': attribute type 5 has an invalid length.
[  987.257630][T26391] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4530'.
[  989.384198][T26420] netlink: 'syz.1.4539': attribute type 1 has an invalid length.
[  989.393239][T26420] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4539'.
[  989.487777][T26427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4541'.
[  989.850084][T26440] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.4545'.
[  989.871348][T26438] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4543'.
[  989.884223][T26438] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4543'.
[  990.130175][T26449] netlink: 'syz.1.4546': attribute type 4 has an invalid length.
[  990.170014][T26449] netlink: 'syz.1.4546': attribute type 4 has an invalid length.
[  990.234274][T26449] netlink: 3 bytes leftover after parsing attributes in process `syz.1.4546'.
[  990.244926][T26449] 0ªX¹¦À: renamed from caif0
[  990.494446][T26447] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4548'.
[  990.796798][T26465] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4547'.
[  990.828012][T26465] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4547'.
[  990.982467][T26449] 0ªX¹¦À: entered allmulticast mode
[  991.023598][T26449] net_ratelimit: 18 callbacks suppressed
[  991.023625][T26449] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  991.534367][T26480] netlink: 'syz.3.4554': attribute type 13 has an invalid length.
[  991.548060][T26484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4555'.
[  991.564727][T26480] netlink: 'syz.3.4554': attribute type 17 has an invalid length.
[  991.595516][T26480] 8021q: adding VLAN 0 to HW filter on device bond0
[  991.622462][T26480] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  994.260067][T26554] FAULT_INJECTION: forcing a failure.
[  994.260067][T26554] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  994.282436][T26555] netlink: 'syz.2.4571': attribute type 10 has an invalid length.
[  994.308982][T26554] CPU: 1 UID: 0 PID: 26554 Comm: syz.3.4573 Not tainted syzkaller #0 PREEMPT(full) 
[  994.309017][T26554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  994.309031][T26554] Call Trace:
[  994.309042][T26554]  <TASK>
[  994.309052][T26554]  dump_stack_lvl+0x189/0x250
[  994.309083][T26554]  ? __pfx____ratelimit+0x10/0x10
[  994.309118][T26554]  ? __pfx_dump_stack_lvl+0x10/0x10
[  994.309144][T26554]  ? __pfx__printk+0x10/0x10
[  994.309176][T26554]  ? fs_reclaim_acquire+0x7d/0x100
[  994.309221][T26554]  should_fail_ex+0x414/0x560
[  994.309260][T26554]  prepare_alloc_pages+0x213/0x610
[  994.309302][T26554]  __alloc_frozen_pages_noprof+0x123/0x370
[  994.309350][T26554]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  994.309397][T26554]  ? policy_nodemask+0x27c/0x720
[  994.309426][T26554]  ? __lock_acquire+0xab9/0xd20
[  994.309462][T26554]  alloc_pages_mpol+0x232/0x4a0
[  994.309500][T26554]  alloc_pages_noprof+0xa9/0x190
[  994.309534][T26554]  __pud_alloc+0x3a/0x260
[  994.309567][T26554]  huge_pte_alloc+0x4dc/0x620
[  994.309602][T26554]  ? down_read+0x1ad/0x2e0
[  994.309630][T26554]  hugetlb_fault+0x508/0x2970
[  994.309680][T26554]  ? __pfx_hugetlb_fault+0x10/0x10
[  994.309738][T26554]  ? find_vma+0xe7/0x160
[  994.309766][T26554]  ? __pfx_find_vma+0x10/0x10
[  994.309797][T26554]  handle_mm_fault+0x740/0x8e0
[  994.309838][T26554]  do_user_addr_fault+0x764/0x1390
[  994.309890][T26554]  exc_page_fault+0x76/0xf0
[  994.309929][T26554]  asm_exc_page_fault+0x26/0x30
[  994.309951][T26554] RIP: 0010:rep_movs_alternative+0xf/0x90
[  994.309979][T26554] Code: c4 10 e9 c4 0a 04 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 8d 0a 04 00 66 2e
[  994.310000][T26554] RSP: 0018:ffffc9000e1cfd78 EFLAGS: 00050202
[  994.310020][T26554] RAX: 00007ffffffff001 RBX: 0000000000000004 RCX: 0000000000000004
[  994.310036][T26554] RDX: 0000000000000001 RSI: 0000200000000300 RDI: ffffc9000e1cfe00
[  994.310052][T26554] RBP: ffffc9000e1cfe68 R08: 0000000000000003 R09: 0000000000000004
[  994.310066][T26554] R10: dffffc0000000000 R11: fffff52001c39fc0 R12: ffff888058aff200
[  994.310084][T26554] R13: ffffc9000e1cfe00 R14: ffffc9000e1cfe00 R15: 0000200000000300
[  994.310122][T26554]  _copy_from_user+0x7a/0xb0
[  994.310151][T26554]  do_sock_getsockopt+0x17d/0x450
[  994.310185][T26554]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  994.310213][T26554]  ? write_ibpb+0x30/0x40
[  994.310237][T26554]  ? ksys_write+0x1e1/0x250
[  994.310273][T26554]  __x64_sys_getsockopt+0x1a5/0x250
[  994.310301][T26554]  ? write_ibpb+0x30/0x40
[  994.310325][T26554]  ? write_ibpb+0x30/0x40
[  994.310358][T26554]  do_syscall_64+0xfa/0x3b0
[  994.310380][T26554]  ? lockdep_hardirqs_on+0x9c/0x150
[  994.310414][T26554]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  994.310436][T26554]  ? clear_bhb_loop+0x60/0xb0
[  994.310464][T26554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  994.310486][T26554] RIP: 0033:0x7f624058eec9
[  994.310505][T26554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  994.310524][T26554] RSP: 002b:00007f6241443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  994.310546][T26554] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058eec9
[  994.310562][T26554] RDX: 000000000000003f RSI: 0000000000000001 RDI: 0000000000000004
[  994.310576][T26554] RBP: 00007f6241443090 R08: 0000200000000300 R09: 0000000000000000
[  994.310591][T26554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  994.310605][T26554] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[  994.310641][T26554]  </TASK>
[  994.761184][T26555] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  995.119965][T26564] netlink: 'syz.0.4577': attribute type 2 has an invalid length.
[  995.150426][T26564] netlink: 'syz.0.4577': attribute type 2 has an invalid length.
[  995.167112][T26564] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  995.336400][T26571] netlink: 'syz.3.4580': attribute type 10 has an invalid length.
[  995.375633][T26571] __nla_validate_parse: 3 callbacks suppressed
[  995.375656][T26571] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4580'.
[  995.416414][T26573] netlink: 'syz.1.4579': attribute type 1 has an invalid length.
[  995.425546][T26573] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4579'.
[  995.447100][T26571] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  996.087825][T26595] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4584'.
[  996.103923][T26598] netlink: 'syz.0.4588': attribute type 2 has an invalid length.
[  996.121610][T26595] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4584'.
[  996.139581][T26598] netlink: 'syz.0.4588': attribute type 2 has an invalid length.
[  996.153598][T26602] netlink: 146780 bytes leftover after parsing attributes in process `syz.3.4589'.
[  996.166376][T26602] netlink: zone id is out of range
[  996.173176][T26602] netlink: zone id is out of range
[  996.180673][T26602] netlink: zone id is out of range
[  996.186665][T26602] netlink: zone id is out of range
[  996.194985][T26602] netlink: zone id is out of range
[  996.202169][T26602] netlink: zone id is out of range
[  996.209362][T26602] netlink: zone id is out of range
[  996.214618][T26602] netlink: zone id is out of range
[  996.223612][T26602] netlink: zone id is out of range
[  996.244559][T26603] netlink: 'syz.3.4589': attribute type 1 has an invalid length.
[  996.255232][T26602] netlink: zone id is out of range
[  996.282283][T26602] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4589'.
[  996.387178][T26606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4591'.
[  997.109037][T26639] netlink: 'syz.0.4604': attribute type 1 has an invalid length.
[  997.117184][T26639] netlink: 208 bytes leftover after parsing attributes in process `syz.0.4604'.
[  997.257026][T26643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4606'.
[  997.464588][T26656] netlink: 'syz.0.4609': attribute type 13 has an invalid length.
[  997.633816][T26662] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4610'.
[  997.703532][T26659] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  998.414070][T26699] netlink: 'syz.4.4624': attribute type 10 has an invalid length.
[  999.157526][T26724] FAULT_INJECTION: forcing a failure.
[  999.157526][T26724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  999.172331][T26724] CPU: 0 UID: 0 PID: 26724 Comm: syz.3.4632 Not tainted syzkaller #0 PREEMPT(full) 
[  999.172363][T26724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  999.172378][T26724] Call Trace:
[  999.172387][T26724]  <TASK>
[  999.172397][T26724]  dump_stack_lvl+0x189/0x250
[  999.172428][T26724]  ? __pfx____ratelimit+0x10/0x10
[  999.172463][T26724]  ? __pfx_dump_stack_lvl+0x10/0x10
[  999.172488][T26724]  ? __pfx__printk+0x10/0x10
[  999.172516][T26724]  ? __might_fault+0xb0/0x130
[  999.172558][T26724]  should_fail_ex+0x414/0x560
[  999.172595][T26724]  _copy_from_user+0x2d/0xb0
[  999.172624][T26724]  __sys_bind+0x199/0x3e0
[  999.172650][T26724]  ? __pfx___sys_bind+0x10/0x10
[  999.172686][T26724]  ? __pfx_ksys_write+0x10/0x10
[  999.172712][T26724]  ? rcu_is_watching+0x15/0xb0
[  999.172742][T26724]  __x64_sys_bind+0x7a/0x90
[  999.172766][T26724]  do_syscall_64+0xfa/0x3b0
[  999.172787][T26724]  ? lockdep_hardirqs_on+0x9c/0x150
[  999.172821][T26724]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.172842][T26724]  ? clear_bhb_loop+0x60/0xb0
[  999.172869][T26724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.172890][T26724] RIP: 0033:0x7f624058eec9
[  999.172909][T26724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  999.172927][T26724] RSP: 002b:00007f6241443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  999.172951][T26724] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058eec9
[  999.172976][T26724] RDX: 0000000000000010 RSI: 0000200000000400 RDI: 0000000000000003
[  999.172991][T26724] RBP: 00007f6241443090 R08: 0000000000000000 R09: 0000000000000000
[  999.173005][T26724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  999.173019][T26724] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[  999.173054][T26724]  </TASK>
[  999.749796][T26735] bond0: (slave wlan1): Releasing backup interface
[ 1000.547345][T26767] __nla_validate_parse: 9 callbacks suppressed
[ 1000.547387][T26767] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4646'.
[ 1000.633146][T26773] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4649'.
[ 1001.021680][T26784] netlink: 'syz.1.4653': attribute type 1 has an invalid length.
[ 1001.030336][T26784] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4653'.
[ 1001.253125][T26792] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4654'.
[ 1001.339311][T26795] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4655'.
[ 1001.854102][T26800] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4656'.
[ 1001.907532][T26800] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4656'.
[ 1002.247160][T26820] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4666'.
[ 1002.453145][T26826] netlink: 'syz.2.4669': attribute type 2 has an invalid length.
[ 1002.499558][T26834] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4672'.
