last executing test programs:

20.52267266s ago: executing program 3 (id=4351):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x77, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bic\x00', 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003980)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000980)="97", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000b40)="9af9e7c3a62bee995791e76fd927d23f32fc74a2e9c3956acece512d8dfe2c6eb51928d50cf8c02a89", 0x29}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x3, 0x44000)

20.365328429s ago: executing program 4 (id=4354):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
recvmsg$can_j1939(r2, &(0x7f0000002780)={0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000000)=""/117, 0x75}, {&(0x7f0000001080)=""/131, 0x83}, {&(0x7f0000001180)=""/192, 0xc0}, {&(0x7f0000001240)=""/121, 0x79}, {&(0x7f00000012c0)=""/142, 0x8e}, {&(0x7f0000000140)=""/50, 0x32}, {&(0x7f0000001380)=""/78, 0x4e}, {&(0x7f0000001000)=""/18, 0x12}, {&(0x7f00000014c0)=""/139, 0x8b}], 0x9, &(0x7f0000002680)=""/195, 0xc3}, 0x1)
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

19.568878918s ago: executing program 3 (id=4366):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x2e, 0x8, 0x3}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="7b2aa334cd582ee24760d86662786a11e07f43fdc04e3ec9fae3437b65491ae82163e8bba326aca864e1066896dfb456a51f0c8e0b297285b9aa00000000000000000000000000d9605b7d82e6a8fa64ebdaaa3e542737525f7a81f2e5b41009438c2755a0ce81dbdf75209e51880c96034eff91484aa885dab82a608d1b22400782fe18b69ff092d49c572315226c18a6b8628fabbf66e66e38991938b345e0583fe0b9762ad0ddaea376dd65038cd9567e80f6038b"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r4}]}, @IFLA_GROUP={0x8}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)
r5 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
setsockopt$packet_int(r5, 0x107, 0xb30ce67a957a2a13, &(0x7f0000000100), 0x4)
socket$nl_route(0x10, 0x3, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x2e, 0x8, 0x3}]}) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="7b2aa334cd582ee24760d86662786a11e07f43fdc04e3ec9fae3437b65491ae82163e8bba326aca864e1066896dfb456a51f0c8e0b297285b9aa00000000000000000000000000d9605b7d82e6a8fa64ebdaaa3e542737525f7a81f2e5b41009438c2755a0ce81dbdf75209e51880c96034eff91484aa885dab82a608d1b22400782fe18b69ff092d49c572315226c18a6b8628fabbf66e66e38991938b345e0583fe0b9762ad0ddaea376dd65038cd9567e80f6038b"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r4}]}, @IFLA_GROUP={0x8}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0) (async)
socket(0x2a, 0x2, 0x0) (async)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) (async)
setsockopt$packet_int(r5, 0x107, 0xb30ce67a957a2a13, &(0x7f0000000100), 0x4) (async)

19.37153386s ago: executing program 0 (id=4370):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="340200000203010400000000000000000000000708000100030000280900020000000004010000000800010001000000"], 0x30}}, 0x8080) (async)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="340200000203010400000000000000000000000708000100030000280900020000000004010000000800010001000000"], 0x30}}, 0x8080)

19.369681648s ago: executing program 2 (id=4371):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e086dd200000006006000aac14140ce0", 0x0, 0x11, 0x60000000, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x17)

19.187973845s ago: executing program 0 (id=4372):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='xprtrdma_dma_maperr\x00', 0xffffffffffffffff, 0x0, 0x100}, 0x18)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000680)=@ethtool_regs={0x12}})

19.169828415s ago: executing program 2 (id=4373):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000004c0)={0x48, r1, 0x101, 0x70bd27, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random='@'}, @NL80211_ATTR_KEYS={0x20, 0x51, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "b168fa2567"}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}]}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

19.152117365s ago: executing program 4 (id=4374):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x30}, 0x400000})

19.037244574s ago: executing program 4 (id=4375):
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x78, 0x7, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x58, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_META_SREG={0x8}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x48055}, 0x1000c080) (async)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x78, 0x7, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x58, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_META_SREG={0x8}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x48055}, 0x1000c080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r2, 0x8, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x8c8a, 0x2c}}}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x213}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x880)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)
sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r2, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x1}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040004}, 0x40080d4) (async)
sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r2, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x1}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040004}, 0x40080d4)

18.980626433s ago: executing program 4 (id=4376):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x77, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bic\x00', 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003980)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000980)="97", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000b40)="9af9e7c3a62bee995791e76fd927d23f32fc74a2e9c3956acece512d8dfe2c6eb51928d50cf8c02a89", 0x29}], 0x1}}, {{0x0, 0x0, &(0x7f0000002240)}}], 0x3, 0x44000)

18.827150469s ago: executing program 0 (id=4377):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0)
socket$netlink(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c000280050001"], 0x98}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000180001010400000000000000000a0000003c0001802c00018014000300"], 0x98}}, 0x0)

18.728091674s ago: executing program 2 (id=4378):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c0100001000130700000000fcdbdf2520010000000000000000000000000101ac141439000000000000000000000000000000004e2100020a0000003b000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000000fe32000000fe80000000000000000000000000001b070000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000043050000000000000400000000000000ffffffffffffff7f000000000000000000000000000000000000000000000000000000002abd70000035000002000400000000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000217d66d36547aa140db8a200000000c538c7cb7a1c0004"], 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)

18.653269218s ago: executing program 2 (id=4380):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x2, @empty}]}, &(0x7f0000000180)=0x10) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @target={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0x9, 0x1, 'SNAT\x00'}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xa, 0x1, 'AUDIT\x00'}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}}, 0xb8}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, 0x1, 0x4, 0x301, 0x0, 0x0, {0xf}, [@NFULA_CFG_CMD={0x5, 0x1, 0x4}]}, 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xe, 0x16, &(0x7f0000001ec0)=ANY=[@ANYBLOB="61129900000000006113500000000000bf2000000000000007000000087000003d0301000000000095000000000000006926000000000000bf67000000000000150a00000fff07003506000043fe0000170600000ee60000bf0500000000000063620000000000006507000000000000460700004c0000000f75000000000000bf5400000000000007040000f0fff8ffad420100000000009500000000000000050000000000000095000000000000001c0a7900009d3c2792432a4fa650c512aee994a56462712cb064ecce5e7a9ce0a575a4f7952cb768637e60bd5d2e4b5992de991371274fdf535e001022e25659a7c85615c1b88bc894123c090014e8fb87efecdcb73858479526222b22ff81971ef49b2cb0dcebea6d90e9c1677fbefd35893d883a2c559b7af8db8b2d89fcc8af461b2a74af360eace66cec40d927006bd666c8122217c27902b3933106d0cc5bf6fec345ae9606c3c1a3000c94df67ae600900ffa2f49ec035883e27b1a9e9dff3e8bfc7d1be00f1a0820102b19000000000000000009095601e090012086dee84efd375f0642ed261765d3b9efdfbed9b430bcf04060000bdff1c8bcfc00300000000000000ab5d5f299354997c8bef9ca55841a57eddff9220c67c9e17bee524c3dc74c0271124cf9e4e2d23f7062351edf77c7129eb89085967722da6cb884d1afe82f7f722e38397996271700241094d272dd8b754b2dd36d486e7ffd1bdc198deb495cac0995ca3ef6c1affb693ae366b0f11db6ee4830d87a347d448b0737e852306b4713e5ce6cac6a27e29f164b9f16d6f045271b8e9f172c3db24558d77b8bf18be45c50b3fc005fa7b5e45a209d48d6dc2389d7f34cb9c02cf517c8ee8a9b6159ce895101c2ccff2bde95aa860ed9b8b6d6b8fcab7663d9bd8415e6f90fdb007b8f3e0ffe3a638c4fd88d20d235173720c1df1147c9f5013c82fc98604bd70cd56609a6b73943748a900e1d8cf81bcb1d2620bee688eb0a284040000005cc3ba8bf0b5e0fc018463d03a73fa85429725545128b0e9b550a13d0dd35092250b7d00ff03d5314fa8d37932055bb6d30d0000cad2375a34c7f15c3096f31e6aa6887864f62760ae35214552982bba84d92b1261251330dde4cf97b7cc6b2349e4f7a56003f7303d210fccd2efe6cda2595aacc36db66ff83af576b56dfbd40b15d569244d7d6e1182c4fa829c3f86acd17082bfed73ab9ef37705f9d2734801899e248e1a7155e28f000000000000000fce52263e3953a6f8560f852602ca905b58a9e2dbf16dd0322d0bb3ceb1b01752230bcbbf731701b2b1768aabb9a002090c09ab606e91ad9d88e7205464594add8691b62d55127cd891b8abe4358697e1b5f038773c0aa220cdce78b9346adbd72b293e66ef1a04905aaf6bd31e8d40d425d21232956ee45935d7adb2bf9fb37ff145472c58dbc8db58d0cde99df77d86ed71070000000000006d5cf959fb84c9f8ec46ec9af313d13d1bd85d57f598c00eb7bb8b6b4ff5875a50e2ea3287cf0f838bffdbf985fdce1fb66979b51cc6d6d6661354f33986f7acee499e25e3b70db6f15d7f2bfc0000000000000000ff7f00009eeb78c3d2e83f5e0eaf5cec82f45884cb0394271826ac2d5cc0afc4e784b515c659901c5c6a8573436be7b0f64c6176ef37db239a1ee9839436e951aef4196798d518a4820a241cec1b3e4923dae4c87d460900000000000000de7b13645fc6921a759e2c23153f432a3e5167628a94aacd0f40543049d8ef9787b56006227f143ce5554837675b93eeced66fe71bbe2c055660d23af1c9a83b78d0fde1f9dd526858a320563807a1ef41829913ce0b280010dca0cb3a98a8986e8e656dcaa6ae4ee6717a29e50450688763f1b17c156b860ba0d5a121d00ceac30ef5e104c43d76074c3884cb8fa504ebc94f7c83e90b6cad8d2a02df007bd585f4472cfb004cd9f09995000000000021000002cfceb7feffffffffffffffb1a6c40ac666744ca6c8fbba8452b686fd9b6250edd7d86ebc35898637dd88540e40d5799c11ee9883be26229eeee3941494fcd4389af9b755843126338c346b4d50a5b8684ad74bad46f4ffd86292d72a933fcb7304aef4b4a4bf6e054fea3549e08c0dd2334f485da9382887c16306176f73f029e2f9f8145360cfd5ffd66ae82d51e683ff364981b358a5f48af10059a0716951942eed021e41ba076d486cd095ffcefc3e8b8ead226c5a640b06fc13311826d024248f14b62a7fb0f9b95c9e23e7d29aca69e77db40dd00c0b20e43e300b1a46e243e2a8321dbb1270a22d9a2368de08d625566f253f0760abb44c11583fa5b914ab298ade422e4c0ddc7b17dd2aa8ac94d93d6b590000000000000000000000009b90eb1db265c18521667d305886e9c47ad357a76be0c9ce899bdd80a51a2017190a590d092bc500ea71b338098d1007517c1d6e785d5e0975ca2c2edf221b30377e61fce8bf47e7b93da593d154caca75b1ef1273aa501807005593ba45d219d7c656be0fb900000000004093461ceec5fce099368e07060c21cabb846f2447fc72be9925b2f568b15e5d22c8fabbfd3edac460c70a5619a043ada38fea3b104f9c1a473b7820faecfbb40b5e0d3681013c0cb2b8acc1ceb5f790210a3be07b2727c4e5a5d20468b3ed35f9a71519904c6dd76dee5738dcdac1f4358bb65c1aca8eb0a65aacbaaca92cc7cc553b1c5181d81c15ff4eaea3bcbfc4e0d06bd8d2e2d941924f860f2aba2253b9038e6923b026b7ece3e9fcdf6aa14a65bd6cd7e78457dac1fb3cdc421d6059e17d44e378189035c2fe489e5b7a87c23ec952e2affbc7a4c707312b17a5f428527cb42a8cbd072490eae617e6ea32ee7d3055bfc9b1128553cb963d3873115296a8bd2efb7368ea2727b294d6eceee49ad9093738a3b1bbfa163a917380953fdc3a443a6585925ee14a817390a655c1988632a414b304d688116d79693efd80b293ddc89bb27529c34f4f8ee3ddbaf1c13a4e15186353efd0ced475794ff5f9b0580f2fb996928f0ca6d1a9f4bda1fe9c1bc2e657448c00ca6afb2e5b1c336d657c87f2634db46e2e8e82366a2de4dd41ca0a26ab49d5d357e5a8af73d9504af230513acadd2f0d9d99c4b6e4ebf68582cf8dc4dac990b216a6a216b0cae87a2339fda14e546b224857f758cb64ca2dcdf32b5420ad9f33dbaeb36b7466c5129508d57329f57ac682757e398c4d2a6f93fb1dfc2c840e06bd6c0d7ceedc3721b19c7c9fc1645cf32d79807c4d3e0898ae2a829df5c03834bc2558aeed652399a9cf9e5c859d3c5c5341b329fea445d2e040562a813c35ed1c1afab50aeb12eea9456adf21953947413c03af836bc339355250daeaca253f809493c75c9dcdbae3a76753d593623348e82b1e9c5480fd099b6322b6c6158ebe8ecba0ab364ce4a58e244b76d16b81905878c4caaad1f54cc11df97a50356638016a7e50a92ee55af3c64ae2b95653373d3471c0f26119e18426fae7739a9031618635a257cf58b1e9b8264b6543d6c1c372b66d9a5f96198ae01beeb398744ac4b6f26b568cd7b792039ac4e10f9307b1a8dc268a5d2af3dbce55fdac6d1a158a2243c679261aa080acdf0d55753d3163664df7e4129f12f850c694dc140cf9380687da9914be848a01bc7f5278eb3c3210664b62743887b822814c58a3304b392c7e2a6e64576248af87c0f995af921be86e8102d8343c0de8cda3512f84c894ed6c0206e41443c456467c42ff9ddad36e882cc5287394aedd8d413a061a2894f2ef5fc3072fc8a0c5c2a9f94954278c3d67a0b0fa6e002ce0840e3405d166f037a6e678ce1af6ed9c6e7023f8663d294f4bee1effc148e096d2eb91903c482548c0c5b135a31ae6903a9cb9a40a89155ce15dbe3e373a7ac4c7b4d391bdac5268b2d419f13aeb86f68725a4633eb883417bc23243a302ccc919e0b141ae8aeb7457264f8cad663255db96efda704cef9428ffeb16acd3295a36b1e514ecf65944d5c754e02410075714612e7841e6c7e1e2366bd6ccf335ac9dd35332ee78aaa2ff6950c81fd53db93dcebe8b9c42aeefaf63150d649bd1542014ac64daaec18e82854454967e37a6dccea142f2504a6aba4dd44594c230101a4574d56a1ff4f5b7dd246f7d607ff6f8bebf4fd7e709122f3129bec4dd5b4129829d15d1d3b1fb82e341a325f7863c5035bc6a35a6568b35327a8364d98bdf516e27b57976af232128856692b491469c525eb2a48d4794459dae9213bd0088206f364f8c2c727e3e1d1a3ca9f1b40fea92bfea26189d3bf91e92c1e8795334cc268e0b31cd354701eff8adfa247b848b0ae203f78380b818c0afbe01efec884ff0a6cecfb726886bbdaf78ed3ebc40556b434d0fd81799d96cf302e1115c8cda0b4c7f27c8b4ad1a5808f6b908816ca7483f94fbb8391e6533833470c9c3352d70ae03bc8479e64caf16d5fabe77519aa196fcfb4e480620ef153a09e1dd59490ffab33976fba5b3126dc509e4cbc94bd59f745319efc4523e1f0387968be039a920a0abc8aef753f82ca796055bf28affa706df1312a898162454ff9010ee5fa95d56fa3e8ab283481c20d0fa2b3149a54c268d2b77ad6ce63f97e10bf3baa14dc7a4492587ae1e26237787231d000000000000000000000000003ef8cbcd3ffe8d35974cbb469c41e8ad0b58c5376c4fa943d02a4bd12dab3cab9ef4e62cb10820de0d87ddd79f820879e4ad8868f81cf931760d5c6b9c7337e8efcaa4e63eed8e3eb668f104cf1fa53fb300acb4bd61371d6f12165e9814d2517cba3403530d06737da5cb6ca5996af9a16cca9853430842bdf0995c53681e4a2b0bd1fdaeb0e7839669aed97a6f6f25f7de9ba0ea23384b85957faf49d62dba00af3c7e3c817e13e63c487fc167f2aff6e5a250937bb43b0a8e9d12ff551e6cc2d304aec2a5d843ea327c0a3379594726b92b1919367f3b1711087f160503b3b37170579ce2a664b21d86aca4cf19c1f36d264b0b7ba3de1e020601418d981c6f596e48d5cebe4ff0fb8046e87a5c4d95c07935"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

