last executing test programs:

1m30.146092415s ago: executing program 0 (id=1292):
r0 = socket(0x18, 0x0, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x4, @random="45e3f364e554", 'sit0\x00'}}, 0x1e)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)={0x10, 0x140e, 0x2, 0x70bd2d, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x8010}, 0x20008816)

1m29.953467436s ago: executing program 0 (id=1293):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000001a000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x3, 0x8000000003c)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0)

1m29.816352827s ago: executing program 0 (id=1295):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x2}) (async)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xff37)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x40210d2, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB="900000001000370400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8b04040000000000700012800b00010067656e6576650000600002800500040001000000140007"], 0x90}}, 0x0)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x1, 0x9, 0x201, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x7}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4880) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x324)

1m28.809344856s ago: executing program 0 (id=1302):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r1, 0x1, 0x70bd2b, 0x7, {}, ["", "", "", ""]}, 0x14}}, 0x40004)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x6, 0x4, 0x0, 0x0, 0x2, 0x0, 0xfe, 0x0, 0x0, 0xfa, 0x0, 0x1}, 0xe)
shutdown(r2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TDLS_OPER(r4, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x48, r0, 0x20, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2, 0x78}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, 0x0, &(0x7f0000000180))
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x74, &(0x7f0000000500)={0x0, 0x20, 0x30, 0x1, 0x4}, &(0x7f00000005c0)=0x18)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000180)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000001c0)={<r6=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000040)={r6, 0x8000, 0x30, 0x7fffffffffffffff, 0x7fffffff}, &(0x7f0000000080)=0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x34}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x6, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, r9, 0xe985e4df3848afb5, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x4}]}, 0x18}}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r10, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="180000002400010300000000000000000100"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000000)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000000c0)={r6, 0x2, 0xfff}, 0x8)

1m28.443824309s ago: executing program 0 (id=1305):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000001a000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0)

1m28.174815569s ago: executing program 0 (id=1308):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
recvfrom(r0, &(0x7f0000001140)=""/4096, 0x1000, 0x102, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000100)="1ce0", 0x2, 0x0, 0x0, 0x0)

1m27.864647746s ago: executing program 32 (id=1308):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
recvfrom(r0, &(0x7f0000001140)=""/4096, 0x1000, 0x102, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000100)="1ce0", 0x2, 0x0, 0x0, 0x0)

16.356846325s ago: executing program 3 (id=2127):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/14], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r2, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
bind$xdp(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, 0x6}, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000580)=ANY=[@ANYBLOB="b8000000190001000000000000000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000a0020003b000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000d11cc9c2f886ee5778000000000000405f0000000000002300000000000000aafe7d78c30000000000000000000000000000000000ffffffffffffff13000000000000000000000000000000000000000000000000000a0000000000000000000000804000008e147583e42e849c8219e376260d5f00"/146], 0xb8}}, 0x4c001)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_IDLE(r4, 0x103, 0x7, 0x0, &(0x7f0000000040))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r5, &(0x7f00000000c0), 0x9)
sendfile(r5, r3, 0x0, 0x10000)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001640)=ANY=[@ANYRESDEC=r1], &(0x7f0000000380)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000540)='rcu_utilization\x00', r7}, 0x10)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b000000000000000000150006000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{0x1}, 0x0, 0x0}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r9, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
sendfile(r9, r10, 0x0, 0xffffffff000)
socket(0xa, 0x3, 0x3a)

15.378841057s ago: executing program 3 (id=2133):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = gettid()
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='Q', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=@ipv4_deladdr={0x30, 0x15, 0x100, 0x70bd25, 0x25dfdbfb, {0x2, 0x8, 0x81, 0xfd}, [@IFA_BROADCAST={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x12}}, @IFA_FLAGS={0x8, 0x8, 0x120}, @IFA_BROADCAST={0x8, 0x4, @private=0xa010100}]}, 0x30}}, 0x28000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000280)=""/68, 0x44}, {&(0x7f0000001100)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/34, 0x22}, {&(0x7f00000003c0)=""/129, 0x81}, {&(0x7f0000000840)=""/144, 0x90}, {&(0x7f0000000980)=""/131, 0x83}], 0x6, &(0x7f0000000a40)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x23}, 0x2141)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
sendmsg$key(r8, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002e80)={0x40, 0x0, 0x1, 0x10001, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_LEVEL={0x24, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x16}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x4}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0xc}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x40008d5}, 0x8000)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000000), r9)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'wpan0\x00', <r10=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x44, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004001}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wpan1\x00', <r11=>0x0})
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r12)
ioctl$sock_SIOCGIFINDEX_802154(r12, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r14=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="b8010000", @ANYRES16=r13, @ANYBLOB="010025bd7000fbdbdf251e0000009c012f80080001005b000000a80003800c0005000400000000000000300003800c00040000000000000000000c0004000201aaaaaaaaaaaa08000200020000000c0004000200aaaaaaaaaaaa0c00050016010000000000000c00050008000000000000000c0005000000000000000000080004004c0500000500020000000000140003800600010000000000060001000100000014000380060001000300000006000100030000000c00050004000000000000000c000380050002000200000090000380080001000100000038000380060001000100000006000300ffff000008000200030000000c0004000203aaaaaaaaaaaa060001000300000006000300feff0000080001000200000008000400000300002c0003800c0004000201aaaaaaaaaaaa0c0004000203aaaaaaaaaaaa08000200010000000800020000000000080001000000000008000400bc0000004000038008000400ffffffff080001000100000005000200030000000800010003000000050002000300000008000100010000000c00050000000000000000800c0002000203aaaaaaaaaaaa08000300", @ANYRES32=r14], 0x1b8}, 0x1, 0x0, 0x0, 0x20000041}, 0x40800)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000700)={&(0x7f0000000780)={0x4c, 0x0, 0x800, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r14}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40004}, 0x4000000)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
getsockopt$sock_int(r5, 0x1, 0x6, &(0x7f00000004c0), &(0x7f0000000580)=0x4)

14.978091067s ago: executing program 3 (id=2139):
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x1, 0x8, 0x101, 0x0, 0x0, {0x3}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xfbfb}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x24000004)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000003300)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="0200000002"], 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r3}, 0x10)
accept$netrom(0xffffffffffffffff, &(0x7f00000005c0)={{}, [@remote, @rose, @rose, @null, @bcast, @netrom, @null, @default]}, &(0x7f0000000180)=0x48)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r6, 0x112, 0x4, 0x0, &(0x7f00000000c0))
close(r5)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newtaction={0x140, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x12c, 0x1, [@m_gact={0x128, 0x1b, 0x0, 0x0, {{0x9}, {0xb8, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x15e3, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x95e, 0xe7aedcaef015089c}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x14d1, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0xbf, 0x8, 0xc59c5d868589958a, 0x0, 0x2}}, @TCA_GACT_PARMS={0x18, 0x2, {0xfffffffb, 0x6, 0x20000000, 0x48b, 0x7}}, @TCA_GACT_PARMS={0x18, 0x2, {0x8, 0xe6, 0x4, 0x2, 0xfe}}, @TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x9, 0x0, 0x9, 0x5933}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x675, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0xc, 0x4, 0x1, 0x200, 0x7fff}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1192, 0x1}}]}, {0x47, 0x6, "c6767d144d374159eedfce79182f2be38f66a83691c78d5c793dda3916ceffda2a84b86250466861f32fa3456164c8a3f5626773d4cf7bcaa05b1d7b0ed31344feba42"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x140}}, 0x0)
recvmsg$qrtr(r5, &(0x7f0000002340)={&(0x7f00000007c0), 0xc, &(0x7f0000002100)=[{&(0x7f0000000e40)=""/214, 0xd6}, {&(0x7f0000000800)=""/34, 0x22}, {&(0x7f0000000f40)=""/208, 0xd0}, {&(0x7f0000001040)=""/4096, 0x1000}, {&(0x7f0000000840)=""/19, 0x13}, {&(0x7f0000000880)=""/15, 0xf}, {&(0x7f0000002040)=""/131, 0x83}], 0x7, &(0x7f0000002180)=[{0x20, 0x0, 0x0, ""/9}, {0x60, 0x0, 0x0, ""/79}, {0x68, 0x0, 0x0, ""/85}, {0x10}, {0x38, 0x0, 0x0, ""/37}, {0x70, 0x0, 0x0, ""/93}], 0x1a0, 0x40012160}, 0x38, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="11000000000000000000000100"/28], 0x50)
r8 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
r10 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r10, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x37}, 0x0, 0x0, 0x0, 0x1}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r10, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x0, 0x0, 0x0, 0x4007}})
sendfile(r8, r9, 0x0, 0xffffffff000)

14.681511354s ago: executing program 3 (id=2143):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, 0x0, 0x0)
r1 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x10)
pselect6(0x40, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}, &(0x7f00000000c0)={0x7a}, 0x0, 0x0, 0x0)

14.449160613s ago: executing program 3 (id=2145):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000040)=@framed={{0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0, @generic={0x65}, @initr0, @exit, @call={0x85, 0x0, 0x0, 0x5e}], {0x95, 0x0, 0x0, 0x9000000}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.391821002s ago: executing program 4 (id=2222):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000088fe508a8500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000003c0)='sys_enter\x00', r0}, 0x18)
clock_gettime(0x4, &(0x7f00000000c0))
socket$nl_route(0x10, 0x3, 0x0)
accept$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, &(0x7f0000000100)=0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_ethernet(0x46, &(0x7f0000000c40)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x10, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000300000028000180150001006474683a74"], 0x3c}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendto$inet6(r3, &(0x7f0000000280)="02042c08ec074802010e0200c52cf7c20675e005b02f0800eb2b2ff0dac8897c6b112002faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)

2.052283103s ago: executing program 4 (id=2224):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, &(0x7f0000000100)=0xfffffffffffffde1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000440)={'wlan0\x00'})
r2 = socket$kcm(0x10, 0x2, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r3, 0x0, 0x4000)
sendmsg$kcm(r2, 0x0, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000000)={r7, 0x28b72f28}, &(0x7f0000000040)=0x8)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f00000000c0)={'netdevsim0\x00', @link_local})
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r9, 0x84, 0x75, &(0x7f00000000c0)={0x0, 0xce}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r9, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r9, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES16=r9, @ANYRES16], 0x1000f)

2.021191305s ago: executing program 5 (id=2225):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000400)={<r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x10b})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'wg0\x00', 0x400})
ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000080)=0x8)
close(r0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/22], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000040)=0x4083, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e22, @local}, 0x10)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, 0x0, 0xc8041)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @remote}, 0x1c, 0x0}}], 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r5)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r5, 0x8b28, &(0x7f0000000000)={'wlan1\x00', @random="0100"})
sendto$inet(0xffffffffffffffff, &(0x7f0000000140)="eb", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @loopback}, 0x10)

1.785302854s ago: executing program 5 (id=2226):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x890b, &(0x7f0000000240)={0xffffc0fe, 'wg0\x00'})
r1 = accept4$x25(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x80000)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0x0)
bind$can_raw(r3, &(0x7f0000000480), 0x10)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000040)=[{{0x2, 0x1}, {0x0, 0x1, 0x1, 0x1}}], 0x8)
sendmmsg$inet6(r2, &(0x7f0000005540)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000440)="53f0ffe22a696bb222b8fc852be7d82c8fb293489d649a984bfa534acb82f7edfb86d18ab644753383e6c133deb725449bfdf769b4becd6d0840ffec1dd6cb1afe5b0b31af7f7f5878635b1335f418473c2b53e7fe3a47b125e9e7cd1e67af3d4e284f52258c0a1dc93edc4504de70195385c063141c72ecda9a0af119184c23ab9bccbae7bc644bd3e18761428d16759ffbfc231d77df63b69d2292e6bbbb1c7e00f8fd7e661c388ce5aae50a1db3a17ac49c277f50190989fb08447e8535a896ea87b61abca070ad91ca3685efaaa875bd", 0xd2}, {&(0x7f0000000540)="d9ab8cf67cfd5487c3490000cb94895b5745f56390e42b0a715a9c5ac682c9a74b59822e5ddd72567fd2ae878ae4cbdc46b58e9c513c06cc2efaa4be11bc548804c6088ad56159c69cb75e0777fb207c8a108cc1a0d61c47b5ef12c8abdec45b465806221524393afeea38387c2161", 0x6f}, {&(0x7f00000005c0)="1018c2a217eac0d7750c862328047000b0d261615331844ae8d5a5f3c988983623b90ccecb375a494cc2b5d4f4ab678edf2fa06740f6452a3b393d6048a233d0ee49846cc150a93a48ac524a2ec2a75bd6032b7eab7745f46eead723af3feb18c9702671f76a12f4c6914af0ccc8c94141669a78139d4773f6b17c3a6595660025581eb5d82532ce72b10e0a42c7d9b13f0a", 0x92}, {&(0x7f0000000680)="2daa8e59655733f1a0a88041ed9a075d4522b7e7e13d88298b8445cb2a40bd977505257c38a7712e4f6f9b361505adf9db80d3f79c01b87e8887bb9339", 0x3d}, {&(0x7f00000006c0)="e662c1fa49c2d1e16d06633bab02a0053e3dda0e500f4d272521490d15d2afeb1456d01faf6f82ef30b44a1574210b69efc8c461ab6038c8a935153757686f485c42932b660a69d9", 0x48}, {&(0x7f0000000940)="912d2331821e0d569a4d2e4844d294408a39209a11c5f0d346f71c8ac63931a715066fa1d82f497089971bc339a3b784faae41ffd33a5f3fb4a08f8d309a3dbf21ea869c3db357f3905e195042efe19d1659d2e70a7f42e07df10e60c67b72df4e820853dbc06210cff072557a0d7ec9f1ff2b258520918124ca44202d55627a5169800b37df102dee18003e36e7d93a068fa7bcd2b0d526c7b428a7a040d4cef17e687824321d4a2b7f102869e123b8d23a29f8692403c20043900a34b8bad8400a597a198e448981", 0xc9}, {&(0x7f0000000740)="140e5fc3b189946f3b7757e7663c2260f2525978adf9c927ad29f168b8519789691c3eaff3222e419e503d", 0x2b}], 0x7}}, {{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000e80)="85dfffd5067d6318b7d99ed6a067456f6d3b892e8a3013306a74fa71e73c62990feee982117cae8d8dbb331dc752e1015356424570ace629d9174e63571d0e2ece4b1d7251b5d9a8a26655893c6df6704cb9ce159293461a60e2953fdf65022ff2a6cf2cca4b4d2578fd10ebfe34ac762ca97b3824175f0dfad3b4944c3c4c51609836f9136bb0d2af1edb13bde2623148b0c83ddb8705648320319aa84be9e0c230a6878c6080cd8b3671a17034c9ae546b32348b358f1c4d34953cccfea6205ab4aba867238ac11cd84cac7ce9699c", 0xd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000fc0)="ea5a13b9d06e1efe88133118a54cc86b0a860effda29c4ec90efb697427a7d242cc86245df9a984a5a86b805ba36bb1775b036bbc5f7fd4c2aaeb2fc6411e9d446129cfc268c685e58cbe5a7754d9c0320c6e9e5869803", 0x57}], 0x1}}, {{0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000001100)="9413ac4ec31b1b5f66a637f1a06e05ee1162f23cfbcf22c9e600443d6ee2839dbdd4a719cf1dd641143cfcee79d8f767c924a5bf49820206417a96d58396bb01f6c74fbe", 0x44}, {&(0x7f0000001180)="6be2bccd39edc6cc84cdbb47a0b6be3e08b6df3ace70b7ab151866", 0x1b}, {&(0x7f0000000180)="dd6088b054bd7af92571c6c96262563b351eb669729f6b52fe84c4e0", 0x1c}, {&(0x7f0000001200)="634cf1a005af785c964a096f5556b9fba40b67f2ae517e466d46cf48fac023de842b20ba5d32400c80111e131e088b275904159902b1410aed68587a9c25a287c85cc641ed59fead96ccedf62098b6c0acc09aecf5898019a14e625cbec53ca0054d58a6205979e390f39629b9", 0x6d}, {&(0x7f0000001280)="3ccd445ea2efeef7c86d64c7f7f1b32b4bb386e9b4df54d0b9563d1adf55c759d4bddc3c87d33b3fa8402b00119c097cf9d7615e2c01a19b2b569189f2641dae7dbee6840b0d77e099f156e8b1c423e00cd670878f34a845abff0f1cec42f06cf5866821db5c1d482e77d77ca3e8aff1e292aa6dbab3c1395972863d8a63bacc2bdabab8570bcd97c7c3cf", 0x8b}, {&(0x7f0000001340)="e5eed2886682abb7798595265767b10546c63afc547498f51f101ca0508e1321cdd003e4638bbb5f", 0x28}], 0x6}}, {{0x0, 0x0, &(0x7f0000003d80)=[{&(0x7f00000031c0)="ad64c806f84ca41539afa6ce2b2f870125977014c583ea045f9d336f3d5937de6c9902dd64627ba9f04bf94fe915e8d6a7d12675c924f8ff4a3672bb7f24784a6ab338419993503acbff233a14d8f8c73ab7375cc136d7335f5743c5d8265c4c55b84dafde9044ec38d481cec8a2c949ad8aa1a753c202f034b4127539c81a2813c02227e0f8921e28e5cfba10decdc04b2d54f79a3b7dbf429b3c2ed92d80ac1ddb78646436bf6558121327c35632c3a6680a6a724ea92a0f34ae438e88a270b509ece9f63499d632614fdd5bc529a1c35bb33abb6bd0470e03bea885fceebabe224a75d8d5f49ef3fa3a7310eca9600158291b077575be43b51593714fbb2440d09dae21d3f5c915f23f57e00c6492ea96425f2ba30ea971cb1ea5be5c4b651168a9a2914e6eec202e92876983caf5090418b7c592d3503898483bdce63239fef400273971e04e678267d8ea8bfb606f88fd93031d229226e56a1968a37853adebc2ee1bebdbbc0ec4c70534f4c39b3f0937c258fe1a0c3ad043112078f233bf1e0dff6555b8c4cafa1527d2e3e2404e338de575365f068603dac0040681e16f80e1c44b7be6b9fd1152ecbef9991de87ad4b3feb84096f73f7e650a5c737904fd1c229b29c2aca1845aa74201d0ed888b38886ea031da32e8e8d267b5d564aa469a6e9df83be615b93d92ab09dbd881b08b7a7345494da14113ddb70cd982f5c2dc6087fdfcdc71366721d8c0502e2b64c995a087455916829543a9d60c47c6621c2a724a26310ef95e2e3fdbe2facc1411d7838b963f73460bffbbfdbb919be561bb4cba97b5ad5775edc314e35ea713842094f29f03c5ab15b586480fa9c5388ff6e0a7335c41cdb49648f0a49deb1e00887206ef3b594133045f6cd32f3442e69b24d3a70a58341f2d27094f9905e594d6245e5503fb3db6944c4b2e4df387752779c5702a06a93def99fdcdbc99a6dda2fb23af461140d72b121b46eed63629b24342a5796a780d4707d3a62003a6a470e49d1af761b4fa94705c2ae3aeabb2198100bf5abf02a2f8b035762192ff3e35aa1bb77d8252e817bf2cb5f9b3f914f0b033aba260b568d733e9d07febff2c4eae30280c101f7af6a97b310537174dc0c9395d77ba6560f008d378cfa3799dd79542923434cca2e42a2d95a01c178ae9ad782a8939adba1beb645dbdeac5016931c178db6ac2ebe73c7f38242f44c2a5f48abcb4f60403f6c2ebdafa400897bb9aee51a4275f7372f29455b60694c191d7e0f30f6aecc89c882961dd344df9ac2ef824e0a3a070fb1459434e8e060ccd4704acbc856216a12047ac9dd5f11a79449c57971070c2a59212507ba85c95f88ed7dfbd0ad9460c1fd5b685f80df881b15e4fdf4aae8a2ec0fa07653f10a50ac59d62e4f276dbcc78539c78173c902750e107455d9ac3a7ff3217e6a173c38ab090d5b58fd43ea71158499e7387ad12a9f1c9a2e1de1a7233a763d57c0822c77771ddca906bc7bcf77a68ba916fa0bc60fa139060a337c8a6de3722163de83bcfd029a7ee725e4ded06061650a792fd2ff6c5ccca4c8a7128c4e7537fc62688672d9ee912d2e4c4a78cad6489f8da622c3ae3d3378b47adcdce32a15d5c320906c01f5f9e868eb24dd48e22ca176b451d6d1f665675eb849944bbfdc296084566c6add237188d3310f8b8ea621227a1c0e70871689b179cea30f171d665e8fb2078f89964c4070b9536af3b9aa8e408ff7d1238ff3edda578f305eac8dfa91d545869a71469dbb1370f940d4bd3e7c9681aa15d22a80b2718a6a190ff8c630aedc00b0dee9a895da4cdeeb08d7e16bead5fd7e6f666ff51c257471fd59c3af1544e6b331bef252146dac8667b2178076592683f7e8a003819225d1765448921bd1f55d292039ce8fd1cffc92154739256874eabfad78a1e7aa2ffb91065984330db9925813324be5bf944d253ac15d4b99039af098cc88e3fd992e47bd7b9a39c8ab19e39977b5080459ed61afa34c84c98f4542c416ab9e0e275aa39540119bd47f759141091d7e8f701a6c3c4003907dfa1179423ffcab3491ce72f24b81c2b7c9cfe766b92da88c42b31796e2082e9721c20f9d837f9a0ebedb6d05b3abbe8f28d7d24c8db66cfd9d03a37c18cd71579390c478465f00b7a5d221457a12fce15d726c038492c6fc44476821a05a8a745571c7eb13f1b6ff549960c2277a4958c1de2bf3c721f2778", 0x62e}], 0x1}}], 0x5, 0x4)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4074, 0xfea, 0x0, 0x0}, &(0x7f0000000000)=0x40)
ioctl$SIOCX25SFACILITIES(r1, 0x89e3, &(0x7f0000000100)={0x3, 0x6, 0xc, 0x4, 0x77f, 0x81})
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000))
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, 0x0, 0xc8041)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1d, 0x2, 0x6)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
r7 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r5, &(0x7f0000000100)={0x1d, r8, 0x2, {0x3}}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0xffffffffffffffa3, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff}, {0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000}, 0x840)
r10 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r10, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="e00000001000090500000000000000006f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1f302de337c0004060000000000bf852c8986626691b01b2d44e4ce28712828bdda0a9423debbb86f9dba4a2dba4dbe076c28282900c446a567de243ab0d67683f7bb11c9cab3b3c1a66db4424a8ba100022db228bb7b5eb5100e434db5dd5e995aa0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d681000000140000800d000000cfe7336f91087ba18b000000000000"], 0xe0}], 0x1}, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