[ 1002.523079][T26826] netlink: 'syz.2.4669': attribute type 2 has an invalid length.
[ 1002.663895][T26837] netlink: 'syz.0.4671': attribute type 1 has an invalid length.
[ 1003.216880][T26858] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4677'.
[ 1003.906011][T26877] bond0: (slave wlan1): Releasing backup interface
[ 1005.993604][T26939] __nla_validate_parse: 12 callbacks suppressed
[ 1005.993632][T26939] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.4705'.
[ 1006.021997][T26939] net_ratelimit: 16 callbacks suppressed
[ 1006.022027][T26939] netlink: zone id is out of range
[ 1006.046200][T26939] netlink: zone id is out of range
[ 1006.068855][T26939] netlink: zone id is out of range
[ 1006.087683][T26939] netlink: zone id is out of range
[ 1006.094922][T26939] netlink: zone id is out of range
[ 1006.101834][T26939] netlink: zone id is out of range
[ 1006.110566][T26939] netlink: zone id is out of range
[ 1006.117217][T26939] netlink: zone id is out of range
[ 1006.127659][T26939] netlink: zone id is out of range
[ 1006.158078][T26939] netlink: zone id is out of range
[ 1006.406624][T26957] netlink: 'syz.3.4712': attribute type 1 has an invalid length.
[ 1006.437559][T26957] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4712'.
[ 1006.622271][T26963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4714'.
[ 1007.311274][T26984] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4721'.
[ 1007.765132][T26984] bond1: (slave bridge0): Releasing active interface
[ 1009.572988][T27051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4741'.
[ 1009.636719][T27056] netlink: 'syz.2.4742': attribute type 1 has an invalid length.
[ 1009.646561][T27056] netlink: 228 bytes leftover after parsing attributes in process `syz.2.4742'.
[ 1009.658284][T27051] bridge0: entered allmulticast mode
[ 1009.785717][T27057] bridge_slave_0: default FDB implementation only supports local addresses
[ 1010.655783][T27081] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4746'.
[ 1010.683122][T27081] hsr_slave_0: left promiscuous mode
[ 1010.707032][T27081] hsr_slave_1: left promiscuous mode
[ 1011.233910][T27101] FAULT_INJECTION: forcing a failure.
[ 1011.233910][T27101] name failslab, interval 1, probability 0, space 0, times 0
[ 1011.277522][T27101] CPU: 1 UID: 0 PID: 27101 Comm: syz.2.4751 Not tainted syzkaller #0 PREEMPT(full) 
[ 1011.277556][T27101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1011.277571][T27101] Call Trace:
[ 1011.277581][T27101]  <TASK>
[ 1011.277591][T27101]  dump_stack_lvl+0x189/0x250
[ 1011.277622][T27101]  ? __pfx____ratelimit+0x10/0x10
[ 1011.277659][T27101]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1011.277684][T27101]  ? __pfx__printk+0x10/0x10
[ 1011.277720][T27101]  ? __pfx___might_resched+0x10/0x10
[ 1011.277754][T27101]  ? fs_reclaim_acquire+0x7d/0x100
[ 1011.277793][T27101]  should_fail_ex+0x414/0x560
[ 1011.277831][T27101]  ? page_pool_create_percpu+0x32a/0xbe0
[ 1011.277863][T27101]  should_failslab+0xa8/0x100
[ 1011.277896][T27101]  __kvmalloc_node_noprof+0x161/0x5f0
[ 1011.277928][T27101]  ? page_pool_create_percpu+0x32a/0xbe0
[ 1011.277967][T27101]  page_pool_create_percpu+0x32a/0xbe0
[ 1011.278003][T27101]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[ 1011.278127][T27101]  bpf_test_run_xdp_live+0x1ca/0x1b10
[ 1011.278174][T27101]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1011.278205][T27101]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1011.278239][T27101]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[ 1011.278271][T27101]  ? 0xffffffffa02057c0
[ 1011.278293][T27101]  ? 0xffffffffa02057c0
[ 1011.278365][T27101]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[ 1011.278407][T27101]  ? _copy_from_user+0x94/0xb0
[ 1011.278437][T27101]  ? bpf_test_init+0x113/0x150
[ 1011.278459][T27101]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1011.278487][T27101]  bpf_prog_test_run_xdp+0x75b/0x10e0
[ 1011.278533][T27101]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1011.278567][T27101]  ? __fget_files+0x2a/0x420
[ 1011.278607][T27101]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1011.278634][T27101]  bpf_prog_test_run+0x2c4/0x340
[ 1011.278672][T27101]  __sys_bpf+0x581/0x870
[ 1011.278703][T27101]  ? __pfx___sys_bpf+0x10/0x10
[ 1011.278748][T27101]  ? ksys_write+0x22a/0x250
[ 1011.278781][T27101]  ? __pfx_ksys_write+0x10/0x10
[ 1011.278808][T27101]  ? rcu_is_watching+0x15/0xb0
[ 1011.278839][T27101]  __x64_sys_bpf+0x7c/0x90
[ 1011.278868][T27101]  do_syscall_64+0xfa/0x3b0
[ 1011.278892][T27101]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1011.278927][T27101]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.278951][T27101]  ? clear_bhb_loop+0x60/0xb0
[ 1011.278981][T27101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.279005][T27101] RIP: 0033:0x7f130f58eec9
[ 1011.279025][T27101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1011.279047][T27101] RSP: 002b:00007f1310459038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1011.279073][T27101] RAX: ffffffffffffffda RBX: 00007f130f7e5fa0 RCX: 00007f130f58eec9
[ 1011.279090][T27101] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[ 1011.279105][T27101] RBP: 00007f1310459090 R08: 0000000000000000 R09: 0000000000000000
[ 1011.279121][T27101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1011.279137][T27101] R13: 00007f130f7e6038 R14: 00007f130f7e5fa0 R15: 00007ffdbc6d3738
[ 1011.279175][T27101]  </TASK>
[ 1011.654755][T27101] page_pool_create_percpu() gave up with errno -12
[ 1011.704258][T27103] netlink: 'syz.0.4752': attribute type 1 has an invalid length.
[ 1011.759420][T27103] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4752'.
[ 1011.982810][T27115] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4754'.
[ 1012.031761][T27115] erspan0: entered promiscuous mode
[ 1012.038070][T27115] macvtap1: entered promiscuous mode
[ 1012.045929][T27115] macvtap1: entered allmulticast mode
[ 1012.051900][T27115] erspan0: entered allmulticast mode
[ 1012.092244][T27118] erspan0: left allmulticast mode
[ 1012.108894][T27118] erspan0: left promiscuous mode
[ 1012.727307][T27128] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1012.762397][T27136] net_ratelimit: 3 callbacks suppressed
[ 1012.762415][T27136] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1012.935034][T27128] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1012.949299][T27141] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4760'.
[ 1012.992779][T27141] macvtap1: entered promiscuous mode
[ 1012.998302][T27141] syz_tun: entered promiscuous mode
[ 1013.004582][T27141] macvtap1: entered allmulticast mode
[ 1013.011452][T27141] syz_tun: entered allmulticast mode
[ 1013.025457][T27145] syz_tun: left allmulticast mode
[ 1013.031795][T27145] syz_tun: left promiscuous mode
[ 1013.108525][T27128] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1013.241025][T27128] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1013.264335][T27154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4766'.
[ 1013.479416][   T36] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1013.536685][ T3484] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1013.588578][   T36] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1013.653339][   T36] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1014.357310][T27200] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4779'.
[ 1014.667879][T27210] netlink: 'syz.1.4782': attribute type 1 has an invalid length.
[ 1014.718187][T27210] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4782'.
[ 1014.799959][T27217] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4783'.
[ 1015.484201][T27227] netlink: 'syz.0.4786': attribute type 10 has an invalid length.
[ 1015.545233][T27227] 8021q: adding VLAN 0 to HW filter on device team0
[ 1015.594823][T27227] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1015.995744][T27241] netlink: 'syz.0.4791': attribute type 2 has an invalid length.
[ 1016.041577][T27241] netlink: 'syz.0.4791': attribute type 2 has an invalid length.
[ 1016.214159][T27249] netlink: 256 bytes leftover after parsing attributes in process `syz.4.4792'.
[ 1016.287429][T27249] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4792'.
[ 1017.263225][T27279] netlink: 'syz.0.4800': attribute type 10 has an invalid length.
[ 1017.298213][T27279] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4800'.
[ 1017.454793][T27279] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 1017.520691][T27284] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4803'.
[ 1017.906871][T27294] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4806'.
[ 1018.528236][T27304] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4807'.
[ 1018.557004][T27304] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4807'.
[ 1018.705069][T27325] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4810'.
[ 1018.743542][T27321] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4810'.
[ 1018.947092][T27335] FAULT_INJECTION: forcing a failure.
[ 1018.947092][T27335] name failslab, interval 1, probability 0, space 0, times 0
[ 1019.010173][T27335] CPU: 1 UID: 0 PID: 27335 Comm: syz.4.4814 Not tainted syzkaller #0 PREEMPT(full) 
[ 1019.010206][T27335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1019.010221][T27335] Call Trace:
[ 1019.010230][T27335]  <TASK>
[ 1019.010241][T27335]  dump_stack_lvl+0x189/0x250
[ 1019.010273][T27335]  ? __pfx____ratelimit+0x10/0x10
[ 1019.010308][T27335]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1019.010334][T27335]  ? __pfx__printk+0x10/0x10
[ 1019.010375][T27335]  ? __lock_acquire+0xab9/0xd20
[ 1019.010417][T27335]  should_fail_ex+0x414/0x560
[ 1019.010456][T27335]  should_failslab+0xa8/0x100
[ 1019.010490][T27335]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1019.010518][T27335]  ? skb_clone+0x212/0x3a0
[ 1019.010555][T27335]  skb_clone+0x212/0x3a0
[ 1019.010588][T27335]  __netlink_deliver_tap+0x404/0x850
[ 1019.010630][T27335]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1019.010657][T27335]  netlink_deliver_tap+0x19c/0x1b0
[ 1019.010684][T27335]  netlink_unicast+0x7fa/0x9e0
[ 1019.010716][T27335]  ? __pfx_netlink_unicast+0x10/0x10
[ 1019.010741][T27335]  ? netlink_sendmsg+0x642/0xb30
[ 1019.010765][T27335]  ? skb_put+0x11b/0x210
[ 1019.010795][T27335]  netlink_sendmsg+0x805/0xb30
[ 1019.010832][T27335]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1019.010862][T27335]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1019.010901][T27335]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1019.010924][T27335]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1019.010952][T27335]  __sock_sendmsg+0x219/0x270
[ 1019.010990][T27335]  ____sys_sendmsg+0x505/0x830
[ 1019.011026][T27335]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1019.011066][T27335]  ? import_iovec+0x74/0xa0
[ 1019.011099][T27335]  ___sys_sendmsg+0x21f/0x2a0
[ 1019.011131][T27335]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1019.011203][T27335]  ? __fget_files+0x2a/0x420
[ 1019.011234][T27335]  ? __fget_files+0x3a0/0x420
[ 1019.011279][T27335]  __x64_sys_sendmsg+0x19b/0x260
[ 1019.011311][T27335]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1019.011380][T27335]  ? __pfx_ksys_write+0x10/0x10
[ 1019.011404][T27335]  ? rcu_is_watching+0x15/0xb0
[ 1019.011428][T27335]  ? do_syscall_64+0xbe/0x3b0
[ 1019.011454][T27335]  do_syscall_64+0xfa/0x3b0
[ 1019.011475][T27335]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1019.011510][T27335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1019.011532][T27335]  ? clear_bhb_loop+0x60/0xb0
[ 1019.011559][T27335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1019.011580][T27335] RIP: 0033:0x7fba90d8eec9
[ 1019.011600][T27335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1019.011620][T27335] RSP: 002b:00007fba91b6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1019.011643][T27335] RAX: ffffffffffffffda RBX: 00007fba90fe6090 RCX: 00007fba90d8eec9
[ 1019.011660][T27335] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[ 1019.011673][T27335] RBP: 00007fba91b6a090 R08: 0000000000000000 R09: 0000000000000000
[ 1019.011687][T27335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1019.011700][T27335] R13: 00007fba90fe6128 R14: 00007fba90fe6090 R15: 00007ffe92595a38
[ 1019.011735][T27335]  </TASK>
[ 1019.413604][T27341] netlink: 'syz.0.4817': attribute type 10 has an invalid length.