18.650830045s ago: executing program 0 (id=4381):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080)="2c385aa3d49108bc436a", 0x20)
close(0xffffffffffffffff) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) (async)
socket(0x10, 0x80002, 0x0) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3bf97ff8836d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100)={0x0, 0x0, 0x4000}, 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x1f00, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x7ff, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000) (async)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast1, 0x15, 0x3, 'lblc\x00', 0x1, 0x4, 0x72}, 0x2c) (async)
r4 = socket$kcm(0xa, 0x2, 0x0) (async)
r5 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x1, 0xcd}}, 0x44) (async)
sendmsg$sock(r4, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[@timestamping={{0x14, 0x1, 0x25, 0x3}}], 0x18}, 0x40) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000280)={0x2, 0x4e20, @multicast1}, 0x10) (async)
connect$inet(r3, &(0x7f00000001c0)={0x2, 0x4e20, @local}, 0x10) (async)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000007000000b40000007f00000000000000", @ANYRES32, @ANYRESHEX=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000003c0)={&(0x7f0000000240)="97", 0x0, 0x0, 0x0, 0x8, r8}, 0x38)
ioctl$sock_rose_SIOCADDRT(r7, 0x890b, &(0x7f0000000200)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x20, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f00000023c0)='westwood\x00', 0x9)
sendto$inet(r6, &(0x7f0000000b40)="9107d44993e3de6bfe0f58f8f4ab8e8ecbaa80461bea76be0e428a7a8533ac04001700c253bd19f312b982ebb52391be64cd38c6265538b1b60cde8b3bc0d25c68d5a83ff5a80b79a74df413fc9a6acb5d716ab71ec3636a9c0fa34a2f26c7bdfd16947c40bdf653986d8a441d7c5741c7d14751e8172a19cf01ca55d661b45541d4b738265b64fb877d14d30e338039ffd0bb17d0c62ab631517b3b3754a3d29ca3a7dea4ea8b86c565248ed423d1b7dac4d6c9d4dedea582c19c5f0fff1c0362f4522dfd9806e6112471b7a36630ceb0daf7a743543826d5bcd6e0ecaee1f384c64222fcafc238560d8759f31c4088f7456eb38333c5178e5862e5b6b67661c9c3cf05aa4083f4a5010632d65f90246525b797fa3a63a56cb338ca29e6e0bc1daca601e99aa99832b7c8d36e280ecd65109c45b0dc0db9f9d5023cd93787618c6f1df7adb5d20e5eebb6648c756e567dfd1b4ac6ae840fd31f0b2133b858f4dd8f5ab986c9ed571958b73f9f3b67d851c8d53a6d3266b25315a8ea71f9772ce13fe5162ee40f4fe109c143adf9082fec063a3caf23a231d4f336495f08b19333", 0x1a1, 0x0, 0x0, 0x0) (async)
socket$inet_sctp(0x2, 0x5, 0x84)

18.615487128s ago: executing program 2 (id=4382):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x20c00, 0x0)
r2 = socket(0xa, 0x3, 0x4)
r3 = syz_genetlink_get_family_id$smc(&(0x7f00000000c0), r2)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x3c, r3, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'gre0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000010}, 0x2000010) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000000)={0x3, &(0x7f00000001c0)=[{0x0, 0x0, 0x0, 0x37cb7880}, {0x0, 0xfe, 0x10}, {0x6, 0x0, 0x0, 0x8007}]})

18.54521088s ago: executing program 0 (id=4383):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0x4e23, 0x7, @local, 0x3}, 0x1c)
setsockopt$inet6_int(r2, 0x29, 0x11, &(0x7f0000000a00)=0x4, 0x4)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000001400)={&(0x7f0000001380), 0xc, &(0x7f00000013c0)={&(0x7f0000004880)={0x13c, 0x1, 0x9, 0x101, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFCTH_TUPLE={0x98, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x35}}, {0x8, 0x2, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}]}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0xfff}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x7}, @NFCTH_TUPLE={0x64, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2d}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}]}, @NFCTH_TUPLE={0x1c, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}]}, 0x13c}, 0x1, 0x0, 0x0, 0x24048080}, 0x8001)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x400000}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c0000001600010000000000fcffffff0a000000", @ANYRES32=0x0, @ANYBLOB="140007"], 0x2c}}, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000600), &(0x7f0000000640)=r5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff7fff}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}]}}]}, 0x44}}, 0x24004000)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route(r3, &(0x7f0000001300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000012c0)={&(0x7f00000004c0)=@ipv4_getnexthop={0x24, 0x6a, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@NHA_ID={0x8, 0x1, 0x1}, @NHA_FDB={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x20000040)

18.029504736s ago: executing program 4 (id=4384):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e086dd200000006006000aac14140ce0", 0x0, 0x11, 0x60000000, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x17)

18.019463721s ago: executing program 4 (id=4385):
pipe(&(0x7f0000019480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000500)=[{&(0x7f0000000280)="dc52b3905f", 0x5}], 0x1, 0x3)
close(r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0000000072e5dd899d020fbd129841d523b63ab258ec2e364e2a60df37c044021696ffc771dcac6bc4cb4e75166f3a105be1c546d8407540fa78923b63a1edb6a0000000000200c73dc70cba8242c4635e0d833435e8fa3c2e7a03000000000000003fb23e8c150800013b92728595d062499096738fc4bb776dd664a1d80c67a2695a70c33c3b08582320fc90989c621c2a088ef1009701f1decd1ccfdc65be0250e77677a50e9abe270cb7de568db449f9796765748554ef34287b1758bb32f8a218219b0496f465232c816aa8997ab014bb1b5c9fe5f7b2cf1a", @ANYRES16=r6, @ANYBLOB="010023010000fcdbdf250200000008000100", @ANYRES32=r4, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=<r11=>0x0)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r10, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}]}, 0x1c}}, 0x0)
sendmsg$NFC_CMD_DISABLE_SE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x44, r6, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
write$nci(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="40010421f9252ea3"], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000300)=0x1, 0x4)
connect$inet(r2, &(0x7f00000006c0)={0x2, 0x0, @empty}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="12000000430001"], 0x1c}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000780)="92", 0x1}], 0x1}}], 0x1, 0x4008440)
splice(r0, 0x0, r1, 0x0, 0x5, 0x4)

16.630446564s ago: executing program 1 (id=4386):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b2c25ff02000000000000dc8b850f238466cc00007a000000ad6e911b51818462b4e0", 0x30}], 0x1}, 0x0)

16.608766413s ago: executing program 0 (id=4387):
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1800b72172cdafe4b48f510f0000e4f355a94dee1898e5b70df09578295ba3ad3d636d67382aeaa570fd6d5f09fc98b86df03fe1c886efbec907318b66713047ec85f29c7e9c3bb74927fe6eadd2fa11b81cc813067caff9221c2a2255efd8e8b823705c50aa651880d8b469db2a73352af745d21157f3c8ab36b0a78c87d4ca7559cc31efe7715ebe9cd3fea3e94ce8c9addb659bb4bd443fd638187c66da245aa0695379c3e4e29569d1bf722e15cb0b93c0fe385dbadf8b9fb3551729924a23dba1ed27fbff1f6bac29c0723c1f099fd7192c42e578bc", @ANYRES16=r0, @ANYBLOB="010000000000000000000b00000004000580"], 0x18}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r3, &(0x7f0000004100)={0x0, 0x0, &(0x7f00000040c0)={&(0x7f0000000900)={0x84, 0x1, 0x2, 0x301, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_EXPECT_MASTER={0x70, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x84}}, 0x41)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r7=>0x0})
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000001000), r9)
sendmsg$NFC_CMD_DISABLE_SE(r9, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01002ad27000f3dbdf25120500000800ee21", @ANYRES32=0x0, @ANYBLOB="0800150000000000"], 0x24}, 0x1, 0x0, 0x0, 0x4004104}, 0x20000010)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000340)=<r11=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000400)=<r12=>0x0)
r13 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r13, 0x0, &(0x7f00000000c0)=<r14=>0x0)
r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r17 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r16)
sendmsg$NFC_CMD_DEV_UP(r15, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r17, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000440)=<r18=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000480)=<r19=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000004c0)=<r20=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000500)=<r21=>0x0)
sendmsg$NFC_CMD_DEV_DOWN(r8, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x5c, r10, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r12}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r18}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r19}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r20}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r21}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000}, 0x40c0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r7, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c00018005000200000000000800040005000000080001"], 0x7c}}, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000640)={0x14, r6, 0x400, 0x9, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="58000000096b464900000000000000000000000000030001004e620940fffffff80500011c07160000340007800a001a007770616e3400000005001500bf000000080008400000004608000b40000000000c00184000100052c1c40cc26e09ca9911e88bd5311440b2cf362a9926438de1992e4fdfafb59fdf4f66684c774d1f158ecb17fb4cbf06b607337b5d334006975de3c9a6482f57be1f57a5b3eeb060cdb66ae13dca8d280904"], 0x58}}, 0x4)

16.608297704s ago: executing program 3 (id=4388):
r0 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, 0x3, 0x1, 0x201, 0x0, 0x0, {}, [@CTA_STATUS={0x8}]}, 0x1c}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x1)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40080}, 0xa, &(0x7f0000000400)={&(0x7f0000000840)=ANY=[@ANYBLOB="3c0100000001901800000000000000000a00000234000f800800014000000005080001400000af4408000140fffffffc080001400000008108000240000000020800014000000002c8000d80080002000a010101140005002001000000000000000000000000000214000400fe88000000000000000000000000010114000000000000000014000400fe88000000000000000000000000000114000380060001004e220000060002004e24000014000400fe8000000000000000000000000000bb440003800600020000650000060002004e220000060001004e210000060002004e200000060001004e210000060001004e210000060002004e240000060001004e210000080015400000000308001a4000000101060012400002000008000840000040370c00188008000340000000ff00"/316], 0x13c}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)
r4 = socket(0x2, 0x2, 0x1)
bind$unix(r4, &(0x7f0000000000)=@abs, 0x6e)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r5 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000680)=@ethtool_regs={0x12}})

16.449012683s ago: executing program 3 (id=4389):
syz_emit_ethernet(0x6e, &(0x7f0000000140)=ANY=[], 0x0)

16.447661253s ago: executing program 2 (id=4390):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="635ab9ff00608e56d699a05864dbf8ffff065a290611d07d"], 0x8)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x40, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xffff, 0xf}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0x10, 0x2, [@TCA_FLOWER_KEY_ETH_DST={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x80)

16.437087815s ago: executing program 1 (id=4391):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c0100001000130700000000fcdbdf2520010000000000000000000000000201ac141439000000000000000000000000000000004e2100020a0000003b000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000000fe32000000fe80000000000000000000000000001b070000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000043050000000000000400000000000000ffffffffffffff7f000000000000000000000000000000000000000000000000000000002abd70000035000002000400000000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000217d66d36547aa140db8a200000000c538c7cb7a1c0004"], 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)

16.371492432s ago: executing program 3 (id=4392):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r0)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x38, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x884}, 0x4850)