1.773275751s ago: executing program 4 (id=2227):
r0 = socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414000800080004"], 0x2c}}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xe, 0x42032, r2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000001280)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001240)={&(0x7f0000001040)={0x1e8, 0x0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x90, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x24}, 0x40)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000ff06050000000000000000000100000005000100060000003ef6293428a28c13b1a23ae4c58271c341af1806000000000000009695489df671320621454e39f4b15174aa0128dec2d75f5599e1fed96f7b8b68911efdd01844a1940fb80f882894181fb82844bc600893edaacf6d9c147c89f6a294915a283e75d96a2ee582541852c58df006497a1aa0f511f681cfadcd9ca10c09b09e5f921baaf3e58e9308fe304fcf45b6e3a80fa70cf288c805e1"], 0x1c}}, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42072, 0xffffffffffffffff, 0x0)
unshare(0x22020400)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$inet6(0xa, 0x80002, 0x88)
setsockopt$inet6_udp_int(r5, 0x11, 0xa, &(0x7f0000000080)=0x6, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="14000c0043000156388f0da939779c104a"], 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x40010)
sendmmsg$inet(r5, &(0x7f0000000c40)=[{{&(0x7f0000000400)={0x2, 0x4e20, @private=0xa010101}, 0xfffffffffffffe1a, &(0x7f0000000440)=[{&(0x7f0000001740)="359733b2c93e9e54c5be74bbfb459a7370fa761d37ac0a6d3d69f9af447d969934f4ddb6bc6c2be28078f1ed78db86f38e935aa0e2a9baad5ef3359731233f5fba1198d7336637b84ab14d4e04bd1c73e4cd1097e4c9dfdf675eaf0e49b68b7421b0f101dd71254be1592cd8eba557feb4ea84f857e477725e73d2dc532f2b2d9fab988d511f8e4ce69fc55da840050a217faefc582ae0dc38e2eb8a8a0c169576a94902f9e9178e97e22ee97fc779afbbe8624583fc59e95695380b933c2c0cd708823ad4a2f667d5124264fcc55032de46204f510e4ca0fc2dccc234092e57c493030943eebb30c4", 0x1}], 0x1}}, {{0x0, 0xc, &(0x7f0000000a80)=[{&(0x7f00000007c0)="f7650a016a16048c9478e63c71d1db46e7aa184456e0eb41b15d9375f5cf6ce46a9ba1320bf2e00b3e1bc421da5ca509f2d2ce7ca2d630facd274220aa90956b20e15cb16665655c8a2faf2a70ca82a5f806a6cd3bd07441faa77e61e92759e542612bf7487fe48632ec58010fd4d79fcf7dbc74f674d566135efc9b918c45e326eba6dd8df3df01e56894a7480a666e8d4ae63cfe04f2e0a8ecfca815396133d833e483caa1b4f6712abf078091938a14c8a8281e8350f2fbfdbb4092306f5f4cadbb08a67039856f24cb4e63bbfce42e7cd06bc7b3da2cdcea539ad9505dc150e153b8dae741fd12ccd449a20e0d5fc4"}, {&(0x7f00000008c0)="93fa00ba1fc277126f8b18b9d0d5a1bde0cea08cb8bb907b7e20e1530bdfc420fd3b4c1403738e2f48539c6ee9c95438fe11b91c46c94dba66218e45cc2a4c76d760d3b3d06380fe322dafbe4aaf5b02b03a1fb66e670cfcf1f9431ac7a20a3be16d20f7674331645e7e0b9a95275e7eaf97baece5d6b1e1eca330d65cb2907f0597ce5eb4c930a0a7199b3b28826786af2fffc09ea319987baebe8c5a5ba355292ec0324616f3d29d723e8e111a5d98de38e9b86319af3e582dbb8f9479858c559c38493e0e21313a86b3d8d94ebd597a922d511bdac0929fe7c9515d251c37930f025882403d0ff0f7ca"}, {&(0x7f00000009c0)="a56584e76b0370984a5b2ec7fa2d2eecf5cf42d08ad58e6cf512be7c793c4447c72e3d5988f1c0693c92b3649c0f3aa0836e5a82daaa3c561a23972813c7e19ee8c3514d0a92cae61b9dd754462436eeab22227e137b4505b8813996c867b23fe88f50e874c5468fe5e309ead5c73f39aba355331ff60d2162faae8fea3b80d1a47551e5fab46f4e80a2363ac4f345ad6bb45e9ad86b49784ba7b059879a72fee49b72e6a30d7978eb0afd4c238e0ef6fe095ddf2acce7"}, {&(0x7f0000000b40)="29101ade6db60c0abb8e8b4a62f641649d1f183795b7e799685379e460e17b9965b113fdf0c071ce0c3a236a36961030051126825695c3b4cd50f940b01775521fe5cbef3d0303aa2b7310e7c017e7851956665800dbf3a36976c814ef6c4060958ffad260136fc070f6c7fc004e7475a452068d04ed6fe6b18d4c83ef7ca9cfc222c3e9bcf6a829df93074acf07a57ede930d4243b20ab0772b79e67c1d81f4ed341696068aa7850a637c2647194e5b8f46f58ddac72a7b8a51a39388bea1546e22a4"}]}}], 0x1, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f00000001c0), &(0x7f0000000240)=0xc)
syz_emit_ethernet(0x46, &(0x7f00000002c0)=ANY=[@ANYBLOB="0380c2000003ffffffffffff0800450000380064000000019078ac1e0001ac1414aa053490781200183f25000000000000000001000000200000ac1e0101001863718e9bf7033b9642d8b7b4a9dc0ca49c"], 0x0)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f80)={&(0x7f0000000f40)='module_request\x00', r6}, 0x18)
socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="580100001000130728bd700000000000ac1e0101000000000000000000000000ac1414aa0000000000000000000000004e230001000000000200000084000000ac8ab2db8e2f1d9aa878d5b727a80bd1e452ed280d0128bd1fcde4864e09d4e539c882322fb51ae75f16fbd0360f76de15490ce2ca93a2e2aa20b9bbd9310417ef27f12bbfd9e8c0b0d4a554e1d3c425653a11525218", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000bb00000000320000002001000000000000000000000000000100000000000000000000000000000000080000000000000001000000010000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000fcffffffffffffff0c000000000000000000000028bd70000000000002000000000000000000000068001200726663343534332867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e000000080000000316f74eeac053deb73fc018493cc121927a9bca207141b9a451c00aa"], 0x158}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0xe, &(0x7f0000000ac0)=ANY=[@ANYRESHEX], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x57, '\x00', 0x0, @fallback=0x7, r1, 0x8, &(0x7f0000000000)={0x6}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0xd, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETSTEERINGEBPF(r9, 0x800454e0, &(0x7f0000000080)=r8)
close(r9)

1.733770601s ago: executing program 2 (id=2228):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000480)={0x3, 0x5, 0xe, 0xda, 0x0, 0x18, 0x20, 0x7e, 0x3f, 0x3, 0xff, 0x7, 0xa0, 0x2}, 0xe)
socket$inet(0x2, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600001f25000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

1.644309443s ago: executing program 3 (id=2145):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000040)=@framed={{0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0, @generic={0x65}, @initr0, @exit, @call={0x85, 0x0, 0x0, 0x5e}], {0x95, 0x0, 0x0, 0x9000000}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.221075013s ago: executing program 1 (id=2229):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x20000000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000001240)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x9c, &(0x7f0000000c40)=""/156, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r2, 0x0)
ioctl$SIOCX25CALLACCPTAPPRV(r2, 0x89e8)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x3, 0x7)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r3, &(0x7f0000000000)={0x24, @long}, 0x8)
r4 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
bind$llc(r4, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000005c0)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0)=@newqdisc={0x0, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x8d}}}, 0x10b8c}}, 0x0)
ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000040)=0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, 0x0, 0xc4)
sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40011}, 0x40040)

1.220417539s ago: executing program 2 (id=2230):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x24, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x4c}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000f0cd000000000000044e6900850000005400000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x19)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000009c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000980)={&(0x7f0000000880)={0xc0, r0, 0x300, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0xc}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xa6}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x1}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x7}]}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_TX_RATES={0x6c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x68, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x12, 0x18, 0xc, 0x60, 0x16, 0x3, 0x1, 0x18, 0x3, 0x4, 0x24, 0x48, 0x4, 0x6c, 0x60, 0x16, 0x5, 0x16, 0x16, 0x4]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0xe, 0x2, [{0x3, 0x8}, {0x7, 0x9}, {0x2, 0x3}, {0x4, 0x1}, {0x4, 0x9}, {0x6, 0x6}, {0x5, 0x6}, {0x6, 0x7}, {0x4, 0xa}, {0x0, 0x6}]}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x1b, 0x18, 0x48, 0x4, 0x24, 0x30, 0x36, 0x12, 0x18]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x5, 0x2}]}, @NL80211_TXRATE_HT={0x7, 0x2, [{0x1, 0x3}, {0x4, 0x6}, {0x5, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x6, 0xf5, 0x1400, 0x1, 0x3800, 0x4, 0xff87]}}]}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x100000d1}, 0x4000000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r5=>0x0})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x9, 0x20, 0x2, 0x2, 0x0, 0x70bd2a, 0x25dfdbfe}, 0x10}}, 0x20000000)
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc000800050006000000140004"], 0x58}}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.218877933s ago: executing program 4 (id=2231):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000006b80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e24, 0xfff, @remote, 0xf5}, 0x1c, 0x0, 0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="e8020000000000002900000004000000005a"], 0x2e8}}], 0x2, 0x0)

1.18358771s ago: executing program 5 (id=2232):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x3000c000)

1.017052628s ago: executing program 1 (id=2233):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x1}, 0x6)
r1 = socket$key(0xf, 0x3, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
sendmsg$key(r1, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020310090a00000000000000000000000300060000000e0002000040e0000009000000000000000002000100000004d600deff0200000000030005000020000002"], 0x50}}, 0x4040810)
write(r0, &(0x7f0000000340)='\a\x00\x00\x00', 0x4)

965.465589ms ago: executing program 5 (id=2234):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000088fe508a8500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000003c0)='sys_enter\x00', r0}, 0x18)
clock_gettime(0x4, &(0x7f00000000c0))
socket$nl_route(0x10, 0x3, 0x0)
accept$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, &(0x7f0000000100)=0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_ethernet(0x46, &(0x7f0000000c40)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x10, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000300000028000180150001006474683a74"], 0x3c}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendto$inet6(r3, &(0x7f0000000280)="02042c08ec074802010e0200c52cf7c20675e005b02f0800eb2b2ff0dac8897c6b112002faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f)

965.283803ms ago: executing program 4 (id=2235):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000001a000000000000000000850000001700"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x3, 0x8000000003c)
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0)

855.070207ms ago: executing program 2 (id=2236):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1f, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000d00000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000008a00000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

763.388146ms ago: executing program 1 (id=2237):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, &(0x7f0000000100)=0xfffffffffffffde1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000440)={'wlan0\x00'})
r2 = socket$kcm(0x10, 0x2, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r3, 0x0, 0x4000)
sendmsg$kcm(r2, 0x0, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000000)={r7, 0x28b72f28}, &(0x7f0000000040)=0x8)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f00000000c0)={'netdevsim0\x00', @link_local})
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r10, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r10, 0x84, 0x75, &(0x7f00000000c0)={0x0, 0xce}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r10, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r10, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES16=r10, @ANYRES16=r9], 0x1000f)

665.377031ms ago: executing program 5 (id=2238):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x0)
setsockopt$CAIFSO_REQ_PARAM(r1, 0x116, 0x80, &(0x7f0000000180)="5b9082ebbcd957605e4f02f4f60328ad65f33ce82c887661d913d6c8bfe19e36fab6b20f1d646e2e1cf39e6c39879670eae4508942961c4ec497fe298e865f705730a330fc91e68805467351c178f87aab24be111d", 0x55)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = socket$inet6(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000e850000004300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r5}, 0x10)
sendto$inet6(r3, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
clock_gettime(0x0, &(0x7f0000000340)={<r6=>0x0, <r7=>0x0})
pselect6(0x40, &(0x7f0000000100)={0x8, 0x2, 0xffffffffffffffff, 0x1, 0x3, 0x9, 0x9}, &(0x7f0000000280)={0x2, 0x8, 0x3, 0xf8, 0x1, 0xff, 0x4, 0x81}, 0x0, &(0x7f0000000380)={r6, r7+60000000}, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f00000004c0)={0x48, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x1c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x4}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0x48}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000011c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(r8, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000140)=ANY=[@ANYBLOB="bcfd8766240f97bafd9787", @ANYRESHEX, @ANYBLOB="01022cbd7000ffdbdf250a000000180001801400020074756e6c30"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x840)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000080)=@bpf_lsm={0x12, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="d50a000000000000631110000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

656.059857ms ago: executing program 2 (id=2239):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = gettid()
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='Q', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="000000003000000000000000010000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=@ipv4_deladdr={0x30, 0x15, 0x100, 0x70bd25, 0x25dfdbfb, {0x2, 0x8, 0x81, 0xfd}, [@IFA_BROADCAST={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x12}}, @IFA_FLAGS={0x8, 0x8, 0x120}, @IFA_BROADCAST={0x8, 0x4, @private=0xa010100}]}, 0x30}}, 0x28000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000280)=""/68, 0x44}, {&(0x7f0000001100)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/34, 0x22}, {&(0x7f00000003c0)=""/129, 0x81}, {&(0x7f0000000840)=""/144, 0x90}, {&(0x7f0000000980)=""/131, 0x83}], 0x6, &(0x7f0000000a40)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x23}, 0x2141)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
sendmsg$key(r8, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002e80)={0x40, 0x0, 0x1, 0x10001, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_LEVEL={0x24, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x16}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x4}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0xc}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x40008d5}, 0x8000)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000000), r9)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'wpan0\x00', <r10=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x44, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004001}, 0x800)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wpan1\x00', <r11=>0x0})
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r12)
ioctl$sock_SIOCGIFINDEX_802154(r12, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r14=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="b8010000", @ANYRES16=r13, @ANYBLOB="010025bd7000fbdbdf251e0000009c012f80080001005b000000a80003800c0005000400000000000000300003800c00040000000000000000000c0004000201aaaaaaaaaaaa08000200020000000c0004000200aaaaaaaaaaaa0c00050016010000000000000c00050008000000000000000c0005000000000000000000080004004c0500000500020000000000140003800600010000000000060001000100000014000380060001000300000006000100030000000c00050004000000000000000c000380050002000200000090000380080001000100000038000380060001000100000006000300ffff000008000200030000000c0004000203aaaaaaaaaaaa060001000300000006000300feff0000080001000200000008000400000300002c0003800c0004000201aaaaaaaaaaaa0c0004000203aaaaaaaaaaaa08000200010000000800020000000000080001000000000008000400bc0000004000038008000400ffffffff080001000100000005000200030000000800010003000000050002000300000008000100010000000c00050000000000000000800c0002000203aaaaaaaaaaaa08000300", @ANYRES32=r14], 0x1b8}, 0x1, 0x0, 0x0, 0x20000041}, 0x40800)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000700)={&(0x7f0000000780)={0x4c, 0x0, 0x800, 0x70bd2d, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r14}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40004}, 0x4000000)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
getsockopt$sock_int(r5, 0x1, 0x6, &(0x7f00000004c0), &(0x7f0000000580)=0x4)

585.006094ms ago: executing program 4 (id=2240):
r0 = socket$netlink(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000a80)=ANY=[], 0x3ec}, 0x1, 0x0, 0x0, 0x54}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x17, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x400c0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r2, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f0000002740)=[{&(0x7f00000002c0)=""/248, 0xf8}], 0x1}}], 0x1, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a80)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000b00)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000011c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001200)=ANY=[@ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r7}, &(0x7f00000006c0), &(0x7f0000000700)=r6}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x18, 0x16, &(0x7f0000000640)=@raw=[@btf_id={0x18, 0x7c4ebf288d451b7e, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x8c}, @ringbuf_query, @tail_call, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, @map_idx={0x18, 0x6, 0x5, 0x0, 0x7}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @jmp={0x5, 0x0, 0x0, 0x2, 0x7, 0x80, 0x10}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4}], &(0x7f0000000700)='syzkaller\x00', 0xff, 0xd9, &(0x7f0000000740)=""/217, 0x40f00, 0x26, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x1, 0x4}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0xc, 0x3, 0x8000}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000b80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r4, r5, r7], &(0x7f0000000bc0)=[{0x5, 0x1, 0x9, 0x7}], 0x10, 0x0, @void, @value}, 0x94)
close(0x4)

483.618699ms ago: executing program 1 (id=2241):
socket$netlink(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$kcm(0x29, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r0], 0x48)
socket$inet6(0xa, 0x80803, 0x87)
syz_emit_ethernet(0x5e, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000400000000fe8000000000000000000000000000aa87"], 0x0)

329.198878ms ago: executing program 5 (id=2242):
r0 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f00000001c0))
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f00000003c0), 0x4)
bind$xdp(0xffffffffffffffff, &(0x7f0000000340)={0x2c, 0x1}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xd4, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@encap={0x1c, 0x4, {0x0, 0x4e24, 0x4e21, @in=@multicast1}}]}, 0xd4}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
sendfile(r4, r3, 0x0, 0x10000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xbc, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x0, 0x3c}}, [@migrate={0x50, 0x11, [{@in=@remote, @in=@private=0xa010100, @in=@private=0xa010100, @in=@rand_addr=0x64010100, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}, @encap={0x1c, 0x4, {0xfffffffffffffffe, 0x4e24, 0x4e23, @in6=@private1}}]}, 0xbc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001640)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
r9 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r9, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
ioctl$sock_proto_private(r9, 0x89e0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000080))
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="00000000004000001400030064766d727009000000000000000000001800128008000100707070000c00028008000100", @ANYRES32=r11], 0x4c}, 0x1, 0x0, 0x0, 0x20000094}, 0x0)
connect$inet(r8, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r12, @ANYBLOB="000000000c000000b70500000800000085000000b30000009500000000000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

284.947268ms ago: executing program 1 (id=2243):
r0 = socket$inet_dccp(0x2, 0x6, 0x0) (async)
r1 = epoll_create1(0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
close(r2) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, &(0x7f00000001c0)={0x28, 0x0, 0x0, @host}, 0x10)
listen(r3, 0x0) (async)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r4, 0x10, 0x0, 0x2, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40) (async)
connect$vsock_stream(r3, 0x0, 0x0) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa0028000}) (async)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYRES64=r2], 0x3c}}, 0x4000000) (async)
getsockopt$inet_int(r0, 0x10d, 0xf3, &(0x7f0000000080), &(0x7f0000000240)=0x4)

174.743941ms ago: executing program 2 (id=2244):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x3000c000)

97.211282ms ago: executing program 1 (id=2245):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000280)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB="3c0000001000370400000000ffdbdf2500000000", @ANYRES32=r3, @ANYBLOB="83450500010000001c0012800b00010067656e65766500000b000280050004000100"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty=0x97}}}], 0x20}}], 0x1, 0x80)

0s ago: executing program 2 (id=2246):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000dc0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x10001, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb0100180000000000000014000000c3d850299e7b310db4da0c9062a633a51400000006000000020000000100000604000000030000000000000000002e2e5f00"], 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)={0x48, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0xc0d1}, 0x0)
ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000040)=0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2c, 0x3d, 0x9, 0x80000, 0x0, {0x1}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@nested={0x8, 0x10, 0x0, 0x1, [@typed={0x4, 0x10}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r5)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r4}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={0x64, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0xfffe}, [@IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9efffffd}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}, 0x1, 0xa00000000000000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r8 = socket(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, 0x0)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