[ 1019.460336][T27341] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4817'.
[ 1019.469614][T27341] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 1019.554635][T27345] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4818'.
[ 1019.666916][T27349] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4819'.
[ 1019.797559][T27357] netlink: 'syz.0.4823': attribute type 1 has an invalid length.
[ 1020.305646][T27372] can: request_module (can-proto-0) failed.
[ 1020.752833][T27385] syzkaller0: entered promiscuous mode
[ 1020.763196][T27385] syzkaller0: entered allmulticast mode
[ 1021.176199][T27405] FAULT_INJECTION: forcing a failure.
[ 1021.176199][T27405] name failslab, interval 1, probability 0, space 0, times 0
[ 1021.189426][T27405] CPU: 1 UID: 0 PID: 27405 Comm: syz.4.4837 Not tainted syzkaller #0 PREEMPT(full) 
[ 1021.189455][T27405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1021.189468][T27405] Call Trace:
[ 1021.189477][T27405]  <TASK>
[ 1021.189487][T27405]  dump_stack_lvl+0x189/0x250
[ 1021.189515][T27405]  ? __pfx____ratelimit+0x10/0x10
[ 1021.189546][T27405]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1021.189568][T27405]  ? __pfx__printk+0x10/0x10
[ 1021.189596][T27405]  ? __lock_acquire+0xab9/0xd20
[ 1021.189632][T27405]  should_fail_ex+0x414/0x560
[ 1021.189686][T27405]  should_failslab+0xa8/0x100
[ 1021.189720][T27405]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1021.189748][T27405]  ? sctp_get_port_local+0x6d3/0x1680
[ 1021.189787][T27405]  sctp_get_port_local+0x6d3/0x1680
[ 1021.189830][T27405]  ? __pfx_sctp_get_port_local+0x10/0x10
[ 1021.189867][T27405]  ? sctp_bind_addr_match+0x28b/0x2b0
[ 1021.189899][T27405]  sctp_do_bind+0x4ea/0x940
[ 1021.189943][T27405]  sctp_connect_new_asoc+0x25c/0x690
[ 1021.189976][T27405]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1021.190005][T27405]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1021.190047][T27405]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1021.190071][T27405]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1021.190104][T27405]  sctp_sendmsg+0x155c/0x2810
[ 1021.190149][T27405]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1021.190183][T27405]  ? aa_sk_perm+0x81e/0x950
[ 1021.190222][T27405]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1021.190259][T27405]  ? sock_rps_record_flow+0x19/0x410
[ 1021.190285][T27405]  ? inet_sendmsg+0x2f4/0x370
[ 1021.190309][T27405]  __sock_sendmsg+0x19c/0x270
[ 1021.190345][T27405]  ____sys_sendmsg+0x52d/0x830
[ 1021.190374][T27405]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1021.190405][T27405]  ? import_iovec+0x74/0xa0
[ 1021.190438][T27405]  ___sys_sendmsg+0x21f/0x2a0
[ 1021.190464][T27405]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1021.190518][T27405]  ? __fget_files+0x2a/0x420
[ 1021.190544][T27405]  ? __fget_files+0x3a0/0x420
[ 1021.190578][T27405]  __sys_sendmmsg+0x227/0x430
[ 1021.190607][T27405]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1021.190628][T27405]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1021.190670][T27405]  ? ksys_write+0x22a/0x250
[ 1021.190694][T27405]  ? __pfx_ksys_write+0x10/0x10
[ 1021.190714][T27405]  ? rcu_is_watching+0x15/0xb0
[ 1021.190737][T27405]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1021.190762][T27405]  do_syscall_64+0xfa/0x3b0
[ 1021.190779][T27405]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1021.190806][T27405]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1021.190824][T27405]  ? clear_bhb_loop+0x60/0xb0
[ 1021.190845][T27405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1021.190863][T27405] RIP: 0033:0x7fba90d8eec9
[ 1021.190880][T27405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1021.190896][T27405] RSP: 002b:00007fba91b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1021.190916][T27405] RAX: ffffffffffffffda RBX: 00007fba90fe5fa0 RCX: 00007fba90d8eec9
[ 1021.190929][T27405] RDX: 0000000000000002 RSI: 0000200000000bc0 RDI: 0000000000000005
[ 1021.190940][T27405] RBP: 00007fba91b8b090 R08: 0000000000000000 R09: 0000000000000000
[ 1021.190952][T27405] R10: 0000000020000004 R11: 0000000000000246 R12: 0000000000000001
[ 1021.190963][T27405] R13: 00007fba90fe6038 R14: 00007fba90fe5fa0 R15: 00007ffe92595a38
[ 1021.190991][T27405]  </TASK>
[ 1021.866094][T27421] netlink: 'syz.1.4841': attribute type 4 has an invalid length.
[ 1022.661478][T27440] __nla_validate_parse: 6 callbacks suppressed
[ 1022.661503][T27440] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4849'.
[ 1022.925531][T27446] netlink: 'syz.4.4853': attribute type 1 has an invalid length.
[ 1022.939265][T27446] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4853'.
[ 1023.308512][T27462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4856'.
[ 1023.391594][T27465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4858'.
[ 1023.631748][T27478] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4862'.
[ 1023.732178][T27475] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4861'.
[ 1024.723128][T27516] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4875'.
[ 1024.782951][T27522] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4878'.
[ 1024.827835][T27524] netlink: 'syz.4.4876': attribute type 1 has an invalid length.
[ 1024.860262][T27524] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4876'.
[ 1024.907680][T27525] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4877'.
[ 1025.102728][T27533] netlink: 'syz.2.4880': attribute type 10 has an invalid length.
[ 1025.134577][T27533] 8021q: adding VLAN 0 to HW filter on device team0
[ 1025.150903][T27533] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1025.381206][T27544] netlink: 'syz.3.4884': attribute type 5 has an invalid length.
[ 1025.727589][T27558] FAULT_INJECTION: forcing a failure.
[ 1025.727589][T27558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.741134][T27558] CPU: 0 UID: 0 PID: 27558 Comm: syz.0.4888 Not tainted syzkaller #0 PREEMPT(full) 
[ 1025.741165][T27558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1025.741179][T27558] Call Trace:
[ 1025.741188][T27558]  <TASK>
[ 1025.741197][T27558]  dump_stack_lvl+0x189/0x250
[ 1025.741226][T27558]  ? __pfx____ratelimit+0x10/0x10
[ 1025.741257][T27558]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1025.741279][T27558]  ? __pfx__printk+0x10/0x10
[ 1025.741317][T27558]  should_fail_ex+0x414/0x560
[ 1025.741351][T27558]  _copy_to_user+0x31/0xb0
[ 1025.741378][T27558]  simple_read_from_buffer+0xe1/0x170
[ 1025.741416][T27558]  proc_fail_nth_read+0x1b3/0x220
[ 1025.741444][T27558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1025.741473][T27558]  ? rw_verify_area+0x2a6/0x4d0
[ 1025.741497][T27558]  ? __lock_acquire+0xab9/0xd20
[ 1025.741523][T27558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1025.741544][T27558]  vfs_read+0x200/0xa30
[ 1025.741567][T27558]  ? fdget_pos+0x247/0x320
[ 1025.741598][T27558]  ? __pfx___mutex_lock+0x10/0x10
[ 1025.741618][T27558]  ? __pfx_vfs_read+0x10/0x10
[ 1025.741643][T27558]  ? __fget_files+0x2a/0x420
[ 1025.741674][T27558]  ? __fget_files+0x3a0/0x420
[ 1025.741700][T27558]  ? __fget_files+0x2a/0x420
[ 1025.741736][T27558]  ksys_read+0x145/0x250
[ 1025.741763][T27558]  ? __pfx_ksys_read+0x10/0x10
[ 1025.741783][T27558]  ? rcu_is_watching+0x15/0xb0
[ 1025.741807][T27558]  ? do_syscall_64+0xbe/0x3b0
[ 1025.741831][T27558]  do_syscall_64+0xfa/0x3b0
[ 1025.741849][T27558]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1025.741878][T27558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.741905][T27558]  ? clear_bhb_loop+0x60/0xb0
[ 1025.741930][T27558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.741948][T27558] RIP: 0033:0x7f76d778d8dc
[ 1025.741966][T27558] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1025.741984][T27558] RSP: 002b:00007f76d859a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1025.742005][T27558] RAX: ffffffffffffffda RBX: 00007f76d79e5fa0 RCX: 00007f76d778d8dc
[ 1025.742020][T27558] RDX: 000000000000000f RSI: 00007f76d859a0a0 RDI: 0000000000000004
[ 1025.742032][T27558] RBP: 00007f76d859a090 R08: 0000000000000000 R09: 0000000000000000
[ 1025.742045][T27558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1025.742057][T27558] R13: 00007f76d79e6038 R14: 00007f76d79e5fa0 R15: 00007ffc13e773c8
[ 1025.742089][T27558]  </TASK>
[ 1026.756677][T27588] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1026.934203][T27596] FAULT_INJECTION: forcing a failure.