16.297196043s ago: executing program 1 (id=4393):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001080)=ANY=[@ANYBLOB="b702000024000000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006502040001001f000404000001007d60b7030000000000006a0a00fefdff00008500000026000000b7000000000000009500000000000000c743a0c8e3ebbadc20e5a7efcc9ac1467fb2ea80dbcf8df265e1b40e4c8afd5c0c000000008da68076774bbcdb2c769937000090af27db5b56024db96bcbbbd2cb2000ce03000000000000007e357754508535766c80114604a86fe569b05614eab9297eb290a248a120c9c6e39f403ff065fd3052aae80675eeba68562eaeaea5fecf298ca20f274233106eab63ecf772de7b265040b6c50b7420b48a93fe94c756108afcd0b2eb78040000005f02a5a6474ae549070004000000001294fba0ed5020e6474ac921fee1f6d8ad6a80c0947cd6d4a561ced21a0b4a902be6af7ec2d1ba002e57f301000000000000000000000000100000aaf25343063e6581f9e6de14ad72e5ad84309f47f96a576cd20cef7ed951a73ea73d7c7f14e306f1f1d1377e57abb19700f0077e9d0000b93eb0f2c6f8141e350dc68147e5958128d22d58625cf9dba211bfff9c3709c9b134625d3d2369f516a49eeeb1a662c8dfb875bdf5c6ba73cccdfacb202994c40d322717faff03323dce8a34ee0ca2cf61efb4b30000642735d6d482ba98d252f36c54333aab1aa736369392b9067665339820f5f1557b0bf7cc06a5a13c714e0b1a1f000000ff3283076cda3d0b1a2905cfc3d04f1db264b530abcbe44bc405f600807970727fb819afa1907228fa9e83433eedb4ac88d0285594ffb0d14c09d5c77f33702822b02488ea570204c8441ced81cacf945dcb2486d65ceec8bcaffbe800a041a378b40dc9e3600e916ae6307bd8325a442095bc9a8b0c95905979f34adddbb26f0d24425c8ab9d937d84b521914f92eed3d3e9de82942a952e86b567aff5bc2e3c1fcc00f618363df5d0d181ee8f4b8fd356c9eb365adc037e443820c05c5db16ff07a9cf471e2ebf91ab00a05f88c1cd55f8c81f5eb1f8d615ca27efb2193bb61665a1ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50225563cd37343d09da72472efc2b2877fbab12a891513e5f0763ae06c0610a2869747c143d75007606000000b2310e19ac58bf29d7f178d09a9f634a3ae492f54649589e3692768a0f3a082c5242c8fa7f01e0873c9c5c604108ad85950d8e08465fa1067ea8f383b3e7a7ddf5977d46f4bc38f914b4a496426d8468f9ba618b6b2218b50c8fc9efbce3ba799cf70de7e13be871aa7eb402e2b11f440361e18d4e334bfc6ae54e62e67a0338c756c544189e4519a029674e2a2bbbc7f6600000000000800000e5e30b70b198246d3a62660600000030a0af132e680510811d3ab71af5d98e2d3d928a749e8b9402d14655612bd58fb40b4625cb69bf6cea97b447f2d970d99100000000086000001b881afb2cc500003a73562af4878f75b4c98274eeb666aa1f5fcf91990cf0dcfef9540057b8a3fff2bc02c5941626d2015f414546e87835ba18e9101734a9e9c6955fc6b9a25fe2a3dd8bab7f21beccba5493a164c663eceed401737c12c65804712236a9a29a43b1e27e9b6816f2328ea8423121f12b7b35aa721fef26934ccafde573bee5c33ef15309f43cbd5d61aa679a9c402d337ebf57a5eacb569401c1df7b9c45b09743c61d1db37f0000000000020000000000de00d23dd63b7761d7d6818db785d8ba13dc577fe61a68eb365de5661f43d4c789bb117a3d208ae44a38e7868dc32e132124ecf52327631b718b3157e218959156ff8e92b7e92bc275d2c9114547351a0d0f2a70d13be0194b6cb68b03000000000000004f153bbc7f52861e4e5df0d19e4e40ac44cfda6f87807e5b5ed7072c04da88afd3d4b79f060e004a0e2f00b9e726ac75d2ac0691314c627e9a8a07bdd607919fd48f01ad6d2f7621d9a75b134f1bc25ed7c33d411a5baa4daa3add16afc502b2b7629541d722e91d631e5ffb9d4beb5aa5a2c4e490a5bd038c1817f0d4652a29353b05b16b3c5cf4538ba310b8cbc221af38ea842d4cb908bcd574f794459fd54b58c6a791e6df625a47bade4ba41ee014184395a479544619f749ff70088b0fd115077f7eff7c5a3315ca604d110df1c54407f191a78d8362e4dc6e1138391c2a65246779bb76c9f1daea4f085f38810edef6dd047937c231cba791a4e7713c5b3b0a0b6ba37db5016e02d114d714459d065a79609fea4efebad04edac11aac0e53dd094827453144fa419ee81823d00a90a9058ba740d2f41253a8d01a8c1a7265a084e30ad10d412aee8170a7111d62473e7bd8f3d64fb7ebdd32aada331900000000000000000000000084ef49dd020000000000000000000000d9dcb285038ec38d5f4969ed0e98a71ac7bf8159a234833a5241722b2d24aa2fa4965d4eb7966fb27d118b6ef3308627e67d42f1041d5e92da28e0a7724ce715854775cbe06c5166f1dac0745f1373156a536cb6394c2c4473e2050cacf693fdf8e305080000001a901ecd90a5f53b8327a485557bc2a147b036477915e600000000034258ebbb6099b597d17ee2fc97ca850b8580b1337016a40566814594c13052b9d2b0741326825f19a244609ac04a0c29691a7c8f7a78c1a7590a293c561f304533c638ae635f5ce026f7fa034d8cfe0e11831d4829692beab26891ef583cfcb713a4d3a2d8b958c0875d7e4bdcf98802db086ebcbb9d82fa569a18f06facc2ffe1ea9ae4231e1e7a5dd7503faa2de7f898c97788c4b9c61c70ff92abdf7476cc351156d11c0ada7614f315f4c6cca119d16827d4e864f5a7a9b690272a510c451dc07f391309d02e31e53b2bf0b5f86e776b1bcfe6c85ccd7ddf8a9559d58bb5603895f265685fdd11263c946f8ef3ccec1b0d45a47a89b8237cbbdab14e4ca6dc76b2c41e071b93a065c0f5aa718e1cfab29beea78a6bd9a3114f0fb92be9a5862627b4bd99db2c08e4636e43f05f33535d5d1f9bb40e1fd8e5125a3d29b31dd94a6744bbc21722222b976089f073a4d3fcafc6d06518cf0c4fc6c8e3da0000000000000000000000007d3b60775243f2143d9f54804b11102cf0e4c641db1ba8bf75e46ab3a8fdece6562e7ebb3e407f3c7504dfa3da3aecbd49af3d1edeea11cc970416fadeedc8423bfdc85041ac4d8243a1130e6f4cb5bbfed9d095e18c98c7d690e4c491a7ddcd5635bc61dbed719ca28e8ca3f1fbbe588913ed057f1d6e34a79f4dc10df54d1993a5bc5f9ef6dbd339ee4b0b5764169f305e284ef82cc23e9366d4bc7eb45c7230b13433e5240657cb8eba33260147be8620b6d98cc48b000000000000000000000000c1ce872b18984f080100000000000000bd3fded92547d41809b398f36749083a147eb09ff1ed601bd36b873d3947fb223da647052528e0466cb917db7800f7c7000b593fca1903991cca1343882e3a1f60044f11c081dae4fc5bcf20efacdd2c577f4bcda2eea6f75a31dc90eebb6135b6fb824052181b0ad8a49ebf03ccf61d7e39bf6b0762d24d19796016301d1415b5110ba9df7f204aedb2a2e4e621c0553d312b309db67192f98ef7800000d629c04e216afc8fc66616bbf304e452373aa927c2ad6f5417f1b9bc322b802c1c42112a92a331cdc113b9ace3ff52ede7a853f9a89002ba070bac2f635a03db3375e5564f1a798bf9c0f8c72725d2eca9b0ec7e453d78ea20eca61530fe574299b393ca144adcb06108dfbb934065a87972739150a8752ac111c4d9062ccb95c54034fbdee131d94dfbaab1854d55665746fb7b47d25e54070b0d14c0a29c57bc4930075e1761913b036d43852c6df9f10e15105b2a18668298a3577943514db0dce953dcec62139ff3f16066efec5d8cbc0600000000007289be5883aab951ea67cf2ff691d05c1ea91dd569ed9897fe8d88a0a6977dc8955be17e8026aff11c61fa5cc76196c1423cd597345253baa1537eb6962a3ce1fe5d5ab46938e8fb23fa7047bc59c4345e912585a9adb5fe2ff51b64a326321b594e3f2d339f4090bdae6b30b62064bacbc155d3c930576f506b093ca7c60957bdfdd6536baaa871cf6a603c736b78761e6463b8ac503e219cc3d98f649602ad24d5667368290ee926fba76ee482a201a03efece3b236f4ee2ffcd5d90d92a2f0c5cfa48c87f27c2f1e92988a6508c12f6b7755cc48eb10edafca92cb0260c72295a27a24846d3a2334bd60e94c0fd07e5db0a4964a7fc4e89f11a300510776934e87bb3c21394f46954a012b2a3b0760f1bad1dbd6b466ed7153bd18ee2c0b2353c38df9e0782eb"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfe37}, 0x48)
unshare(0x20000400)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x2d}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x30, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x104}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cpuacct.usage_user\x00', 0x275a, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000240)=0x30002, 0x4)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000f80), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027000000000000000800000008000300", @ANYRES32=r7, @ANYBLOB], 0x4c}, 0x1, 0x0, 0x0, 0x8850}, 0x20008090)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, 0x0)
pwrite64(r2, &(0x7f0000000000), 0x0, 0x8001)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="b907ef19edfff007049e0ff0888e", 0x0, 0x0, 0x18000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32], 0x48)
close(0xffffffffffffffff)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x240080d0}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000b00)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "4a00a6", 0x10, 0x0, 0x0, @private0, @remote, {[@dstopts={0x0, 0x1, '\x00', [@ra, @ra={0x31}]}]}}}}}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xffffffffffffff18, &(0x7f0000000100)=[{&(0x7f0000000000)="2f0000001c0005c5ffffff000d000000020000000b000000ec0091c913000180f0ffffeb", 0x1dd}], 0x1}, 0x0)
socket(0x10, 0x80002, 0x0)

16.25964954s ago: executing program 3 (id=4394):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000100)={'filter\x00', 0x4}, 0x68)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f00000004c0)={0x969c, {{0xa, 0x4e21, 0x5, @loopback, 0x2}}, {{0xa, 0x4e21, 0x3, @private1, 0xa9e}}}, 0x108)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000000180), &(0x7f00000000c0)=0xffffffffffffff01)
r3 = socket$inet6(0xa, 0x2, 0x3a)
r4 = socket$inet(0x2, 0x6000000000000001, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x7, 0x7, 0x6361, 0x5, 0xf, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
mmap(&(0x7f0000001000/0x200000)=nil, 0x200000, 0x2000001, 0x2011, r4, 0x0)
sendto$inet6(r3, &(0x7f0000000080)="800009e92208a1ce", 0xfdef, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)

16.094414801s ago: executing program 1 (id=4395):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="c50a00000000000061139c00000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0xb, &(0x7f0000000040)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe}}, @call={0x85, 0x0, 0x0, 0x3a}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x55, &(0x7f0000000100)=""/85, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x9, 0x4}, 0x8, 0x10, &(0x7f00000001c0)={0x5, 0x9, 0x5, 0x5}, 0x10, 0x267da, 0xffffffffffffffff, 0x2, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000240)=[{0x1, 0x1, 0xb, 0x1}, {0x0, 0x4, 0xf, 0x4}], 0x10, 0x10000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r1, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f00000002c0)=[0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x4d, &(0x7f00000004c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0x4c, 0x8, 0x8, &(0x7f0000000580)}}, 0x10) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ_RESET(r2, &(0x7f0000000900)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000780)={0x128, 0x15, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_OBJ_USERDATA={0xc9, 0x8, "cf0a22d850a1b5a1a5c3727b1eadb610167e2460a7bc5dc8f7957141f36c816c4fbf70942fdbfdcff64c5f887268c59ad7fe33a5974920a5fcd1d7e6c60ecf22392edf736f8e81fee133bb04b5fd3eac972d9026cc85292e070182e509853a32d443352d2eec4a56f4cd7f068c35417128b1bc750b228ed3d270736cecc6626a3b1ccb9a567a8d1c2a554242f3019e5d142fec83494177aadd0a06b0f481e50d720791161502b014c1b110b8aa1bfcc7dc3965d62695d5317a3720409c85d72e20ddbddd15"}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x128}, 0x1, 0x0, 0x0, 0x4000}, 0x81) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x34, r5, 0x431, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0xfe}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r3}, 0x4) (async)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) (async)
ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0)

15.905403104s ago: executing program 1 (id=4396):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000400000000000000000000850000002c000000850000002a00000095"], &(0x7f0000000400)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r2, r1, 0x25, 0x0, @val=@tcx={@void, @value=r2}}, 0x1c)
syz_emit_ethernet(0xfdef, &(0x7f0000000080)=ANY=[], 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)={0x20, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0x9}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040000}, 0x44000)

15.878044175s ago: executing program 1 (id=4397):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8202, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'ip6gre0\x00', 0x400}) (async)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'wlan0\x00', 0x400})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @empty=0x1000000}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0)

2.168775755s ago: executing program 32 (id=4385):
pipe(&(0x7f0000019480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000500)=[{&(0x7f0000000280)="dc52b3905f", 0x5}], 0x1, 0x3)
close(r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0000000072e5dd899d020fbd129841d523b63ab258ec2e364e2a60df37c044021696ffc771dcac6bc4cb4e75166f3a105be1c546d8407540fa78923b63a1edb6a0000000000200c73dc70cba8242c4635e0d833435e8fa3c2e7a03000000000000003fb23e8c150800013b92728595d062499096738fc4bb776dd664a1d80c67a2695a70c33c3b08582320fc90989c621c2a088ef1009701f1decd1ccfdc65be0250e77677a50e9abe270cb7de568db449f9796765748554ef34287b1758bb32f8a218219b0496f465232c816aa8997ab014bb1b5c9fe5f7b2cf1a", @ANYRES16=r6, @ANYBLOB="010023010000fcdbdf250200000008000100", @ANYRES32=r4, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=<r11=>0x0)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r10, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}]}, 0x1c}}, 0x0)
sendmsg$NFC_CMD_DISABLE_SE(r7, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x44, r6, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
write$nci(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="40010421f9252ea3"], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000300)=0x1, 0x4)
connect$inet(r2, &(0x7f00000006c0)={0x2, 0x0, @empty}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="12000000430001"], 0x1c}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000780)="92", 0x1}], 0x1}}], 0x1, 0x4008440)
splice(r0, 0x0, r1, 0x0, 0x5, 0x4)

1.123170716s ago: executing program 33 (id=4387):
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1800b72172cdafe4b48f510f0000e4f355a94dee1898e5b70df09578295ba3ad3d636d67382aeaa570fd6d5f09fc98b86df03fe1c886efbec907318b66713047ec85f29c7e9c3bb74927fe6eadd2fa11b81cc813067caff9221c2a2255efd8e8b823705c50aa651880d8b469db2a73352af745d21157f3c8ab36b0a78c87d4ca7559cc31efe7715ebe9cd3fea3e94ce8c9addb659bb4bd443fd638187c66da245aa0695379c3e4e29569d1bf722e15cb0b93c0fe385dbadf8b9fb3551729924a23dba1ed27fbff1f6bac29c0723c1f099fd7192c42e578bc", @ANYRES16=r0, @ANYBLOB="010000000000000000000b00000004000580"], 0x18}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r3, &(0x7f0000004100)={0x0, 0x0, &(0x7f00000040c0)={&(0x7f0000000900)={0x84, 0x1, 0x2, 0x301, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_EXPECT_MASTER={0x70, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x84}}, 0x41)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r7=>0x0})
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000001000), r9)
sendmsg$NFC_CMD_DISABLE_SE(r9, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01002ad27000f3dbdf25120500000800ee21", @ANYRES32=0x0, @ANYBLOB="0800150000000000"], 0x24}, 0x1, 0x0, 0x0, 0x4004104}, 0x20000010)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000340)=<r11=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000400)=<r12=>0x0)
r13 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r13, 0x0, &(0x7f00000000c0)=<r14=>0x0)
r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r17 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r16)
sendmsg$NFC_CMD_DEV_UP(r15, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r17, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000440)=<r18=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000480)=<r19=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000004c0)=<r20=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000500)=<r21=>0x0)
sendmsg$NFC_CMD_DEV_DOWN(r8, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x5c, r10, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r12}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r14}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r18}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r19}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r20}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r21}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000}, 0x40c0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r7, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c00018005000200000000000800040005000000080001"], 0x7c}}, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000640)={0x14, r6, 0x400, 0x9, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="58000000096b464900000000000000000000000000030001004e620940fffffff80500011c07160000340007800a001a007770616e3400000005001500bf000000080008400000004608000b40000000000c00184000100052c1c40cc26e09ca9911e88bd5311440b2cf362a9926438de1992e4fdfafb59fdf4f66684c774d1f158ecb17fb4cbf06b607337b5d334006975de3c9a6482f57be1f57a5b3eeb060cdb66ae13dca8d280904"], 0x58}}, 0x4)

1.090816264s ago: executing program 34 (id=4390):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="635ab9ff00608e56d699a05864dbf8ffff065a290611d07d"], 0x8)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x40, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xffff, 0xf}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0x10, 0x2, [@TCA_FLOWER_KEY_ETH_DST={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x80)

1.032903007s ago: executing program 35 (id=4394):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000100)={'filter\x00', 0x4}, 0x68)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f00000004c0)={0x969c, {{0xa, 0x4e21, 0x5, @loopback, 0x2}}, {{0xa, 0x4e21, 0x3, @private1, 0xa9e}}}, 0x108)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000000180), &(0x7f00000000c0)=0xffffffffffffff01)
r3 = socket$inet6(0xa, 0x2, 0x3a)
r4 = socket$inet(0x2, 0x6000000000000001, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x7, 0x7, 0x6361, 0x5, 0xf, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
mmap(&(0x7f0000001000/0x200000)=nil, 0x200000, 0x2000001, 0x2011, r4, 0x0)
sendto$inet6(r3, &(0x7f0000000080)="800009e92208a1ce", 0xfdef, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)

0s ago: executing program 36 (id=4397):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8202, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'ip6gre0\x00', 0x400}) (async)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'wlan0\x00', 0x400})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @empty=0x1000000}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0)

kernel console output (not intermixed with test programs):