0
[  174.998070][ T9041]  extract_iter_to_sg+0xea6/0x2650
[  174.998112][ T9041]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  174.998143][ T9041]  ? rcu_is_watching+0x15/0xb0
[  174.998168][ T9041]  ? trace_kmalloc+0x1f/0xd0
[  174.998193][ T9041]  ? __kmalloc_noprof+0x2a5/0x4c0
[  174.998228][ T9041]  ? __asan_memset+0x23/0x50
[  174.998252][ T9041]  af_alg_get_rsgl+0x41e/0x850
[  174.998303][ T9041]  skcipher_recvmsg+0x3f8/0x1230
[  174.998333][ T9041]  ? __local_bh_enable_ip+0x168/0x200
[  174.998366][ T9041]  ? skcipher_check_key+0x15c/0x1d0
[  174.998405][ T9041]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  174.998433][ T9041]  ? skcipher_check_key+0x15c/0x1d0
[  174.998460][ T9041]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  174.998490][ T9041]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  174.998546][ T9041]  sock_recvmsg+0x22f/0x280
[  174.998582][ T9041]  __sys_recvfrom+0x202/0x380
[  174.998609][ T9041]  ? __pfx___sys_recvfrom+0x10/0x10
[  174.998645][ T9041]  ? __fget_files+0x2a/0x410
[  174.998687][ T9041]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  174.998722][ T9041]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  174.998768][ T9041]  __x64_sys_recvfrom+0xde/0x100
[  174.998797][ T9041]  do_syscall_64+0xf3/0x230
[  174.998828][ T9041]  ? clear_bhb_loop+0x35/0x90
[  174.998860][ T9041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.998888][ T9041] RIP: 0033:0x7fcdd3b8d169
[  174.998907][ T9041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.998924][ T9041] RSP: 002b:00007fcdd4974038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  174.998946][ T9041] RAX: ffffffffffffffda RBX: 00007fcdd3da6080 RCX: 00007fcdd3b8d169
[  174.998946][ T9044] geneve2: entered promiscuous mode
[  174.998962][ T9041] RDX: ffffffffffffffbf RSI: 00002000000030c0 RDI: 0000000000000004
[  174.998976][ T9041] RBP: 00007fcdd4974090 R08: 0000000000000000 R09: ffffffffffffffb5
[  174.998989][ T9041] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[  174.998999][ T9041] R13: 0000000000000001 R14: 00007fcdd3da6080 R15: 00007ffe0f1d7078
[  174.999026][ T9041]  </TASK>
[  175.172490][ T6969] wlan0: Trigger new scan to find an IBSS to join
[  175.695368][ T9054] __nla_validate_parse: 6 callbacks suppressed
[  175.695389][ T9054] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1172'.
[  175.812850][ T9057] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  175.958942][ T9069] netlink: 'syz.2.1177': attribute type 11 has an invalid length.
[  176.193505][ T9077] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1182'.
[  176.412354][ T9088] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1185'.
[  176.537830][ T6946] wlan0: Creating new IBSS network, BSSID ea:f3:6c:65:2f:b0
[  176.768371][ T9105] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1189'.
[  176.994056][ T9115] netlink: 'syz.4.1195': attribute type 11 has an invalid length.
[  177.180492][ T9120] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1197'.
[  177.663888][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  177.883887][ T9140] RDS: rds_bind could not find a transport for 100:806:aaaa:aaaa:aaaa::, load rds_tcp or rds_rdma?
[  177.974390][ T9140] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1201'.
[  178.122713][   T13] wlan0: Trigger new scan to find an IBSS to join
[  178.698417][ T9158] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1208'.
[  178.770462][ T9162] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1210'.
[  178.930722][ T9169] x_tables: duplicate underflow at hook 1
[  179.119072][   T13] wlan0: Creating new IBSS network, BSSID ee:c0:77:f2:df:8c
[  179.309982][ T9175] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1215'.
[  179.482858][ T9180] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1217'.
[  179.737796][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  180.292911][ T9202] netlink: 'syz.2.1224': attribute type 4 has an invalid length.
[  180.325395][ T9202] netlink: 'syz.2.1224': attribute type 4 has an invalid length.
[  181.267941][ T9239] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.387960][ T9242] __nla_validate_parse: 2 callbacks suppressed
[  181.387983][ T9242] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1237'.
[  181.545568][ T9239] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.693229][ T9239] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.704486][ T9247] netlink: 'syz.4.1238': attribute type 4 has an invalid length.
[  181.756468][ T9250] netlink: 'syz.4.1238': attribute type 4 has an invalid length.
[  181.859421][ T9239] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.896378][ T9252] FAULT_INJECTION: forcing a failure.
[  181.896378][ T9252] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.923330][ T9252] CPU: 0 UID: 0 PID: 9252 Comm: syz.3.1240 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  181.923362][ T9252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  181.923376][ T9252] Call Trace:
[  181.923384][ T9252]  <TASK>
[  181.923393][ T9252]  dump_stack_lvl+0x241/0x360
[  181.923434][ T9252]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.923457][ T9252]  ? __pfx__printk+0x10/0x10
[  181.923486][ T9252]  ? snprintf+0xda/0x120
[  181.923513][ T9252]  should_fail_ex+0x40a/0x550
[  181.923551][ T9252]  _copy_to_user+0x31/0xb0
[  181.923583][ T9252]  simple_read_from_buffer+0xca/0x150
[  181.923615][ T9252]  proc_fail_nth_read+0x1e9/0x250
[  181.923649][ T9252]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  181.923682][ T9252]  ? rw_verify_area+0x243/0x630
[  181.923704][ T9252]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  181.923735][ T9252]  vfs_read+0x1f8/0xb40
[  181.923759][ T9252]  ? fdget_pos+0x254/0x320
[  181.923792][ T9252]  ? __pfx___mutex_lock+0x10/0x10
[  181.923823][ T9252]  ? __pfx_vfs_read+0x10/0x10
[  181.923842][ T9252]  ? do_sys_openat2+0x17a/0x1d0
[  181.923876][ T9252]  ? __fget_files+0x2a/0x410
[  181.923909][ T9252]  ? __fget_files+0x395/0x410
[  181.923939][ T9252]  ? __fget_files+0x2a/0x410
[  181.923979][ T9252]  ksys_read+0x18f/0x2b0
[  181.924004][ T9252]  ? __pfx_ksys_read+0x10/0x10
[  181.924027][ T9252]  ? do_syscall_64+0x100/0x230
[  181.924061][ T9252]  ? do_syscall_64+0xb6/0x230
[  181.924095][ T9252]  do_syscall_64+0xf3/0x230
[  181.924134][ T9252]  ? clear_bhb_loop+0x35/0x90
[  181.924167][ T9252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.924195][ T9252] RIP: 0033:0x7f2a9558bb7c
[  181.924218][ T9252] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  181.924236][ T9252] RSP: 002b:00007f2a964ba030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  181.924269][ T9252] RAX: ffffffffffffffda RBX: 00007f2a957a5fa0 RCX: 00007f2a9558bb7c
[  181.924285][ T9252] RDX: 000000000000000f RSI: 00007f2a964ba0a0 RDI: 0000000000000004
[  181.924298][ T9252] RBP: 00007f2a964ba090 R08: 0000000000000000 R09: 0000000000000000
[  181.924311][ T9252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  181.924323][ T9252] R13: 0000000000000000 R14: 00007f2a957a5fa0 R15: 00007ffedbe5ca28
[  181.924355][ T9252]  </TASK>
[  182.512185][ T9239] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.557040][ T9239] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.602024][ T9239] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.640382][ T9239] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.707038][ T9266] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1245'.
[  182.886376][ T9273] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1247'.
[  183.003589][ T9279] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1249'.
[  183.205182][ T9284] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1251'.
[  183.286952][ T9288] netlink: 'syz.4.1252': attribute type 9 has an invalid length.
[  183.316328][ T9288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1252'.
[  183.372605][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1254'.
[  183.406167][ T9286] Bluetooth: MGMT ver 1.23
[  183.416167][ T9293] vlan0: entered promiscuous mode
[  183.467162][ T9296] netlink: 'syz.1.1253': attribute type 4 has an invalid length.
[  183.513907][ T9296] netlink: 'syz.1.1253': attribute type 4 has an invalid length.
[  183.746647][ T9305] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1259'.
[  184.131776][ T9315] netlink: 'syz.2.1261': attribute type 39 has an invalid length.
[  184.271966][ T9324] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1263'.
[  184.374850][ T9329] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1264'.
[  184.857052][ T9358] FAULT_INJECTION: forcing a failure.
[  184.857052][ T9358] name failslab, interval 1, probability 0, space 0, times 0
[  184.870754][ T9358] CPU: 1 UID: 0 PID: 9358 Comm: syz.0.1273 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  184.870783][ T9358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  184.870796][ T9358] Call Trace:
[  184.870803][ T9358]  <TASK>
[  184.870812][ T9358]  dump_stack_lvl+0x241/0x360
[  184.870843][ T9358]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.870881][ T9358]  ? __pfx__printk+0x10/0x10
[  184.870909][ T9358]  ? ref_tracker_alloc+0x332/0x490
[  184.870936][ T9358]  should_fail_ex+0x40a/0x550
[  184.870982][ T9358]  should_failslab+0xac/0x100
[  184.871012][ T9358]  ? skb_clone+0x20c/0x390
[  184.871038][ T9358]  kmem_cache_alloc_noprof+0x70/0x380
[  184.871075][ T9358]  skb_clone+0x20c/0x390
[  184.871107][ T9358]  __netlink_deliver_tap+0x3c4/0x7f0
[  184.871152][ T9358]  ? netlink_deliver_tap+0x2e/0x1b0
[  184.871185][ T9358]  netlink_deliver_tap+0x19d/0x1b0
[  184.871220][ T9358]  netlink_sendskb+0x68/0x140
[  184.871251][ T9358]  netlink_unicast+0x39d/0x990
[  184.871278][ T9358]  ? __asan_memcpy+0x40/0x70
[  184.871308][ T9358]  ? __pfx_netlink_unicast+0x10/0x10
[  184.871347][ T9358]  netlink_rcv_skb+0x294/0x480
[  184.871379][ T9358]  ? __pfx_genl_rcv_msg+0x10/0x10
[  184.871408][ T9358]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  184.871454][ T9358]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  184.871503][ T9358]  genl_rcv+0x28/0x40
[  184.871527][ T9358]  netlink_unicast+0x7f6/0x990
[  184.871567][ T9358]  ? __pfx_netlink_unicast+0x10/0x10
[  184.871596][ T9358]  ? __virt_addr_valid+0x45f/0x530
[  184.871618][ T9358]  ? __phys_addr_symbol+0x2f/0x70
[  184.871638][ T9358]  ? __check_object_size+0x47a/0x730
[  184.871673][ T9358]  netlink_sendmsg+0x8de/0xcb0
[  184.871707][ T9358]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.871732][ T9358]  ? aa_sock_msg_perm+0x91/0x160
[  184.871770][ T9358]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.871787][ T9358]  __sock_sendmsg+0x221/0x270
[  184.871822][ T9358]  ____sys_sendmsg+0x53a/0x860
[  184.871855][ T9358]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.871887][ T9358]  ? __fget_files+0x2a/0x410
[  184.871920][ T9358]  ? __fget_files+0x2a/0x410
[  184.871960][ T9358]  __sys_sendmsg+0x269/0x350
[  184.871991][ T9358]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.872030][ T9358]  ? do_sys_openat2+0x17a/0x1d0
[  184.872088][ T9358]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.872123][ T9358]  ? do_syscall_64+0x100/0x230
[  184.872157][ T9358]  ? do_syscall_64+0xb6/0x230
[  184.872191][ T9358]  do_syscall_64+0xf3/0x230
[  184.872222][ T9358]  ? clear_bhb_loop+0x35/0x90
[  184.872256][ T9358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.872285][ T9358] RIP: 0033:0x7fdd8c38d169
[  184.872303][ T9358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.872320][ T9358] RSP: 002b:00007fdd8d1e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.872342][ T9358] RAX: ffffffffffffffda RBX: 00007fdd8c5a5fa0 RCX: 00007fdd8c38d169
[  184.872357][ T9358] RDX: 0000000000000800 RSI: 00002000000006c0 RDI: 0000000000000003
[  184.872371][ T9358] RBP: 00007fdd8d1e3090 R08: 0000000000000000 R09: 0000000000000000
[  184.872426][ T9358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  184.872439][ T9358] R13: 0000000000000000 R14: 00007fdd8c5a5fa0 R15: 00007ffe15ecb068
[  184.872470][ T9358]  </TASK>
[  185.281986][ T9360] bond0: entered promiscuous mode
[  185.287110][ T9360] bond0: entered allmulticast mode
[  185.292894][ T9360] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.353079][ T9365] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0
[  185.518064][ T9373] xt_l2tp: invalid flags combination: 4
[  185.635034][ T9377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  185.655316][ T9377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.682041][ T9377] batman_adv: batadv0: Adding interface: ipvlan2
[  185.699421][ T9377] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.736206][ T9377] batman_adv: batadv0: Not using interface ipvlan2 (retrying later): interface not active
[  185.918053][ T9384] bridge0: port 3(netdevsim2) entered blocking state
[  185.941497][ T9384] bridge0: port 3(netdevsim2) entered disabled state
[  185.957816][ T9384] netdevsim netdevsim1 netdevsim2: entered allmulticast mode
[  185.966859][ T9384] netdevsim netdevsim1 netdevsim2: entered promiscuous mode
[  185.999893][ T9384] bridge0: port 3(netdevsim2) entered blocking state
[  186.006718][ T9384] bridge0: port 3(netdevsim2) entered forwarding state
[  186.631368][ T9411] __nla_validate_parse: 4 callbacks suppressed
[  186.631391][ T9411] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1294'.
[  186.788398][ T9413] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1295'.
[  187.667641][ T9435] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1301'.
[  187.852609][ T9443] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1302'.
[  187.935036][ T9445] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1303'.
[  188.042909][ T9445] 8021q: adding VLAN 0 to HW filter on device bond1
[  188.374420][ T9460] netlink: 332 bytes leftover after parsing attributes in process `syz.4.1309'.
[  188.393911][ T9460] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1309'.
[  188.425131][ T9460] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1309'.
[  188.707497][ T9467] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1311'.
[  188.984278][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  188.994052][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  189.004311][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  189.012542][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  189.020487][ T9473] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1313'.
[  189.020486][ T5841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  189.046579][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  189.533106][ T9470] chnl_net:caif_netlink_parms(): no params data found
[  189.588883][ T9486] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  189.845118][ T9470] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.869299][ T9470] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.902910][ T9470] bridge_slave_0: entered allmulticast mode
[  189.914933][ T9493] xt_CT: No such helper "snmp"
[  189.940080][ T9470] bridge_slave_0: entered promiscuous mode
[  189.949291][ T9470] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.956507][ T9470] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.966141][ T9470] bridge_slave_1: entered allmulticast mode
[  189.997244][ T9470] bridge_slave_1: entered promiscuous mode
[  190.101948][ T9470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.125093][ T9470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  190.241320][ T9519] net_ratelimit: 12 callbacks suppressed
[  190.241343][ T9519] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  190.281811][ T9470] team0: Port device team_slave_0 added
[  190.314022][ T9470] team0: Port device team_slave_1 added
[  190.430367][ T9470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  190.459924][ T9470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.502477][ T9470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  190.516688][ T9470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.524216][ T9470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.551730][ T9470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.732571][ T9470] hsr_slave_0: entered promiscuous mode
[  190.744612][ T9470] hsr_slave_1: entered promiscuous mode
[  190.752191][ T9470] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  190.760094][ T9470] Cannot create hsr debugfs directory
[  191.077622][ T5841] Bluetooth: hci3: command tx timeout
[  191.138138][ T9556] netlink: 'syz.1.1339': attribute type 10 has an invalid length.
[  191.177655][ T9470] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  191.217524][ T9470] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  191.254877][ T9470] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  191.282632][ T9546] xt_CT: No such helper "snmp"
[  191.288879][ T9470] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  191.573739][ T9470] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.620802][ T9470] 8021q: adding VLAN 0 to HW filter on device team0
[  191.683811][ T6969] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.691017][ T6969] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.745838][ T6969] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.753057][ T6969] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.880576][ T9577] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  192.230769][ T9592] __nla_validate_parse: 7 callbacks suppressed
[  192.230792][ T9592] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1353'.
[  192.251670][ T9589] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1351'.
[  192.324352][ T9595] netlink: 'syz.2.1351': attribute type 12 has an invalid length.
[  192.332663][ T9595] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1351'.
[  192.366069][ T9470] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.469220][ T9603] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1354'.
[  192.839248][ T9616] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1355'.
[  192.901630][ T9470] veth0_vlan: entered promiscuous mode
[  192.912391][ T9622] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1357'.
[  192.955989][ T9624] netlink: 'syz.4.1355': attribute type 10 has an invalid length.
[  192.972350][ T9470] veth1_vlan: entered promiscuous mode
[  193.113663][ T9470] veth0_macvtap: entered promiscuous mode
[  193.160593][ T9470] veth1_macvtap: entered promiscuous mode
[  193.168274][ T5841] Bluetooth: hci3: command tx timeout
[  193.206176][ T9470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.219764][ T9470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.230858][ T9470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.243202][ T9470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.255918][ T9470] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.287094][ T9470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.317754][ T9470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.345101][ T9470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.380219][ T9470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.578832][ T9470] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.620652][ T9470] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.638051][ T9470] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.659407][ T9470] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.677915][ T9470] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.703935][ T9615] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  193.896128][ T7050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.916710][ T7050] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.019498][ T7050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.042054][ T7050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.522053][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  195.115007][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1368'.
[  195.155026][ T9662] vlan0: entered allmulticast mode
[  195.164948][ T9662] hsr0: entered allmulticast mode
[  195.175113][ T9662] hsr_slave_0: entered allmulticast mode
[  195.187563][ T9662] hsr_slave_1: entered allmulticast mode
[  195.237653][ T5841] Bluetooth: hci3: command tx timeout
[  195.334558][ T9665] netlink: 'syz.4.1368': attribute type 12 has an invalid length.
[  195.345631][ T9664] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  195.365037][ T9665] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1368'.
[  195.407457][ T9662] netlink: 'syz.4.1368': attribute type 12 has an invalid length.
[  195.418981][ T9662] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1368'.
[  195.851989][ T9677] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1372'.
[  195.925354][ T9683] netlink: 'syz.5.1372': attribute type 10 has an invalid length.
[  196.003488][ T9683] 8021q: adding VLAN 0 to HW filter on device team0
[  196.014800][ T9683] bond0: (slave team0): Enslaving as an active interface with an up link
[  197.026159][ T9733] FAULT_INJECTION: forcing a failure.
[  197.026159][ T9733] name failslab, interval 1, probability 0, space 0, times 0
[  197.039337][ T9733] CPU: 0 UID: 0 PID: 9733 Comm: syz.3.1392 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  197.039366][ T9733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  197.039380][ T9733] Call Trace:
[  197.039387][ T9733]  <TASK>
[  197.039397][ T9733]  dump_stack_lvl+0x241/0x360
[  197.039429][ T9733]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.039453][ T9733]  ? __pfx__printk+0x10/0x10
[  197.039474][ T9733]  ? stack_trace_save+0x118/0x1d0
[  197.039506][ T9733]  ? __pfx_stack_trace_save+0x10/0x10
[  197.039538][ T9733]  should_fail_ex+0x40a/0x550
[  197.039576][ T9733]  should_failslab+0xac/0x100
[  197.039607][ T9733]  kmem_cache_alloc_node_noprof+0x77/0x380
[  197.039637][ T9733]  ? __alloc_skb+0x1c3/0x440
[  197.039659][ T9733]  ? do_sock_setsockopt+0x3af/0x720
[  197.039688][ T9733]  __alloc_skb+0x1c3/0x440
[  197.039717][ T9733]  ? __pfx___alloc_skb+0x10/0x10
[  197.039751][ T9733]  _sctp_make_chunk+0x58/0x460
[  197.039788][ T9733]  sctp_make_strreset_req+0x133/0x810