[ 1026.934203][T27596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1026.950300][T27596] CPU: 0 UID: 0 PID: 27596 Comm: syz.1.4902 Not tainted syzkaller #0 PREEMPT(full) 
[ 1026.950336][T27596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1026.950351][T27596] Call Trace:
[ 1026.950362][T27596]  <TASK>
[ 1026.950372][T27596]  dump_stack_lvl+0x189/0x250
[ 1026.950406][T27596]  ? __pfx____ratelimit+0x10/0x10
[ 1026.950444][T27596]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1026.950470][T27596]  ? __pfx__printk+0x10/0x10
[ 1026.950515][T27596]  should_fail_ex+0x414/0x560
[ 1026.950553][T27596]  _copy_to_user+0x31/0xb0
[ 1026.950586][T27596]  simple_read_from_buffer+0xe1/0x170
[ 1026.950624][T27596]  proc_fail_nth_read+0x1b3/0x220
[ 1026.950654][T27596]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1026.950684][T27596]  ? rw_verify_area+0x2a6/0x4d0
[ 1026.950713][T27596]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1026.950739][T27596]  vfs_read+0x200/0xa30
[ 1026.950778][T27596]  ? __pfx_vfs_read+0x10/0x10
[ 1026.950814][T27596]  ? do_sock_getsockopt+0x237/0x450
[ 1026.950844][T27596]  ? write_ibpb+0x30/0x40
[ 1026.950880][T27596]  ksys_read+0x145/0x250
[ 1026.950911][T27596]  ? __pfx_ksys_read+0x10/0x10
[ 1026.950934][T27596]  ? rcu_is_watching+0x15/0xb0
[ 1026.950963][T27596]  ? do_syscall_64+0xbe/0x3b0
[ 1026.950992][T27596]  do_syscall_64+0xfa/0x3b0
[ 1026.951015][T27596]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1026.951062][T27596]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1026.951087][T27596]  ? clear_bhb_loop+0x60/0xb0
[ 1026.951116][T27596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1026.951140][T27596] RIP: 0033:0x7f36adf8d8dc
[ 1026.951163][T27596] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1026.951185][T27596] RSP: 002b:00007f36aeea0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1026.951210][T27596] RAX: ffffffffffffffda RBX: 00007f36ae1e5fa0 RCX: 00007f36adf8d8dc
[ 1026.951229][T27596] RDX: 000000000000000f RSI: 00007f36aeea00a0 RDI: 0000000000000003
[ 1026.951244][T27596] RBP: 00007f36aeea0090 R08: 0000000000000000 R09: 0000000000000000
[ 1026.951260][T27596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1026.951274][T27596] R13: 00007f36ae1e6038 R14: 00007f36ae1e5fa0 R15: 00007fff9bbaea78
[ 1026.951313][T27596]  </TASK>
[ 1027.839393][T27616] __nla_validate_parse: 5 callbacks suppressed
[ 1027.839416][T27616] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4908'.
[ 1028.527743][T27639] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[ 1028.691788][T27646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4917'.
[ 1029.451581][T27675] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4926'.
[ 1029.461974][T27675] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4926'.
[ 1029.890038][T27680] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4928'.
[ 1029.989696][T27680] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4928'.
[ 1030.343110][T27698] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4935'.
[ 1030.682198][T27703] IPVS: Scheduler module ip_vs_sip not found
[ 1030.787015][T27711] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4937'.
[ 1031.104004][T27724] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4942'.
[ 1031.139572][T27724] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4942'.
[ 1032.022383][T27750] 
: renamed from bond_slave_0 (while UP)
[ 1032.358581][ T5187] Bluetooth: hci4: command 0x0406 tx timeout
[ 1032.529420][   T30] audit: type=1800 audit(1758928148.122:12): pid=27760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4944" name="cgroup.controllers" dev="tmpfs" ino=4946 res=0 errno=0
[ 1032.574097][T27763] tipc: Failed to remove unknown binding: 66,1,1/4:214229519/214229521
[ 1032.637413][T27763] tipc: Failed to remove unknown binding: 66,1,1/4:214229519/214229521
[ 1032.798996][T27763] tipc: Failed to remove unknown binding: 66,1,1/4:214229519/214229521
[ 1032.844005][T27768] netlink: 'syz.2.4952': attribute type 1 has an invalid length.
[ 1032.853862][T27768] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4952'.
[ 1033.887404][T27795] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4958'.
[ 1035.040503][T27819] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4963'.
[ 1035.187697][T27823] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4965'.
[ 1035.616278][T27834] netlink: 256 bytes leftover after parsing attributes in process `syz.2.4967'.
[ 1035.627826][T27836] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4968'.
[ 1035.637856][T27834] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4967'.
[ 1035.885455][T27844] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4970'.
[ 1036.306580][T27859] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4972'.
[ 1036.320319][T27859] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4972'.
[ 1037.053610][T27872] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1037.266027][T27880] syz_tun: entered allmulticast mode
[ 1037.361875][T27880] dvmrp8: entered allmulticast mode
[ 1037.554075][T27885] syz_tun: left allmulticast mode
[ 1037.569119][T27885] dvmrp8: left allmulticast mode
[ 1038.509309][T27915] __nla_validate_parse: 1 callbacks suppressed
[ 1038.509335][T27915] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4989'.
[ 1038.599145][T27915] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4989'.
[ 1038.680061][T27926] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4992'.
[ 1038.825544][T27926] macvtap2: entered promiscuous mode
[ 1038.853949][T27926] syz_tun: entered promiscuous mode
[ 1038.871662][T27926] macvtap2: entered allmulticast mode
[ 1038.887934][T27926] syz_tun: entered allmulticast mode
[ 1038.946466][T27931] FAULT_INJECTION: forcing a failure.
[ 1038.946466][T27931] name failslab, interval 1, probability 0, space 0, times 0
[ 1038.960717][T27931] CPU: 1 UID: 0 PID: 27931 Comm: syz.3.4994 Not tainted syzkaller #0 PREEMPT(full) 
[ 1038.960757][T27931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1038.960774][T27931] Call Trace:
[ 1038.960786][T27931]  <TASK>
[ 1038.960798][T27931]  dump_stack_lvl+0x189/0x250
[ 1038.960835][T27931]  ? __pfx____ratelimit+0x10/0x10
[ 1038.960878][T27931]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1038.960909][T27931]  ? __pfx__printk+0x10/0x10
[ 1038.960948][T27931]  ? xfrm_policy_lookup_bytype+0x123/0x1250
[ 1038.960988][T27931]  should_fail_ex+0x414/0x560
[ 1038.961033][T27931]  should_failslab+0xa8/0x100
[ 1038.961073][T27931]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1038.961109][T27931]  ? __alloc_skb+0x112/0x2d0
[ 1038.961157][T27931]  __alloc_skb+0x112/0x2d0
[ 1038.961194][T27931]  tcp_make_synack+0xc3/0x1e10
[ 1038.961255][T27931]  ? do_raw_spin_unlock+0x122/0x240
[ 1038.961300][T27931]  ? __pfx_tcp_make_synack+0x10/0x10
[ 1038.961334][T27931]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1038.961374][T27931]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1038.961416][T27931]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1038.961455][T27931]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1038.961495][T27931]  ? rcu_is_watching+0x15/0xb0
[ 1038.961536][T27931]  tcp_v6_send_synack+0xeb/0xcf0
[ 1038.961578][T27931]  ? timer_init_key+0x171/0x2d0
[ 1038.961614][T27931]  ? __pfx_tcp_v6_send_synack+0x10/0x10
[ 1038.961647][T27931]  ? inet_csk_reqsk_queue_hash_add+0x163/0x1d0
[ 1038.961689][T27931]  ? __pfx_inet_csk_reqsk_queue_hash_add+0x10/0x10
[ 1038.961744][T27931]  tcp_conn_request+0x248c/0x3560
[ 1038.961812][T27931]  ? __pfx_tcp_conn_request+0x10/0x10
[ 1038.961848][T27931]  ? __pfx_fib6_node_lookup+0x10/0x10
[ 1038.961882][T27931]  ? __lock_acquire+0xab9/0xd20
[ 1038.961950][T27931]  ? subflow_v6_conn_request+0x25b/0x430
[ 1038.961984][T27931]  ? tcp_rcv_state_process+0x20a/0x43b0
[ 1038.962010][T27931]  tcp_rcv_state_process+0x19b2/0x43b0
[ 1038.962052][T27931]  ? sk_filter_trim_cap+0x1d0/0x9d0
[ 1038.962091][T27931]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[ 1038.962127][T27931]  ? sk_filter_trim_cap+0x61c/0x9d0
[ 1038.962174][T27931]  ? __pfx_tcp_inbound_hash+0x10/0x10
[ 1038.962204][T27931]  ? sk_filter_trim_cap+0x1d0/0x9d0
[ 1038.962246][T27931]  tcp_v6_do_rcv+0x89d/0x13f0
[ 1038.962285][T27931]  ? tcp_v6_fill_cb+0x260/0x4c0
[ 1038.962329][T27931]  tcp_v6_rcv+0x1f50/0x2a70
[ 1038.962410][T27931]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 1038.962448][T27931]  ? fib6_rule_lookup+0x1a1/0x6f0
[ 1038.962502][T27931]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 1038.962536][T27931]  ip6_protocol_deliver_rcu+0xcb0/0x15c0
[ 1038.962606][T27931]  ip6_input_finish+0x191/0x370
[ 1038.962645][T27931]  NF_HOOK+0x30c/0x3a0
[ 1038.962677][T27931]  ? __pfx_ip6_input_finish+0x10/0x10
[ 1038.962707][T27931]  ? NF_HOOK+0x9a/0x3a0
[ 1038.962735][T27931]  ? __pfx_NF_HOOK+0x10/0x10
[ 1038.962768][T27931]  ? __pfx_ip6_input_finish+0x10/0x10
[ 1038.962816][T27931]  ip6_input+0x16a/0x270
[ 1038.962844][T27931]  ? ip6_input+0x23/0x270
[ 1038.962879][T27931]  NF_HOOK+0x30c/0x3a0
[ 1038.962905][T27931]  ? skb_orphan+0x4f/0xd0
[ 1038.962937][T27931]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1038.962965][T27931]  ? NF_HOOK+0x9a/0x3a0
[ 1038.962992][T27931]  ? __pfx_NF_HOOK+0x10/0x10
[ 1038.963026][T27931]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1038.963071][T27931]  __netif_receive_skb+0xd3/0x380
[ 1038.963105][T27931]  ? netif_receive_skb+0x115/0x790
[ 1038.963152][T27931]  netif_receive_skb+0x1cb/0x790
[ 1038.963199][T27931]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1038.963243][T27931]  ? __pfx_netif_receive_skb+0x10/0x10
[ 1038.963297][T27931]  ? tun_rx_batched+0x160/0x730
[ 1038.963331][T27931]  tun_rx_batched+0x1b9/0x730
[ 1038.963360][T27931]  ? __lock_acquire+0xab9/0xd20
[ 1038.963402][T27931]  ? __pfx_tun_rx_batched+0x10/0x10
[ 1038.963433][T27931]  ? tun_get_user+0x272f/0x3e90
[ 1038.963470][T27931]  tun_get_user+0x2b65/0x3e90
[ 1038.963502][T27931]  ? tun_get_user+0x6f6/0x3e90
[ 1038.963525][T27931]  ? tun_get_user+0x272f/0x3e90
[ 1038.963552][T27931]  ? aa_file_perm+0x44d/0x1550
[ 1038.963573][T27931]  ? __pfx_tun_get_user+0x10/0x10
[ 1038.963608][T27931]  ? __lock_acquire+0xab9/0xd20
[ 1038.963643][T27931]  ? ref_tracker_alloc+0x318/0x460
[ 1038.963673][T27931]  ? __lock_acquire+0xab9/0xd20
[ 1038.963703][T27931]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1038.963741][T27931]  ? tun_get+0x1c/0x2f0
[ 1038.963770][T27931]  ? tun_get+0x1c/0x2f0
[ 1038.963791][T27931]  ? tun_get+0x1c/0x2f0
[ 1038.963818][T27931]  tun_chr_write_iter+0x113/0x200
[ 1038.963844][T27931]  vfs_write+0x5c9/0xb30
[ 1038.963878][T27931]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1038.963902][T27931]  ? __pfx_vfs_write+0x10/0x10
[ 1038.963939][T27931]  ? __fget_files+0x2a/0x420
[ 1038.963996][T27931]  ksys_write+0x145/0x250
[ 1038.964023][T27931]  ? __pfx_ksys_write+0x10/0x10
[ 1038.964046][T27931]  ? rcu_is_watching+0x15/0xb0
[ 1038.964069][T27931]  ? do_syscall_64+0xbe/0x3b0
[ 1038.964094][T27931]  do_syscall_64+0xfa/0x3b0
[ 1038.964113][T27931]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1038.964151][T27931]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.964171][T27931]  ? clear_bhb_loop+0x60/0xb0
[ 1038.964196][T27931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.964216][T27931] RIP: 0033:0x7f624058d97f
[ 1038.964235][T27931] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1038.964254][T27931] RSP: 002b:00007f6241443000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1038.964276][T27931] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058d97f
[ 1038.964291][T27931] RDX: 0000000000000052 RSI: 0000200000000400 RDI: 00000000000000c8
[ 1038.964304][T27931] RBP: 00007f6241443090 R08: 0000000000000000 R09: 0000000000000000
[ 1038.964317][T27931] R10: 0000000000000052 R11: 0000000000000293 R12: 0000000000000001
[ 1038.964329][T27931] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[ 1038.964379][T27931]  </TASK>
[ 1040.326601][T27959] netlink: 240 bytes leftover after parsing attributes in process `syz.2.5004'.