  T51] Bluetooth: hci5: command tx timeout
[  261.098378][T14130] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2821'.
[  261.161878][T14130] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2821'.
[  261.287564][T13955] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.320868][T13955] 8021q: adding VLAN 0 to HW filter on device team0
[  261.371905][T10796] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.379158][T10796] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.442611][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.449826][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.805857][T14186] netlink: 'syz.1.2837': attribute type 10 has an invalid length.
[  262.115742][T14207] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  262.123142][T14207] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  262.152743][T13955] 8021q: adding VLAN 0 to HW filter on device batadv0
[  262.227573][ T5874] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  262.344177][T13955] veth0_vlan: entered promiscuous mode
[  262.344848][T14215] FAULT_INJECTION: forcing a failure.
[  262.344848][T14215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.372766][T13955] veth1_vlan: entered promiscuous mode
[  262.379387][T14215] CPU: 1 UID: 0 PID: 14215 Comm: syz.2.2849 Not tainted syzkaller #0 PREEMPT(full) 
[  262.379412][T14215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  262.379422][T14215] Call Trace:
[  262.379429][T14215]  <TASK>
[  262.379437][T14215]  dump_stack_lvl+0x189/0x250
[  262.379462][T14215]  ? __pfx____ratelimit+0x10/0x10
[  262.379485][T14215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.379505][T14215]  ? __pfx__printk+0x10/0x10
[  262.379540][T14215]  should_fail_ex+0x414/0x560
[  262.379571][T14215]  _copy_to_user+0x31/0xb0
[  262.379594][T14215]  simple_read_from_buffer+0xe1/0x170
[  262.379622][T14215]  proc_fail_nth_read+0x1b3/0x220
[  262.379645][T14215]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  262.379667][T14215]  ? rw_verify_area+0x2a6/0x4d0
[  262.379685][T14215]  ? __lock_acquire+0xab9/0xd20
[  262.379706][T14215]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  262.379727][T14215]  vfs_read+0x1fd/0xa30
[  262.379746][T14215]  ? fdget_pos+0x247/0x320
[  262.379766][T14215]  ? __pfx___mutex_lock+0x10/0x10
[  262.379783][T14215]  ? __pfx_vfs_read+0x10/0x10
[  262.379805][T14215]  ? __fget_files+0x2a/0x420
[  262.379832][T14215]  ? __fget_files+0x3a0/0x420
[  262.379853][T14215]  ? __fget_files+0x2a/0x420
[  262.379884][T14215]  ksys_read+0x145/0x250
[  262.379907][T14215]  ? __pfx_ksys_read+0x10/0x10
[  262.379925][T14215]  ? rcu_is_watching+0x15/0xb0
[  262.379948][T14215]  ? do_syscall_64+0xbe/0x3b0
[  262.379968][T14215]  do_syscall_64+0xfa/0x3b0
[  262.379983][T14215]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.380004][T14215]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.380021][T14215]  ? clear_bhb_loop+0x60/0xb0
[  262.380041][T14215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.380063][T14215] RIP: 0033:0x7f931698d5fc
[  262.380079][T14215] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  262.380094][T14215] RSP: 002b:00007f9317734030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  262.380113][T14215] RAX: ffffffffffffffda RBX: 00007f9316bc5fa0 RCX: 00007f931698d5fc
[  262.380126][T14215] RDX: 000000000000000f RSI: 00007f93177340a0 RDI: 0000000000000007
[  262.380137][T14215] RBP: 00007f9317734090 R08: 0000000000000000 R09: 0000000000000000
[  262.380148][T14215] R10: 000000000000003a R11: 0000000000000246 R12: 0000000000000001
[  262.380158][T14215] R13: 00007f9316bc6038 R14: 00007f9316bc5fa0 R15: 00007ffc2ac95188
[  262.380189][T14215]  </TASK>
[  262.671482][ T5874] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  262.843919][T14230] netlink: 'syz.2.2854': attribute type 10 has an invalid length.
[  262.854211][T13955] veth0_macvtap: entered promiscuous mode
[  262.920588][T14230] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  262.959256][T13955] veth1_macvtap: entered promiscuous mode
[  263.034845][T14233] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  263.067135][T14233] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.086892][   T51] Bluetooth: hci5: command tx timeout
[  263.131919][T13955] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.154295][T13955] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.234901][T14233] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  263.268093][T14233] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.326188][T14247] __nla_validate_parse: 7 callbacks suppressed
[  263.326205][T14247] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2863'.
[  263.342163][T14247] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2863'.
[  263.355014][T10796] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.375077][T10796] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.450614][T14233] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  263.465899][T14233] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.525423][T10796] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.564488][T10796] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.657402][T14233] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  263.668113][T14233] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.772668][T10796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  263.803551][T10796] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  263.934089][T10794] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 2816 - 0
[  263.976757][T10794] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.031476][T14270] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2870'.
[  264.058442][ T1007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.068690][T10794] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 2816 - 0
[  264.086543][ T1007] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.097363][T10794] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.144273][T10800] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 2816 - 0
[  264.174546][T10800] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.248324][ T1320] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 2816 - 0
[  264.261883][ T1320] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.942632][T14306] IPVS: set_ctl: invalid protocol: 33 224.0.0.2:20001
[  265.183088][   T51] Bluetooth: hci5: command tx timeout
[  265.240258][T14318] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2884'.
[  265.312468][ T5864] bridge0: port 2(syz_tun) entered disabled state
[  265.413379][ T5864] syz_tun (unregistering): left allmulticast mode
[  265.444131][ T5864] syz_tun (unregistering): left promiscuous mode
[  265.455379][ T5864] bridge0: port 2(syz_tun) entered disabled state
[  265.463357][ T5870] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  265.473322][ T5870] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  265.486383][ T5870] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  265.494805][ T5870] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  265.503962][ T5870] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  265.706016][T14325] hsr0 speed is unknown, defaulting to 1000
[  265.743905][T14325] lo speed is unknown, defaulting to 1000
[  265.755150][T14334] syz.3.2890 (14334) used obsolete PPPIOCDETACH ioctl
[  265.868363][T14344] netlink: 1624 bytes leftover after parsing attributes in process `syz.4.2894'.
[  265.877962][T14345] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2893'.
[  266.007063][T14350] netlink: 'syz.4.2897': attribute type 21 has an invalid length.
[  266.064445][T10794] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  266.135675][T14354] netlink: 'syz.2.2896': attribute type 1 has an invalid length.
[  266.197081][T14356] IPVS: wrr: FWM 3 0x00000003 - no destination available
[  266.217879][T14356] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2895'.
[  266.230518][T10334] IPVS: starting estimator thread 0...
[  266.343926][T14354] netlink: 'syz.2.2896': attribute type 10 has an invalid length.
[  266.357902][T14361] IPVS: using max 35 ests per chain, 84000 per kthread
[  266.382444][T14360] bond6: (slave vxcan1): The slave device specified does not support setting the MAC address
[  266.434676][T14360] bond6: (slave vxcan1): Error -95 calling set_mac_address
[  266.540212][T14371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2896'.
[  266.618099][T14371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2896'.
[  266.730368][T14364] gretap1: entered promiscuous mode
[  266.752496][T14364] bond6: (slave gretap1): making interface the new active one
[  266.762674][T14364] bond6: (slave gretap1): Enslaving as an active interface with an up link
[  266.788969][T14354] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  266.834734][T14379] macvlan2: entered promiscuous mode
[  266.840955][T14379] macvlan2: entered allmulticast mode
[  266.938718][T14325] chnl_net:caif_netlink_parms(): no params data found
[  266.997043][T14387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2906'.
[  267.239033][T14402] veth0_to_bond: entered allmulticast mode
[  267.261714][T14402] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.301764][T14325] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.310671][T14325] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.321729][T14325] bridge_slave_0: entered allmulticast mode
[  267.330931][T14325] bridge_slave_0: entered promiscuous mode
[  267.339419][T14402] tipc: Invalid UDP bearer configuration
[  267.339464][T14402] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  267.369722][T14408] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.382521][T14325] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.389951][T14325] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.403236][T14325] bridge_slave_1: entered allmulticast mode
[  267.412149][T14325] bridge_slave_1: entered promiscuous mode
[  267.442640][T14414] netlink: 'syz.3.2914': attribute type 1 has an invalid length.
[  267.474452][T14325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.488848][T14325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.537392][T14325] team0: Port device team_slave_0 added
[  267.554908][T14325] team0: Port device team_slave_1 added
[  267.577773][ T5870] Bluetooth: hci1: command tx timeout
[  267.621483][T14325] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.636964][T14325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.665217][T14325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.678843][T14325] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.687789][T14325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.714463][T14325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.825124][T14325] hsr_slave_0: entered promiscuous mode
[  267.837604][T14325] hsr_slave_1: entered promiscuous mode
[  267.853511][T14325] debugfs: 'hsr0' already exists in 'hsr'
[  267.860575][T14325] Cannot create hsr debugfs directory
[  268.219133][T14325] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  268.243601][T14325] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.383179][T14325] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  268.436479][T14325] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.469222][T14446] __nla_validate_parse: 7 callbacks suppressed
[  268.469536][T14446] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2926'.
[  268.497400][T14447] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2928'.
[  268.509325][T14449] netlink: 'syz.0.2928': attribute type 1 has an invalid length.
[  268.540443][T14449] netlink: 'syz.0.2928': attribute type 1 has an invalid length.
[  268.554957][T14325] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  268.600057][T14325] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.704393][T14457] netlink: 'syz.0.2932': attribute type 10 has an invalid length.
[  268.751810][T14461] netlink: 'syz.3.2931': attribute type 33 has an invalid length.
[  268.769845][T14325] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  268.798625][T14461] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2931'.
[  268.806327][T14325] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.151176][T14485] IPVS: wrr: FWM 3 0x00000003 - no destination available
[  269.158888][   T10] IPVS: starting estimator thread 0...
[  269.230644][T14325] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  269.256785][T14486] IPVS: using max 37 ests per chain, 88800 per kthread
[  269.272357][T14325] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  269.274369][T14494] netlink: 'syz.2.2942': attribute type 1 has an invalid length.
[  269.292197][T14325] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  269.311580][T14325] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  269.323493][T14494] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2942'.
[  269.354914][T14497] netlink: 'syz.2.2942': attribute type 1 has an invalid length.
[  269.376867][T14497] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2942'.
[  269.388245][T14496] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2940'.
[  269.561719][T14325] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.617484][T14325] 8021q: adding VLAN 0 to HW filter on device team0
[  269.642553][T14509] ip6gre1: entered allmulticast mode
[  269.646694][ T5870] Bluetooth: hci1: command tx timeout
[  269.663129][T10794] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.670354][T10794] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.696141][T14512] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2944'.
[  269.709451][T10794] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.716722][T10794] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.385704][T14544] pim6reg527: entered allmulticast mode
[  270.473842][T14325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.660671][T14559] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2958'.
[  270.665568][T14325] veth0_vlan: entered promiscuous mode
[  270.727923][T14325] veth1_vlan: entered promiscuous mode
[  270.870523][T14325] veth0_macvtap: entered promiscuous mode
[  270.919632][T14325] veth1_macvtap: entered promiscuous mode
[  270.971808][T14325] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.062443][T14325] batman_adv: batadv0: Interface activated: batadv_slave_1
[  271.128555][T10796] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.150478][T10796] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.212923][T10796] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.240059][T10796] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  271.471164][T10802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.498920][T10802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.522838][T10796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.545180][T10796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.726754][ T5870] Bluetooth: hci1: command tx timeout
[  272.515475][T14646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2988'.
[  272.701146][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  272.711476][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  272.726128][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  272.739518][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  272.764593][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  272.822108][T14656] hsr0 speed is unknown, defaulting to 1000
[  272.831042][T14656] lo speed is unknown, defaulting to 1000
[  273.186788][T14685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3001'.
[  273.309884][T14692] rdma_op ffff88807833b1f0 conn xmit_rdma 0000000000000000
[  273.413082][T14656] chnl_net:caif_netlink_parms(): no params data found
[  273.548263][T14701] __nla_validate_parse: 1 callbacks suppressed
[  273.548281][T14701] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3007'.
[  273.563878][T14701] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3007'.
[  273.654900][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 60 seconds
[  273.666410][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 60 seconds
[  273.678169][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 60 seconds
[  273.690184][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 60 seconds
[  273.769501][T14715] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3012'.
[  273.807069][ T5870] Bluetooth: hci1: command tx timeout
[  273.812785][T14656] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.821196][T14656] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.832339][T14656] bridge_slave_0: entered allmulticast mode
[  273.840450][T14656] bridge_slave_0: entered promiscuous mode
[  273.849165][T10794] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  273.867448][T10794] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  273.883966][T14656] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.898897][T14656] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.918574][T14656] bridge_slave_1: entered allmulticast mode
[  273.930289][T14656] bridge_slave_1: entered promiscuous mode
[  273.964135][T14721] netlink: 5340 bytes leftover after parsing attributes in process `syz.1.3013'.
[  273.965118][T14723] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3014'.
[  273.974888][T10794] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  273.991522][T14721] openvswitch: netlink: Flow key attr not present in new flow.
[  274.066925][T14656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.089641][T14656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.231684][T14731] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3019'.
[  274.260689][T14656] team0: Port device team_slave_0 added
[  274.280549][T14656] team0: Port device team_slave_1 added
[  274.420474][T14742] netlink: 'syz.3.3022': attribute type 1 has an invalid length.
[  274.437267][T14742] netlink: 184 bytes leftover after parsing attributes in process `syz.3.3022'.
[  274.492144][T14656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  274.515645][T14656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.547466][T14743] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3023'.
[  274.576540][T14656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  274.647212][T14757] netlink: 'syz.4.3027': attribute type 29 has an invalid length.
[  274.727279][T14656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  274.756477][T14656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.794872][T14656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  274.847133][ T5870] Bluetooth: hci2: command tx timeout
[  275.036690][T14656] hsr_slave_0: entered promiscuous mode
[  275.064627][T14656] hsr_slave_1: entered promiscuous mode
[  275.097367][T14656] debugfs: 'hsr0' already exists in 'hsr'
[  275.111210][T14656] Cannot create hsr debugfs directory
[  275.253055][T14783] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3030'.
[  275.445718][T14785] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3032'.
[  275.522261][T14787] netlink: 'syz.3.3033': attribute type 29 has an invalid length.
[  275.595144][T14789] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  276.927354][ T5870] Bluetooth: hci2: command tx timeout
[  277.397374][T14808] sctp: [Deprecated]: syz.1.3041 (pid 14808) Use of int in max_burst socket option.
[  277.397374][T14808] Use struct sctp_assoc_value instead
[  277.481021][T14817] netlink: 'syz.0.3042': attribute type 11 has an invalid length.
[  277.510092][T14817] netlink: 'syz.0.3042': attribute type 11 has an invalid length.