[  197.039819][ T9733]  ? __pfx_sctp_make_strreset_req+0x10/0x10
[  197.039860][ T9733]  ? __kmalloc_noprof+0x2a5/0x4c0
[  197.039889][ T9733]  ? sctp_send_reset_streams+0x389/0xd90
[  197.039915][ T9733]  ? sctp_stream_outq_is_empty+0x190/0x1e0
[  197.039948][ T9733]  sctp_send_reset_streams+0x718/0xd90
[  197.039997][ T9733]  sctp_setsockopt+0x845/0x11c0
[  197.040033][ T9733]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  197.040067][ T9733]  do_sock_setsockopt+0x3af/0x720
[  197.040099][ T9733]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  197.040134][ T9733]  ? __fget_files+0x395/0x410
[  197.040163][ T9733]  ? __fget_files+0x2a/0x410
[  197.040203][ T9733]  __x64_sys_setsockopt+0x1ee/0x280
[  197.040236][ T9733]  do_syscall_64+0xf3/0x230
[  197.040269][ T9733]  ? clear_bhb_loop+0x35/0x90
[  197.040302][ T9733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.040331][ T9733] RIP: 0033:0x7f2a9558d169
[  197.040349][ T9733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.040366][ T9733] RSP: 002b:00007f2a964ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  197.040388][ T9733] RAX: ffffffffffffffda RBX: 00007f2a957a5fa0 RCX: 00007f2a9558d169
[  197.040404][ T9733] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 000000000000000a
[  197.040416][ T9733] RBP: 00007f2a964ba090 R08: 000000000001000f R09: 0000000000000000
[  197.040429][ T9733] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  197.040442][ T9733] R13: 0000000000000000 R14: 00007f2a957a5fa0 R15: 00007ffedbe5ca28
[  197.040473][ T9733]  </TASK>
[  197.347599][ T5847] Bluetooth: hci3: command tx timeout
[  197.670795][ T9747] syzkaller0: entered promiscuous mode
[  197.696519][ T9747] syzkaller0: entered allmulticast mode
[  197.816503][ T9747] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1397'.
[  197.931874][ T9766] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1402'.
[  198.502230][ T9781] FAULT_INJECTION: forcing a failure.
[  198.502230][ T9781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.536256][ T9781] CPU: 1 UID: 0 PID: 9781 Comm: syz.4.1407 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  198.536290][ T9781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  198.536304][ T9781] Call Trace:
[  198.536312][ T9781]  <TASK>
[  198.536321][ T9781]  dump_stack_lvl+0x241/0x360
[  198.536354][ T9781]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.536378][ T9781]  ? __pfx__printk+0x10/0x10
[  198.536402][ T9781]  ? __pfx_lock_release+0x10/0x10
[  198.536433][ T9781]  ? __lock_acquire+0x1397/0x2100
[  198.536473][ T9781]  should_fail_ex+0x40a/0x550
[  198.536512][ T9781]  _copy_from_user+0x2d/0xb0
[  198.536541][ T9781]  kstrtouint_from_user+0xc6/0x190
[  198.536569][ T9781]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  198.536598][ T9781]  ? __pfx_lock_acquire+0x10/0x10
[  198.536659][ T9781]  proc_fail_nth_write+0xaa/0x2d0
[  198.536690][ T9781]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  198.536718][ T9781]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  198.536754][ T9781]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  198.536796][ T9781]  vfs_write+0x29f/0xd10
[  198.536821][ T9781]  ? fdget_pos+0x254/0x320
[  198.536850][ T9781]  ? __mutex_unlock_slowpath+0x227/0x800
[  198.536887][ T9781]  ? __pfx_vfs_write+0x10/0x10
[  198.536906][ T9781]  ? do_sys_openat2+0x17a/0x1d0
[  198.536941][ T9781]  ? __fget_files+0x2a/0x410
[  198.536973][ T9781]  ? __fget_files+0x395/0x410
[  198.537002][ T9781]  ? __fget_files+0x2a/0x410
[  198.537044][ T9781]  ksys_write+0x18f/0x2b0
[  198.537070][ T9781]  ? __pfx_ksys_write+0x10/0x10
[  198.537094][ T9781]  ? do_syscall_64+0x100/0x230
[  198.537129][ T9781]  ? do_syscall_64+0xb6/0x230
[  198.537163][ T9781]  do_syscall_64+0xf3/0x230
[  198.537194][ T9781]  ? clear_bhb_loop+0x35/0x90
[  198.537231][ T9781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.537259][ T9781] RIP: 0033:0x7f2c0c18bc1f
[  198.537278][ T9781] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  198.537294][ T9781] RSP: 002b:00007f2c0d08c030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  198.537316][ T9781] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2c0c18bc1f
[  198.537330][ T9781] RDX: 0000000000000001 RSI: 00007f2c0d08c0a0 RDI: 0000000000000006
[  198.537342][ T9781] RBP: 00007f2c0d08c090 R08: 0000000000000000 R09: 0000000000000000
[  198.537354][ T9781] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  198.537366][ T9781] R13: 0000000000000000 R14: 00007f2c0c3a6080 R15: 00007ffdf93a8fd8
[  198.537399][ T9781]  </TASK>
[  199.403014][ T5847] Bluetooth: hci3: command 0x0405 tx timeout
[  200.814474][ T9790] vlan0: entered allmulticast mode
[  200.838799][ T9790] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  201.002161][ T9804] netlink: 'syz.1.1418': attribute type 11 has an invalid length.
[  201.035293][ T9805] bond0: (slave team0): Releasing backup interface
[  201.090902][ T9805] bridge_slave_0: left allmulticast mode
[  201.110494][ T9805] bridge_slave_0: left promiscuous mode
[  201.116810][ T9805] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.149181][ T9805] bridge_slave_1: left allmulticast mode
[  201.155402][ T9805] bridge_slave_1: left promiscuous mode
[  201.163429][ T9805] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.194893][ T9805] bond0: (slave bond_slave_0): Releasing backup interface
[  201.208555][ T9805] bond0: (slave bond_slave_1): Releasing backup interface
[  201.275193][ T9805] team0: Failed to send options change via netlink (err -105)
[  201.308524][ T9805] team0: Failed to send port change of device CÃ via netlink (err -105)
[  201.329349][ T9805] team0: Port device CÃ removed
[  201.379359][ T9805] team0: Failed to send options change via netlink (err -105)
[  201.389381][ T9805] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  201.408673][ T9827] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  201.425294][ T9805] team0: Port device team_slave_1 removed
[  201.433822][ T9805] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.506557][ T9805] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.537186][ T9805] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.545757][ T9805] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.647191][ T9821] netlink: 'syz.5.1422': attribute type 16 has an invalid length.
[  201.676761][ T9821] netlink: 'syz.5.1422': attribute type 17 has an invalid length.
[  201.718076][ T5841] Bluetooth: hci1: command 0x0406 tx timeout
[  201.726092][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  201.732747][ T5841] Bluetooth: hci0: command 0x0406 tx timeout
[  201.937620][ T9821] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  202.238822][ T9852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1428'.
[  202.246772][ T9853] netlink: 'syz.2.1430': attribute type 10 has an invalid length.
[  202.269085][ T9852] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  202.269094][ T9853] 8021q: adding VLAN 0 to HW filter on device team0
[  202.270883][ T9853] bond0: (slave team0): Enslaving as an active interface with an up link
[  202.455035][ T5881] IPVS: starting estimator thread 0...
[  202.558746][ T9865] IPVS: using max 18 ests per chain, 43200 per kthread
[  202.695984][ T9870] bond0: entered promiscuous mode
[  202.706486][ T9870] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.803651][ T9878] FAULT_INJECTION: forcing a failure.
[  202.803651][ T9878] name failslab, interval 1, probability 0, space 0, times 0
[  202.816718][ T9878] CPU: 0 UID: 0 PID: 9878 Comm: syz.5.1437 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  202.816747][ T9878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.816760][ T9878] Call Trace:
[  202.816768][ T9878]  <TASK>
[  202.816776][ T9878]  dump_stack_lvl+0x241/0x360
[  202.816809][ T9878]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.816833][ T9878]  ? __pfx__printk+0x10/0x10
[  202.816851][ T9878]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  202.816886][ T9878]  ? __build_skb_around+0x245/0x3d0
[  202.816916][ T9878]  should_fail_ex+0x40a/0x550
[  202.816954][ T9878]  should_failslab+0xac/0x100
[  202.816983][ T9878]  ? _sctp_make_chunk+0x161/0x460
[  202.817014][ T9878]  kmem_cache_alloc_noprof+0x70/0x380
[  202.817050][ T9878]  _sctp_make_chunk+0x161/0x460
[  202.817086][ T9878]  sctp_make_strreset_req+0x133/0x810
[  202.817117][ T9878]  ? __pfx_sctp_make_strreset_req+0x10/0x10
[  202.817159][ T9878]  ? __kmalloc_noprof+0x2a5/0x4c0
[  202.817188][ T9878]  ? sctp_send_reset_streams+0x389/0xd90
[  202.817215][ T9878]  ? sctp_stream_outq_is_empty+0x190/0x1e0
[  202.817247][ T9878]  sctp_send_reset_streams+0x718/0xd90
[  202.817293][ T9878]  sctp_setsockopt+0x845/0x11c0
[  202.817329][ T9878]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  202.817362][ T9878]  do_sock_setsockopt+0x3af/0x720
[  202.817394][ T9878]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  202.817422][ T9878]  ? __fget_files+0x395/0x410
[  202.817451][ T9878]  ? __fget_files+0x2a/0x410
[  202.817490][ T9878]  __x64_sys_setsockopt+0x1ee/0x280
[  202.817523][ T9878]  do_syscall_64+0xf3/0x230
[  202.817556][ T9878]  ? clear_bhb_loop+0x35/0x90
[  202.817590][ T9878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.817619][ T9878] RIP: 0033:0x7f2e6eb8d169
[  202.817637][ T9878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.817654][ T9878] RSP: 002b:00007f2e6c9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  202.817677][ T9878] RAX: ffffffffffffffda RBX: 00007f2e6eda5fa0 RCX: 00007f2e6eb8d169
[  202.817700][ T9878] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 000000000000000a
[  202.817712][ T9878] RBP: 00007f2e6c9f6090 R08: 000000000001000f R09: 0000000000000000
[  202.817726][ T9878] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  202.817738][ T9878] R13: 0000000000000000 R14: 00007f2e6eda5fa0 R15: 00007ffc590c6da8
[  202.817770][ T9878]  </TASK>
[  203.385350][ T9891] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  203.787679][ T9916] netlink: 'syz.2.1451': attribute type 10 has an invalid length.
[  205.314031][ T9979] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  205.625640][ T9987] SET target dimension over the limit!
[  205.914983][T10005] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  206.264933][T10022] FAULT_INJECTION: forcing a failure.
[  206.264933][T10022] name failslab, interval 1, probability 0, space 0, times 0
[  206.330575][T10022] CPU: 0 UID: 0 PID: 10022 Comm: syz.1.1489 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  206.330609][T10022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  206.330623][T10022] Call Trace:
[  206.330630][T10022]  <TASK>
[  206.330639][T10022]  dump_stack_lvl+0x241/0x360
[  206.330671][T10022]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.330696][T10022]  ? __pfx__printk+0x10/0x10
[  206.330720][T10022]  ? __kmalloc_cache_noprof+0x48/0x390
[  206.330754][T10022]  ? __pfx___might_resched+0x10/0x10
[  206.330789][T10022]  should_fail_ex+0x40a/0x550
[  206.330826][T10022]  should_failslab+0xac/0x100
[  206.330856][T10022]  __kmalloc_cache_noprof+0x70/0x390
[  206.330885][T10022]  ? netlbl_cipsov4_add+0x2a6/0x25e0
[  206.330915][T10022]  ? apparmor_current_getlsmprop_subj+0xde/0x160
[  206.330951][T10022]  netlbl_cipsov4_add+0x2a6/0x25e0
[  206.330992][T10022]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[  206.331029][T10022]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  206.331064][T10022]  genl_rcv_msg+0xb1f/0xec0
[  206.331097][T10022]  ? __pfx_genl_rcv_msg+0x10/0x10
[  206.331153][T10022]  ? __pfx_lock_acquire+0x10/0x10
[  206.331185][T10022]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[  206.331229][T10022]  ? __pfx___might_resched+0x10/0x10
[  206.331268][T10022]  netlink_rcv_skb+0x206/0x480
[  206.331302][T10022]  ? __pfx_genl_rcv_msg+0x10/0x10
[  206.331330][T10022]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  206.331391][T10022]  genl_rcv+0x28/0x40
[  206.331414][T10022]  netlink_unicast+0x7f6/0x990
[  206.331452][T10022]  ? __pfx_netlink_unicast+0x10/0x10
[  206.331479][T10022]  ? __virt_addr_valid+0x45f/0x530
[  206.331500][T10022]  ? __phys_addr_symbol+0x2f/0x70
[  206.331519][T10022]  ? __check_object_size+0x47a/0x730
[  206.331553][T10022]  netlink_sendmsg+0x8de/0xcb0
[  206.331586][T10022]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.331611][T10022]  ? aa_sock_msg_perm+0x91/0x160
[  206.331648][T10022]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.331667][T10022]  __sock_sendmsg+0x221/0x270
[  206.331702][T10022]  ____sys_sendmsg+0x53a/0x860
[  206.331737][T10022]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.331761][T10022]  ? __fget_files+0x2a/0x410
[  206.331795][T10022]  ? __fget_files+0x2a/0x410
[  206.331835][T10022]  __sys_sendmsg+0x269/0x350
[  206.331868][T10022]  ? __pfx___sys_sendmsg+0x10/0x10
[  206.331907][T10022]  ? do_sys_openat2+0x17a/0x1d0
[  206.331964][T10022]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  206.331997][T10022]  ? do_syscall_64+0x100/0x230
[  206.332031][T10022]  ? do_syscall_64+0xb6/0x230
[  206.332064][T10022]  do_syscall_64+0xf3/0x230
[  206.332095][T10022]  ? clear_bhb_loop+0x35/0x90
[  206.332126][T10022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.332153][T10022] RIP: 0033:0x7fcdd3b8d169
[  206.332172][T10022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.332189][T10022] RSP: 002b:00007fcdd4995038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.332222][T10022] RAX: ffffffffffffffda RBX: 00007fcdd3da5fa0 RCX: 00007fcdd3b8d169
[  206.332237][T10022] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  206.332250][T10022] RBP: 00007fcdd4995090 R08: 0000000000000000 R09: 0000000000000000
[  206.332262][T10022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.332273][T10022] R13: 0000000000000000 R14: 00007fcdd3da5fa0 R15: 00007ffe0f1d7078
[  206.332306][T10022]  </TASK>
[  207.177082][T10043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1495'.
[  207.202633][T10043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1495'.
[  207.253544][T10057] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1502'.
[  207.743353][T10079] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1508'.
[  208.086052][T10095] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1510'.
[  208.268306][T10101] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1512'.
[  208.317787][T10101] openvswitch: netlink: Flow actions attr not present in new flow.
[  208.387920][T10107] openvswitch: netlink: ERSPAN option length err (len 4096, max 255).
[  208.575141][T10115] SET target dimension over the limit!
[  208.835494][T10113] bond0 (unregistering): Released all slaves
[  208.864173][T10118] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  209.183785][ T7050] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  209.220400][T10131] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1523'.
[  209.245123][   T13] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  209.249271][T10132] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1524'.
[  209.701143][T10151] bond0: entered promiscuous mode
[  209.714071][T10151] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  209.779844][T10151] bond0: left promiscuous mode
[  210.002650][T10159] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1533'.
[  210.139918][T10157] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.216550][T10161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1533'.
[  210.421755][T10157] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.437532][T10176] netlink: 'syz.2.1540': attribute type 1 has an invalid length.
[  210.622860][T10157] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.780818][T10157] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.016911][T10157] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.062242][T10157] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.104167][T10157] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.142650][T10157] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.163835][T10189] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  211.171165][T10189] IPv6: NLM_F_CREATE should be set when creating new route
[  211.350452][T10201] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 00:00:00:00:00:00
[  211.459853][T10210] netlink: 'syz.2.1551': attribute type 1 has an invalid length.
[  211.606850][T10219] FAULT_INJECTION: forcing a failure.
[  211.606850][T10219] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  211.623381][T10219] CPU: 0 UID: 0 PID: 10219 Comm: syz.4.1552 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  211.623413][T10219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  211.623426][T10219] Call Trace:
[  211.623433][T10219]  <TASK>
[  211.623443][T10219]  dump_stack_lvl+0x241/0x360
[  211.623475][T10219]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.623500][T10219]  ? __pfx__printk+0x10/0x10
[  211.623522][T10219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  211.623566][T10219]  should_fail_ex+0x40a/0x550
[  211.623604][T10219]  prepare_alloc_pages+0x1da/0x5b0
[  211.623638][T10219]  __alloc_frozen_pages_noprof+0x16f/0x710
[  211.623668][T10219]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  211.623725][T10219]  alloc_pages_mpol+0x311/0x660
[  211.623761][T10219]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  211.623802][T10219]  vma_alloc_folio_noprof+0x12b/0x260
[  211.623835][T10219]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  211.623869][T10219]  ? do_raw_spin_unlock+0x13c/0x8b0
[  211.623902][T10219]  folio_prealloc+0x2e/0x170
[  211.623926][T10219]  do_wp_page+0x1253/0x49b0
[  211.623974][T10219]  ? __pfx_do_wp_page+0x10/0x10
[  211.624007][T10219]  ? __pfx_validate_chain+0x10/0x10
[  211.624035][T10219]  ? __pfx_lock_acquire+0x10/0x10
[  211.624064][T10219]  ? rcu_is_watching+0x15/0xb0
[  211.624092][T10219]  ? do_raw_spin_lock+0x14f/0x370
[  211.624119][T10219]  ? __pfx____pte_offset_map+0x10/0x10
[  211.624171][T10219]  __handle_mm_fault+0x2303/0x6ef0
[  211.624203][T10219]  ? mark_lock+0x9a/0x360
[  211.624253][T10219]  ? __pfx___handle_mm_fault+0x10/0x10
[  211.624294][T10219]  ? __pfx_lock_acquire+0x10/0x10
[  211.624330][T10219]  ? do_raw_spin_lock+0x14f/0x370
[  211.624381][T10219]  ? follow_page_pte+0xdd3/0x1460
[  211.624404][T10219]  ? follow_page_pte+0xe54/0x1460
[  211.624428][T10219]  ? __pfx_lock_release+0x10/0x10
[  211.624462][T10219]  ? do_raw_spin_unlock+0x13c/0x8b0
[  211.624498][T10219]  ? __pfx___might_resched+0x10/0x10
[  211.624524][T10219]  handle_mm_fault+0x3e5/0x8d0
[  211.624560][T10219]  __get_user_pages+0x1a92/0x4140
[  211.624585][T10219]  ? mark_lock+0x9a/0x360
[  211.624621][T10219]  ? __pfx___get_user_pages+0x10/0x10
[  211.624641][T10219]  ? __pfx_down_read_killable+0x10/0x10
[  211.624675][T10219]  __gup_longterm_locked+0xe64/0x17f0
[  211.624711][T10219]  ? mark_lock+0x9a/0x360
[  211.624731][T10219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  211.624763][T10219]  ? __pfx___gup_longterm_locked+0x10/0x10
[  211.624785][T10219]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  211.624812][T10219]  ? sanity_check_pinned_pages+0x11b9/0x12a0
[  211.624843][T10219]  ? gup_fast_fallback+0x207e/0x29c0
[  211.624863][T10219]  gup_fast_fallback+0x2266/0x29c0
[  211.624907][T10219]  ? __pfx_gup_fast_fallback+0x10/0x10
[  211.624923][T10219]  ? unwind_get_return_address+0x4d/0x90
[  211.624951][T10219]  ? arch_stack_walk+0xfd/0x150
[  211.624979][T10219]  ? stack_trace_save+0x118/0x1d0
[  211.625004][T10219]  ? __pfx_stack_trace_save+0x10/0x10
[  211.625030][T10219]  ? stack_depot_save_flags+0x37/0x940
[  211.625060][T10219]  ? is_valid_gup_args+0x124/0x200
[  211.625081][T10219]  pin_user_pages_fast+0xcc/0x160
[  211.625097][T10219]  ? __kmalloc_noprof+0x285/0x4c0
[  211.625120][T10219]  ? sock_kmalloc+0xd7/0x160
[  211.625144][T10219]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  211.625160][T10219]  ? do_syscall_64+0xf3/0x230
[  211.625194][T10219]  iov_iter_extract_pages+0x3bb/0x5c0
[  211.625226][T10219]  extract_iter_to_sg+0xea6/0x2650
[  211.625259][T10219]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  211.625284][T10219]  ? rcu_is_watching+0x15/0xb0
[  211.625303][T10219]  ? trace_kmalloc+0x1f/0xd0
[  211.625324][T10219]  ? __kmalloc_noprof+0x2a5/0x4c0
[  211.625353][T10219]  ? __asan_memset+0x23/0x50
[  211.625372][T10219]  af_alg_get_rsgl+0x41e/0x850
[  211.625412][T10219]  skcipher_recvmsg+0x3f8/0x1230
[  211.625438][T10219]  ? __local_bh_enable_ip+0x168/0x200
[  211.625464][T10219]  ? skcipher_check_key+0x15c/0x1d0
[  211.625498][T10219]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  211.625525][T10219]  ? skcipher_check_key+0x15c/0x1d0
[  211.625551][T10219]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  211.625580][T10219]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  211.625609][T10219]  sock_recvmsg+0x22f/0x280
[  211.625640][T10219]  __sys_recvfrom+0x202/0x380
[  211.625664][T10219]  ? __pfx___sys_recvfrom+0x10/0x10
[  211.625695][T10219]  ? __fget_files+0x2a/0x410
[  211.625737][T10219]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  211.625766][T10219]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  211.625797][T10219]  __x64_sys_recvfrom+0xde/0x100
[  211.625820][T10219]  do_syscall_64+0xf3/0x230
[  211.625846][T10219]  ? clear_bhb_loop+0x35/0x90
[  211.625873][T10219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.625897][T10219] RIP: 0033:0x7f2c0c18d169
[  211.625913][T10219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.625927][T10219] RSP: 002b:00007f2c0d08c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  211.625946][T10219] RAX: ffffffffffffffda RBX: 00007f2c0c3a6080 RCX: 00007f2c0c18d169
[  211.625959][T10219] RDX: ffffffffffffffbf RSI: 00002000000030c0 RDI: 0000000000000004
[  211.625971][T10219] RBP: 00007f2c0d08c090 R08: 0000000000000000 R09: ffffffffffffffb5
[  211.625983][T10219] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[  211.625993][T10219] R13: 0000000000000001 R14: 00007f2c0c3a6080 R15: 00007ffdf93a8fd8
[  211.626018][T10219]  </TASK>