[ 1040.357826][T27960] netlink: 256 bytes leftover after parsing attributes in process `syz.0.5002'.
[ 1040.389610][T27960] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5002'.
[ 1040.482426][T27966] FAULT_INJECTION: forcing a failure.
[ 1040.482426][T27966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1040.506005][T27966] CPU: 1 UID: 0 PID: 27966 Comm: syz.4.5006 Not tainted syzkaller #0 PREEMPT(full) 
[ 1040.506041][T27966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1040.506057][T27966] Call Trace:
[ 1040.506067][T27966]  <TASK>
[ 1040.506078][T27966]  dump_stack_lvl+0x189/0x250
[ 1040.506110][T27966]  ? __pfx____ratelimit+0x10/0x10
[ 1040.506148][T27966]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1040.506175][T27966]  ? __pfx__printk+0x10/0x10
[ 1040.506207][T27966]  ? __might_fault+0xb0/0x130
[ 1040.506249][T27966]  should_fail_ex+0x414/0x560
[ 1040.506289][T27966]  _copy_from_iter+0x1de/0x1790
[ 1040.506326][T27966]  ? rcu_is_watching+0x15/0xb0
[ 1040.506352][T27966]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1040.506387][T27966]  ? __pfx__copy_from_iter+0x10/0x10
[ 1040.506415][T27966]  ? __build_skb_around+0x257/0x3e0
[ 1040.506447][T27966]  ? netlink_sendmsg+0x642/0xb30
[ 1040.506473][T27966]  ? skb_put+0x11b/0x210
[ 1040.506506][T27966]  netlink_sendmsg+0x6b2/0xb30
[ 1040.506548][T27966]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1040.506581][T27966]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1040.506623][T27966]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1040.506660][T27966]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1040.506690][T27966]  __sock_sendmsg+0x219/0x270
[ 1040.506732][T27966]  ____sys_sendmsg+0x505/0x830
[ 1040.506772][T27966]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1040.506815][T27966]  ? import_iovec+0x74/0xa0
[ 1040.506851][T27966]  ___sys_sendmsg+0x21f/0x2a0
[ 1040.506885][T27966]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1040.506963][T27966]  ? __fget_files+0x2a/0x420
[ 1040.506996][T27966]  ? __fget_files+0x3a0/0x420
[ 1040.507038][T27966]  __x64_sys_sendmsg+0x19b/0x260
[ 1040.507067][T27966]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1040.507103][T27966]  ? __pfx_ksys_write+0x10/0x10
[ 1040.507126][T27966]  ? rcu_is_watching+0x15/0xb0
[ 1040.507149][T27966]  ? do_syscall_64+0xbe/0x3b0
[ 1040.507173][T27966]  do_syscall_64+0xfa/0x3b0
[ 1040.507191][T27966]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1040.507222][T27966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1040.507242][T27966]  ? clear_bhb_loop+0x60/0xb0
[ 1040.507267][T27966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1040.507286][T27966] RIP: 0033:0x7fba90d8eec9
[ 1040.507305][T27966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1040.507323][T27966] RSP: 002b:00007fba91b8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1040.507344][T27966] RAX: ffffffffffffffda RBX: 00007fba90fe5fa0 RCX: 00007fba90d8eec9
[ 1040.507359][T27966] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[ 1040.507372][T27966] RBP: 00007fba91b8b090 R08: 0000000000000000 R09: 0000000000000000
[ 1040.507385][T27966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1040.507396][T27966] R13: 00007fba90fe6038 R14: 00007fba90fe5fa0 R15: 00007ffe92595a38
[ 1040.507428][T27966]  </TASK>
[ 1040.883446][T27968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5007'.
[ 1040.961413][T27979] netlink: 'syz.0.5010': attribute type 13 has an invalid length.
[ 1040.997542][T27979] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5010'.
[ 1041.002082][T27974] netlink: 'syz.2.5008': attribute type 10 has an invalid length.
[ 1041.025969][T27976] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1041.058055][T27983] netlink: 'syz.2.5008': attribute type 10 has an invalid length.
[ 1041.074726][T27983] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5008'.
[ 1041.092983][T27976] netlink: 'syz.4.5011': attribute type 4 has an invalid length.
[ 1041.203887][T27979] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (6)
[ 1041.214803][T27974] batadv0: left promiscuous mode
[ 1041.220021][T27974] batadv0: left allmulticast mode
[ 1041.249848][T27974] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1041.286856][T27974] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1041.319223][T27983] batadv0: entered promiscuous mode
[ 1041.333515][T27983] batadv0: entered allmulticast mode
[ 1041.356784][T27983] bond0: (slave batadv0): Releasing backup interface
[ 1041.371822][T27983] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 1041.435291][T27991] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[ 1041.556224][T27999] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5018'.
[ 1041.791705][T28010] netlink: 'syz.0.5021': attribute type 10 has an invalid length.
[ 1042.434445][T28028] pim6reg: left allmulticast mode
[ 1043.572175][T28069] FAULT_INJECTION: forcing a failure.
[ 1043.572175][T28069] name failslab, interval 1, probability 0, space 0, times 0
[ 1043.587667][T28070] FAULT_INJECTION: forcing a failure.
[ 1043.587667][T28070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1043.610461][T28069] CPU: 0 UID: 0 PID: 28069 Comm: syz.3.5041 Not tainted syzkaller #0 PREEMPT(full) 
[ 1043.610498][T28069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1043.610522][T28069] Call Trace:
[ 1043.610532][T28069]  <TASK>
[ 1043.610542][T28069]  dump_stack_lvl+0x189/0x250
[ 1043.610576][T28069]  ? __pfx____ratelimit+0x10/0x10
[ 1043.610614][T28069]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1043.610639][T28069]  ? __pfx__printk+0x10/0x10
[ 1043.610666][T28069]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1043.610713][T28069]  ? sctp_get_port_local+0xe5d/0x1680
[ 1043.610751][T28069]  should_fail_ex+0x414/0x560
[ 1043.610790][T28069]  should_failslab+0xa8/0x100
[ 1043.610824][T28069]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1043.610854][T28069]  ? sctp_add_bind_addr+0x8c/0x370
[ 1043.610886][T28069]  sctp_add_bind_addr+0x8c/0x370
[ 1043.610910][T28069]  ? sctp_auto_asconf_init+0x15c/0x1e0
[ 1043.610948][T28069]  sctp_do_bind+0x5ab/0x940
[ 1043.610995][T28069]  sctp_connect_new_asoc+0x25c/0x690
[ 1043.611031][T28069]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1043.611062][T28069]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1043.611104][T28069]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1043.611130][T28069]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1043.611164][T28069]  sctp_sendmsg+0x155c/0x2810
[ 1043.611209][T28069]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1043.611246][T28069]  ? aa_sk_perm+0x81e/0x950
[ 1043.611285][T28069]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1043.611321][T28069]  ? sock_rps_record_flow+0x19/0x410
[ 1043.611348][T28069]  ? inet_sendmsg+0x2f4/0x370
[ 1043.611374][T28069]  __sock_sendmsg+0x19c/0x270
[ 1043.611414][T28069]  ____sys_sendmsg+0x52d/0x830
[ 1043.611449][T28069]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1043.611490][T28069]  ? import_iovec+0x74/0xa0
[ 1043.611530][T28069]  ___sys_sendmsg+0x21f/0x2a0
[ 1043.611563][T28069]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1043.611634][T28069]  ? __fget_files+0x2a/0x420
[ 1043.611666][T28069]  ? __fget_files+0x3a0/0x420
[ 1043.611710][T28069]  __sys_sendmmsg+0x227/0x430
[ 1043.611746][T28069]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1043.611773][T28069]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1043.611826][T28069]  ? ksys_write+0x22a/0x250
[ 1043.611858][T28069]  ? __pfx_ksys_write+0x10/0x10
[ 1043.611883][T28069]  ? rcu_is_watching+0x15/0xb0
[ 1043.611912][T28069]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1043.611945][T28069]  do_syscall_64+0xfa/0x3b0
[ 1043.611967][T28069]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1043.612002][T28069]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1043.612024][T28069]  ? clear_bhb_loop+0x60/0xb0
[ 1043.612052][T28069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1043.612074][T28069] RIP: 0033:0x7f624058eec9
[ 1043.612095][T28069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1043.612115][T28069] RSP: 002b:00007f6241443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1043.612139][T28069] RAX: ffffffffffffffda RBX: 00007f62407e5fa0 RCX: 00007f624058eec9
[ 1043.612156][T28069] RDX: 0000000000000002 RSI: 0000200000000bc0 RDI: 0000000000000005
[ 1043.612170][T28069] RBP: 00007f6241443090 R08: 0000000000000000 R09: 0000000000000000
[ 1043.612184][T28069] R10: 0000000020000004 R11: 0000000000000246 R12: 0000000000000001
[ 1043.612198][T28069] R13: 00007f62407e6038 R14: 00007f62407e5fa0 R15: 00007ffe920c81a8
[ 1043.612234][T28069]  </TASK>
[ 1043.965567][T28070] CPU: 1 UID: 0 PID: 28070 Comm: syz.2.5043 Not tainted syzkaller #0 PREEMPT(full) 
[ 1043.965600][T28070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1043.965615][T28070] Call Trace:
[ 1043.965624][T28070]  <TASK>
[ 1043.965636][T28070]  dump_stack_lvl+0x189/0x250
[ 1043.965667][T28070]  ? __pfx____ratelimit+0x10/0x10
[ 1043.965705][T28070]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1043.965731][T28070]  ? __pfx__printk+0x10/0x10
[ 1043.965763][T28070]  ? __might_fault+0xb0/0x130
[ 1043.965806][T28070]  should_fail_ex+0x414/0x560
[ 1043.965846][T28070]  _copy_from_user+0x2d/0xb0
[ 1043.965876][T28070]  wext_handle_ioctl+0xba/0x1c0
[ 1043.965911][T28070]  ? __pfx_wext_handle_ioctl+0x10/0x10
[ 1043.965937][T28070]  ? __lock_acquire+0xab9/0xd20
[ 1043.965989][T28070]  sock_ioctl+0x15f/0x790
[ 1043.966027][T28070]  ? __pfx_sock_ioctl+0x10/0x10
[ 1043.966062][T28070]  ? __fget_files+0x2a/0x420
[ 1043.966094][T28070]  ? __fget_files+0x3a0/0x420
[ 1043.966126][T28070]  ? __fget_files+0x2a/0x420
[ 1043.966161][T28070]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1043.966188][T28070]  ? __pfx_sock_ioctl+0x10/0x10
[ 1043.966219][T28070]  __se_sys_ioctl+0xfc/0x170
[ 1043.966248][T28070]  do_syscall_64+0xfa/0x3b0
[ 1043.966270][T28070]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1043.966304][T28070]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1043.966327][T28070]  ? clear_bhb_loop+0x60/0xb0
[ 1043.966353][T28070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1043.966374][T28070] RIP: 0033:0x7f130f58eec9
[ 1043.966393][T28070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1043.966412][T28070] RSP: 002b:00007f1310459038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1043.966434][T28070] RAX: ffffffffffffffda RBX: 00007f130f7e5fa0 RCX: 00007f130f58eec9
[ 1043.966451][T28070] RDX: 0000200000000040 RSI: 0000000000008b1b RDI: 0000000000000003
[ 1043.966465][T28070] RBP: 00007f1310459090 R08: 0000000000000000 R09: 0000000000000000
[ 1043.966489][T28070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1043.966502][T28070] R13: 00007f130f7e6038 R14: 00007f130f7e5fa0 R15: 00007ffdbc6d3738
[ 1043.966536][T28070]  </TASK>
[ 1044.312642][T28076] syz_tun: entered promiscuous mode
[ 1044.321914][T28076] syz_tun: left promiscuous mode
[ 1044.428243][T28085] __nla_validate_parse: 6 callbacks suppressed
[ 1044.428271][T28085] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5047'.