[  277.702021][T14656] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0
[  277.829891][T14656] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0
[  277.947522][T14656] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0
[  277.993004][T14840] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  278.173748][T14656] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 19999 - 0
[  278.501274][T14867] netlink: 'syz.0.3056': attribute type 6 has an invalid length.
[  278.516844][T14867] netlink: 'syz.0.3056': attribute type 1 has an invalid length.
[  278.609671][T14656] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  278.670168][T14656] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  278.747876][T14656] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  278.879781][T14656] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  279.008133][ T5870] Bluetooth: hci2: command tx timeout
[  279.231617][T14905] __nla_validate_parse: 4 callbacks suppressed
[  279.231636][T14905] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3065'.
[  279.271480][T14905] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3065'.
[  279.308039][T14905] netlink: 84 bytes leftover after parsing attributes in process `syz.3.3065'.
[  279.376742][T14917] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3065'.
[  279.417868][T14917] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3065'.
[  279.442592][T14917] netlink: 84 bytes leftover after parsing attributes in process `syz.3.3065'.
[  279.570170][T14656] 8021q: adding VLAN 0 to HW filter on device bond0
[  279.644342][T14656] 8021q: adding VLAN 0 to HW filter on device team0
[  279.655462][T14932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3072'.
[  279.678853][T14931] ip6erspan0: entered promiscuous mode
[  279.684541][T14931] ip6erspan0: entered allmulticast mode
[  279.733616][T10794] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.740843][T10794] bridge0: port 1(bridge_slave_0) entered forwarding state
[  279.803473][T10794] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.810708][T10794] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.542689][T14979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3078'.
[  280.588926][T14980] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3080'.
[  280.610091][T14979] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.625089][T14979] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.635582][T14983] netlink: 'syz.0.3081': attribute type 32 has an invalid length.
[  280.662074][T14979] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.679729][T14979] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.747754][T14986] xt_time: unknown flags 0xf4
[  280.788644][T14656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  280.900724][T14656] veth0_vlan: entered promiscuous mode
[  280.920348][T14991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3083'.
[  280.943751][T14656] veth1_vlan: entered promiscuous mode
[  281.052631][T14995] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  281.086499][ T5870] Bluetooth: hci2: command tx timeout
[  281.124962][T14656] veth0_macvtap: entered promiscuous mode
[  281.181207][T14656] veth1_macvtap: entered promiscuous mode
[  281.259814][T14656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  281.319790][T14656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  281.379647][T10800] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  281.408623][T10800] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  281.438294][T10800] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  281.463515][T10800] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  281.857669][ T1007] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  281.902623][ T1007] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.024321][T15046] netlink: 'syz.4.3093': attribute type 1 has an invalid length.
[  282.042347][ T1335] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.091881][ T1335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.140774][T15046] 8021q: adding VLAN 0 to HW filter on device bond3
[  282.299344][T15046] veth5: entered promiscuous mode
[  282.440930][T15067] netlink: 'syz.1.3098': attribute type 8 has an invalid length.
[  283.060073][T15089] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[  283.119593][T15091] netlink: 'syz.2.3108': attribute type 1 has an invalid length.
[  283.335993][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  283.355646][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  283.370561][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  283.382079][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  283.390771][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  283.511821][T15101] hsr0 speed is unknown, defaulting to 1000
[  283.528108][T15101] lo speed is unknown, defaulting to 1000
[  283.624435][T15106] netlink: 'syz.3.3111': attribute type 1 has an invalid length.
[  283.656600][T15106] netlink: 'syz.3.3111': attribute type 2 has an invalid length.
[  283.718591][T15112] veth5: entered allmulticast mode
[  284.004302][T15123] hsr0 speed is unknown, defaulting to 1000
[  284.028275][T15123] lo speed is unknown, defaulting to 1000
[  284.121999][T15101] chnl_net:caif_netlink_parms(): no params data found
[  284.287916][T15136] Bluetooth: MGMT ver 1.23
[  284.923837][T15101] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.952136][T15101] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.972459][T15101] bridge_slave_0: entered allmulticast mode
[  284.984146][T15101] bridge_slave_0: entered promiscuous mode
[  285.011633][T15101] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.037279][T15101] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.054862][T15101] bridge_slave_1: entered allmulticast mode
[  285.087887][T15101] bridge_slave_1: entered promiscuous mode
[  285.293381][T15101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  285.384756][T15185] openvswitch: netlink: Flow actions attr not present in new flow.
[  285.434611][T15178] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.488977][ T5870] Bluetooth: hci0: command tx timeout
[  285.635799][T15101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.767063][T15178] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.881828][T15178] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.907950][T15101] team0: Port device team_slave_0 added
[  285.925561][T15101] team0: Port device team_slave_1 added
[  285.937603][T15209] __nla_validate_parse: 17 callbacks suppressed
[  285.937624][T15209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3143'.
[  285.982995][T15178] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.064483][T15101] batman_adv: batadv0: Adding interface: batadv_slave_0
[  286.073816][T15101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.100214][T15101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  286.143606][T15101] batman_adv: batadv0: Adding interface: batadv_slave_1
[  286.161655][T15101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.209944][T15101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.340274][T10796] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  286.391293][T15224] netlink: 'syz.2.3148': attribute type 1 has an invalid length.
[  286.416011][   T59] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  286.442200][T15101] hsr_slave_0: entered promiscuous mode
[  286.473249][T15101] hsr_slave_1: entered promiscuous mode
[  286.481005][T15101] debugfs: 'hsr0' already exists in 'hsr'
[  286.497979][T15101] Cannot create hsr debugfs directory
[  286.558394][T10796] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  286.710399][T10802] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  287.082705][T15262] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3159'.
[  287.105636][T15262] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3159'.
[  287.116173][T15264] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3156'.
[  287.122587][T15101] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.176746][T15259] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3156'.
[  287.197429][T15259] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3156'.
[  287.226167][T15101] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.284496][T15101] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.335112][T15101] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.566803][ T5870] Bluetooth: hci0: command tx timeout
[  287.748234][T15101] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  287.788457][T15101] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  287.811742][T15101] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  287.853436][T15101] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  287.963718][T15276] netlink: 'syz.0.3162': attribute type 7 has an invalid length.
[  288.170761][T15293] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3167'.
[  288.337577][T15306] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3170'.
[  288.358186][T15307] netlink: 'syz.3.3165': attribute type 58 has an invalid length.
[  288.366037][T15307] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3165'.
[  288.404950][T15308] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3170'.
[  288.438245][T15298] vlan2: entered promiscuous mode
[  288.443322][T15298] bridge0: entered promiscuous mode
[  288.623891][T15101] 8021q: adding VLAN 0 to HW filter on device bond0
[  288.723244][T15101] 8021q: adding VLAN 0 to HW filter on device team0
[  288.782239][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.789474][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  288.856746][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.863950][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.203063][T15341] netlink: zone id is out of range
[  289.248030][T15341] netlink: zone id is out of range
[  289.263631][T15341] netlink: zone id is out of range
[  289.276376][T15341] netlink: zone id is out of range
[  289.286563][T15341] netlink: zone id is out of range
[  289.291705][T15341] netlink: zone id is out of range
[  289.306513][T15341] netlink: get zone limit has 8 unknown bytes
[  289.522521][T15101] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.652833][ T5870] Bluetooth: hci0: command tx timeout
[  289.677860][T15370] dummy0: entered promiscuous mode
[  289.684518][T15370] batadv_slave_1: entered promiscuous mode
[  289.852961][T15379] nbd: must specify a device to reconfigure
[  290.296398][T15401] netlink: 'syz.0.3200': attribute type 1 has an invalid length.
[  290.296519][T15400] netlink: 'syz.0.3200': attribute type 1 has an invalid length.
[  290.398646][T15401] bond4: entered promiscuous mode
[  290.404214][T15401] 8021q: adding VLAN 0 to HW filter on device bond4
[  290.476098][T15101] veth0_vlan: entered promiscuous mode
[  290.538036][T15401] 8021q: adding VLAN 0 to HW filter on device bond4
[  290.545709][T15401] bond4: (slave wireguard0): The slave device specified does not support setting the MAC address
[  290.597283][T15401] bond4: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  290.623900][T15401] bond4: (slave wireguard0): making interface the new active one
[  290.635763][T15401] wireguard0: entered promiscuous mode
[  290.645184][T15401] bond4: (slave wireguard0): Enslaving as an active interface with an up link
[  290.701198][T15406] bond4: (slave wireguard1): The slave device specified does not support setting the MAC address
[  290.721116][T15406] bond4: (slave wireguard1): Enslaving as a backup interface with an up link
[  290.784868][T15101] veth1_vlan: entered promiscuous mode
[  290.964586][T15101] veth0_macvtap: entered promiscuous mode
[  291.000735][T15101] veth1_macvtap: entered promiscuous mode
[  291.036757][T15441] __nla_validate_parse: 5 callbacks suppressed
[  291.036775][T15441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3213'.
[  291.072206][T15101] batman_adv: batadv0: Interface activated: batadv_slave_0
[  291.111904][T15441] vlan2: entered promiscuous mode
[  291.121550][T15441] gretap0: entered promiscuous mode
[  291.150491][T15445] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3216'.
[  291.200515][T15101] batman_adv: batadv0: Interface activated: batadv_slave_1
[  291.252246][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  291.262762][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  291.282235][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  291.337230][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  291.482456][T10802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.504992][T10802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.531254][T15457] syzkaller1: entered promiscuous mode
[  291.538049][T15457] syzkaller1: entered allmulticast mode
[  291.608212][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.628420][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.726372][ T5870] Bluetooth: hci0: command tx timeout
[  291.965948][T15474] netlink: 300 bytes leftover after parsing attributes in process `syz.1.3229'.
[  292.150284][T15485] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3233'.
[  292.575190][T15509] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[  292.636670][T15511] FAULT_INJECTION: forcing a failure.
[  292.636670][T15511] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.683604][T15511] CPU: 1 UID: 0 PID: 15511 Comm: syz.2.3242 Not tainted syzkaller #0 PREEMPT(full) 
[  292.683630][T15511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  292.683641][T15511] Call Trace:
[  292.683649][T15511]  <TASK>
[  292.683658][T15511]  dump_stack_lvl+0x189/0x250
[  292.683680][T15511]  ? __pfx____ratelimit+0x10/0x10
[  292.683711][T15511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.683730][T15511]  ? __pfx__printk+0x10/0x10
[  292.683752][T15511]  ? __might_fault+0xb0/0x130
[  292.683784][T15511]  should_fail_ex+0x414/0x560
[  292.683811][T15511]  _copy_from_user+0x2d/0xb0
[  292.683831][T15511]  ___sys_sendmsg+0x158/0x2a0
[  292.683853][T15511]  ? __pfx____sys_sendmsg+0x10/0x10
[  292.683908][T15511]  ? __fget_files+0x2a/0x420
[  292.683930][T15511]  ? __fget_files+0x3a0/0x420
[  292.683962][T15511]  __sys_sendmmsg+0x227/0x430
[  292.683986][T15511]  ? __pfx___sys_sendmmsg+0x10/0x10
[  292.684002][T15511]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  292.684052][T15511]  ? ksys_write+0x22a/0x250
[  292.684075][T15511]  ? __pfx_ksys_write+0x10/0x10
[  292.684092][T15511]  ? rcu_is_watching+0x15/0xb0
[  292.684117][T15511]  __x64_sys_sendmmsg+0xa0/0xc0
[  292.684137][T15511]  do_syscall_64+0xfa/0x3b0
[  292.684152][T15511]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.684173][T15511]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.684190][T15511]  ? clear_bhb_loop+0x60/0xb0
[  292.684210][T15511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.684226][T15511] RIP: 0033:0x7f34a918ebe9
[  292.684243][T15511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.684258][T15511] RSP: 002b:00007f34a73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  292.684277][T15511] RAX: ffffffffffffffda RBX: 00007f34a93c5fa0 RCX: 00007f34a918ebe9
[  292.684290][T15511] RDX: 0000000000000003 RSI: 0000200000003980 RDI: 0000000000000003
[  292.684300][T15511] RBP: 00007f34a73f6090 R08: 0000000000000000 R09: 0000000000000000
[  292.684310][T15511] R10: 0000000000044000 R11: 0000000000000246 R12: 0000000000000001
[  292.684321][T15511] R13: 00007f34a93c6038 R14: 00007f34a93c5fa0 R15: 00007ffeb3c6fdf8
[  292.684350][T15511]  </TASK>
[  293.015087][T15525] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3245'.
[  293.034582][T15525] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3245'.
[  293.054438][T15525] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3245'.
[  293.063685][T15525] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3245'.
[  293.170579][T15533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3250'.
[  293.171073][T15536] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[  293.196832][T15533] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (64)
[  293.282491][T15538] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3251'.
[  293.358092][T15546] netlink: 'syz.4.3254': attribute type 10 has an invalid length.
[  293.419124][T15546] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.463034][T15546] bridge_slave_1: left allmulticast mode
[  293.494889][T15546] bridge_slave_1: left promiscuous mode
[  293.519393][T15546] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.574643][T15546] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  293.643467][T15558] team_slave_0: mtu less than device minimum
[  294.308920][T15596] IPVS: Error connecting to the multicast addr
[  294.570857][T15608] FAULT_INJECTION: forcing a failure.
[  294.570857][T15608] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.603048][T15608] CPU: 1 UID: 0 PID: 15608 Comm: syz.2.3273 Not tainted syzkaller #0 PREEMPT(full) 
[  294.603071][T15608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.603081][T15608] Call Trace:
[  294.603088][T15608]  <TASK>
[  294.603096][T15608]  dump_stack_lvl+0x189/0x250
[  294.603119][T15608]  ? __pfx____ratelimit+0x10/0x10
[  294.603141][T15608]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.603158][T15608]  ? __pfx__printk+0x10/0x10
[  294.603188][T15608]  should_fail_ex+0x414/0x560
[  294.603214][T15608]  _copy_to_user+0x31/0xb0
[  294.603236][T15608]  simple_read_from_buffer+0xe1/0x170
[  294.603264][T15608]  proc_fail_nth_read+0x1b3/0x220
[  294.603287][T15608]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  294.603313][T15608]  ? rw_verify_area+0x2a6/0x4d0
[  294.603332][T15608]  ? __lock_acquire+0xab9/0xd20
[  294.603351][T15608]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  294.603371][T15608]  vfs_read+0x1fd/0xa30
[  294.603390][T15608]  ? fdget_pos+0x247/0x320
[  294.603410][T15608]  ? __pfx___mutex_lock+0x10/0x10
[  294.603427][T15608]  ? __pfx_vfs_read+0x10/0x10
[  294.603449][T15608]  ? __fget_files+0x2a/0x420
[  294.603476][T15608]  ? __fget_files+0x3a0/0x420
[  294.603504][T15608]  ? __fget_files+0x2a/0x420
[  294.603536][T15608]  ksys_read+0x145/0x250
[  294.603559][T15608]  ? __pfx_ksys_read+0x10/0x10
[  294.603577][T15608]  ? rcu_is_watching+0x15/0xb0
[  294.603600][T15608]  ? do_syscall_64+0xbe/0x3b0
[  294.603619][T15608]  do_syscall_64+0xfa/0x3b0
[  294.603633][T15608]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.603653][T15608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.603670][T15608]  ? clear_bhb_loop+0x60/0xb0
[  294.603692][T15608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.603708][T15608] RIP: 0033:0x7f34a918d5fc
[  294.603725][T15608] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  294.603739][T15608] RSP: 002b:00007f34a73f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  294.603758][T15608] RAX: ffffffffffffffda RBX: 00007f34a93c5fa0 RCX: 00007f34a918d5fc
[  294.603771][T15608] RDX: 000000000000000f RSI: 00007f34a73f60a0 RDI: 0000000000000003
[  294.603782][T15608] RBP: 00007f34a73f6090 R08: 0000000000000000 R09: 0000000000000000
[  294.603793][T15608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  294.603803][T15608] R13: 00007f34a93c6038 R14: 00007f34a93c5fa0 R15: 00007ffeb3c6fdf8
[  294.603835][T15608]  </TASK>