[  212.448450][T10229] __nla_validate_parse: 8 callbacks suppressed
[  212.448472][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1559'.
[  212.532318][T10229] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  212.539699][T10229] IPv6: NLM_F_CREATE should be set when creating new route
[  212.569638][T10229] FAULT_INJECTION: forcing a failure.
[  212.569638][T10229] name failslab, interval 1, probability 0, space 0, times 0
[  212.591013][T10229] CPU: 1 UID: 0 PID: 10229 Comm: syz.4.1559 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  212.591048][T10229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.591061][T10229] Call Trace:
[  212.591069][T10229]  <TASK>
[  212.591079][T10229]  dump_stack_lvl+0x241/0x360
[  212.591111][T10229]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.591135][T10229]  ? __pfx__printk+0x10/0x10
[  212.591169][T10229]  should_fail_ex+0x40a/0x550
[  212.591206][T10229]  should_failslab+0xac/0x100
[  212.591235][T10229]  __kmalloc_cache_noprof+0x70/0x390
[  212.591262][T10229]  ? nsim_fib_event_nb+0x17c/0x10b0
[  212.591283][T10229]  nsim_fib_event_nb+0x17c/0x10b0
[  212.591300][T10229]  ? __pfx_lock_release+0x10/0x10
[  212.591331][T10229]  notifier_call_chain+0x1a5/0x3f0
[  212.591357][T10229]  ? atomic_notifier_call_chain+0x26/0x180
[  212.591378][T10229]  atomic_notifier_call_chain+0xdb/0x180
[  212.591402][T10229]  call_fib_notifiers+0x31/0x60
[  212.591419][T10229]  call_fib6_multipath_entry_notifiers+0x142/0x1c0
[  212.591444][T10229]  ? __pfx_call_fib6_multipath_entry_notifiers+0x10/0x10
[  212.591466][T10229]  ? inet6_rtm_newroute+0x102f/0x2100
[  212.591494][T10229]  inet6_rtm_newroute+0x1b78/0x2100
[  212.591529][T10229]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  212.591547][T10229]  ? __mutex_trylock_common+0x183/0x2e0
[  212.591565][T10229]  ? __pfx___might_resched+0x10/0x10
[  212.591597][T10229]  ? __mutex_lock+0x397/0x1010
[  212.591644][T10229]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  212.591674][T10229]  rtnetlink_rcv_msg+0x73f/0xcf0
[  212.591697][T10229]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  212.591725][T10229]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  212.591754][T10229]  ? ref_tracker_free+0x643/0x7e0
[  212.591774][T10229]  netlink_rcv_skb+0x206/0x480
[  212.591799][T10229]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  212.591825][T10229]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  212.591865][T10229]  ? netlink_deliver_tap+0x2e/0x1b0
[  212.591891][T10229]  netlink_unicast+0x7f6/0x990
[  212.591919][T10229]  ? __pfx_netlink_unicast+0x10/0x10
[  212.591938][T10229]  ? __virt_addr_valid+0x45f/0x530
[  212.591953][T10229]  ? __phys_addr_symbol+0x2f/0x70
[  212.591967][T10229]  ? __check_object_size+0x47a/0x730
[  212.591992][T10229]  netlink_sendmsg+0x8de/0xcb0
[  212.592027][T10229]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.592045][T10229]  ? aa_sock_msg_perm+0x91/0x160
[  212.592074][T10229]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.592087][T10229]  __sock_sendmsg+0x221/0x270
[  212.592112][T10229]  ____sys_sendmsg+0x53a/0x860
[  212.592138][T10229]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.592155][T10229]  ? __fget_files+0x2a/0x410
[  212.592179][T10229]  ? __fget_files+0x2a/0x410
[  212.592208][T10229]  __sys_sendmsg+0x269/0x350
[  212.592230][T10229]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.592259][T10229]  ? do_sys_openat2+0x17a/0x1d0
[  212.592300][T10229]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  212.592325][T10229]  ? do_syscall_64+0x100/0x230
[  212.592350][T10229]  ? do_syscall_64+0xb6/0x230
[  212.592374][T10229]  do_syscall_64+0xf3/0x230
[  212.592397][T10229]  ? clear_bhb_loop+0x35/0x90
[  212.592421][T10229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.592442][T10229] RIP: 0033:0x7f2c0c18d169
[  212.592456][T10229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.592468][T10229] RSP: 002b:00007f2c0d0ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.592485][T10229] RAX: ffffffffffffffda RBX: 00007f2c0c3a5fa0 RCX: 00007f2c0c18d169
[  212.592496][T10229] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  212.592505][T10229] RBP: 00007f2c0d0ad090 R08: 0000000000000000 R09: 0000000000000000
[  212.592514][T10229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.592523][T10229] R13: 0000000000000000 R14: 00007f2c0c3a5fa0 R15: 00007ffdf93a8fd8
[  212.592545][T10229]  </TASK>
[  212.598372][T10233] vlan0: entered promiscuous mode
[  213.581284][T10268] ip6gretap0: entered promiscuous mode
[  213.595675][T10268] vlan2: entered promiscuous mode
[  213.832813][T10273] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.850371][T10279] netlink: 'syz.5.1577': attribute type 15 has an invalid length.
[  213.901135][T10273] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1577'.
[  214.103912][T10286] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1580'.
[  214.122779][T10286] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  214.130121][T10286] IPv6: NLM_F_CREATE should be set when creating new route
[  214.332719][T10289] tipc: Started in network mode
[  214.347432][T10289] tipc: Node identity 8a270875b52c, cluster identity 4711
[  214.372466][T10289] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  214.448870][T10288] tipc: Resetting bearer <eth:syzkaller0>
[  215.471153][ T5920] tipc: Node number set to 1057687669
[  216.922880][T10288] tipc: Disabling bearer <eth:syzkaller0>
[  216.963687][T10315] dummy0: entered promiscuous mode
[  217.007543][T10315] vlan0: entered promiscuous mode
[  217.097634][T10318] FAULT_INJECTION: forcing a failure.
[  217.097634][T10318] name failslab, interval 1, probability 0, space 0, times 0
[  217.128895][T10318] CPU: 1 UID: 0 PID: 10318 Comm: syz.4.1594 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  217.128933][T10318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  217.128946][T10318] Call Trace:
[  217.128954][T10318]  <TASK>
[  217.128963][T10318]  dump_stack_lvl+0x241/0x360
[  217.128995][T10318]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.129018][T10318]  ? __pfx__printk+0x10/0x10
[  217.129055][T10318]  should_fail_ex+0x40a/0x550
[  217.129093][T10318]  should_failslab+0xac/0x100
[  217.129122][T10318]  ? dst_alloc+0x12b/0x190
[  217.129148][T10318]  kmem_cache_alloc_noprof+0x70/0x380
[  217.129183][T10318]  dst_alloc+0x12b/0x190
[  217.129215][T10318]  xfrm_alloc_dst+0x6e/0x150
[  217.129237][T10318]  xfrm_lookup_with_ifid+0xafd/0x1fa0
[  217.129286][T10318]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  217.129324][T10318]  ? __pfx_lock_release+0x10/0x10
[  217.129368][T10318]  xfrm_lookup_route+0x3c/0x1c0
[  217.129401][T10318]  ip6_dst_lookup_flow+0x13e/0x180
[  217.129438][T10318]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  217.129468][T10318]  ? tomoyo_check_inet_address+0x83c/0xb30
[  217.129492][T10318]  ? aa_label_sk_perm+0x4f3/0x6c0
[  217.129521][T10318]  ? rawv6_sendmsg+0xff1/0x24c0
[  217.129548][T10318]  rawv6_sendmsg+0x1356/0x24c0
[  217.129589][T10318]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  217.129645][T10318]  ? sock_rps_record_flow+0x1a/0x400
[  217.129677][T10318]  ? inet_sendmsg+0x330/0x390
[  217.129709][T10318]  __sock_sendmsg+0x1a6/0x270
[  217.129745][T10318]  __sys_sendto+0x363/0x4c0
[  217.129776][T10318]  ? __pfx___sys_sendto+0x10/0x10
[  217.129812][T10318]  ? __fget_files+0x2a/0x410
[  217.129854][T10318]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  217.129889][T10318]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  217.129927][T10318]  __x64_sys_sendto+0xde/0x100
[  217.129954][T10318]  do_syscall_64+0xf3/0x230
[  217.129985][T10318]  ? clear_bhb_loop+0x35/0x90
[  217.130019][T10318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.130047][T10318] RIP: 0033:0x7f2c0c18d169
[  217.130065][T10318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.130083][T10318] RSP: 002b:00007f2c0d0ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  217.130106][T10318] RAX: ffffffffffffffda RBX: 00007f2c0c3a5fa0 RCX: 00007f2c0c18d169
[  217.130121][T10318] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000004
[  217.130133][T10318] RBP: 00007f2c0d0ad090 R08: 00002000000000c0 R09: 0000000000000020
[  217.130146][T10318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.130158][T10318] R13: 0000000000000000 R14: 00007f2c0c3a5fa0 R15: 00007ffdf93a8fd8
[  217.130189][T10318]  </TASK>
[  217.462873][T10325] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1592'.
[  217.604927][T10335] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1598'.
[  217.713182][T10335] netlink: 'syz.5.1598': attribute type 1 has an invalid length.
[  217.749325][T10335] netlink: 'syz.5.1598': attribute type 2 has an invalid length.
[  218.054737][T10350] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1605'.
[  218.883150][T10388] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1620'.
[  219.165691][T10402] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1622'.
[  219.183694][T10403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1625'.
[  219.314748][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1625'.
[  220.239431][T10439] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1630'.
[  220.368609][T10443] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1634'.
[  220.573379][T10445] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1635'.
[  220.598155][ T5847] Bluetooth: hci0: command 0x0406 tx timeout
[  220.604453][ T5837] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  220.899237][T10464] FAULT_INJECTION: forcing a failure.
[  220.899237][T10464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.937553][T10464] CPU: 1 UID: 0 PID: 10464 Comm: syz.4.1642 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  220.937586][T10464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  220.937599][T10464] Call Trace:
[  220.937607][T10464]  <TASK>
[  220.937615][T10464]  dump_stack_lvl+0x241/0x360
[  220.937647][T10464]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.937671][T10464]  ? __pfx__printk+0x10/0x10
[  220.937699][T10464]  ? snprintf+0xda/0x120
[  220.937727][T10464]  should_fail_ex+0x40a/0x550
[  220.937765][T10464]  _copy_to_user+0x31/0xb0
[  220.937797][T10464]  simple_read_from_buffer+0xca/0x150
[  220.937829][T10464]  proc_fail_nth_read+0x1e9/0x250
[  220.937862][T10464]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  220.937896][T10464]  ? rw_verify_area+0x243/0x630
[  220.937917][T10464]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  220.937949][T10464]  vfs_read+0x1f8/0xb40
[  220.937972][T10464]  ? fdget_pos+0x254/0x320
[  220.938004][T10464]  ? __pfx___mutex_lock+0x10/0x10
[  220.938036][T10464]  ? __pfx_vfs_read+0x10/0x10
[  220.938061][T10464]  ? __fget_files+0x2a/0x410
[  220.938093][T10464]  ? __fget_files+0x395/0x410
[  220.938122][T10464]  ? __fget_files+0x2a/0x410
[  220.938162][T10464]  ksys_read+0x18f/0x2b0
[  220.938188][T10464]  ? __pfx_ksys_read+0x10/0x10
[  220.938211][T10464]  ? do_syscall_64+0x100/0x230
[  220.938246][T10464]  ? do_syscall_64+0xb6/0x230
[  220.938280][T10464]  do_syscall_64+0xf3/0x230
[  220.938356][T10464]  ? clear_bhb_loop+0x35/0x90
[  220.938390][T10464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.938419][T10464] RIP: 0033:0x7f2c0c18bb7c
[  220.938437][T10464] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  220.938455][T10464] RSP: 002b:00007f2c0d0ad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  220.938478][T10464] RAX: ffffffffffffffda RBX: 00007f2c0c3a5fa0 RCX: 00007f2c0c18bb7c
[  220.938493][T10464] RDX: 000000000000000f RSI: 00007f2c0d0ad0a0 RDI: 0000000000000005
[  220.938506][T10464] RBP: 00007f2c0d0ad090 R08: 0000000000000000 R09: 0000000000000000
[  220.938519][T10464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  220.938531][T10464] R13: 0000000000000000 R14: 00007f2c0c3a5fa0 R15: 00007ffdf93a8fd8
[  220.938563][T10464]  </TASK>
[  221.188087][T10467] x_tables: duplicate underflow at hook 2
[  221.369198][T10479] netlink: 'syz.4.1646': attribute type 4 has an invalid length.
[  221.393854][T10479] netlink: 'syz.4.1646': attribute type 4 has an invalid length.
[  221.478799][T10485] netlink: 'syz.4.1648': attribute type 1 has an invalid length.
[  221.502576][T10485] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.513912][T10485] batman_adv: batadv0: Interface deactivated: dummy0
[  221.522218][T10485] batman_adv: batadv0: Removing interface: dummy0
[  221.535396][T10485] bond0: (slave dummy0): making interface the new active one
[  221.548768][T10485] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  222.116975][T10507] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  222.126137][T10507] macsec1: entered promiscuous mode
[  222.131748][T10507] macsec1: entered allmulticast mode
[  222.186756][T10507] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  222.206453][T10513] macsec2: entered promiscuous mode
[  222.226997][T10513] macsec2: entered allmulticast mode
[  222.596092][T10529] __nla_validate_parse: 6 callbacks suppressed
[  222.596116][T10529] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1663'.
[  222.715825][T10533] sctp: [Deprecated]: syz.5.1666 (pid 10533) Use of int in max_burst socket option.
[  222.715825][T10533] Use struct sctp_assoc_value instead
[  222.819019][T10537] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1668'.
[  223.007230][T10549] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1673'.
[  223.086797][T10541] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1671'.
[  223.357937][T10566] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1676'.
[  223.741788][T10584] FAULT_INJECTION: forcing a failure.
[  223.741788][T10584] name failslab, interval 1, probability 0, space 0, times 0
[  223.765536][T10584] CPU: 1 UID: 0 PID: 10584 Comm: syz.4.1685 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  223.765570][T10584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  223.765584][T10584] Call Trace:
[  223.765592][T10584]  <TASK>
[  223.765601][T10584]  dump_stack_lvl+0x241/0x360
[  223.765634][T10584]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.765657][T10584]  ? __pfx__printk+0x10/0x10
[  223.765681][T10584]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  223.765713][T10584]  ? __pfx___might_resched+0x10/0x10
[  223.765748][T10584]  should_fail_ex+0x40a/0x550
[  223.765786][T10584]  should_failslab+0xac/0x100
[  223.765816][T10584]  kmem_cache_alloc_node_noprof+0x77/0x380
[  223.765846][T10584]  ? __alloc_skb+0x1c3/0x440
[  223.765875][T10584]  __alloc_skb+0x1c3/0x440
[  223.765904][T10584]  ? __pfx___alloc_skb+0x10/0x10
[  223.765938][T10584]  sctp_packet_transmit+0x30c/0x2cc0
[  223.765966][T10584]  ? __pfx_lock_acquire+0x10/0x10
[  223.766002][T10584]  ? __pfx_lock_release+0x10/0x10
[  223.766046][T10584]  ? sctp_outq_flush+0x1122/0x3e20
[  223.766072][T10584]  sctp_outq_flush+0x142a/0x3e20
[  223.766102][T10584]  ? sctp_outq_flush+0x1122/0x3e20
[  223.766134][T10584]  ? 0xffffffffa0000ce4
[  223.766158][T10584]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  223.766192][T10584]  ? __kernel_text_address+0xd/0x40
[  223.766217][T10584]  ? __pfx_sctp_outq_flush+0x10/0x10
[  223.766239][T10584]  ? arch_stack_walk+0xfd/0x150
[  223.766266][T10584]  ? sctp_outq_tail+0x67a/0x930
[  223.766292][T10584]  ? sctp_outq_uncork+0x4f/0xb0
[  223.766319][T10584]  sctp_do_sm+0x59cc/0x60c0
[  223.766353][T10584]  ? stack_depot_save_flags+0x37/0x940
[  223.766400][T10584]  ? __pfx_sctp_do_sm+0x10/0x10
[  223.766424][T10584]  ? sctp_setsockopt+0x845/0x11c0
[  223.766457][T10584]  ? do_syscall_64+0xf3/0x230
[  223.766491][T10584]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.766562][T10584]  ? kasan_quarantine_put+0xdc/0x230
[  223.766584][T10584]  ? lockdep_hardirqs_on+0x99/0x150
[  223.766619][T10584]  sctp_primitive_RECONF+0x98/0xc0
[  223.766646][T10584]  sctp_send_reconf+0x3c/0x70
[  223.766673][T10584]  sctp_send_reset_streams+0x9b6/0xd90
[  223.766713][T10584]  sctp_setsockopt+0x845/0x11c0
[  223.766750][T10584]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  223.766783][T10584]  do_sock_setsockopt+0x3af/0x720
[  223.766815][T10584]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  223.766845][T10584]  ? __fget_files+0x395/0x410
[  223.766875][T10584]  ? __fget_files+0x2a/0x410
[  223.766915][T10584]  __x64_sys_setsockopt+0x1ee/0x280
[  223.766948][T10584]  do_syscall_64+0xf3/0x230
[  223.766979][T10584]  ? clear_bhb_loop+0x35/0x90
[  223.767012][T10584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.767040][T10584] RIP: 0033:0x7f2c0c18d169
[  223.767058][T10584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.767076][T10584] RSP: 002b:00007f2c0d0ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  223.767104][T10584] RAX: ffffffffffffffda RBX: 00007f2c0c3a5fa0 RCX: 00007f2c0c18d169
[  223.767120][T10584] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 000000000000000a
[  223.767132][T10584] RBP: 00007f2c0d0ad090 R08: 000000000001000f R09: 0000000000000000
[  223.767145][T10584] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  223.767158][T10584] R13: 0000000000000000 R14: 00007f2c0c3a5fa0 R15: 00007ffdf93a8fd8
[  223.767190][T10584]  </TASK>
[  224.124934][T10587] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1686'.
[  224.248892][T10592] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1686'.
[  224.613891][T10607] netlink: 'syz.5.1692': attribute type 10 has an invalid length.
[  224.697821][T10613] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1694'.
[  224.717739][T10613] netlink: 'syz.4.1694': attribute type 7 has an invalid length.
[  224.725578][T10613] netlink: 'syz.4.1694': attribute type 8 has an invalid length.
[  224.744139][T10613] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1694'.
[  224.766573][T10613] syz_tun: entered promiscuous mode
[  224.807851][T10613] erspan0: entered promiscuous mode
[  224.814366][T10613] gretap0: entered promiscuous mode
[  225.063956][T10628] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1700'.
[  225.244629][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  225.997692][T10673] openvswitch: netlink: Flow actions attr not present in new flow.
[  226.099211][T10678] openvswitch: netlink: ERSPAN option length err (len 4096, max 255).
[  226.223725][T10682] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  226.264959][T10681] sctp: [Deprecated]: syz.4.1718 (pid 10681) Use of struct sctp_assoc_value in delayed_ack socket option.
[  226.264959][T10681] Use struct sctp_sack_info instead
[  226.699079][T10687] netlink: 'syz.1.1723': attribute type 1 has an invalid length.
[  226.961383][T10698] netlink: 'syz.1.1727': attribute type 28 has an invalid length.
[  226.978592][T10698] netlink: 'syz.1.1727': attribute type 5 has an invalid length.
[  227.084950][T10701] team0: entered promiscuous mode
[  227.124553][T10701] team0: left promiscuous mode
[  227.662236][T10727] xt_l2tp: missing protocol rule (udp|l2tpip)
[  227.792737][T10733] __nla_validate_parse: 10 callbacks suppressed
[  227.792759][T10733] netlink: 312 bytes leftover after parsing attributes in process `syz.5.1743'.
[  227.955334][T10740] FAULT_INJECTION: forcing a failure.
[  227.955334][T10740] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.006403][T10740] CPU: 1 UID: 0 PID: 10740 Comm: syz.4.1744 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  228.006438][T10740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  228.006451][T10740] Call Trace:
[  228.006459][T10740]  <TASK>
[  228.006469][T10740]  dump_stack_lvl+0x241/0x360
[  228.006500][T10740]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.006523][T10740]  ? __pfx__printk+0x10/0x10
[  228.006544][T10740]  ? __pfx_lock_release+0x10/0x10
[  228.006582][T10740]  should_fail_ex+0x40a/0x550
[  228.006616][T10740]  _copy_from_user+0x2d/0xb0
[  228.006644][T10740]  bpf_test_init+0xfc/0x160
[  228.006678][T10740]  bpf_prog_test_run_xdp+0x48e/0x11e0
[  228.006724][T10740]  ? __pfx_lock_release+0x10/0x10
[  228.006763][T10740]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  228.006796][T10740]  ? __fget_files+0x2a/0x410
[  228.006832][T10740]  ? __fget_files+0x2a/0x410
[  228.006865][T10740]  ? fput+0x21b/0x290
[  228.006894][T10740]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  228.006929][T10740]  bpf_prog_test_run+0x2e4/0x360
[  228.006966][T10740]  __sys_bpf+0x487/0x820
[  228.006997][T10740]  ? __pfx___sys_bpf+0x10/0x10
[  228.007037][T10740]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  228.007072][T10740]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  228.007105][T10740]  ? do_syscall_64+0x100/0x230
[  228.007142][T10740]  __x64_sys_bpf+0x7c/0x90
[  228.007168][T10740]  do_syscall_64+0xf3/0x230
[  228.007198][T10740]  ? clear_bhb_loop+0x35/0x90
[  228.007231][T10740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.007260][T10740] RIP: 0033:0x7f2c0c18d169
[  228.007284][T10740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.007302][T10740] RSP: 002b:00007f2c0d0ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  228.007324][T10740] RAX: ffffffffffffffda RBX: 00007f2c0c3a5fa0 RCX: 00007f2c0c18d169
[  228.007338][T10740] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  228.007351][T10740] RBP: 00007f2c0d0ad090 R08: 0000000000000000 R09: 0000000000000000
[  228.007364][T10740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.007376][T10740] R13: 0000000000000000 R14: 00007f2c0c3a5fa0 R15: 00007ffdf93a8fd8
[  228.007406][T10740]  </TASK>
[  228.523228][T10751] netlink: 'syz.1.1748': attribute type 11 has an invalid length.
[  228.611761][T10746] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.619447][T10746] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.851558][T10746] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.872832][T10746] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.969700][T10746] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  228.978880][T10746] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  228.988284][T10746] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  228.997377][T10746] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.125292][T10765] vlan0: entered promiscuous mode