[ 1044.448325][T28076] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5044'.
[ 1044.568701][T28090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5049'.
[ 1044.591278][T28087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5048'.
[ 1044.635168][T28094] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5050'.
[ 1045.180029][T28109] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1045.188340][T28109] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1045.261726][T28109] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1045.267832][T28109] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1045.322100][T28109] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1045.328296][T28109] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1045.641415][T28127] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5059'.
[ 1045.690092][T28127] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1045.708199][T28130] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5061'.
[ 1045.814210][T28132] FAULT_INJECTION: forcing a failure.
[ 1045.814210][T28132] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1045.845788][T28132] CPU: 1 UID: 0 PID: 28132 Comm: syz.2.5062 Not tainted syzkaller #0 PREEMPT(full) 
[ 1045.845826][T28132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1045.845842][T28132] Call Trace:
[ 1045.845852][T28132]  <TASK>
[ 1045.845863][T28132]  dump_stack_lvl+0x189/0x250
[ 1045.845896][T28132]  ? __pfx____ratelimit+0x10/0x10
[ 1045.845935][T28132]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1045.845963][T28132]  ? __pfx__printk+0x10/0x10
[ 1045.845996][T28132]  ? __might_fault+0xb0/0x130
[ 1045.846043][T28132]  should_fail_ex+0x414/0x560
[ 1045.846084][T28132]  _copy_from_user+0x2d/0xb0
[ 1045.846117][T28132]  ___sys_sendmsg+0x158/0x2a0
[ 1045.846153][T28132]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1045.846228][T28132]  ? __fget_files+0x2a/0x420
[ 1045.846263][T28132]  ? __fget_files+0x3a0/0x420
[ 1045.846311][T28132]  __x64_sys_sendmsg+0x19b/0x260
[ 1045.846356][T28132]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1045.846399][T28132]  ? __pfx_ksys_write+0x10/0x10
[ 1045.846427][T28132]  ? rcu_is_watching+0x15/0xb0
[ 1045.846456][T28132]  ? do_syscall_64+0xbe/0x3b0
[ 1045.846487][T28132]  do_syscall_64+0xfa/0x3b0
[ 1045.846509][T28132]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1045.846546][T28132]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1045.846570][T28132]  ? clear_bhb_loop+0x60/0xb0
[ 1045.846600][T28132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1045.846624][T28132] RIP: 0033:0x7f130f58eec9
[ 1045.846646][T28132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1045.846667][T28132] RSP: 002b:00007f1310459038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1045.846693][T28132] RAX: ffffffffffffffda RBX: 00007f130f7e5fa0 RCX: 00007f130f58eec9
[ 1045.846710][T28132] RDX: 0000000000000000 RSI: 0000200000000b00 RDI: 0000000000000005
[ 1045.846726][T28132] RBP: 00007f1310459090 R08: 0000000000000000 R09: 0000000000000000
[ 1045.846741][T28132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1045.846756][T28132] R13: 00007f130f7e6038 R14: 00007f130f7e5fa0 R15: 00007ffdbc6d3738
[ 1045.846792][T28132]  </TASK>
[ 1045.865075][T28134] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5063'.
[ 1046.126742][T28139] netlink: 'syz.2.5064': attribute type 10 has an invalid length.
[ 1046.216643][T28141] FAULT_INJECTION: forcing a failure.
[ 1046.216643][T28141] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1046.242540][T28141] CPU: 0 UID: 0 PID: 28141 Comm: syz.2.5065 Not tainted syzkaller #0 PREEMPT(full) 
[ 1046.242578][T28141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1046.242593][T28141] Call Trace:
[ 1046.242606][T28141]  <TASK>
[ 1046.242619][T28141]  dump_stack_lvl+0x189/0x250
[ 1046.242651][T28141]  ? __pfx____ratelimit+0x10/0x10
[ 1046.242687][T28141]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1046.242712][T28141]  ? __pfx__printk+0x10/0x10
[ 1046.242741][T28141]  ? __might_fault+0xb0/0x130
[ 1046.242782][T28141]  should_fail_ex+0x414/0x560
[ 1046.242820][T28141]  _copy_from_user+0x2d/0xb0
[ 1046.242849][T28141]  arp_ioctl+0x138/0x450
[ 1046.242874][T28141]  ? __pfx_arp_ioctl+0x10/0x10
[ 1046.242917][T28141]  inet_ioctl+0x36e/0x4c0
[ 1046.242938][T28141]  ? kasan_quarantine_put+0xdd/0x220
[ 1046.242964][T28141]  ? __pfx_inet_ioctl+0x10/0x10
[ 1046.243010][T28141]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1046.243044][T28141]  sock_do_ioctl+0xd9/0x300
[ 1046.243080][T28141]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1046.243109][T28141]  ? __lock_acquire+0xab9/0xd20
[ 1046.243156][T28141]  sock_ioctl+0x576/0x790
[ 1046.243191][T28141]  ? __pfx_sock_ioctl+0x10/0x10
[ 1046.243222][T28141]  ? __fget_files+0x2a/0x420
[ 1046.243252][T28141]  ? __fget_files+0x3a0/0x420
[ 1046.243280][T28141]  ? __fget_files+0x2a/0x420
[ 1046.243520][T28141]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1046.243553][T28141]  ? __pfx_sock_ioctl+0x10/0x10
[ 1046.243585][T28141]  __se_sys_ioctl+0xfc/0x170
[ 1046.243616][T28141]  do_syscall_64+0xfa/0x3b0
[ 1046.243639][T28141]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1046.243673][T28141]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.243695][T28141]  ? clear_bhb_loop+0x60/0xb0
[ 1046.243722][T28141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.243745][T28141] RIP: 0033:0x7f130f58eec9
[ 1046.243766][T28141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1046.243785][T28141] RSP: 002b:00007f1310459038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1046.243809][T28141] RAX: ffffffffffffffda RBX: 00007f130f7e5fa0 RCX: 00007f130f58eec9
[ 1046.243825][T28141] RDX: 0000200000000100 RSI: 0000000000008954 RDI: 0000000000000003
[ 1046.243839][T28141] RBP: 00007f1310459090 R08: 0000000000000000 R09: 0000000000000000
[ 1046.243854][T28141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1046.243868][T28141] R13: 00007f130f7e6038 R14: 00007f130f7e5fa0 R15: 00007ffdbc6d3738
[ 1046.243903][T28141]  </TASK>
[ 1046.758756][ T5187] Bluetooth: hci4: command 0x0406 tx timeout
[ 1046.766270][T28109] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1046.772958][T28109] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1046.838066][T28157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5067'.
[ 1047.185237][T28172] ip6gretap0: entered allmulticast mode
[ 1047.622380][T28185] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1047.731076][T28188] FAULT_INJECTION: forcing a failure.
[ 1047.731076][T28188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1047.745876][T28188] CPU: 0 UID: 0 PID: 28188 Comm: syz.4.5078 Not tainted syzkaller #0 PREEMPT(full) 
[ 1047.745899][T28188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1047.745909][T28188] Call Trace:
[ 1047.745916][T28188]  <TASK>
[ 1047.745924][T28188]  dump_stack_lvl+0x189/0x250
[ 1047.745947][T28188]  ? __pfx____ratelimit+0x10/0x10
[ 1047.745973][T28188]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1047.745991][T28188]  ? __pfx__printk+0x10/0x10
[ 1047.746012][T28188]  ? __might_fault+0xb0/0x130
[ 1047.746043][T28188]  should_fail_ex+0x414/0x560
[ 1047.746069][T28188]  _copy_from_iter+0x1de/0x1790
[ 1047.746092][T28188]  ? rcu_is_watching+0x15/0xb0
[ 1047.746108][T28188]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1047.746132][T28188]  ? __pfx__copy_from_iter+0x10/0x10
[ 1047.746151][T28188]  ? __build_skb_around+0x257/0x3e0
[ 1047.746173][T28188]  ? netlink_sendmsg+0x642/0xb30
[ 1047.746190][T28188]  ? skb_put+0x11b/0x210
[ 1047.746217][T28188]  netlink_sendmsg+0x6b2/0xb30
[ 1047.746253][T28188]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1047.746282][T28188]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1047.746320][T28188]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1047.746337][T28188]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1047.746356][T28188]  __sock_sendmsg+0x219/0x270
[ 1047.746390][T28188]  ____sys_sendmsg+0x505/0x830
[ 1047.746415][T28188]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1047.746444][T28188]  ? import_iovec+0x74/0xa0
[ 1047.746467][T28188]  ___sys_sendmsg+0x21f/0x2a0
[ 1047.746489][T28188]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1047.746538][T28188]  ? __fget_files+0x2a/0x420
[ 1047.746560][T28188]  ? __fget_files+0x3a0/0x420
[ 1047.746592][T28188]  __x64_sys_sendmsg+0x19b/0x260
[ 1047.746625][T28188]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1047.746667][T28188]  ? __pfx_ksys_write+0x10/0x10
[ 1047.746691][T28188]  ? rcu_is_watching+0x15/0xb0
[ 1047.746709][T28188]  ? do_syscall_64+0xbe/0x3b0
[ 1047.746728][T28188]  do_syscall_64+0xfa/0x3b0
[ 1047.746743][T28188]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1047.746767][T28188]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.746783][T28188]  ? clear_bhb_loop+0x60/0xb0
[ 1047.746802][T28188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1047.746818][T28188] RIP: 0033:0x7fba90d8eec9
[ 1047.746832][T28188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1047.746846][T28188] RSP: 002b:00007fba91b8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1047.746863][T28188] RAX: ffffffffffffffda RBX: 00007fba90fe5fa0 RCX: 00007fba90d8eec9
[ 1047.746875][T28188] RDX: 0000000000008004 RSI: 0000200000000340 RDI: 0000000000000004
[ 1047.746885][T28188] RBP: 00007fba91b8b090 R08: 0000000000000000 R09: 0000000000000000
[ 1047.746895][T28188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1047.746905][T28188] R13: 00007fba90fe6038 R14: 00007fba90fe5fa0 R15: 00007ffe92595a38
[ 1047.746929][T28188]  </TASK>
[ 1048.084720][T28190] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5079'.