[  295.329851][T15639] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  296.393246][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  296.409609][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  296.418384][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  296.433404][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  296.441412][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  296.591456][T15667] hsr0 speed is unknown, defaulting to 1000
[  296.648098][T15667] lo speed is unknown, defaulting to 1000
[  296.833699][T15667] chnl_net:caif_netlink_parms(): no params data found
[  296.927626][T15667] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.934848][T15667] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.942217][T15667] bridge_slave_0: entered allmulticast mode
[  296.950332][T15667] bridge_slave_0: entered promiscuous mode
[  296.959738][T15667] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.969460][T15667] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.977103][T15667] bridge_slave_1: entered allmulticast mode
[  296.985570][T15667] bridge_slave_1: entered promiscuous mode
[  297.030457][T15667] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.044104][T15667] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.089809][T15667] team0: Port device team_slave_0 added
[  297.100723][T15667] team0: Port device team_slave_1 added
[  297.139719][T15667] batman_adv: batadv0: Adding interface: batadv_slave_0
[  297.146844][T15667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  297.173798][T15667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  297.191703][T15667] batman_adv: batadv0: Adding interface: batadv_slave_1
[  297.199920][T15667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  297.226093][T15667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  297.287324][T15667] hsr_slave_0: entered promiscuous mode
[  297.294160][T15667] hsr_slave_1: entered promiscuous mode
[  297.302427][T15667] debugfs: 'hsr0' already exists in 'hsr'
[  297.310193][T15667] Cannot create hsr debugfs directory
[  297.468292][T15667] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.529119][T15667] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.613256][T15667] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.672744][T15667] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.829208][T15667] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  297.840765][T15667] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  297.850440][T15667] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  297.864520][T15667] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  297.971268][T15667] 8021q: adding VLAN 0 to HW filter on device bond0
[  297.994695][T15667] 8021q: adding VLAN 0 to HW filter on device team0
[  298.015993][ T1335] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.023182][ T1335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.039484][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.046682][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.288531][T15667] 8021q: adding VLAN 0 to HW filter on device batadv0
[  298.351279][T15667] veth0_vlan: entered promiscuous mode
[  298.362003][T15667] veth1_vlan: entered promiscuous mode
[  298.400438][T15667] veth0_macvtap: entered promiscuous mode
[  298.411403][T15667] veth1_macvtap: entered promiscuous mode
[  298.429002][T15667] batman_adv: batadv0: Interface activated: batadv_slave_0
[  298.446560][T15667] batman_adv: batadv0: Interface activated: batadv_slave_1
[  298.463355][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.472791][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.491645][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.501301][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.527403][   T51] Bluetooth: hci3: command tx timeout
[  298.577834][T10796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.585682][T10796] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.622424][T10796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.633651][T10796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  300.612039][   T51] Bluetooth: hci3: command tx timeout
[  302.686490][   T51] Bluetooth: hci3: command tx timeout
[  303.746341][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 90 seconds
[  303.757796][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 90 seconds
[  303.769113][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 90 seconds
[  303.780253][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 90 seconds
[  304.766730][   T51] Bluetooth: hci3: command tx timeout
[  317.810977][T15702] __nla_validate_parse: 5 callbacks suppressed
[  317.810998][T15702] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.3297'.
[  317.870484][T15705] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3297'.
[  317.912105][T15707] netlink: 'syz.3.3301': attribute type 1 has an invalid length.
[  317.921641][T15709] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  317.932607][T15707] netlink: 'syz.3.3301': attribute type 2 has an invalid length.
[  317.950550][T15709] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  318.099531][T15715] dvmrp1: entered allmulticast mode
[  318.121799][T15715] raw_sendmsg: syz.2.3305 forgot to set AF_INET. Fix it!
[  318.199193][T15721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3308'.
[  318.219017][T15721] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3308'.
[  318.236661][T15721] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3308'.
[  318.459278][T15730] tipc: Started in network mode
[  318.464249][T15730] tipc: Node identity c23ced5b6e17, cluster identity 4711
[  318.472982][T15730] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  318.483291][T15731] syzkaller0: entered promiscuous mode
[  318.506566][T15731] syzkaller0: entered allmulticast mode
[  318.656576][T15730] tipc: Resetting bearer <eth:syzkaller0>
[  318.731014][T15730] tipc: Disabling bearer <eth:syzkaller0>
[  318.745042][T15746] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3317'.
[  318.765346][T15746] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3317'.
[  318.979585][T15757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3324'.
[  319.026434][T15757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3324'.
[  319.250639][T15768] netlink: 'syz.3.3326': attribute type 1 has an invalid length.
[  319.303667][T15768] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3326'.
[  319.341563][T15774] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  319.756005][T15783] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  319.912827][T15792] netlink: 'syz.2.3329': attribute type 12 has an invalid length.
[  320.902820][T15851] netlink: 'syz.4.3355': attribute type 6 has an invalid length.
[  321.169794][T15864] netlink: zone id is out of range
[  321.184285][T15864] netlink: zone id is out of range
[  321.197406][T15864] netlink: zone id is out of range
[  321.211033][T15864] netlink: zone id is out of range
[  321.224672][T15870] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  321.244652][T15864] netlink: zone id is out of range
[  321.270435][T15864] netlink: zone id is out of range
[  321.284891][T15870] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  321.342600][T15874] tipc: Started in network mode
[  321.348093][T15874] tipc: Node identity eabc1c6fd567, cluster identity 4711
[  321.355511][T15874] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  321.383736][T15874] syzkaller0: entered promiscuous mode
[  321.406477][T15874] syzkaller0: entered allmulticast mode
[  321.457610][T15874] tipc: Resetting bearer <eth:syzkaller0>
[  321.602874][T15873] tipc: Resetting bearer <eth:syzkaller0>
[  321.651743][T15873] tipc: Disabling bearer <eth:syzkaller0>
[  322.145272][T15927] netlink: 'syz.0.3374': attribute type 1 has an invalid length.
[  322.542238][T15953] tipc: Started in network mode
[  322.556480][T15953] tipc: Node identity 52a400ec6c0d, cluster identity 4711
[  322.576735][T15953] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  322.584486][T15953] syzkaller0: entered promiscuous mode
[  322.606447][T15953] syzkaller0: entered allmulticast mode
[  322.640921][T15953] tipc: Resetting bearer <eth:syzkaller0>
[  322.650146][T15949] tipc: Resetting bearer <eth:syzkaller0>
[  322.709410][T15949] tipc: Disabling bearer <eth:syzkaller0>
[  322.824618][ T1335] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  322.834114][T15959] netlink: 'syz.4.3385': attribute type 1 has an invalid length.
[  322.842450][T15963] __nla_validate_parse: 20 callbacks suppressed
[  322.842467][T15963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3387'.
[  322.862734][ T1335] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  322.878184][T15964] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3386'.
[  322.894662][T15968] netlink: 'syz.0.3388': attribute type 7 has an invalid length.
[  322.910156][ T1335] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  322.923563][ T1335] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  323.361421][T15983] netlink: 'syz.3.3390': attribute type 10 has an invalid length.
[  323.380535][T15983] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.388234][T15983] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.427776][T15983] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.434972][T15983] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.442598][T15983] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.449824][T15983] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.483552][T15983] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  323.553337][T15989] pim6reg527: entered allmulticast mode
[  323.672218][T15995] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3394'.
[  323.759714][T16000] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3394'.
[  323.996693][T16008] nbd3: detected capacity change from 0 to 127
[  324.004590][   T51] block nbd3: Receive control failed (result -32)
[  324.174149][T16021] Bluetooth: MGMT ver 1.23
[  324.292359][T16028] netlink: 'syz.4.3407': attribute type 10 has an invalid length.
[  324.300554][T16028] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3407'.
[  324.325430][T16028] dummy0: entered promiscuous mode
[  324.333153][T16028] bridge0: port 2(dummy0) entered blocking state
[  324.341824][T16028] bridge0: port 2(dummy0) entered disabled state
[  324.350465][T16028] dummy0: entered allmulticast mode
[  324.359186][T16028] bridge0: port 2(dummy0) entered blocking state
[  324.365689][T16028] bridge0: port 2(dummy0) entered forwarding state
[  324.399083][T16034] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3408'.
[  324.479969][T16038] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3410'.
[  324.768429][T16051] netlink: 'syz.4.3416': attribute type 3 has an invalid length.
[  324.782895][T16051] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3416'.
[  324.794234][T16049] netlink: 'syz.0.3415': attribute type 1 has an invalid length.
[  324.824602][T16049] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3415'.
[  325.752198][T16103] netlink: 'syz.1.3430': attribute type 3 has an invalid length.
[  325.784250][T16103] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3430'.
[  326.199258][T16125] netlink: 'syz.1.3439': attribute type 10 has an invalid length.
[  326.246244][T16125] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.273509][T16125] bridge_slave_1: left allmulticast mode
[  326.296425][T16125] bridge_slave_1: left promiscuous mode
[  326.314775][T16125] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.345173][T16125] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  326.653332][T16142] tap0: tun_chr_ioctl cmd 1074025677
[  326.675703][T16142] tap0: linktype set to 65534
[  326.824907][T16149] netlink: 'syz.2.3448': attribute type 29 has an invalid length.
[  326.863160][T16149] netlink: 'syz.2.3448': attribute type 29 has an invalid length.
[  326.924233][T16153] netlink: 'syz.0.3449': attribute type 4 has an invalid length.
[  327.589593][T16190] veth1_macvtap: left promiscuous mode
[  327.597335][T16190] macsec0: entered promiscuous mode
[  327.602840][T16190] macsec0: entered allmulticast mode
[  327.677965][T16194] veth1_macvtap: entered promiscuous mode
[  327.683747][T16194] veth1_macvtap: entered allmulticast mode
[  327.709361][T16194] macsec0: left promiscuous mode
[  327.715503][T16194] macsec0: left allmulticast mode
[  327.724795][T16194] veth1_macvtap: left allmulticast mode
[  328.011571][T16209] __nla_validate_parse: 10 callbacks suppressed
[  328.011591][T16209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3467'.
[  328.360140][T16219] netlink: 'syz.0.3470': attribute type 10 has an invalid length.
[  328.402852][T16219] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.416110][T16219] bridge_slave_1: left allmulticast mode
[  328.423589][T16219] bridge_slave_1: left promiscuous mode
[  328.430509][T16219] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.455891][T16219] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  329.162470][T16255] netlink: 'syz.1.3479': attribute type 8 has an invalid length.
[  329.209443][T16258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3480'.
[  329.263825][T16259] bridge: RTM_NEWNEIGH with unconfigured vlan 3 on bridge_slave_0
[  329.313547][T16259] pimreg3: entered allmulticast mode
[  329.323659][T16262] netlink: 'syz.0.3481': attribute type 1 has an invalid length.
[  329.348818][T16262] netlink: 236 bytes leftover after parsing attributes in process `syz.0.3481'.
[  329.448764][T16266] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3481'.
[  329.459983][T16265] netlink: 'syz.4.3482': attribute type 10 has an invalid length.
[  329.602486][T16274] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3486'.
[  329.614311][T16274] net_ratelimit: 4 callbacks suppressed
[  329.614327][T16274] openvswitch: netlink: IPv4 tunnel dst address is zero
[  329.748630][T16279] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3488'.
[  330.060933][T16304] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3491'.
[  330.151379][T16311] netlink: 'syz.4.3493': attribute type 8 has an invalid length.
[  330.960065][    T9] hid (null): unknown global tag 0xe
[  330.984511][    T9] hid (null): nested delimiters
[  331.110404][T16354] netlink: 'syz.0.3507': attribute type 1 has an invalid length.
[  331.146414][T16354] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3507'.
[  331.191576][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3507'.
[  331.539787][T16376] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3516'.
[  331.909109][T16391] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  332.623154][   T10] IPVS: starting estimator thread 0...
[  332.747498][T16429] IPVS: using max 36 ests per chain, 86400 per kthread
[  332.784368][T16436] tipc: New replicast peer: 255.255.255.255
[  332.821703][T16436] tipc: Enabled bearer <udp:syz2>, priority 10
[  333.115064][T16455] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  333.145875][    T9] hid-generic 0005:0D45:1012.0001: unknown global tag 0xe
[  333.175166][    T9] hid-generic 0005:0D45:1012.0001: item 0 2 1 14 parsing failed
[  333.188183][    T9] hid-generic 0005:0D45:1012.0001: probe with driver hid-generic failed with error -22
[  333.210668][T16454] __nla_validate_parse: 4 callbacks suppressed
[  333.210685][T16454] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3539'.
[  333.350681][T16463] netlink: 'syz.3.3544': attribute type 10 has an invalid length.
[  333.404125][T16467] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3546'.
[  333.414635][T16467] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3546'.
[  333.547225][T16469] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  333.574936][T16469] syzkaller0: entered promiscuous mode
[  333.584543][T16469] syzkaller0: entered allmulticast mode
[  333.626930][T16469] tipc: Resetting bearer <eth:syzkaller0>
[  333.668423][T16468] tipc: Resetting bearer <eth:syzkaller0>
[  333.784294][T16468] tipc: Disabling bearer <eth:syzkaller0>
[  333.807306][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 120 seconds
[  333.827288][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 120 seconds
[  333.838639][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 120 seconds
[  333.849978][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 120 seconds
[  333.872711][T16485] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551585)
[  333.927114][T16485] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[  333.936990][    T9] tipc: Node number set to 2888559963
[  334.327952][T16519] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3564'.
[  334.425640][T16519] vlan3: entered allmulticast mode
[  334.453031][T16519] bridge0: entered allmulticast mode
[  334.459029][T16528] netlink: 84 bytes leftover after parsing attributes in process `syz.3.3564'.
[  334.479346][T16519] bridge2: port 1(vlan3) entered blocking state
[  334.506546][T16519] bridge2: port 1(vlan3) entered disabled state
[  334.528295][T16519] vlan3: entered promiscuous mode
[  334.544538][T16519] bridge0: entered promiscuous mode
[  334.679285][T16537] tipc: Started in network mode
[  334.684207][T16537] tipc: Node identity de4964b6d2e3, cluster identity 4711
[  334.697297][T16537] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  334.759587][T16537] syzkaller0: entered promiscuous mode
[  334.765103][T16537] syzkaller0: entered allmulticast mode
[  334.921386][T16537] tipc: Resetting bearer <eth:syzkaller0>
[  334.945368][T16536] tipc: Resetting bearer <eth:syzkaller0>
[  334.979820][T16536] tipc: Disabling bearer <eth:syzkaller0>
[  335.498886][T16580] netlink: 'syz.0.3581': attribute type 3 has an invalid length.
[  335.511606][T16580] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3581'.
[  335.684391][T16568] hsr0 speed is unknown, defaulting to 1000
[  335.710554][T16568] lo speed is unknown, defaulting to 1000
[  335.791329][T16589] syzkaller1: entered promiscuous mode
[  335.824938][T16594] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3587'.
[  335.829311][T16589] syzkaller1: entered allmulticast mode
[  335.836047][T16594] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3587'.
[  336.159303][T16625] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  336.177631][T16624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3592'.
[  336.188582][T16606] 8021q: adding VLAN 0 to HW filter on device bond1
[  336.222484][T16611] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  337.258234][T16671] netlink: 'syz.4.3615': attribute type 29 has an invalid length.
[  337.294569][T16671] netlink: 'syz.4.3615': attribute type 29 has an invalid length.
[  337.333644][T16671] netlink: 500 bytes leftover after parsing attributes in process `syz.4.3615'.
[  337.536761][T16688] netdevsim netdevsim0 : renamed from netdevsim0 (while UP)
[  337.933613][T16711] sctp: Trying to GSO but underlying device doesn't support it.
[  338.079899][T16728] netlink: 'syz.3.3632': attribute type 11 has an invalid length.
[  338.100186][T16721] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  338.615928][T16760] __nla_validate_parse: 5 callbacks suppressed
[  338.615947][T16760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3640'.
[  338.928443][T16770] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  338.958209][T16770] syzkaller0: entered promiscuous mode
[  338.963726][T16770] syzkaller0: entered allmulticast mode
[  339.083268][T16784] tipc: Resetting bearer <eth:syzkaller0>
[  339.172658][T16788] syzkaller1: left promiscuous mode
[  339.198240][T16788] syzkaller1: left allmulticast mode
[  339.216606][T16769] tipc: Resetting bearer <eth:syzkaller0>
[  339.256734][T16769] tipc: Disabling bearer <eth:syzkaller0>