[  229.234509][T10774] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  229.251000][T10776] tipc: Failed to remove unknown binding: 66,1,1/1057687669:3611193882/3611193884
[  229.706394][T10801] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1766'.
[  229.744221][T10805] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1764'.
[  229.855992][T10809] 8021q: adding VLAN 0 to HW filter on device team0
[  229.882940][T10810] netlink: 'syz.5.1768': attribute type 11 has an invalid length.
[  229.891639][T10809] bond0: (slave dummy0): Releasing active interface
[  229.925249][T10815] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1769'.
[  229.947642][T10809] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  229.989045][T10812] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  230.044154][T10820] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  230.051531][T10820] IPv6: NLM_F_CREATE should be set when creating new route
[  230.204829][T10824] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1771'.
[  230.234266][T10824] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  230.473069][T10832] batman_adv: batadv0: Adding interface: dummy0
[  230.480503][T10832] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.517437][T10832] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  231.074948][T10858] FAULT_INJECTION: forcing a failure.
[  231.074948][T10858] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  231.107380][T10858] CPU: 0 UID: 0 PID: 10858 Comm: syz.4.1783 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  231.107413][T10858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  231.107425][T10858] Call Trace:
[  231.107432][T10858]  <TASK>
[  231.107441][T10858]  dump_stack_lvl+0x241/0x360
[  231.107474][T10858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.107497][T10858]  ? __pfx__printk+0x10/0x10
[  231.107518][T10858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  231.107562][T10858]  should_fail_ex+0x40a/0x550
[  231.107601][T10858]  prepare_alloc_pages+0x1da/0x5b0
[  231.107633][T10858]  __alloc_frozen_pages_noprof+0x16f/0x710
[  231.107662][T10858]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  231.107709][T10858]  alloc_pages_mpol+0x311/0x660
[  231.107743][T10858]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  231.107783][T10858]  vma_alloc_folio_noprof+0x12b/0x260
[  231.107815][T10858]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  231.107847][T10858]  ? do_raw_spin_unlock+0x13c/0x8b0
[  231.107880][T10858]  folio_prealloc+0x2e/0x170
[  231.107903][T10858]  do_wp_page+0x1253/0x49b0
[  231.107952][T10858]  ? __pfx_do_wp_page+0x10/0x10
[  231.107984][T10858]  ? __pfx_validate_chain+0x10/0x10
[  231.108011][T10858]  ? __pfx_lock_acquire+0x10/0x10
[  231.108041][T10858]  ? rcu_is_watching+0x15/0xb0
[  231.108070][T10858]  ? do_raw_spin_lock+0x14f/0x370
[  231.108097][T10858]  ? __pfx____pte_offset_map+0x10/0x10
[  231.108145][T10858]  __handle_mm_fault+0x2303/0x6ef0
[  231.108176][T10858]  ? mark_lock+0x9a/0x360
[  231.108220][T10858]  ? __pfx___handle_mm_fault+0x10/0x10
[  231.108273][T10858]  ? __pfx_lock_acquire+0x10/0x10
[  231.108308][T10858]  ? do_raw_spin_lock+0x14f/0x370
[  231.108355][T10858]  ? follow_page_pte+0xdd3/0x1460
[  231.108379][T10858]  ? follow_page_pte+0xe54/0x1460
[  231.108402][T10858]  ? __pfx_lock_release+0x10/0x10
[  231.108440][T10858]  ? do_raw_spin_unlock+0x13c/0x8b0
[  231.108485][T10858]  ? __pfx___might_resched+0x10/0x10
[  231.108518][T10858]  handle_mm_fault+0x3e5/0x8d0
[  231.108562][T10858]  __get_user_pages+0x1a92/0x4140
[  231.108594][T10858]  ? mark_lock+0x9a/0x360
[  231.108641][T10858]  ? __pfx___get_user_pages+0x10/0x10
[  231.108666][T10858]  ? __pfx_down_read_killable+0x10/0x10
[  231.108709][T10858]  __gup_longterm_locked+0xe64/0x17f0
[  231.108746][T10858]  ? mark_lock+0x9a/0x360
[  231.108770][T10858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  231.108802][T10858]  ? __pfx___gup_longterm_locked+0x10/0x10
[  231.108826][T10858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  231.108858][T10858]  ? sanity_check_pinned_pages+0x11b9/0x12a0
[  231.108897][T10858]  ? gup_fast_fallback+0x207e/0x29c0
[  231.108930][T10858]  gup_fast_fallback+0x2266/0x29c0
[  231.108985][T10858]  ? __pfx_gup_fast_fallback+0x10/0x10
[  231.109004][T10858]  ? unwind_get_return_address+0x4d/0x90
[  231.109037][T10858]  ? arch_stack_walk+0xfd/0x150
[  231.109072][T10858]  ? stack_trace_save+0x118/0x1d0
[  231.109099][T10858]  ? __lock_acquire+0x1397/0x2100
[  231.109133][T10858]  ? __pfx_stack_trace_save+0x10/0x10
[  231.109165][T10858]  ? stack_depot_save_flags+0x37/0x940
[  231.109204][T10858]  ? is_valid_gup_args+0x124/0x200
[  231.109237][T10858]  pin_user_pages_fast+0xcc/0x160
[  231.109258][T10858]  ? __kmalloc_noprof+0x285/0x4c0
[  231.109286][T10858]  ? sock_kmalloc+0xd7/0x160
[  231.109316][T10858]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  231.109336][T10858]  ? do_syscall_64+0xf3/0x230
[  231.109379][T10858]  iov_iter_extract_pages+0x3bb/0x5c0
[  231.109417][T10858]  extract_iter_to_sg+0xea6/0x2650
[  231.109459][T10858]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  231.109490][T10858]  ? rcu_is_watching+0x15/0xb0
[  231.109515][T10858]  ? trace_kmalloc+0x1f/0xd0
[  231.109541][T10858]  ? __kmalloc_noprof+0x2a5/0x4c0
[  231.109577][T10858]  ? __asan_memset+0x23/0x50
[  231.109600][T10858]  af_alg_get_rsgl+0x41e/0x850
[  231.109651][T10858]  skcipher_recvmsg+0x3f8/0x1230
[  231.109681][T10858]  ? __local_bh_enable_ip+0x168/0x200
[  231.109713][T10858]  ? skcipher_check_key+0x15c/0x1d0
[  231.109755][T10858]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  231.109788][T10858]  ? skcipher_check_key+0x15c/0x1d0
[  231.109818][T10858]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  231.109854][T10858]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  231.109890][T10858]  sock_recvmsg+0x22f/0x280
[  231.109927][T10858]  __sys_recvfrom+0x202/0x380
[  231.109958][T10858]  ? __pfx___sys_recvfrom+0x10/0x10
[  231.109996][T10858]  ? __fget_files+0x2a/0x410
[  231.110038][T10858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  231.110074][T10858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  231.110113][T10858]  __x64_sys_recvfrom+0xde/0x100
[  231.110141][T10858]  do_syscall_64+0xf3/0x230
[  231.110171][T10858]  ? clear_bhb_loop+0x35/0x90
[  231.110204][T10858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.110240][T10858] RIP: 0033:0x7f2c0c18d169
[  231.110259][T10858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.110277][T10858] RSP: 002b:00007f2c0d08c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  231.110300][T10858] RAX: ffffffffffffffda RBX: 00007f2c0c3a6080 RCX: 00007f2c0c18d169
[  231.110316][T10858] RDX: ffffffffffffffbf RSI: 00002000000030c0 RDI: 0000000000000004
[  231.110331][T10858] RBP: 00007f2c0d08c090 R08: 0000000000000000 R09: ffffffffffffffb5
[  231.110345][T10858] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[  231.110356][T10858] R13: 0000000000000001 R14: 00007f2c0c3a6080 R15: 00007ffdf93a8fd8
[  231.110388][T10858]  </TASK>
[  231.743195][T10862] syzkaller0: entered promiscuous mode
[  231.769728][T10862] syzkaller0: entered allmulticast mode
[  231.930122][T10860] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1785'.
[  232.186125][T10877] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1791'.
[  234.369953][T10877] vlan0: entered promiscuous mode
[  234.375151][T10877] batadv0: entered promiscuous mode
[  234.575473][T10897] openvswitch: netlink: Tunnel attr 208 out of range max 16
[  234.595056][T10897] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.1794'.
[  235.248958][T10923] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1803'.
[  235.361661][T10928] netlink: 'syz.1.1804': attribute type 21 has an invalid length.
[  235.724508][T10941] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1809'.
[  235.792375][T10948] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1811'.
[  235.832682][T10948] netlink: 'syz.1.1811': attribute type 7 has an invalid length.
[  235.857545][T10948] netlink: 'syz.1.1811': attribute type 8 has an invalid length.
[  235.876682][T10948] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1811'.
[  235.952664][T10953] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1812'.
[  235.988701][T10953] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1812'.
[  236.026545][T10953] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1812'.
[  236.059736][T10953] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1812'.
[  236.371208][T10965] openvswitch: netlink: Message has 20 unknown bytes.
[  236.600287][T10969] netlink: 'syz.5.1816': attribute type 10 has an invalid length.
[  236.634776][   T30] audit: type=1800 audit(1742634902.432:5): pid=10944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1808" name="cgroup.controllers" dev="tmpfs" ino=1896 res=0 errno=0
[  236.645016][T10972] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1817'.
[  236.670599][T10969] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  236.939966][T10979] No such timeout policy "syz0"
[  237.190492][T10991] team0: Device gtp0 is of different type
[  237.948430][T11021] netlink: 'syz.5.1833': attribute type 11 has an invalid length.
[  238.391603][T11019] bond0 (unregistering): Released all slaves
[  238.399083][T11040] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  238.641706][T11045] team0: entered promiscuous mode
[  238.657806][T11045] team_slave_0: entered promiscuous mode
[  238.677661][T11045] team_slave_1: entered promiscuous mode
[  238.697437][T11045] team0: left promiscuous mode
[  238.702290][T11045] team_slave_0: left promiscuous mode
[  238.708169][T11045] team_slave_1: left promiscuous mode
[  238.949098][T11063] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  238.956430][T11063] IPv6: NLM_F_CREATE should be set when creating new route
[  238.976706][T11064] FAULT_INJECTION: forcing a failure.
[  238.976706][T11064] name failslab, interval 1, probability 0, space 0, times 0
[  238.999466][T11064] CPU: 0 UID: 0 PID: 11064 Comm: syz.3.1844 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  238.999497][T11064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  238.999510][T11064] Call Trace:
[  238.999517][T11064]  <TASK>
[  238.999526][T11064]  dump_stack_lvl+0x241/0x360
[  238.999559][T11064]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.999583][T11064]  ? __pfx__printk+0x10/0x10
[  238.999617][T11064]  ? __kmalloc_noprof+0xb5/0x4c0
[  238.999648][T11064]  ? __pfx___might_resched+0x10/0x10
[  238.999683][T11064]  should_fail_ex+0x40a/0x550
[  238.999722][T11064]  should_failslab+0xac/0x100
[  238.999753][T11064]  __kmalloc_noprof+0xdd/0x4c0
[  238.999781][T11064]  ? lockdep_hardirqs_on+0x99/0x150
[  238.999810][T11064]  ? sctp_send_reset_streams+0x389/0xd90
[  238.999844][T11064]  sctp_send_reset_streams+0x389/0xd90
[  238.999886][T11064]  sctp_setsockopt+0x845/0x11c0
[  238.999923][T11064]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  238.999958][T11064]  do_sock_setsockopt+0x3af/0x720
[  238.999989][T11064]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  239.000020][T11064]  ? __fget_files+0x395/0x410
[  239.000050][T11064]  ? __fget_files+0x2a/0x410
[  239.000091][T11064]  __x64_sys_setsockopt+0x1ee/0x280
[  239.000124][T11064]  do_syscall_64+0xf3/0x230
[  239.000155][T11064]  ? clear_bhb_loop+0x35/0x90
[  239.000190][T11064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.000218][T11064] RIP: 0033:0x7f2a9558d169
[  239.000237][T11064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.000255][T11064] RSP: 002b:00007f2a964ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  239.000277][T11064] RAX: ffffffffffffffda RBX: 00007f2a957a5fa0 RCX: 00007f2a9558d169
[  239.000292][T11064] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 000000000000000b
[  239.000305][T11064] RBP: 00007f2a964ba090 R08: 000000000001000f R09: 0000000000000000
[  239.000318][T11064] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  239.000331][T11064] R13: 0000000000000000 R14: 00007f2a957a5fa0 R15: 00007ffedbe5ca28
[  239.000362][T11064]  </TASK>
[  239.398849][T11079] netlink: 'syz.5.1852': attribute type 11 has an invalid length.
[  239.609630][T11089] netlink: 'syz.4.1856': attribute type 1 has an invalid length.
[  239.625694][T11089] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  239.732243][T11091] __nla_validate_parse: 9 callbacks suppressed
[  239.732265][T11091] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1857'.
[  239.823535][T11096] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  239.830930][T11096] IPv6: NLM_F_CREATE should be set when creating new route
[  239.940921][T11100] vlan0: entered allmulticast mode
[  239.946139][T11100] batadv0: entered allmulticast mode
[  240.058654][T11104] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1861'.
[  240.112814][T11104] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1861'.
[  240.146262][T11104] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1861'.
[  240.174909][T11109] netlink: 'syz.5.1863': attribute type 2 has an invalid length.
[  240.187596][T11109] netlink: 'syz.5.1863': attribute type 1 has an invalid length.
[  240.207372][T11109] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1863'.
[  240.529590][T11123] netlink: 'syz.3.1867': attribute type 11 has an invalid length.
[  240.863007][T11133] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  240.909004][T11133] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  240.913220][T11138] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1871'.
[  240.963479][T11133] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  240.983702][T11138] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1871'.
[  241.118475][T11141] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  241.127607][T11147] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1875'.
[  241.155863][T11147] FAULT_INJECTION: forcing a failure.
[  241.155863][T11147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.182206][T11145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1873'.
[  241.197659][T11147] CPU: 1 UID: 0 PID: 11147 Comm: syz.1.1875 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  241.197693][T11147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  241.197717][T11147] Call Trace:
[  241.197725][T11147]  <TASK>
[  241.197733][T11147]  dump_stack_lvl+0x241/0x360
[  241.197765][T11147]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.197789][T11147]  ? __pfx__printk+0x10/0x10
[  241.197811][T11147]  ? __pfx_lock_release+0x10/0x10
[  241.197843][T11147]  ? __lock_acquire+0x1397/0x2100
[  241.197883][T11147]  should_fail_ex+0x40a/0x550
[  241.197922][T11147]  _copy_from_user+0x2d/0xb0
[  241.197952][T11147]  kstrtouint_from_user+0xc6/0x190
[  241.197979][T11147]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  241.198007][T11147]  ? __pfx_lock_acquire+0x10/0x10
[  241.198050][T11147]  proc_fail_nth_write+0xaa/0x2d0
[  241.198082][T11147]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  241.198110][T11147]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  241.198146][T11147]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  241.198194][T11147]  vfs_write+0x29f/0xd10
[  241.198219][T11147]  ? fdget_pos+0x254/0x320
[  241.198249][T11147]  ? __mutex_unlock_slowpath+0x227/0x800
[  241.198284][T11147]  ? __pfx_vfs_write+0x10/0x10
[  241.198304][T11147]  ? do_sys_openat2+0x17a/0x1d0
[  241.198346][T11147]  ? __fget_files+0x2a/0x410
[  241.198378][T11147]  ? __fget_files+0x395/0x410
[  241.198408][T11147]  ? __fget_files+0x2a/0x410
[  241.198449][T11147]  ksys_write+0x18f/0x2b0
[  241.198475][T11147]  ? __pfx_ksys_write+0x10/0x10
[  241.198499][T11147]  ? do_syscall_64+0x100/0x230
[  241.198533][T11147]  ? do_syscall_64+0xb6/0x230
[  241.198567][T11147]  do_syscall_64+0xf3/0x230
[  241.198598][T11147]  ? clear_bhb_loop+0x35/0x90
[  241.198632][T11147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.198659][T11147] RIP: 0033:0x7fcdd3b8bc1f
[  241.198678][T11147] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  241.198726][T11147] RSP: 002b:00007fcdd4995030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  241.198749][T11147] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcdd3b8bc1f
[  241.198764][T11147] RDX: 0000000000000001 RSI: 00007fcdd49950a0 RDI: 0000000000000006
[  241.198777][T11147] RBP: 00007fcdd4995090 R08: 0000000000000000 R09: 0000000000000000
[  241.198790][T11147] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  241.198803][T11147] R13: 0000000000000000 R14: 00007fcdd3da5fa0 R15: 00007ffe0f1d7078
[  241.198835][T11147]  </TASK>
[  241.624088][T11154] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.654121][T11154] 8021q: VLANs not supported on nlmon0
[  241.760251][T11159] IPVS: set_ctl: invalid protocol: 22 0.0.0.0:20003
[  242.051576][T11163] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1882'.
[  242.114988][T11171] netlink: 'syz.4.1885': attribute type 1 has an invalid length.
[  242.157779][T11171] nbd: socks must be embedded in a SOCK_ITEM attr
[  242.164601][T11171] block nbd2: shutting down sockets
[  242.364495][T11183] bridge0: port 4(ipvlan3) entered blocking state
[  242.379770][T11183] bridge0: port 4(ipvlan3) entered disabled state
[  242.386894][T11183] ipvlan3: entered allmulticast mode
[  242.396864][T11183] bridge0: entered allmulticast mode
[  242.418402][T11183] ipvlan3: left allmulticast mode
[  242.428327][T11183] bridge0: left allmulticast mode
[  242.452140][T11185] IPv6: Can't replace route, no match found
[  242.654667][T11196] netlink: 'syz.4.1896': attribute type 11 has an invalid length.
[  242.682325][T11201] Bluetooth: MGMT ver 1.23
[  242.943087][T11207] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  242.952844][T11215] FAULT_INJECTION: forcing a failure.
[  242.952844][T11215] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  242.978695][T11215] CPU: 0 UID: 0 PID: 11215 Comm: syz.4.1898 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  242.978726][T11215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  242.978739][T11215] Call Trace:
[  242.978747][T11215]  <TASK>
[  242.978756][T11215]  dump_stack_lvl+0x241/0x360
[  242.978789][T11215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  242.978813][T11215]  ? __pfx__printk+0x10/0x10
[  242.978837][T11215]  ? __lock_acquire+0x1397/0x2100
[  242.978877][T11215]  should_fail_ex+0x40a/0x550
[  242.978913][T11215]  prepare_alloc_pages+0x1da/0x5b0
[  242.978953][T11215]  __alloc_frozen_pages_noprof+0x16f/0x710
[  242.978981][T11215]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  242.979028][T11215]  alloc_pages_mpol+0x311/0x660
[  242.979062][T11215]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  242.979102][T11215]  vma_alloc_folio_noprof+0x12b/0x260
[  242.979134][T11215]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  242.979167][T11215]  ? do_raw_spin_unlock+0x13c/0x8b0
[  242.979200][T11215]  folio_prealloc+0x2e/0x170
[  242.979225][T11215]  do_wp_page+0x1253/0x49b0
[  242.979283][T11215]  ? __pfx_do_wp_page+0x10/0x10
[  242.979315][T11215]  ? __pfx_validate_chain+0x10/0x10
[  242.979343][T11215]  ? __pfx_lock_acquire+0x10/0x10
[  242.979372][T11215]  ? rcu_is_watching+0x15/0xb0
[  242.979401][T11215]  ? do_raw_spin_lock+0x14f/0x370
[  242.979428][T11215]  ? __pfx____pte_offset_map+0x10/0x10
[  242.979479][T11215]  __handle_mm_fault+0x2303/0x6ef0
[  242.979510][T11215]  ? mark_lock+0x9a/0x360
[  242.979558][T11215]  ? __pfx___handle_mm_fault+0x10/0x10
[  242.979598][T11215]  ? __pfx_lock_acquire+0x10/0x10
[  242.979635][T11215]  ? do_raw_spin_lock+0x14f/0x370
[  242.979679][T11215]  ? follow_page_pte+0xdd3/0x1460
[  242.979703][T11215]  ? follow_page_pte+0xe54/0x1460
[  242.979727][T11215]  ? __pfx_lock_release+0x10/0x10
[  242.979764][T11215]  ? do_raw_spin_unlock+0x13c/0x8b0
[  242.979811][T11215]  ? __pfx___might_resched+0x10/0x10
[  242.979844][T11215]  handle_mm_fault+0x3e5/0x8d0
[  242.979888][T11215]  __get_user_pages+0x1a92/0x4140
[  242.979919][T11215]  ? mark_lock+0x9a/0x360
[  242.979964][T11215]  ? __pfx___get_user_pages+0x10/0x10
[  242.979988][T11215]  ? __pfx_down_read_killable+0x10/0x10
[  242.980031][T11215]  __gup_longterm_locked+0xe64/0x17f0
[  242.980066][T11215]  ? mark_lock+0x9a/0x360
[  242.980090][T11215]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  242.980123][T11215]  ? __pfx___gup_longterm_locked+0x10/0x10
[  242.980146][T11215]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  242.980176][T11215]  ? sanity_check_pinned_pages+0x11b9/0x12a0
[  242.980214][T11215]  ? gup_fast_fallback+0x207e/0x29c0
[  242.980239][T11215]  gup_fast_fallback+0x2266/0x29c0
[  242.980302][T11215]  ? __pfx_gup_fast_fallback+0x10/0x10
[  242.980323][T11215]  ? unwind_get_return_address+0x4d/0x90
[  242.980357][T11215]  ? arch_stack_walk+0xfd/0x150
[  242.980390][T11215]  ? stack_trace_save+0x118/0x1d0
[  242.980421][T11215]  ? __pfx_stack_trace_save+0x10/0x10
[  242.980451][T11215]  ? stack_depot_save_flags+0x37/0x940
[  242.980489][T11215]  ? is_valid_gup_args+0x124/0x200
[  242.980514][T11215]  pin_user_pages_fast+0xcc/0x160
[  242.980534][T11215]  ? __kmalloc_noprof+0x285/0x4c0
[  242.980562][T11215]  ? sock_kmalloc+0xd7/0x160
[  242.980590][T11215]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  242.980610][T11215]  ? do_syscall_64+0xf3/0x230
[  242.980652][T11215]  iov_iter_extract_pages+0x3bb/0x5c0
[  242.980690][T11215]  extract_iter_to_sg+0xea6/0x2650
[  242.980732][T11215]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  242.980764][T11215]  ? rcu_is_watching+0x15/0xb0
[  242.980790][T11215]  ? trace_kmalloc+0x1f/0xd0
[  242.980817][T11215]  ? __kmalloc_noprof+0x2a5/0x4c0
[  242.980851][T11215]  ? __asan_memset+0x23/0x50
[  242.980875][T11215]  af_alg_get_rsgl+0x41e/0x850
[  242.980926][T11215]  skcipher_recvmsg+0x3f8/0x1230