[ 1049.394659][T28208] netlink: 'syz.4.5085': attribute type 1 has an invalid length.
[ 1049.446129][T28208] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1049.472095][T28208] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1049.483866][T28208] bond1: (slave batadv1): making interface the new active one
[ 1049.495709][T28208] bond1: (slave batadv1): Enslaving as an active interface with an up link
[ 1049.512627][T28208] __nla_validate_parse: 4 callbacks suppressed
[ 1049.512654][T28208] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5085'.
[ 1049.667266][T28208] bond1 (unregistering): (slave batadv1): Releasing active interface
[ 1049.680491][T28208] bond1 (unregistering): Released all slaves
[ 1050.001221][T28218] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5088'.
[ 1050.013461][T28218] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5088'.
[ 1050.032715][T28218] macvtap2: entered allmulticast mode
[ 1050.040195][T28218] veth0_macvtap: entered allmulticast mode
[ 1157.240762][T28254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5104'.
[ 1157.511762][T28265] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5107'.
[ 1158.586460][T28276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5109'.
[ 1158.692050][T28280] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5111'.
[ 1191.878702][   T31] INFO: task kworker/0:1:19941 blocked for more than 143 seconds.
[ 1191.890803][   T31]       Not tainted syzkaller #0
[ 1191.895792][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1191.904997][   T31] task:kworker/0:1     state:D stack:25600 pid:19941 tgid:19941 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1191.917630][   T31] Workqueue: events rfkill_global_led_trigger_worker
[ 1191.924891][   T31] Call Trace:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1191.928199][   T31]  <TASK>
[ 1191.931827][   T31]  __schedule+0x1798/0x4cc0
[ 1191.937128][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1191.943306][   T31]  ? __pfx___schedule+0x10/0x10
[ 1191.948212][   T31]  ? irqentry_exit+0x74/0x90
[ 1191.953143][   T31]  ? schedule+0x91/0x360
[ 1191.957439][   T31]  schedule+0x165/0x360
[ 1191.961764][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1191.967289][   T31]  __mutex_lock+0x7e6/0x1350
[ 1191.972184][   T31]  ? __mutex_lock+0x5bb/0x1350
[ 1191.976992][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 1191.984228][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1191.989973][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1191.995753][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1192.002357][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 1192.009197][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1192.014979][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1192.021331][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1192.027393][   T31]  worker_thread+0x8a0/0xda0
[ 1192.032714][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1192.040026][   T31]  ? __kthread_parkme+0x7b/0x200
[ 1192.045026][   T31]  kthread+0x70e/0x8a0
[ 1192.049842][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1192.055000][   T31]  ? __pfx_kthread+0x10/0x10
[ 1192.079049][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1192.084345][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1192.119912][   T31]  ? __pfx_kthread+0x10/0x10
[ 1192.124576][   T31]  ret_from_fork+0x439/0x7d0
[ 1192.133610][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1192.139622][   T31]  ? __switch_to_asm+0x39/0x70
[ 1192.144439][   T31]  ? __switch_to_asm+0x33/0x70
[ 1192.149948][   T31]  ? __pfx_kthread+0x10/0x10
[ 1192.154593][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1192.160108][   T31]  </TASK>
[ 1192.163218][   T31] INFO: task syz.1.5045:28073 blocked for more than 143 seconds.
[ 1192.172176][   T31]       Not tainted syzkaller #0
[ 1192.177154][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1192.186380][   T31] task:syz.1.5045      state:D stack:25096 pid:28073 tgid:28073 ppid:5871   task_flags:0x400040 flags:0x00004004
[ 1192.199030][   T31] Call Trace:
[ 1192.202349][   T31]  <TASK>
[ 1192.205318][   T31]  __schedule+0x1798/0x4cc0
[ 1192.210362][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.215247][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.220625][   T31]  ? __pfx___schedule+0x10/0x10
[ 1192.225613][   T31]  ? schedule+0x91/0x360
[ 1192.230537][   T31]  schedule+0x165/0x360
[ 1192.234718][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1192.240694][   T31]  __mutex_lock+0x7e6/0x1350
[ 1192.245312][   T31]  ? __mutex_lock+0x5bb/0x1350
[ 1192.250328][   T31]  ? rfkill_unregister+0xc8/0x220
[ 1192.255371][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1192.260441][   T31]  ? __pfx_device_del+0x10/0x10
[ 1192.265313][   T31]  rfkill_unregister+0xc8/0x220
[ 1192.270202][   T31]  nfc_unregister_device+0x96/0x2a0
[ 1192.275415][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 1192.281717][   T31]  virtual_ncidev_close+0x56/0x90
[ 1192.286787][   T31]  __fput+0x44c/0xa70
[ 1192.291398][   T31]  task_work_run+0x1d1/0x260
[ 1192.296020][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1192.301644][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1192.307132][   T31]  exit_to_user_mode_loop+0xec/0x110
[ 1192.312953][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1192.317659][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.324247][   T31]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1192.330889][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1192.335589][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.342170][   T31] RIP: 0033:0x7f36adf8eec9
[ 1192.346681][   T31] RSP: 002b:00007fff9bbaebd8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1192.355701][   T31] RAX: 0000000000000000 RBX: 00007f36ae1e7da0 RCX: 00007f36adf8eec9
[ 1192.364358][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1192.372829][   T31] RBP: 00007f36ae1e7da0 R08: 0000000000000220 R09: 0000001e9bbaeecf
[ 1192.381299][   T31] R10: 00007f36ae1e7cb0 R11: 0000000000000246 R12: 00000000000ff261
[ 1192.389838][   T31] R13: 00007f36ae1e6090 R14: ffffffffffffffff R15: 00007fff9bbaecf0
[ 1192.398098][   T31]  </TASK>
[ 1192.401615][   T31] INFO: task syz.3.5055:28109 blocked for more than 143 seconds.
[ 1192.410108][   T31]       Not tainted syzkaller #0
[ 1192.415332][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1192.424626][   T31] task:syz.3.5055      state:D stack:27144 pid:28109 tgid:28104 ppid:5869   task_flags:0x400040 flags:0x00004006
[ 1192.437138][   T31] Call Trace:
[ 1192.440956][   T31]  <TASK>
[ 1192.443911][   T31]  __schedule+0x1798/0x4cc0
[ 1192.449310][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.454212][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.459642][   T31]  ? __pfx___schedule+0x10/0x10
[ 1192.464542][   T31]  ? schedule+0x91/0x360
[ 1192.469476][   T31]  schedule+0x165/0x360
[ 1192.473688][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1192.479648][   T31]  __mutex_lock+0x7e6/0x1350
[ 1192.484293][   T31]  ? __mutex_lock+0x5bb/0x1350
[ 1192.489624][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 1192.494949][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1192.500488][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1192.505715][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1192.512109][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1192.519291][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1192.525065][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[ 1192.530679][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1192.536413][   T31]  rfkill_set_block+0x1d2/0x440
[ 1192.541558][   T31]  rfkill_fop_write+0x44b/0x570
[ 1192.546453][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 1192.551961][   T31]  ? security_file_permission+0x70/0x290
[ 1192.557606][   T31]  ? rw_verify_area+0x255/0x4d0
[ 1192.562500][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.567369][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 1192.573238][   T31]  vfs_write+0x27b/0xb30
[ 1192.577507][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1192.582853][   T31]  ? __fget_files+0x2a/0x420
[ 1192.587473][   T31]  ? __fget_files+0x2a/0x420
[ 1192.592572][   T31]  ? __fget_files+0x3a0/0x420
[ 1192.597296][   T31]  ? __fget_files+0x2a/0x420
[ 1192.602388][   T31]  ksys_write+0x145/0x250
[ 1192.606749][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1192.612092][   T31]  ? do_syscall_64+0xbe/0x3b0
[ 1192.616796][   T31]  do_syscall_64+0xfa/0x3b0
[ 1192.621836][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1192.627165][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.633779][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1192.639031][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.644941][   T31] RIP: 0033:0x7f624058eec9
[ 1192.649831][   T31] RSP: 002b:00007f6241422038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1192.658261][   T31] RAX: ffffffffffffffda RBX: 00007f62407e6090 RCX: 00007f624058eec9
[ 1192.666810][   T31] RDX: 0000000000000008 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1192.675518][   T31] RBP: 00007f6240611f91 R08: 0000000000000000 R09: 0000000000000000
[ 1192.684053][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1192.692518][   T31] R13: 00007f62407e6128 R14: 00007f62407e6090 R15: 00007ffe920c81a8
[ 1192.701011][   T31]  </TASK>
[ 1192.704060][   T31] INFO: task syz.2.5072:28167 blocked for more than 144 seconds.
[ 1192.714521][   T31]       Not tainted syzkaller #0
[ 1192.719959][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1192.729144][   T31] task:syz.2.5072      state:D stack:28328 pid:28167 tgid:28166 ppid:5864   task_flags:0x400040 flags:0x00004004
[ 1192.741655][   T31] Call Trace:
[ 1192.744948][   T31]  <TASK>
[ 1192.747979][   T31]  __schedule+0x1798/0x4cc0
[ 1192.753247][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.758120][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.763681][   T31]  ? __pfx___schedule+0x10/0x10
[ 1192.769071][   T31]  ? schedule+0x91/0x360
[ 1192.773337][   T31]  schedule+0x165/0x360
[ 1192.777602][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1192.783777][   T31]  __mutex_lock+0x7e6/0x1350
[ 1192.789065][   T31]  ? __mutex_lock+0x5bb/0x1350
[ 1192.793888][   T31]  ? rfkill_fop_open+0x12d/0x820
[ 1192.799380][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1192.804425][   T31]  ? __raw_spin_lock_init+0x45/0x100
[ 1192.810201][   T31]  ? __init_waitqueue_head+0xa9/0x150
[ 1192.815599][   T31]  rfkill_fop_open+0x12d/0x820
[ 1192.820947][   T31]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1192.826246][   T31]  misc_open+0x2b9/0x330
[ 1192.830721][   T31]  chrdev_open+0x4c9/0x5e0
[ 1192.835165][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1192.840229][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[ 1192.846582][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1192.851563][   T31]  do_dentry_open+0x950/0x13f0
[ 1192.856349][   T31]  vfs_open+0x3b/0x340
[ 1192.860977][   T31]  ? path_openat+0x2ecd/0x3830
[ 1192.865778][   T31]  path_openat+0x2ee5/0x3830
[ 1192.870849][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1192.875733][   T31]  ? stack_depot_save_flags+0x40/0x860
[ 1192.881717][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1192.886667][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.893250][   T31]  do_filp_open+0x1fa/0x410
[ 1192.897771][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1192.903221][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1192.908300][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1192.913787][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1192.918156][   T31]  do_sys_openat2+0x121/0x1c0
[ 1192.923604][   T31]  ? __se_sys_futex+0x36f/0x400
[ 1192.929126][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1192.934357][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1192.939604][   T31]  __x64_sys_openat+0x138/0x170
[ 1192.944475][   T31]  do_syscall_64+0xfa/0x3b0
[ 1192.949477][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1192.954692][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.961238][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1192.965929][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.972391][   T31] RIP: 0033:0x7f130f58eec9
[ 1192.976906][   T31] RSP: 002b:00007f1310459038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1192.985845][   T31] RAX: ffffffffffffffda RBX: 00007f130f7e5fa0 RCX: 00007f130f58eec9
[ 1192.994396][   T31] RDX: 0000000000000801 RSI: 0000200000000180 RDI: ffffffffffffff9c
[ 1193.002920][   T31] RBP: 00007f130f611f91 R08: 0000000000000000 R09: 0000000000000000
[ 1193.011385][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1193.019952][   T31] R13: 00007f130f7e6038 R14: 00007f130f7e5fa0 R15: 00007ffdbc6d3738
[ 1193.028145][   T31]  </TASK>
[ 1193.031685][   T31] INFO: task syz.0.5073:28170 blocked for more than 144 seconds.