[  339.357611][T16791] syzkaller1: entered promiscuous mode
[  339.363136][T16791] syzkaller1: entered allmulticast mode
[  339.460525][T16802] netlink: 'syz.2.3654': attribute type 11 has an invalid length.
[  339.475913][T16802] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3654'.
[  339.511957][T16802] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3654'.
[  339.536022][T16802] unsupported nlmsg_type 40
[  339.977422][T16827] netlink: 'syz.3.3662': attribute type 11 has an invalid length.
[  339.999298][T16827] netlink: 'syz.3.3662': attribute type 11 has an invalid length.
[  340.008602][T16827] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3662'.
[  340.340089][T16843] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3666'.
[  340.404178][T16848] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3666'.
[  340.466815][T16851] skbuff: bad partial csum: csum=65535/127 headroom=178 headlen=65664
[  342.639855][T16902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3681'.
[  342.654643][T16900] syzkaller1: entered promiscuous mode
[  342.678362][T16900] syzkaller1: entered allmulticast mode
[  342.684179][T16902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3681'.
[  342.856805][T16918] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3685'.
[  343.208243][T16944] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3693'.
[  343.563140][T16962] netlink: 'syz.3.3700': attribute type 10 has an invalid length.
[  343.624628][T16962] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.645500][T16962] bridge_slave_1: left allmulticast mode
[  343.668228][T16962] bridge_slave_1: left promiscuous mode
[  343.686693][T16962] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.728844][T16962] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  343.764153][T16967] __nla_validate_parse: 3 callbacks suppressed
[  343.764170][T16967] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3701'.
[  343.843434][T16971] netlink: 'syz.2.3704': attribute type 1 has an invalid length.
[  343.868937][T16973] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048)
[  343.889100][T16975] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3706'.
[  343.916923][T16976] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048)
[  343.921657][T16975] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3706'.
[  343.953634][T16971] 8021q: adding VLAN 0 to HW filter on device bond1
[  344.261285][T16995] netlink: 'syz.2.3712': attribute type 2 has an invalid length.
[  344.523191][T17010] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3717'.
[  344.534251][T17009] ipvlan2: entered promiscuous mode
[  344.563684][T17011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3717'.
[  344.612181][T17017] veth0: entered promiscuous mode
[  344.682213][T17021] netlink: 248 bytes leftover after parsing attributes in process `syz.0.3722'.
[  344.737186][T17012] veth0: left promiscuous mode
[  345.040397][T17049] netlink: 'syz.2.3731': attribute type 1 has an invalid length.
[  345.057058][T17049] netlink: 'syz.2.3731': attribute type 3 has an invalid length.
[  345.090423][T17049] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3731'.
[  345.278054][T17060] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3734'.
[  345.945370][T17098] can: request_module (can-proto-0) failed.
[  346.027578][T17098] can: request_module (can-proto-0) failed.
[  346.037392][T17056] Bluetooth: hci1: Opcode 0x0401 failed: -4
[  346.085127][T17098] can: request_module (can-proto-0) failed.
[  346.144338][T17098] can: request_module (can-proto-0) failed.
[  346.252230][T17098] can: request_module (can-proto-0) failed.
[  346.342081][T17098] can: request_module (can-proto-0) failed.
[  346.453038][T17098] can: request_module (can-proto-0) failed.
[  346.513929][T17123] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  346.527651][T17098] can: request_module (can-proto-0) failed.
[  346.597580][T17098] can: request_module (can-proto-0) failed.
[  346.687440][T17098] can: request_module (can-proto-0) failed.
[  347.234660][T17165] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3764'.
[  347.247142][   T51] Bluetooth: hci1: command 0x0401 tx timeout
[  347.268441][T10802] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  347.271896][T17169] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  347.328652][T17172] syzkaller0: entered promiscuous mode
[  347.344880][T17172] syzkaller0: entered allmulticast mode
[  347.356918][T17174] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3767'.
[  348.007579][T17168] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  348.025462][T17157] tipc: Resetting bearer <eth:syzkaller0>
[  348.131200][T17157] tipc: Disabling bearer <eth:syzkaller0>
[  348.754410][T17226] FAULT_INJECTION: forcing a failure.
[  348.754410][T17226] name failslab, interval 1, probability 0, space 0, times 0
[  348.789001][T17226] CPU: 1 UID: 0 PID: 17226 Comm: syz.3.3784 Not tainted syzkaller #0 PREEMPT(full) 
[  348.789027][T17226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  348.789051][T17226] Call Trace:
[  348.789058][T17226]  <TASK>
[  348.789065][T17226]  dump_stack_lvl+0x189/0x250
[  348.789090][T17226]  ? __pfx____ratelimit+0x10/0x10
[  348.789112][T17226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.789131][T17226]  ? __pfx__printk+0x10/0x10
[  348.789157][T17226]  ? __pfx___might_resched+0x10/0x10
[  348.789173][T17226]  ? fs_reclaim_acquire+0x7d/0x100
[  348.789207][T17226]  should_fail_ex+0x414/0x560
[  348.789232][T17226]  should_failslab+0xa8/0x100
[  348.789256][T17226]  __kmalloc_noprof+0xcb/0x4f0
[  348.789274][T17226]  ? kfree+0x4d/0x440
[  348.789290][T17226]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  348.789312][T17226]  tomoyo_realpath_from_path+0xe3/0x5d0
[  348.789332][T17226]  ? tomoyo_domain+0xd9/0x130
[  348.789356][T17226]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  348.789378][T17226]  tomoyo_path_number_perm+0x1e8/0x5a0
[  348.789401][T17226]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  348.789441][T17226]  ? __lock_acquire+0xab9/0xd20
[  348.789484][T17226]  ? __fget_files+0x2a/0x420
[  348.789509][T17226]  ? __fget_files+0x2a/0x420
[  348.789529][T17226]  ? __fget_files+0x3a0/0x420
[  348.789549][T17226]  ? __fget_files+0x2a/0x420
[  348.789574][T17226]  security_file_ioctl+0xcb/0x2d0
[  348.789598][T17226]  __se_sys_ioctl+0x47/0x170
[  348.789620][T17226]  do_syscall_64+0xfa/0x3b0
[  348.789635][T17226]  ? lockdep_hardirqs_on+0x9c/0x150
[  348.789656][T17226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.789672][T17226]  ? clear_bhb_loop+0x60/0xb0
[  348.789692][T17226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.789708][T17226] RIP: 0033:0x7f3537d8ebe9
[  348.789723][T17226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.789757][T17226] RSP: 002b:00007f3538b25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  348.789775][T17226] RAX: ffffffffffffffda RBX: 00007f3537fc5fa0 RCX: 00007f3537d8ebe9
[  348.789787][T17226] RDX: 0000200000000340 RSI: 00000000400448c8 RDI: 0000000000000005
[  348.789799][T17226] RBP: 00007f3538b25090 R08: 0000000000000000 R09: 0000000000000000
[  348.789809][T17226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.789819][T17226] R13: 00007f3537fc6038 R14: 00007f3537fc5fa0 R15: 00007ffc10edc748
[  348.789850][T17226]  </TASK>
[  348.789858][T17226] ERROR: Out of memory at tomoyo_realpath_from_path.
[  349.263866][T17245] __nla_validate_parse: 1 callbacks suppressed
[  349.263885][T17245] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3793'.
[  349.284804][T17245] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3793'.
[  349.485156][T17255] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  349.679275][T17268] FAULT_INJECTION: forcing a failure.
[  349.679275][T17268] name failslab, interval 1, probability 0, space 0, times 0
[  349.708410][T17268] CPU: 1 UID: 0 PID: 17268 Comm: syz.2.3802 Not tainted syzkaller #0 PREEMPT(full) 
[  349.708437][T17268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  349.708448][T17268] Call Trace:
[  349.708456][T17268]  <TASK>
[  349.708464][T17268]  dump_stack_lvl+0x189/0x250
[  349.708489][T17268]  ? __pfx____ratelimit+0x10/0x10
[  349.708511][T17268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.708529][T17268]  ? __pfx__printk+0x10/0x10
[  349.708554][T17268]  ? __pfx___might_resched+0x10/0x10
[  349.708570][T17268]  ? fs_reclaim_acquire+0x7d/0x100
[  349.708599][T17268]  should_fail_ex+0x414/0x560
[  349.708626][T17268]  should_failslab+0xa8/0x100
[  349.708650][T17268]  __kmalloc_noprof+0xcb/0x4f0
[  349.708670][T17268]  ? tomoyo_encode+0x28b/0x550
[  349.708692][T17268]  tomoyo_encode+0x28b/0x550
[  349.708716][T17268]  tomoyo_realpath_from_path+0x58d/0x5d0
[  349.708735][T17268]  ? tomoyo_domain+0xd9/0x130
[  349.708758][T17268]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  349.708780][T17268]  tomoyo_path_number_perm+0x1e8/0x5a0
[  349.708804][T17268]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  349.708843][T17268]  ? __lock_acquire+0xab9/0xd20
[  349.708887][T17268]  ? __fget_files+0x2a/0x420
[  349.708913][T17268]  ? __fget_files+0x2a/0x420
[  349.708932][T17268]  ? __fget_files+0x3a0/0x420
[  349.708952][T17268]  ? __fget_files+0x2a/0x420
[  349.708978][T17268]  security_file_ioctl+0xcb/0x2d0
[  349.709002][T17268]  __se_sys_ioctl+0x47/0x170
[  349.709025][T17268]  do_syscall_64+0xfa/0x3b0
[  349.709039][T17268]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.709060][T17268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.709077][T17268]  ? clear_bhb_loop+0x60/0xb0
[  349.709097][T17268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.709119][T17268] RIP: 0033:0x7f34a918ebe9
[  349.709134][T17268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.709147][T17268] RSP: 002b:00007f34a73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  349.709164][T17268] RAX: ffffffffffffffda RBX: 00007f34a93c5fa0 RCX: 00007f34a918ebe9
[  349.709175][T17268] RDX: 0000200000000340 RSI: 00000000400448c8 RDI: 0000000000000005
[  349.709184][T17268] RBP: 00007f34a73f6090 R08: 0000000000000000 R09: 0000000000000000
[  349.709193][T17268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.709200][T17268] R13: 00007f34a93c6038 R14: 00007f34a93c5fa0 R15: 00007ffeb3c6fdf8
[  349.709223][T17268]  </TASK>
[  349.709239][T17268] ERROR: Out of memory at tomoyo_realpath_from_path.
[  350.252012][T17291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3808'.
[  350.289707][T17282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3805'.
[  350.301124][T17289] hsr0 speed is unknown, defaulting to 1000
[  350.311456][T17289] lo speed is unknown, defaulting to 1000
[  350.319315][T17282] netlink: 'syz.2.3805': attribute type 8 has an invalid length.
[  350.445497][T17295] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3810'.
[  350.543169][T17298] lo: entered promiscuous mode
[  350.607560][T17298] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  350.736468][T17310] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3815'.
[  350.768599][T17303] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3811'.
[  350.777802][T17303] netlink: 'syz.1.3811': attribute type 5 has an invalid length.
[  350.785542][T17303] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3811'.
[  350.797947][T17313] netlink: 'syz.0.3815': attribute type 1 has an invalid length.
[  350.933120][T17310] bond1 (unregistering): Released all slaves
[  351.288357][T17340] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3823'.
[  351.506040][T17347] netlink: 'syz.1.3826': attribute type 4 has an invalid length.
[  351.813883][T17367] syzkaller1: entered promiscuous mode
[  351.821486][T17367] syzkaller1: entered allmulticast mode
[  352.112955][T17383] netlink: 'syz.0.3838': attribute type 21 has an invalid length.
[  352.151970][T17383] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3838'.
[  352.391934][T17397] hsr0 speed is unknown, defaulting to 1000
[  352.408979][T17397] lo speed is unknown, defaulting to 1000
[  352.557226][T17407] netlink: 'syz.2.3845': attribute type 4 has an invalid length.
[  352.694594][T17417] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  352.701926][T17417] IPv6: NLM_F_CREATE should be set when creating new route
[  353.165921][T17440] FAULT_INJECTION: forcing a failure.
[  353.165921][T17440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  353.236661][T17440] CPU: 0 UID: 0 PID: 17440 Comm: syz.4.3855 Not tainted syzkaller #0 PREEMPT(full) 
[  353.236687][T17440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  353.236698][T17440] Call Trace:
[  353.236705][T17440]  <TASK>
[  353.236713][T17440]  dump_stack_lvl+0x189/0x250
[  353.236737][T17440]  ? __pfx____ratelimit+0x10/0x10
[  353.236760][T17440]  ? __pfx_dump_stack_lvl+0x10/0x10
[  353.236779][T17440]  ? __pfx__printk+0x10/0x10
[  353.236801][T17440]  ? __might_fault+0xb0/0x130
[  353.236834][T17440]  should_fail_ex+0x414/0x560
[  353.236861][T17440]  _copy_from_iter+0x1de/0x1790
[  353.236886][T17440]  ? rcu_is_watching+0x15/0xb0
[  353.236905][T17440]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  353.236928][T17440]  ? __pfx__copy_from_iter+0x10/0x10
[  353.236948][T17440]  ? __build_skb_around+0x257/0x3e0
[  353.236968][T17440]  ? netlink_sendmsg+0x642/0xb30
[  353.236982][T17440]  ? skb_put+0x11b/0x210
[  353.237002][T17440]  netlink_sendmsg+0x6b2/0xb30
[  353.237028][T17440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  353.237048][T17440]  ? aa_sock_msg_perm+0xf1/0x1d0
[  353.237066][T17440]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  353.237084][T17440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  353.237100][T17440]  __sock_sendmsg+0x219/0x270
[  353.237125][T17440]  ____sys_sendmsg+0x505/0x830
[  353.237150][T17440]  ? __pfx_____sys_sendmsg+0x10/0x10
[  353.237179][T17440]  ? import_iovec+0x74/0xa0
[  353.237201][T17440]  ___sys_sendmsg+0x21f/0x2a0
[  353.237222][T17440]  ? __pfx____sys_sendmsg+0x10/0x10
[  353.237277][T17440]  ? __fget_files+0x2a/0x420
[  353.237298][T17440]  ? __fget_files+0x3a0/0x420
[  353.237331][T17440]  __x64_sys_sendmsg+0x19b/0x260
[  353.237353][T17440]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  353.237381][T17440]  ? __pfx_ksys_write+0x10/0x10
[  353.237398][T17440]  ? rcu_is_watching+0x15/0xb0
[  353.237426][T17440]  ? do_syscall_64+0xbe/0x3b0
[  353.237446][T17440]  do_syscall_64+0xfa/0x3b0
[  353.237460][T17440]  ? lockdep_hardirqs_on+0x9c/0x150
[  353.237481][T17440]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.237497][T17440]  ? clear_bhb_loop+0x60/0xb0
[  353.237518][T17440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.237534][T17440] RIP: 0033:0x7f9d76d8ebe9
[  353.237549][T17440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.237564][T17440] RSP: 002b:00007f9d77ca2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.237583][T17440] RAX: ffffffffffffffda RBX: 00007f9d76fc5fa0 RCX: 00007f9d76d8ebe9
[  353.237596][T17440] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000007
[  353.237607][T17440] RBP: 00007f9d77ca2090 R08: 0000000000000000 R09: 0000000000000000
[  353.237618][T17440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.237628][T17440] R13: 00007f9d76fc6038 R14: 00007f9d76fc5fa0 R15: 00007fff769d3168
[  353.237658][T17440]  </TASK>
[  353.747124][T17454] netlink: 'syz.3.3862': attribute type 5 has an invalid length.
[  353.841572][T17457] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  353.914282][T17455] hsr0 speed is unknown, defaulting to 1000
[  353.943134][T17455] lo speed is unknown, defaulting to 1000
[  354.120168][T17468] syzkaller1: left promiscuous mode
[  354.126744][T17468] syzkaller1: left allmulticast mode
[  354.339836][T17480] __nla_validate_parse: 11 callbacks suppressed
[  354.339855][T17480] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3870'.
[  354.411171][T10794] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  354.424099][T10794] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  354.432603][T17491] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3873'.
[  354.442177][  T982] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  354.557187][  T982] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  354.766670][  T982] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  354.963453][T17520] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  355.092903][T17536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3884'.
[  355.105271][T17536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3884'.
[  355.258398][T17538] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  355.262012][T17546] FAULT_INJECTION: forcing a failure.
[  355.262012][T17546] name failslab, interval 1, probability 0, space 0, times 0
[  355.280656][T17546] CPU: 1 UID: 0 PID: 17546 Comm: syz.3.3889 Not tainted syzkaller #0 PREEMPT(full) 
[  355.280682][T17546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  355.280693][T17546] Call Trace:
[  355.280700][T17546]  <TASK>
[  355.280708][T17546]  dump_stack_lvl+0x189/0x250
[  355.280738][T17546]  ? __pfx____ratelimit+0x10/0x10
[  355.280761][T17546]  ? __pfx_dump_stack_lvl+0x10/0x10
[  355.280782][T17546]  ? __pfx__printk+0x10/0x10
[  355.280810][T17546]  ? __pfx___might_resched+0x10/0x10
[  355.280825][T17546]  ? fs_reclaim_acquire+0x7d/0x100
[  355.280854][T17546]  should_fail_ex+0x414/0x560
[  355.280880][T17546]  should_failslab+0xa8/0x100
[  355.280904][T17546]  __kmalloc_noprof+0xcb/0x4f0
[  355.280924][T17546]  ? kfree+0x4d/0x440
[  355.280939][T17546]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  355.280963][T17546]  tomoyo_realpath_from_path+0xe3/0x5d0
[  355.280982][T17546]  ? tomoyo_domain+0xd9/0x130
[  355.281006][T17546]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  355.281028][T17546]  tomoyo_path_number_perm+0x1e8/0x5a0
[  355.281053][T17546]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  355.281093][T17546]  ? __lock_acquire+0xab9/0xd20
[  355.281137][T17546]  ? __fget_files+0x2a/0x420
[  355.281163][T17546]  ? __fget_files+0x2a/0x420
[  355.281183][T17546]  ? __fget_files+0x3a0/0x420
[  355.281203][T17546]  ? __fget_files+0x2a/0x420
[  355.281230][T17546]  security_file_ioctl+0xcb/0x2d0
[  355.281253][T17546]  __se_sys_ioctl+0x47/0x170
[  355.281276][T17546]  do_syscall_64+0xfa/0x3b0
[  355.281292][T17546]  ? lockdep_hardirqs_on+0x9c/0x150
[  355.281313][T17546]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.281331][T17546]  ? clear_bhb_loop+0x60/0xb0
[  355.281352][T17546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.281368][T17546] RIP: 0033:0x7f3537d8ebe9
[  355.281384][T17546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.281399][T17546] RSP: 002b:00007f3538b25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  355.281418][T17546] RAX: ffffffffffffffda RBX: 00007f3537fc5fa0 RCX: 00007f3537d8ebe9
[  355.281431][T17546] RDX: 0000200000000340 RSI: 00000000400448c8 RDI: 0000000000000005
[  355.281442][T17546] RBP: 00007f3538b25090 R08: 0000000000000000 R09: 0000000000000000
[  355.281459][T17546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.281470][T17546] R13: 00007f3537fc6038 R14: 00007f3537fc5fa0 R15: 00007ffc10edc748
[  355.281500][T17546]  </TASK>
[  355.281507][T17546] ERROR: Out of memory at tomoyo_realpath_from_path.
[  355.774994][T17566] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  355.811686][T17569] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  355.821212][T17567] syzkaller0: entered promiscuous mode