[  242.980958][T11215]  ? __local_bh_enable_ip+0x168/0x200
[  242.980990][T11215]  ? skcipher_check_key+0x15c/0x1d0
[  242.981034][T11215]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  242.981068][T11215]  ? skcipher_check_key+0x15c/0x1d0
[  242.981100][T11215]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  242.981136][T11215]  ? __pfx_skcipher_recvmsg_nokey+0x10/0x10
[  242.981174][T11215]  sock_recvmsg+0x22f/0x280
[  242.981210][T11215]  __sys_recvfrom+0x202/0x380
[  242.981240][T11215]  ? __pfx___sys_recvfrom+0x10/0x10
[  242.981288][T11215]  ? __fget_files+0x2a/0x410
[  242.981330][T11215]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  242.981366][T11215]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  242.981404][T11215]  __x64_sys_recvfrom+0xde/0x100
[  242.981434][T11215]  do_syscall_64+0xf3/0x230
[  242.981465][T11215]  ? clear_bhb_loop+0x35/0x90
[  242.981500][T11215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.981528][T11215] RIP: 0033:0x7f2c0c18d169
[  242.981548][T11215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.981565][T11215] RSP: 002b:00007f2c0d08c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  242.981588][T11215] RAX: ffffffffffffffda RBX: 00007f2c0c3a6080 RCX: 00007f2c0c18d169
[  242.981604][T11215] RDX: ffffffffffffffbf RSI: 00002000000030c0 RDI: 0000000000000004
[  242.981618][T11215] RBP: 00007f2c0d08c090 R08: 0000000000000000 R09: ffffffffffffffb5
[  242.981632][T11215] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[  242.981644][T11215] R13: 0000000000000001 R14: 00007f2c0c3a6080 R15: 00007ffdf93a8fd8
[  242.981676][T11215]  </TASK>
[  243.510296][ T7050] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  243.551521][T11222] netlink: 'syz.1.1904': attribute type 4 has an invalid length.
[  243.603491][T11224] netlink: 'syz.1.1904': attribute type 4 has an invalid length.
[  244.772300][T11262] __nla_validate_parse: 9 callbacks suppressed
[  244.772324][T11262] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1917'.
[  245.023154][T11271] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1918'.
[  245.171993][T11278] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1919'.
[  245.446827][T11288] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  245.694958][T11302] veth0: entered promiscuous mode
[  245.777530][T11302] vlan0: entered promiscuous mode
[  246.020754][T11310] hsr0: entered promiscuous mode
[  246.076121][T11316] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1923'.
[  246.227548][T11316] hsr_slave_0: left promiscuous mode
[  246.260325][T11316] hsr_slave_1: left promiscuous mode
[  246.324305][T11316] hsr0 (unregistering): left promiscuous mode
[  246.673687][T11343] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1933'.
[  246.698146][T11336] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.851219][T11352] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  246.976492][T11359] FAULT_INJECTION: forcing a failure.
[  246.976492][T11359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.990040][T11359] CPU: 1 UID: 0 PID: 11359 Comm: syz.4.1939 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  246.990069][T11359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  246.990083][T11359] Call Trace:
[  246.990090][T11359]  <TASK>
[  246.990100][T11359]  dump_stack_lvl+0x241/0x360
[  246.990131][T11359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.990154][T11359]  ? __pfx__printk+0x10/0x10
[  246.990178][T11359]  ? __pfx_lock_release+0x10/0x10
[  246.990220][T11359]  should_fail_ex+0x40a/0x550
[  246.990257][T11359]  _copy_from_user+0x2d/0xb0
[  246.990287][T11359]  copy_msghdr_from_user+0xae/0x680
[  246.990321][T11359]  ? __pfx___might_resched+0x10/0x10
[  246.990352][T11359]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  246.990391][T11359]  ? do_recvmmsg+0x44e/0xab0
[  246.990418][T11359]  ? __might_fault+0xaa/0x120
[  246.990443][T11359]  do_recvmmsg+0x3bd/0xab0
[  246.990482][T11359]  ? __pfx_do_recvmmsg+0x10/0x10
[  246.990530][T11359]  ? ksys_write+0x22a/0x2b0
[  246.990553][T11359]  ? __pfx_lock_release+0x10/0x10
[  246.990591][T11359]  ? sb_end_write+0xe9/0x1c0
[  246.990622][T11359]  ? vfs_write+0x7fa/0xd10
[  246.990647][T11359]  ? __mutex_unlock_slowpath+0x227/0x800
[  246.990688][T11359]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  246.990718][T11359]  ? __fget_files+0x2a/0x410
[  246.990764][T11359]  __x64_sys_recvmmsg+0x199/0x250
[  246.990795][T11359]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  246.990824][T11359]  ? do_syscall_64+0x100/0x230
[  246.990858][T11359]  ? do_syscall_64+0xb6/0x230
[  246.990892][T11359]  do_syscall_64+0xf3/0x230
[  246.990988][T11359]  ? clear_bhb_loop+0x35/0x90
[  246.991024][T11359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.991054][T11359] RIP: 0033:0x7f2c0c18d169
[  246.991072][T11359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.991090][T11359] RSP: 002b:00007f2c0d0ad038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  246.991113][T11359] RAX: ffffffffffffffda RBX: 00007f2c0c3a5fa0 RCX: 00007f2c0c18d169
[  246.991128][T11359] RDX: 000000000000072a RSI: 0000200000000080 RDI: 0000000000000004
[  246.991141][T11359] RBP: 00007f2c0d0ad090 R08: 0000000000000000 R09: 0000000000000000
[  246.991154][T11359] R10: 0000000000000500 R11: 0000000000000246 R12: 0000000000000002
[  246.991167][T11359] R13: 0000000000000000 R14: 00007f2c0c3a5fa0 R15: 00007ffdf93a8fd8
[  246.991197][T11359]  </TASK>
[  247.444457][T11370] FAULT_INJECTION: forcing a failure.
[  247.444457][T11370] name failslab, interval 1, probability 0, space 0, times 0
[  247.461610][T11370] CPU: 0 UID: 0 PID: 11370 Comm: syz.4.1943 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  247.461644][T11370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  247.461656][T11370] Call Trace:
[  247.461664][T11370]  <TASK>
[  247.461674][T11370]  dump_stack_lvl+0x241/0x360
[  247.461706][T11370]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.461730][T11370]  ? __pfx__printk+0x10/0x10
[  247.461754][T11370]  ? __kmalloc_cache_noprof+0x48/0x390
[  247.461786][T11370]  ? __pfx___might_resched+0x10/0x10
[  247.461822][T11370]  should_fail_ex+0x40a/0x550
[  247.461860][T11370]  should_failslab+0xac/0x100
[  247.461891][T11370]  __kmalloc_cache_noprof+0x70/0x390
[  247.461927][T11370]  ? allocate_file_region_entries+0x204/0x670
[  247.461956][T11370]  allocate_file_region_entries+0x204/0x670
[  247.461996][T11370]  ? __pfx_allocate_file_region_entries+0x10/0x10
[  247.462035][T11370]  region_chg+0x2b4/0x390
[  247.462075][T11370]  __vma_reservation_common+0x3c1/0x7e0
[  247.462118][T11370]  ? __pfx___vma_reservation_common+0x10/0x10
[  247.462153][T11370]  ? __pfx_lock_release+0x10/0x10
[  247.462195][T11370]  alloc_hugetlb_folio+0x312/0x1830
[  247.462231][T11370]  ? filemap_get_entry+0x328/0x3b0
[  247.462262][T11370]  ? filemap_get_entry+0x123/0x3b0
[  247.462295][T11370]  ? __pfx_alloc_hugetlb_folio+0x10/0x10
[  247.462320][T11370]  ? __mutex_unlock_slowpath+0x227/0x800
[  247.462359][T11370]  ? __pfx_down_read+0x10/0x10
[  247.462393][T11370]  ? huge_pte_alloc+0x37b/0x520
[  247.462428][T11370]  ? __filemap_get_folio+0x9d2/0xb40
[  247.462459][T11370]  ? __lock_acquire+0x1397/0x2100
[  247.462497][T11370]  hugetlb_fault+0x24f7/0x3360
[  247.462565][T11370]  ? __pfx_hugetlb_fault+0x10/0x10
[  247.462596][T11370]  ? __pfx___might_resched+0x10/0x10
[  247.462652][T11370]  ? __get_user_pages+0x17c9/0x4140
[  247.462678][T11370]  ? __up_read+0x2c2/0x6b0
[  247.462704][T11370]  handle_mm_fault+0x742/0x8d0
[  247.462751][T11370]  __get_user_pages+0x1a92/0x4140
[  247.462814][T11370]  ? __pfx___get_user_pages+0x10/0x10
[  247.462839][T11370]  ? __pfx_mt_find+0x10/0x10
[  247.462893][T11370]  populate_vma_page_range+0x264/0x330
[  247.462924][T11370]  ? __pfx_populate_vma_page_range+0x10/0x10
[  247.462955][T11370]  ? userfaultfd_unmap_complete+0x30c/0x360
[  247.462991][T11370]  __mm_populate+0x27a/0x460
[  247.463019][T11370]  ? __pfx___mm_populate+0x10/0x10
[  247.463051][T11370]  vm_mmap_pgoff+0x38e/0x530
[  247.463082][T11370]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  247.463104][T11370]  ? hugetlbfs_get_inode+0x45f/0x690
[  247.463143][T11370]  ? hugetlb_file_setup+0x3dc/0x5c0
[  247.463176][T11370]  ksys_mmap_pgoff+0x53e/0x720
[  247.463217][T11370]  do_syscall_64+0xf3/0x230
[  247.463249][T11370]  ? clear_bhb_loop+0x35/0x90
[  247.463283][T11370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.463312][T11370] RIP: 0033:0x7f2c0c18d169
[  247.463330][T11370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.463355][T11370] RSP: 002b:00007f2c0d0ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  247.463377][T11370] RAX: ffffffffffffffda RBX: 00007f2c0c3a5fa0 RCX: 00007f2c0c18d169
[  247.463392][T11370] RDX: 0000000007000001 RSI: 0000000000800006 RDI: 0000200000800000
[  247.463406][T11370] RBP: 00007f2c0d0ad090 R08: ffffffffffffffff R09: 0000000000000000
[  247.463420][T11370] R10: 000000000006e073 R11: 0000000000000246 R12: 0000000000000002
[  247.463433][T11370] R13: 0000000000000000 R14: 00007f2c0c3a5fa0 R15: 00007ffdf93a8fd8
[  247.463465][T11370]  </TASK>
[  248.100908][T11385] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1947'.
[  248.746815][T11414] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  248.787839][T11414] macvtap1: entered promiscuous mode
[  248.802863][T11414] macvtap1: entered allmulticast mode
[  248.812792][T11414] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  248.882502][T11414] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  248.898519][T11414] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  249.117829][T11424] 8021q: adding VLAN 0 to HW filter on device bond1
[  249.704897][T11455] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1976'.
[  249.746147][T11455] unsupported nlmsg_type 40
[  250.068224][T11461] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1978'.
[  250.097607][T11461] netlink: 'syz.1.1978': attribute type 7 has an invalid length.
[  250.105655][T11461] netlink: 'syz.1.1978': attribute type 8 has an invalid length.
[  250.145858][T11461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1978'.
[  250.211883][T11464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.774738][T11484] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1989'.
[  251.267201][T11510] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  251.413460][T11514] netlink: 'syz.5.1999': attribute type 16 has an invalid length.
[  251.421666][T11514] netlink: 'syz.5.1999': attribute type 3 has an invalid length.
[  251.429948][T11514] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1999'.
[  251.708960][T11525] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2003'.
[  251.741046][T11525] vlan2: entered promiscuous mode
[  251.755706][T11525] batadv0: entered promiscuous mode
[  252.089860][T11542] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  252.231627][T11553] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  252.339946][T11557] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2012'.
[  252.646448][T11565] tap0: tun_chr_ioctl cmd 1074025677
[  252.656783][T11565] tap0: linktype set to 6
[  252.703237][T11566] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2017'.
[  252.737405][T11566] tipc: Enabling of bearer <dth:t> rejected, media not registered
[  252.746753][T11571] netlink: 188 bytes leftover after parsing attributes in process `syz.5.2020'.
[  252.767637][T11571] netlink: 'syz.5.2020': attribute type 1 has an invalid length.
[  252.873616][T11566] IPv6: NLM_F_CREATE should be specified when creating new route
[  252.894488][T11566] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2017'.
[  253.084989][T11586] xt_bpf: check failed: parse error
[  253.113823][T11591] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2026'.
[  253.196579][T11591] netlink: 'syz.3.2026': attribute type 1 has an invalid length.
[  253.246245][T11597] team0: entered promiscuous mode
[  253.254705][T11597] team0: left promiscuous mode
[  253.256510][T11591] nbd: couldn't find a device at index 20
[  253.525700][T11606] netlink: 'syz.5.2032': attribute type 5 has an invalid length.
[  253.561371][T11609] netlink: 'syz.4.2033': attribute type 5 has an invalid length.
[  253.918858][T11625] netlink: 'syz.2.2040': attribute type 1 has an invalid length.
[  254.485559][T11654] tipc: Started in network mode
[  254.508536][T11654] tipc: Node identity ac14140f, cluster identity 4711
[  254.526592][T11654] tipc: New replicast peer: 255.255.255.255
[  254.543778][T11654] tipc: Enabled bearer <udp:syz2>, priority 10
[  254.597236][T11660] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  254.604588][T11660] IPv6: NLM_F_CREATE should be set when creating new route
[  254.746631][T11664] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  255.603941][T11700] __nla_validate_parse: 7 callbacks suppressed
[  255.603961][T11700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2061'.
[  255.647684][ T5880] tipc: Node number set to 2886997007
[  255.660254][T11700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2061'.
[  255.963048][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  255.986565][T11718] netlink: 'syz.2.2068': attribute type 29 has an invalid length.
[  256.069145][T11723] netlink: 'syz.2.2070': attribute type 9 has an invalid length.
[  256.196885][T11727] IPv6: Can't replace route, no match found
[  256.359358][T11730] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2072'.
[  256.397474][T11734] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2074'.
[  256.534288][T11739] ip6gretap0: entered promiscuous mode
[  256.541034][T11739] vlan1: entered promiscuous mode
[  257.009107][T11755] sctp: [Deprecated]: syz.1.2080 (pid 11755) Use of int in max_burst socket option.
[  257.009107][T11755] Use struct sctp_assoc_value instead
[  257.056265][T11757] IPv6: Can't replace route, no match found
[  257.231878][T11763] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2085'.
[  257.741490][T11781] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2092'.
[  257.794154][T11778] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2091'.
[  258.203742][T11795] IPv6: Can't replace route, no match found
[  258.404798][T11799] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  258.512649][T11809] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2102'.
[  258.551105][T11810] vlan2: entered promiscuous mode
[  258.556216][T11810] veth0: entered promiscuous mode
[  258.627497][T11812] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2104'.
[  258.645478][T11812] openvswitch: netlink: Flow actions attr not present in new flow.
[  258.686143][T11812] openvswitch: netlink: ERSPAN option length err (len 4096, max 255).
[  258.794334][T11822] openvswitch: netlink: Message has 24 unknown bytes.
[  258.845308][T11815] netlink: 'syz.4.2104': attribute type 3 has an invalid length.
[  259.126372][T11838] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2111'.
[  259.168095][T11840] IPv6: Can't replace route, no match found
[  259.182676][T11838] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  259.190028][T11838] IPv6: NLM_F_CREATE should be set when creating new route
[  259.539807][T11861] netlink: 'syz.1.2117': attribute type 5 has an invalid length.
[  259.568500][T11861] ip_vti0: entered promiscuous mode
[  259.841594][T11872] netlink: 'syz.3.2122': attribute type 11 has an invalid length.
[  259.972971][T11879] IPv6: Can't replace route, no match found
[  260.956617][T11905] __nla_validate_parse: 4 callbacks suppressed
[  260.956639][T11905] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2131'.
[  261.007711][T11905] netlink: 'syz.5.2131': attribute type 1 has an invalid length.
[  261.027948][T11905] netlink: 'syz.5.2131': attribute type 2 has an invalid length.
[  261.529455][T11923] IPv6: Can't replace route, no match found
[  261.675982][T11929] netlink: 'syz.2.2140': attribute type 3 has an invalid length.
[  261.720783][T11929] netlink: 'syz.2.2140': attribute type 3 has an invalid length.
[  261.737563][T11929] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2140'.
[  261.760165][T11932] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2141'.
[  261.840993][T11935] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  262.160691][T11943] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2147'.
[  262.201032][T11943] vlan0: entered allmulticast mode
[  262.206224][T11943] erspan0: entered allmulticast mode
[  262.718980][T11957] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  262.851070][T11959] IPv6: Can't replace route, no match found
[  262.858112][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  262.868260][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  262.876859][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  262.885644][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  262.894579][ T5847] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  262.905321][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  263.136189][T11970] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2156'.
[  263.541348][T11980] FAULT_INJECTION: forcing a failure.
[  263.541348][T11980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.543227][T11963] chnl_net:caif_netlink_parms(): no params data found
[  263.560225][T11980] CPU: 1 UID: 0 PID: 11980 Comm: syz.1.2159 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  263.560261][T11980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  263.560276][T11980] Call Trace:
[  263.560284][T11980]  <TASK>
[  263.560294][T11980]  dump_stack_lvl+0x241/0x360
[  263.560329][T11980]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.560354][T11980]  ? __pfx__printk+0x10/0x10
[  263.560379][T11980]  ? __pfx_lock_release+0x10/0x10
[  263.560423][T11980]  should_fail_ex+0x40a/0x550
[  263.560463][T11980]  _copy_from_user+0x2d/0xb0
[  263.560496][T11980]  copy_msghdr_from_user+0xae/0x680
[  263.560532][T11980]  ? __pfx___might_resched+0x10/0x10
[  263.560567][T11980]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  263.560608][T11980]  ? do_recvmmsg+0x44e/0xab0
[  263.560637][T11980]  ? __might_fault+0xaa/0x120
[  263.560675][T11980]  do_recvmmsg+0x3bd/0xab0
[  263.560716][T11980]  ? __pfx_do_recvmmsg+0x10/0x10
[  263.560767][T11980]  ? ksys_write+0x22a/0x2b0
[  263.560793][T11980]  ? __pfx_lock_release+0x10/0x10
[  263.560833][T11980]  ? sb_end_write+0xe9/0x1c0
[  263.560866][T11980]  ? vfs_write+0x7fa/0xd10
[  263.560892][T11980]  ? __mutex_unlock_slowpath+0x227/0x800
[  263.560935][T11980]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  263.560967][T11980]  ? __fget_files+0x2a/0x410
[  263.561017][T11980]  __x64_sys_recvmmsg+0x199/0x250
[  263.561049][T11980]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  263.561080][T11980]  ? do_syscall_64+0x100/0x230
[  263.561117][T11980]  ? do_syscall_64+0xb6/0x230
[  263.561153][T11980]  do_syscall_64+0xf3/0x230
[  263.561187][T11980]  ? clear_bhb_loop+0x35/0x90
[  263.561222][T11980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.561254][T11980] RIP: 0033:0x7fcdd3b8d169
[  263.561273][T11980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.561292][T11980] RSP: 002b:00007fcdd4995038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  263.561317][T11980] RAX: ffffffffffffffda RBX: 00007fcdd3da5fa0 RCX: 00007fcdd3b8d169
[  263.561334][T11980] RDX: 000000000000072a RSI: 0000200000000080 RDI: 0000000000000004
[  263.561349][T11980] RBP: 00007fcdd4995090 R08: 0000000000000000 R09: 0000000000000000
[  263.561363][T11980] R10: 0000000000000500 R11: 0000000000000246 R12: 0000000000000002
[  263.561376][T11980] R13: 0000000000000000 R14: 00007fcdd3da5fa0 R15: 00007ffe0f1d7078
[  263.561408][T11980]  </TASK>
[  263.896989][T11984] veth1_to_bond: entered allmulticast mode
[  263.944295][T11984] veth1_to_bond: entered promiscuous mode
[  263.973628][T11982] veth1_to_bond: left promiscuous mode
[  263.980025][T11982] veth1_to_bond: left allmulticast mode
[  264.109712][T11988] syzkaller0: entered promiscuous mode
[  264.140080][T11988] syzkaller0: entered allmulticast mode
[  264.241120][T11963] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.270811][T11963] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.299487][T11963] bridge_slave_0: entered allmulticast mode
[  264.316141][T11963] bridge_slave_0: entered promiscuous mode
[  264.330554][T11963] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.346360][T11963] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.355167][T11963] bridge_slave_1: entered allmulticast mode
[  264.374929][T11963] bridge_slave_1: entered promiscuous mode
[  264.401136][T12001] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  265.016182][ T5837] Bluetooth: hci4: command tx timeout
[  265.049279][T12009] sctp: [Deprecated]: syz.4.2167 (pid 12009) Use of int in max_burst socket option deprecated.
[  265.049279][T12009] Use struct sctp_assoc_value instead
[  265.082939][T12009] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2167'.
[  266.742129][T11963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.770890][T11963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.852397][T12017] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2169'.
[  266.904258][T11963] team0: Port device team_slave_0 added
[  266.992007][T11963] team0: Port device team_slave_1 added
[  267.059901][T11963] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.067180][T11963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.093584][ T5837] Bluetooth: hci4: command tx timeout
[  267.100179][T11963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.166824][T12025] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2171'.
[  267.213602][T11963] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.221188][T11963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.272121][T11963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.344626][T12029] dummy0: entered promiscuous mode
[  267.353195][T12029] vlan1: entered promiscuous mode
[  267.412761][T11963] hsr_slave_0: entered promiscuous mode