[ 1193.040098][   T31]       Not tainted syzkaller #0
[ 1193.045044][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1193.054245][   T31] task:syz.0.5073      state:D stack:26024 pid:28170 tgid:28169 ppid:5865   task_flags:0x400140 flags:0x00004004
[ 1193.066703][   T31] Call Trace:
[ 1193.070482][   T31]  <TASK>
[ 1193.073426][   T31]  __schedule+0x1798/0x4cc0
[ 1193.077955][   T31]  ? kasan_save_free_info+0x46/0x50
[ 1193.083884][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.089295][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.094170][   T31]  ? __pfx___schedule+0x10/0x10
[ 1193.099629][   T31]  ? schedule+0x91/0x360
[ 1193.103895][   T31]  schedule+0x165/0x360
[ 1193.108073][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1193.114146][   T31]  __mutex_lock+0x7e6/0x1350
[ 1193.119008][   T31]  ? __mutex_lock+0x5bb/0x1350
[ 1193.123829][   T31]  ? misc_open+0x51/0x330
[ 1193.128182][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1193.133373][   T31]  misc_open+0x51/0x330
[ 1193.137581][   T31]  chrdev_open+0x4c9/0x5e0
[ 1193.142090][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1193.147154][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[ 1193.154046][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1193.160408][   T31]  do_dentry_open+0x950/0x13f0
[ 1193.165255][   T31]  vfs_open+0x3b/0x340
[ 1193.169838][   T31]  ? path_openat+0x2ecd/0x3830
[ 1193.174639][   T31]  path_openat+0x2ee5/0x3830
[ 1193.179727][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1193.184651][   T31]  ? stack_depot_save_flags+0x40/0x860
[ 1193.190681][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1193.195666][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.202251][   T31]  do_filp_open+0x1fa/0x410
[ 1193.206800][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1193.212163][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1193.217256][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1193.222707][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1193.227090][   T31]  do_sys_openat2+0x121/0x1c0
[ 1193.232295][   T31]  ? __se_sys_futex+0x36f/0x400
[ 1193.237209][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1193.243035][   T31]  ? rcu_is_watching+0x15/0xb0
[ 1193.247822][   T31]  __x64_sys_openat+0x138/0x170
[ 1193.253249][   T31]  do_syscall_64+0xfa/0x3b0
[ 1193.257791][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.263506][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.270170][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1193.274975][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.281474][   T31] RIP: 0033:0x7f76d778eec9
[ 1193.285932][   T31] RSP: 002b:00007f76d859a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1193.294886][   T31] RAX: ffffffffffffffda RBX: 00007f76d79e5fa0 RCX: 00007f76d778eec9
[ 1193.303474][   T31] RDX: 0000000000040241 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1193.311954][   T31] RBP: 00007f76d7811f91 R08: 0000000000000000 R09: 0000000000000000
[ 1193.320433][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1193.329187][   T31] R13: 00007f76d79e6038 R14: 00007f76d79e5fa0 R15: 00007ffc13e773c8
[ 1193.337245][   T31]  </TASK>
[ 1193.341351][   T31] 
[ 1193.341351][   T31] Showing all locks held in the system:
[ 1193.349716][   T31] 1 lock held by khungtaskd/31:
[ 1193.354803][   T31]  #0: ffffffff8e13a0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1193.365331][   T31] 2 locks held by getty/5627:
[ 1193.370545][   T31]  #0: ffff8880337d60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1193.381089][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1193.391514][   T31] 3 locks held by kworker/0:1/19941:
[ 1193.396832][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1193.408027][   T31]  #1: ffffc9000398fbc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1193.421961][   T31]  #2: ffffffff8f8095a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 1193.433690][   T31] 2 locks held by syz.1.5045/28073:
[ 1193.439912][   T31]  #0: ffff888021adb100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 1193.450074][   T31]  #1: ffffffff8f8095a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 1193.460475][   T31] 2 locks held by syz.3.5055/28109:
[ 1193.465708][   T31]  #0: ffffffff8f8095a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x191/0x570
[ 1193.475871][   T31]  #1: ffff888021adb100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 1193.486044][   T31] 2 locks held by syz.2.5072/28167:
[ 1193.491315][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.499986][   T31]  #1: ffffffff8f8095a8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x12d/0x820
[ 1193.510511][   T31] 1 lock held by syz.0.5073/28170:
[ 1193.515629][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.524270][   T31] 1 lock held by syz-executor/28239:
[ 1193.529623][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.538161][   T31] 1 lock held by syz-executor/28240:
[ 1193.543818][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.552598][   T31] 1 lock held by syz-executor/28242:
[ 1193.559045][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.567581][   T31] 1 lock held by syz-executor/28243:
[ 1193.572937][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.581575][   T31] 1 lock held by syz.4.5113/28284:
[ 1193.586724][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.595280][   T31] 1 lock held by syz-executor/28290:
[ 1193.600792][   T31]  #0: ffffffff8e9c2788 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1193.609339][   T31] 
[ 1193.611708][   T31] =============================================
[ 1193.611708][   T31] 
[ 1193.620852][   T31] NMI backtrace for cpu 0
[ 1193.620876][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[ 1193.620901][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1193.620914][   T31] Call Trace:
[ 1193.620942][   T31]  <TASK>
[ 1193.620954][   T31]  dump_stack_lvl+0x189/0x250
[ 1193.620988][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1193.621014][   T31]  ? __pfx__printk+0x10/0x10
[ 1193.621057][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1193.621099][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1193.621133][   T31]  ? __pfx__printk+0x10/0x10
[ 1193.621166][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1193.621204][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1193.621239][   T31]  watchdog+0xf93/0xfe0
[ 1193.621273][   T31]  ? watchdog+0x1de/0xfe0
[ 1193.621308][   T31]  kthread+0x70e/0x8a0
[ 1193.621343][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1193.621371][   T31]  ? __pfx_kthread+0x10/0x10
[ 1193.621400][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1193.621432][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.621464][   T31]  ? __pfx_kthread+0x10/0x10
[ 1193.621491][   T31]  ret_from_fork+0x439/0x7d0
[ 1193.621515][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1193.621540][   T31]  ? __switch_to_asm+0x39/0x70
[ 1193.621563][   T31]  ? __switch_to_asm+0x33/0x70
[ 1193.621582][   T31]  ? __pfx_kthread+0x10/0x10
[ 1193.621601][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1193.621633][   T31]  </TASK>
[ 1193.621639][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1193.774011][    C1] NMI backtrace for cpu 1
[ 1193.774034][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1193.774055][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1193.774068][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 1193.774104][    C1] Code: 53 e8 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d b3 09 15 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 1193.774122][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c2
[ 1193.774139][    C1] RAX: 035a1df95e159500 RBX: ffffffff81968528 RCX: 035a1df95e159500
[ 1193.774154][    C1] RDX: 0000000000000001 RSI: ffffffff8d9b09bc RDI: ffffffff8be33f80
[ 1193.774168][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f9b R09: 1ffff110170e65f3
[ 1193.774182][    C1] R10: dffffc0000000000 R11: ffffed10170e65f4 R12: ffffffff8fa2f230
[ 1193.774197][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110039d6b40
[ 1193.774210][    C1] FS:  0000000000000000(0000) GS:ffff888125d3c000(0000) knlGS:0000000000000000
[ 1193.774225][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1193.774239][    C1] CR2: 0000561cd0e72000 CR3: 000000000df36000 CR4: 00000000003526f0
[ 1193.774256][    C1] Call Trace:
[ 1193.774266][    C1]  <TASK>
[ 1193.774273][    C1]  default_idle+0x13/0x20
[ 1193.774294][    C1]  default_idle_call+0x74/0xb0
[ 1193.774317][    C1]  do_idle+0x1e8/0x510
[ 1193.774349][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1193.774376][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1193.774415][    C1]  cpu_startup_entry+0x44/0x60
[ 1193.774443][    C1]  start_secondary+0x101/0x110
[ 1193.774470][    C1]  common_startup_64+0x13e/0x147
[ 1193.774503][    C1]  </TASK>
[ 1193.774990][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1193.946833][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[ 1193.955983][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1193.966196][   T31] Call Trace:
[ 1193.969534][   T31]  <TASK>
[ 1193.972490][   T31]  dump_stack_lvl+0x99/0x250
[ 1193.977197][   T31]  ? __asan_memcpy+0x40/0x70
[ 1193.981809][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1193.987034][   T31]  ? __pfx__printk+0x10/0x10
[ 1193.991651][   T31]  vpanic+0x281/0x750
[ 1193.995689][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1194.000225][   T31]  ? preempt_schedule+0xae/0xc0
[ 1194.005111][   T31]  ? preempt_schedule_common+0x83/0xd0
[ 1194.010601][   T31]  panic+0xb9/0xc0
[ 1194.014348][   T31]  ? __pfx_panic+0x10/0x10
[ 1194.018868][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1194.024291][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1194.030467][   T31]  watchdog+0xfd2/0xfe0
[ 1194.034648][   T31]  ? watchdog+0x1de/0xfe0
[ 1194.038997][   T31]  kthread+0x70e/0x8a0
[ 1194.043102][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1194.047796][   T31]  ? __pfx_kthread+0x10/0x10
[ 1194.052401][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1194.057616][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1194.062834][   T31]  ? __pfx_kthread+0x10/0x10
[ 1194.067438][   T31]  ret_from_fork+0x439/0x7d0
[ 1194.072057][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1194.077191][   T31]  ? __switch_to_asm+0x39/0x70
[ 1194.082061][   T31]  ? __switch_to_asm+0x33/0x70
[ 1194.086839][   T31]  ? __pfx_kthread+0x10/0x10
[ 1194.091456][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1194.096293][   T31]  </TASK>
[ 1194.099488][   T31] Kernel Offset: disabled
[ 1194.103820][   T31] Rebooting in 86400 seconds..