[  267.421289][T11963] hsr_slave_1: entered promiscuous mode
[  267.427655][T11963] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  267.435275][T11963] Cannot create hsr debugfs directory
[  267.764300][T11963] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.914141][T12045] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  269.167805][ T5837] Bluetooth: hci4: command tx timeout
[  270.223186][T11963] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.264285][T12042] syzkaller1: entered promiscuous mode
[  270.270940][T12042] syzkaller1: entered allmulticast mode
[  270.373887][T11963] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.500625][T11963] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.552918][T12067] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  270.717976][T12078] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2189'.
[  270.767854][T12080] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2190'.
[  270.843432][T12082] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2191'.
[  270.876128][T11963] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  270.921896][T11963] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  270.967916][T11963] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  271.000186][T11963] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  271.050309][T12092] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2194'.
[  271.083060][T12092] netlink: 'syz.2.2194': attribute type 7 has an invalid length.
[  271.117613][T12092] netlink: 'syz.2.2194': attribute type 8 has an invalid length.
[  271.158998][T12092] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2194'.
[  271.237614][ T5837] Bluetooth: hci4: command tx timeout
[  271.253026][T11963] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.289740][T11963] 8021q: adding VLAN 0 to HW filter on device team0
[  271.309186][ T7049] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.316335][ T7049] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.370936][ T7049] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.379274][ T7049] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.493234][T12101] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2198'.
[  271.957092][T12120] bond3: entered promiscuous mode
[  271.985300][T12120] 8021q: adding VLAN 0 to HW filter on device bond3
[  272.121707][T11963] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.264570][T12131] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2207'.
[  272.296020][T12131] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2207'.
[  272.328643][T12131] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2207'.
[  272.363215][T12134] netlink: 'syz.1.2207': attribute type 2 has an invalid length.
[  272.384589][T11963] veth0_vlan: entered promiscuous mode
[  272.427014][T12133] netlink: 'syz.5.2208': attribute type 10 has an invalid length.
[  272.432240][T11963] veth1_vlan: entered promiscuous mode
[  272.532343][T12133] bond0: (slave wlan1): Releasing backup interface
[  272.579764][T12133] team0: Port device wlan1 added
[  272.664367][T11963] veth0_macvtap: entered promiscuous mode
[  272.695070][T11963] veth1_macvtap: entered promiscuous mode
[  272.725788][T12139] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  272.735404][T11963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.753452][T11963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.785331][T11963] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.818687][T11963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.857502][T11963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.880238][T11963] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.890898][T12143] netlink: 'syz.5.2212': attribute type 10 has an invalid length.
[  272.925305][T11963] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.941591][T12144] netlink: 'syz.5.2212': attribute type 10 has an invalid length.
[  272.952207][T11963] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.961065][T12144] netlink: 2 bytes leftover after parsing attributes in process `syz.5.2212'.
[  272.974680][T11963] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.983767][T11963] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.002565][T12143] bond0: (slave team0): Releasing backup interface
[  273.011878][T12143] batman_adv: batadv0: Adding interface: team0
[  273.018282][T12143] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.048426][T12143] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  273.077825][T12144] team0: entered promiscuous mode
[  273.097682][T12144] team_slave_0: entered promiscuous mode
[  273.121993][T12144] team_slave_1: entered promiscuous mode
[  273.134681][T12144] mac80211_hwsim hwsim20 wlan1: entered promiscuous mode
[  273.174202][T12144] 8021q: adding VLAN 0 to HW filter on device team0
[  273.182079][T12144] batman_adv: batadv0: Interface activated: team0
[  273.189487][T12144] batman_adv: batadv0: Interface deactivated: team0
[  273.196173][T12144] batman_adv: batadv0: Removing interface: team0
[  273.239912][T12144] bridge0: port 3(team0) entered blocking state
[  273.246399][T12144] bridge0: port 3(team0) entered disabled state
[  273.254397][T12144] team0: entered allmulticast mode
[  273.259957][T12144] team_slave_0: entered allmulticast mode
[  273.265848][T12144] team_slave_1: entered allmulticast mode
[  273.271912][T12144] mac80211_hwsim hwsim20 wlan1: entered allmulticast mode
[  273.378709][T12156] batadv_slave_1: entered promiscuous mode
[  273.388376][T12156] batadv_slave_1: entered allmulticast mode
[  273.403773][T12156] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.411765][T12156] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.423123][T12156] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  273.652373][ T7056] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.667030][ T7056] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.735701][ T6972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.754600][ T6972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.776317][T12167] netlink: 'syz.5.2217': attribute type 11 has an invalid length.
[  274.046804][T12173] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2219'.
[  274.267227][T12179] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2222'.
[  274.270357][T12175] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2220'.
[  274.290587][T12179] tipc: Enabling of bearer <dth:t> rejected, media not registered
[  274.735217][T12202] netlink: 71 bytes leftover after parsing attributes in process `syz.4.2227'.
[  274.742827][T12204] netlink: 'syz.2.2228': attribute type 4 has an invalid length.
[  274.750675][T12196] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2226'.
[  275.083442][ T7060] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.159483][ T6946] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  275.289582][ T7060] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.338984][T12215] netlink: 'syz.2.2230': attribute type 11 has an invalid length.
[  275.479270][ T7060] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.552400][T12225] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2234'.
[  275.576752][T12225] tipc: Enabling of bearer <dth:t> rejected, media not registered
[  275.699426][ T7060] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.022414][ T7060] bridge_slave_1: left allmulticast mode
[  276.039681][ T7060] bridge_slave_1: left promiscuous mode
[  276.057570][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  276.072534][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  276.081692][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  276.090339][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  276.098609][ T5847] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  276.106250][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  276.118096][ T7060] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.197136][ T7060] bridge_slave_0: left allmulticast mode
[  276.203434][ T7060] bridge_slave_0: left promiscuous mode
[  276.210982][ T7060] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.444617][   T31] INFO: task udevd:5954 blocked for more than 143 seconds.
[  276.453038][   T31]       Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  276.462052][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  276.471010][   T31] task:udevd           state:D stack:21856 pid:5954  tgid:5954  ppid:1      task_flags:0x400140 flags:0x00004002
[  276.483212][   T31] Call Trace:
[  276.486608][   T31]  <TASK>
[  276.489918][   T31]  __schedule+0x190e/0x4c90
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  276.494571][   T31]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  276.509579][   T31]  ? __pfx___schedule+0x10/0x10
[  276.520868][T12261] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  276.534164][   T31]  ? __blk_flush_plug+0x449/0x500
[  276.539647][   T31]  ? __pfx_lock_release+0x10/0x10
[  276.544838][   T31]  ? __pfx___mod_timer+0x10/0x10
[  276.549997][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  276.558879][   T31]  ? schedule+0x90/0x320
[  276.563280][   T31]  schedule+0x14b/0x320
[  276.567848][   T31]  schedule_timeout+0x15a/0x290
[  276.572925][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  276.578548][   T31]  ? __pfx_process_timeout+0x10/0x10
[  276.583979][   T31]  ? prepare_to_wait_event+0x3bd/0x400
[  276.637517][   T31]  nbd_queue_rq+0x6dd/0xef0
[  276.646840][   T31]  ? __pfx_nbd_queue_rq+0x10/0x10
[  276.674373][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  276.774252][   T31]  blk_mq_dispatch_rq_list+0xad3/0x19d0
[  276.784536][   T31]  ? sbitmap_get+0x289/0x3f0
[  276.797034][   T31]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  276.805570][   T31]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  276.815848][   T31]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  276.822489][   T31]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  276.829389][   T31]  ? __pfx_lock_acquire+0x10/0x10
[  276.834453][   T31]  ? __pfx___might_resched+0x10/0x10
[  276.839995][   T31]  ? sbitmap_any_bit_set+0x155/0x190
[  276.845343][   T31]  ? blk_mq_hw_queue_need_run+0x14d/0x6d0
[  276.851372][   T31]  blk_mq_sched_dispatch_requests+0xd6/0x190
[  276.857521][   T31]  ? blk_mq_run_hw_queue+0x32b/0x500
[  276.864236][   T31]  blk_mq_run_hw_queue+0x354/0x500
[  276.869561][   T31]  blk_mq_flush_plug_list+0x118e/0x1870
[  276.875206][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  276.881230][   T31]  ? blk_mq_submit_bio+0xfb9/0x25d0
[  276.886467][   T31]  ? blk_mq_submit_bio+0x494/0x25d0
[  276.892692][   T31]  __blk_flush_plug+0x420/0x500
[  276.898260][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  276.904306][   T31]  ? __pfx___blk_flush_plug+0x10/0x10
[  276.909884][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  276.916276][   T31]  __submit_bio+0x54a/0x6a0
[  276.921318][   T31]  ? __pfx___submit_bio+0x10/0x10
[  276.926415][   T31]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  276.932356][   T31]  ? bio_associate_blkg_from_css+0x182/0xc70
[  276.938451][   T31]  ? __pfx___might_resched+0x10/0x10
[  276.943806][   T31]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  276.950599][   T31]  block_read_full_folio+0x9b3/0xae0
[  276.955948][   T31]  ? __pfx_blkdev_get_block+0x10/0x10
[  276.961403][   T31]  ? __pfx_block_read_full_folio+0x10/0x10
[  276.968411][   T31]  filemap_read_folio+0x148/0x3b0
[  276.973519][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  276.979062][   T31]  ? __pfx_filemap_read_folio+0x10/0x10
[  276.984626][   T31]  ? __filemap_get_folio+0x9d2/0xb40
[  276.990001][   T31]  ? __asan_memcpy+0x40/0x70
[  276.994605][   T31]  do_read_cache_folio+0x373/0x5b0
[  277.000816][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  277.006351][   T31]  read_part_sector+0xb3/0x260
[  277.011317][   T31]  adfspart_check_ICS+0xcb/0xa20
[  277.016300][   T31]  ? snprintf+0xda/0x120
[  277.020763][   T31]  ? vsnprintf+0x1148/0x1220
[  277.025402][   T31]  ? vsnprintf+0x18e/0x1220
[  277.030137][   T31]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  277.035738][   T31]  ? set_page_refcounted+0xa1/0x1e0
[  277.041065][   T31]  bdev_disk_changed+0x77f/0x14d0
[  277.046145][   T31]  ? __pfx_bdev_disk_changed+0x10/0x10
[  277.051729][   T31]  ? wait_on_inode+0xc1/0x230
[  277.056482][   T31]  ? __pfx_wait_on_inode+0x10/0x10
[  277.061824][   T31]  ? do_raw_spin_unlock+0x13c/0x8b0
[  277.067976][   T31]  blkdev_get_whole+0x2d2/0x450
[  277.072890][   T31]  bdev_open+0x2d4/0xc50
[  277.077203][   T31]  blkdev_open+0x38e/0x4e0
[  277.082042][   T31]  ? __pfx_blkdev_open+0x10/0x10
[  277.087210][   T31]  do_dentry_open+0xdec/0x1960
[  277.092140][   T31]  ? vfs_open+0x31/0x370
[  277.096801][   T31]  vfs_open+0x3b/0x370
[  277.100982][   T31]  path_openat+0x2c81/0x3590
[  277.105629][   T31]  ? __pfx_path_openat+0x10/0x10
[  277.110670][   T31]  do_filp_open+0x27f/0x4e0
[  277.115218][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  277.120366][   T31]  ? do_raw_spin_lock+0x14f/0x370
[  277.125577][   T31]  do_sys_openat2+0x13e/0x1d0
[  277.130374][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  277.135642][   T31]  __x64_sys_openat+0x247/0x2a0
[  277.140729][   T31]  ? __pfx___x64_sys_openat+0x10/0x10
[  277.146160][   T31]  ? do_syscall_64+0x100/0x230
[  277.151070][   T31]  ? do_syscall_64+0xb6/0x230
[  277.155799][   T31]  do_syscall_64+0xf3/0x230
[  277.160918][   T31]  ? clear_bhb_loop+0x35/0x90
[  277.165650][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.172585][   T31] RIP: 0033:0x7f0a8ff169a4
[  277.177070][   T31] RSP: 002b:00007fff86fe1880 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  277.185568][   T31] RAX: ffffffffffffffda RBX: 000056089553c500 RCX: 00007f0a8ff169a4
[  277.193684][   T31] RDX: 00000000000a0800 RSI: 0000560895550690 RDI: 00000000ffffff9c
[  277.201877][   T31] RBP: 0000560895550690 R08: 0000000000000001 R09: 7fffffffffffffff
[  277.210136][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[  277.218182][   T31] R13: 00005608955458a0 R14: 0000000000000001 R15: 000056089553c910
[  277.226198][   T31]  </TASK>
[  277.229358][   T31] 
[  277.229358][   T31] Showing all locks held in the system:
[  277.237194][   T31] 3 locks held by kworker/u8:1/13:
[  277.243245][   T31]  #0: ffff88801b089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  277.268081][   T31]  #1: ffffc90000127c60 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  277.281724][   T31]  #2: ffffffff8eb3e8b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x381/0x820
[  277.293080][   T31] 1 lock held by khungtaskd/31:
[  277.298077][   T31]  #0: ffffffff8eb393e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  277.308249][   T31] 2 locks held by getty/5588:
[  277.312963][   T31]  #0: ffff88803202d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  277.331364][   T31]  #1: ffffc900033332f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x616/0x1770
[  277.342759][   T31] 1 lock held by syz-executor/5839:
[  277.349661][   T31] 3 locks held by kworker/0:3/5840:
[  277.354909][   T31]  #0: ffff88801b080d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  277.366094][   T31]  #1: ffffc90004067c60 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  277.388023][   T31]  #2: ffffffff8eb3e8b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x820
[  277.411356][   T31] 3 locks held by kworker/1:5/5882:
[  277.416634][   T31] 3 locks held by kworker/0:4/5883:
[  277.427416][   T31]  #0: ffff88801b080d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  277.448317][   T31]  #1: ffffc90004257c60 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  277.469633][   T31]  #2: ffffffff8fed7108 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  277.495435][   T31] 3 locks held by udevd/5954:
[  277.501567][   T31]  #0: ffff8881437304c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xf0/0xc50
[  277.537407][   T31]  #1: ffff888141b28210 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x32b/0x500
[  277.547220][   T31]  #2: ffff888026407178 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xcf/0xef0
[  277.589753][   T31] 3 locks held by kworker/u8:46/7056:
[  277.595195][   T31]  #0: ffff88801b089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  277.615370][   T31]  #1: ffffc9000c2cfc60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  277.626907][   T31]  #2: ffffffff8fed7108 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  277.636244][   T31] 4 locks held by kworker/u8:49/7060:
[  277.643109][   T31]  #0: ffff88801bef6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  277.654329][   T31]  #1: ffffc9000c1d7c60 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  277.665012][   T31]  #2: ffffffff8feca510 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x17a/0xd60
[  277.674549][   T31]  #3: ffffffff8fed7108 (rtnl_mutex){+.+.}-{4:4}, at: cleanup_net+0x6bf/0xd60
[  277.685814][   T31] 1 lock held by syz-executor/12244:
[  277.691233][   T31]  #0: ffffffff8fed7108 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  277.703408][   T31] 2 locks held by syz.5.2242/12248:
[  277.708800][   T31]  #0: ffffffff903d6f90 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250
[  277.719502][   T31]  #1: ffffffff8fed7108 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xc4c/0x1d90
[  277.728889][   T31] 2 locks held by syz.1.2245/12258:
[  277.734124][   T31]  #0: ffffffff903d6678 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250
[  277.743820][   T31]  #1: ffffffff8fed7108 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xc4c/0x1d90
[  277.753010][   T31] 4 locks held by syz.2.2246/12260:
[  277.758328][   T31]  #0: ffff88807d73cd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x203/0x510
[  277.768465][   T31]  #1: ffff88807d73c078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x60d/0x1260
[  277.778321][   T31]  #2: ffffffff9003d5a8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa6/0x240
[  277.789506][   T31]  #3: ffff888028d1a338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x71/0x690
[  277.799207][   T31] 
[  277.801594][   T31] =============================================
[  277.801594][   T31] 
[  277.810468][   T31] NMI backtrace for cpu 1
[  277.810484][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  277.810507][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  277.810520][   T31] Call Trace:
[  277.810527][   T31]  <TASK>
[  277.810535][   T31]  dump_stack_lvl+0x241/0x360
[  277.810566][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.810589][   T31]  ? __pfx__printk+0x10/0x10
[  277.810622][   T31]  nmi_cpu_backtrace+0x49c/0x4d0
[  277.810654][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  277.810678][   T31]  ? _printk+0xd5/0x120
[  277.810696][   T31]  ? __pfx__printk+0x10/0x10
[  277.810723][   T31]  ? __wake_up_klogd+0xcc/0x110
[  277.810753][   T31]  ? __pfx__printk+0x10/0x10
[  277.810774][   T31]  ? __rcu_read_unlock+0xa1/0x110
[  277.810806][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  277.810835][   T31]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  277.810865][   T31]  watchdog+0x1058/0x10a0
[  277.810899][   T31]  ? watchdog+0x1ea/0x10a0
[  277.810935][   T31]  ? __pfx_watchdog+0x10/0x10
[  277.810966][   T31]  kthread+0x7a9/0x920
[  277.810984][   T31]  ? __pfx_kthread+0x10/0x10
[  277.811004][   T31]  ? __pfx_watchdog+0x10/0x10
[  277.811035][   T31]  ? __pfx_kthread+0x10/0x10
[  277.811053][   T31]  ? __pfx_kthread+0x10/0x10
[  277.811075][   T31]  ? __pfx_kthread+0x10/0x10
[  277.811092][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  277.811119][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  277.811147][   T31]  ? __pfx_kthread+0x10/0x10
[  277.811167][   T31]  ret_from_fork+0x4b/0x80
[  277.811195][   T31]  ? __pfx_kthread+0x10/0x10
[  277.811214][   T31]  ret_from_fork_asm+0x1a/0x30
[  277.811255][   T31]  </TASK>
[  277.811268][   T31] Sending NMI from CPU 1 to CPUs 0:
[  277.991519][    C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30
[  278.022065][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  278.028996][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  278.039545][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  278.049631][   T31] Call Trace:
[  278.052914][   T31]  <TASK>
[  278.055865][   T31]  dump_stack_lvl+0x241/0x360
[  278.060551][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  278.065757][   T31]  ? __pfx__printk+0x10/0x10
[  278.070361][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  278.076359][   T31]  ? vscnprintf+0x5d/0x90
[  278.080705][   T31]  panic+0x349/0x880
[  278.084707][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  278.090883][   T31]  ? __pfx_panic+0x10/0x10
[  278.095350][   T31]  ? tick_nohz_tick_stopped+0x82/0xb0
[  278.100739][   T31]  ? __irq_work_queue_local+0x137/0x410
[  278.106295][   T31]  ? preempt_schedule_thunk+0x1a/0x30
[  278.111674][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  278.117842][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  278.124016][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  278.130380][   T31]  watchdog+0x1097/0x10a0
[  278.134730][   T31]  ? watchdog+0x1ea/0x10a0
[  278.139286][   T31]  ? __pfx_watchdog+0x10/0x10
[  278.143995][   T31]  kthread+0x7a9/0x920
[  278.148080][   T31]  ? __pfx_kthread+0x10/0x10
[  278.152696][   T31]  ? __pfx_watchdog+0x10/0x10
[  278.157516][   T31]  ? __pfx_kthread+0x10/0x10
[  278.162224][   T31]  ? __pfx_kthread+0x10/0x10
[  278.166910][   T31]  ? __pfx_kthread+0x10/0x10
[  278.171598][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  278.176926][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  278.182161][   T31]  ? __pfx_kthread+0x10/0x10
[  278.186761][   T31]  ret_from_fork+0x4b/0x80
[  278.191192][   T31]  ? __pfx_kthread+0x10/0x10
[  278.195795][   T31]  ret_from_fork_asm+0x1a/0x30
[  278.200597][   T31]  </TASK>
[  278.203914][   T31] Kernel Offset: disabled
[  278.208283][   T31] Rebooting in 86400 seconds..