[  355.840156][T17567] syzkaller0: entered allmulticast mode
[  355.879080][T17572] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3894'.
[  355.907515][T17572] 8021q: VLANs not supported on sit0
[  355.941529][T17567] tipc: Resetting bearer <eth:syzkaller0>
[  356.010524][T17567] tipc: Disabling bearer <eth:syzkaller0>
[  356.111646][T17588] netlink: 'syz.2.3898': attribute type 10 has an invalid length.
[  356.135522][T17592] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3897'.
[  356.195534][T17588] 8021q: adding VLAN 0 to HW filter on device team0
[  356.230487][T17588] bond0: (slave team0): Enslaving as an active interface with an up link
[  357.243775][T17651] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3918'.
[  357.284004][T17651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3918'.
[  357.365680][T17651] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  357.425500][T17651] syzkaller0: MTU too low for tipc bearer
[  357.441678][T17651] tipc: Disabling bearer <eth:syzkaller0>
[  357.678438][T17676] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  357.754293][T17683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3929'.
[  357.802351][T17683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3929'.
[  358.399988][T17718] team_slave_0: entered promiscuous mode
[  358.406070][T17718] team_slave_1: entered promiscuous mode
[  358.414679][T17718] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  358.422958][T17718] team0: Device macvtap1 is already an upper device of the team interface
[  358.436244][T17718] team_slave_0: left promiscuous mode
[  358.441708][T17718] team_slave_1: left promiscuous mode
[  358.606414][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  358.778968][T17737] !
: renamed from dummy0 (while UP)
[  358.915161][T17702] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  358.936378][T17702] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  359.096701][T17702] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  359.102650][T17702] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  359.278749][T17702] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  359.284777][T17702] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  359.332115][T17702] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  359.348614][T17702] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  359.393733][T17702] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  359.413510][T17702] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  359.429938][T17771] __nla_validate_parse: 5 callbacks suppressed
[  359.429958][T17771] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3964'.
[  359.497880][T17771] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  359.532169][T17771] gretap1: entered promiscuous mode
[  359.561304][T17771] gretap1: entered allmulticast mode
[  359.835619][T17792] netlink: 'syz.2.3972': attribute type 1 has an invalid length.
[  359.904598][T17800] openvswitch: netlink: IP tunnel dst address not specified
[  360.169025][T17815] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3981'.
[  360.279526][T17821] block nbd4: server does not support multiple connections per device.
[  360.306551][T17821] block nbd4: shutting down sockets
[  360.723918][T17850] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3994'.
[  360.802557][T17850] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3994'.
[  360.837717][T17858] netlink: 'syz.3.3998': attribute type 1 has an invalid length.
[  360.867398][T17858] netlink: 'syz.3.3998': attribute type 3 has an invalid length.
[  360.885463][T17858] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3998'.
[  360.940147][T17864] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  360.974481][T17864] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3999'.
[  361.117893][T17866] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4001'.
[  361.375964][T17890] FAULT_INJECTION: forcing a failure.
[  361.375964][T17890] name failslab, interval 1, probability 0, space 0, times 0
[  361.435588][T17890] CPU: 1 UID: 0 PID: 17890 Comm: syz.4.4009 Not tainted syzkaller #0 PREEMPT(full) 
[  361.435614][T17890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  361.435623][T17890] Call Trace:
[  361.435630][T17890]  <TASK>
[  361.435636][T17890]  dump_stack_lvl+0x189/0x250
[  361.435662][T17890]  ? __pfx____ratelimit+0x10/0x10
[  361.435686][T17890]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.435704][T17890]  ? __pfx__printk+0x10/0x10
[  361.435733][T17890]  ? __pfx___might_resched+0x10/0x10
[  361.435749][T17890]  ? fs_reclaim_acquire+0x7d/0x100
[  361.435777][T17890]  should_fail_ex+0x414/0x560
[  361.435804][T17890]  should_failslab+0xa8/0x100
[  361.435828][T17890]  __kmalloc_noprof+0xcb/0x4f0
[  361.435847][T17890]  ? kfree+0x4d/0x440
[  361.435870][T17890]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  361.435893][T17890]  tomoyo_realpath_from_path+0xe3/0x5d0
[  361.435913][T17890]  ? tomoyo_domain+0xd9/0x130
[  361.435937][T17890]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  361.435960][T17890]  tomoyo_path_number_perm+0x1e8/0x5a0
[  361.435985][T17890]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  361.436025][T17890]  ? __lock_acquire+0xab9/0xd20
[  361.436071][T17890]  ? __fget_files+0x2a/0x420
[  361.436097][T17890]  ? __fget_files+0x2a/0x420
[  361.436116][T17890]  ? __fget_files+0x3a0/0x420
[  361.436137][T17890]  ? __fget_files+0x2a/0x420
[  361.436164][T17890]  security_file_ioctl+0xcb/0x2d0
[  361.436189][T17890]  __se_sys_ioctl+0x47/0x170
[  361.436209][T17890]  do_syscall_64+0xfa/0x3b0
[  361.436223][T17890]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.436242][T17890]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.436259][T17890]  ? clear_bhb_loop+0x60/0xb0
[  361.436279][T17890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.436295][T17890] RIP: 0033:0x7f9d76d8ebe9
[  361.436310][T17890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  361.436323][T17890] RSP: 002b:00007f9d77ca2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  361.436341][T17890] RAX: ffffffffffffffda RBX: 00007f9d76fc5fa0 RCX: 00007f9d76d8ebe9
[  361.436354][T17890] RDX: 0000200000000340 RSI: 00000000400448c8 RDI: 0000000000000005
[  361.436365][T17890] RBP: 00007f9d77ca2090 R08: 0000000000000000 R09: 0000000000000000
[  361.436375][T17890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  361.436386][T17890] R13: 00007f9d76fc6038 R14: 00007f9d76fc5fa0 R15: 00007fff769d3168
[  361.436415][T17890]  </TASK>
[  361.726468][T17890] ERROR: Out of memory at tomoyo_realpath_from_path.
[  361.816852][T17893] veth0_to_team: entered promiscuous mode
[  361.843466][T17893] veth0_to_team: entered allmulticast mode
[  362.020914][T17911] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4017'.
[  362.161165][T17916] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4020'.
[  362.513306][T17943] netlink: 'syz.1.4027': attribute type 7 has an invalid length.
[  362.810490][  T982] IPVS: starting estimator thread 0...
[  362.841850][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  362.899252][T17960] netlink: 'syz.1.4032': attribute type 1 has an invalid length.
[  362.907305][T17955] IPVS: using max 29 ests per chain, 69600 per kthread
[  362.956608][T17960] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4032'.
[  363.049948][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  363.059160][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  363.070607][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  363.079513][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  363.104848][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  363.127719][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  363.143581][T17957] netlink: 'syz.2.4031': attribute type 39 has an invalid length.
[  363.195888][T17970] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  363.862426][T18006] xfrm1: entered promiscuous mode
[  363.888542][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 150 seconds
[  363.899726][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 150 seconds
[  363.910875][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 150 seconds
[  363.918240][T18006] xfrm1: entered allmulticast mode
[  363.922086][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 150 seconds
[  364.487906][T18040] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  364.734958][T18044] __nla_validate_parse: 5 callbacks suppressed
[  364.734976][T18044] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4060'.
[  364.781946][T18044] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4060'.
[  364.897852][T18054] netlink: 'syz.2.4063': attribute type 11 has an invalid length.
[  364.921030][T18054] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4063'.
[  364.964428][T18059] netlink: 'syz.2.4063': attribute type 11 has an invalid length.
[  364.991712][T18059] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4063'.
[  365.028787][T18061] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4065'.
[  365.151452][T18074] netlink: 144 bytes leftover after parsing attributes in process `syz.4.4068'.
[  365.206798][T18079] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4070'.
[  365.291443][T18079] bridge0: port 3(batadv1) entered blocking state
[  365.298439][T18081] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4071'.
[  365.367050][T18079] bridge0: port 3(batadv1) entered disabled state
[  365.373856][T18079] batadv1: entered allmulticast mode
[  365.421062][T18079] batadv1: entered promiscuous mode
[  365.621444][T18099] syzkaller0: entered allmulticast mode
[  365.630073][T18099] sch_tbf: peakrate 65537 is lower than or equals to rate 13649349699651835328 !
[  365.794912][T18109] netlink: 'syz.2.4081': attribute type 11 has an invalid length.
[  365.847451][ T1007] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  365.856919][ T1007] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  365.983135][T18121] FAULT_INJECTION: forcing a failure.
[  365.983135][T18121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.001039][T18121] CPU: 1 UID: 0 PID: 18121 Comm: syz.1.4087 Not tainted syzkaller #0 PREEMPT(full) 
[  366.001064][T18121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  366.001077][T18121] Call Trace:
[  366.001084][T18121]  <TASK>
[  366.001092][T18121]  dump_stack_lvl+0x189/0x250
[  366.001124][T18121]  ? __pfx____ratelimit+0x10/0x10
[  366.001147][T18121]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.001166][T18121]  ? __pfx__printk+0x10/0x10
[  366.001199][T18121]  should_fail_ex+0x414/0x560
[  366.001225][T18121]  _copy_from_user+0x2d/0xb0
[  366.001246][T18121]  get_user_ifreq+0x6c/0x180
[  366.001272][T18121]  sock_ioctl+0x6dd/0x790
[  366.001294][T18121]  ? __pfx_sock_ioctl+0x10/0x10
[  366.001314][T18121]  ? __fget_files+0x3a0/0x420
[  366.001335][T18121]  ? __fget_files+0x2a/0x420
[  366.001362][T18121]  ? bpf_lsm_file_ioctl+0x9/0x20
[  366.001379][T18121]  ? __pfx_sock_ioctl+0x10/0x10
[  366.001397][T18121]  __se_sys_ioctl+0xf9/0x170
[  366.001418][T18121]  do_syscall_64+0xfa/0x3b0
[  366.001430][T18121]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.001451][T18121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.001466][T18121]  ? clear_bhb_loop+0x60/0xb0
[  366.001486][T18121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.001505][T18121] RIP: 0033:0x7f4ea258ebe9
[  366.001521][T18121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.001535][T18121] RSP: 002b:00007f4ea33a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  366.001553][T18121] RAX: ffffffffffffffda RBX: 00007f4ea27c5fa0 RCX: 00007f4ea258ebe9
[  366.001564][T18121] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000003
[  366.001575][T18121] RBP: 00007f4ea33a7090 R08: 0000000000000000 R09: 0000000000000000
[  366.001583][T18121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.001591][T18121] R13: 00007f4ea27c6038 R14: 00007f4ea27c5fa0 R15: 00007ffc82344088
[  366.001613][T18121]  </TASK>
[  366.310991][T18122] veth0_macvtap: left promiscuous mode
[  366.321989][T18122] macvtap0: entered allmulticast mode
[  366.331978][T18122] macvtap0: refused to change device tx_queue_len
[  366.450995][   T51] block nbd4: Receive control failed (result -32)
[  366.469770][T18140] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4090'.
[  366.481684][T18141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4090'.
[  366.535883][T18142] nftables ruleset with unbound set
[  366.927634][T18159] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  366.973560][T18165] FAULT_INJECTION: forcing a failure.
[  366.973560][T18165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.030218][T18165] CPU: 0 UID: 0 PID: 18165 Comm: syz.2.4102 Not tainted syzkaller #0 PREEMPT(full) 
[  367.030244][T18165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  367.030254][T18165] Call Trace:
[  367.030261][T18165]  <TASK>
[  367.030269][T18165]  dump_stack_lvl+0x189/0x250
[  367.030293][T18165]  ? __pfx____ratelimit+0x10/0x10
[  367.030315][T18165]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.030332][T18165]  ? __pfx__printk+0x10/0x10
[  367.030353][T18165]  ? __might_fault+0xb0/0x130
[  367.030384][T18165]  should_fail_ex+0x414/0x560
[  367.030410][T18165]  _copy_from_user+0x2d/0xb0
[  367.030429][T18165]  vti6_siocdevprivate+0x1af/0x700
[  367.030451][T18165]  ? __pfx_vti6_siocdevprivate+0x10/0x10
[  367.030465][T18165]  ? trace_contention_end+0x39/0x120
[  367.030508][T18165]  ? netdev_name_node_lookup+0xdf/0x120
[  367.030531][T18165]  dev_ifsioc+0xb54/0xf00
[  367.030561][T18165]  dev_ioctl+0x84c/0x1150
[  367.030586][T18165]  sock_ioctl+0x719/0x790
[  367.030607][T18165]  ? __pfx_sock_ioctl+0x10/0x10
[  367.030627][T18165]  ? __fget_files+0x3a0/0x420
[  367.030648][T18165]  ? __fget_files+0x2a/0x420
[  367.030671][T18165]  ? bpf_lsm_file_ioctl+0x9/0x20
[  367.030690][T18165]  ? __pfx_sock_ioctl+0x10/0x10
[  367.030708][T18165]  __se_sys_ioctl+0xf9/0x170
[  367.030729][T18165]  do_syscall_64+0xfa/0x3b0
[  367.030742][T18165]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.030762][T18165]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.030777][T18165]  ? clear_bhb_loop+0x60/0xb0
[  367.030796][T18165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.030811][T18165] RIP: 0033:0x7f34a918ebe9
[  367.030825][T18165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.030838][T18165] RSP: 002b:00007f34a73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  367.030856][T18165] RAX: ffffffffffffffda RBX: 00007f34a93c5fa0 RCX: 00007f34a918ebe9
[  367.030867][T18165] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000003
[  367.030878][T18165] RBP: 00007f34a73f6090 R08: 0000000000000000 R09: 0000000000000000
[  367.030887][T18165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.030897][T18165] R13: 00007f34a93c6038 R14: 00007f34a93c5fa0 R15: 00007ffeb3c6fdf8
[  367.030924][T18165]  </TASK>
[  367.067533][T18167] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  367.287621][T18174] FAULT_INJECTION: forcing a failure.
[  367.287621][T18174] name failslab, interval 1, probability 0, space 0, times 0
[  367.310579][T18174] CPU: 0 UID: 0 PID: 18174 Comm: syz.4.4105 Not tainted syzkaller #0 PREEMPT(full) 
[  367.310605][T18174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  367.310615][T18174] Call Trace:
[  367.310623][T18174]  <TASK>
[  367.310631][T18174]  dump_stack_lvl+0x189/0x250
[  367.310654][T18174]  ? __pfx____ratelimit+0x10/0x10
[  367.310676][T18174]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.310695][T18174]  ? __pfx__printk+0x10/0x10
[  367.310720][T18174]  ? __pfx___might_resched+0x10/0x10
[  367.310735][T18174]  ? fs_reclaim_acquire+0x7d/0x100
[  367.310762][T18174]  should_fail_ex+0x414/0x560
[  367.310789][T18174]  should_failslab+0xa8/0x100
[  367.310812][T18174]  __kmalloc_noprof+0xcb/0x4f0
[  367.310831][T18174]  ? kfree+0x4d/0x440
[  367.310846][T18174]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  367.310869][T18174]  tomoyo_realpath_from_path+0xe3/0x5d0
[  367.310888][T18174]  ? tomoyo_domain+0xd9/0x130
[  367.310911][T18174]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  367.310933][T18174]  tomoyo_path_number_perm+0x1e8/0x5a0
[  367.310965][T18174]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  367.311008][T18174]  ? __lock_acquire+0xab9/0xd20
[  367.311050][T18174]  ? __fget_files+0x2a/0x420
[  367.311075][T18174]  ? __fget_files+0x2a/0x420
[  367.311095][T18174]  ? __fget_files+0x3a0/0x420
[  367.311115][T18174]  ? __fget_files+0x2a/0x420
[  367.311140][T18174]  security_file_ioctl+0xcb/0x2d0
[  367.311163][T18174]  __se_sys_ioctl+0x47/0x170
[  367.311186][T18174]  do_syscall_64+0xfa/0x3b0
[  367.311200][T18174]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.311220][T18174]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.311236][T18174]  ? clear_bhb_loop+0x60/0xb0
[  367.311257][T18174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.311273][T18174] RIP: 0033:0x7f9d76d8ebe9
[  367.311289][T18174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.311303][T18174] RSP: 002b:00007f9d77ca2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  367.311321][T18174] RAX: ffffffffffffffda RBX: 00007f9d76fc5fa0 RCX: 00007f9d76d8ebe9
[  367.311342][T18174] RDX: 0000200000000000 RSI: 00000000400448c9 RDI: 0000000000000005
[  367.311352][T18174] RBP: 00007f9d77ca2090 R08: 0000000000000000 R09: 0000000000000000
[  367.311362][T18174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.311372][T18174] R13: 00007f9d76fc6038 R14: 00007f9d76fc5fa0 R15: 00007fff769d3168
[  367.311402][T18174]  </TASK>
[  367.312706][T18174] ERROR: Out of memory at tomoyo_realpath_from_path.
[  367.335326][T18168] syzkaller0: entered promiscuous mode
[  367.714378][T18168] syzkaller0: entered allmulticast mode
[  367.726377][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  367.734228][T18170] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  367.883925][T18166] tipc: Resetting bearer <eth:syzkaller0>
[  367.943619][T18166] tipc: Disabling bearer <eth:syzkaller0>
[  368.132891][T18210] bond0: (slave team0): Releasing backup interface
[  368.192065][T18210] bridge_slave_0: left allmulticast mode
[  368.240387][T18210] bridge_slave_0: left promiscuous mode
[  368.246264][T18210] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.315241][T18210] bridge_slave_1: left allmulticast mode
[  368.321481][T18210] bridge_slave_1: left promiscuous mode
[  368.330111][T18210] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.358765][T18210] bond0: (slave bond_slave_0): Releasing backup interface
[  368.366900][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  368.392192][T18210] bond0: (slave bond_slave_1): Releasing backup interface
[  368.428110][T18210] team0: Port device team_slave_0 removed
[  368.440714][T18210] team0: Port device team_slave_1 removed
[  368.449483][T18210] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  368.457292][T18210] batman_adv: batadv0: Removing interface: batadv_slave_0
[  368.470701][T18210] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  368.481139][T18210] batman_adv: batadv0: Removing interface: batadv_slave_1
[  368.518568][T18210] batadv1: left allmulticast mode
[  368.541886][T18210] batadv1: left promiscuous mode
[  368.554067][T18210] bridge0: port 3(batadv1) entered disabled state
[  368.672252][T18216] A link change request failed with some changes committed already. Interface veth1_to_bridge may have been left with an inconsistent configuration, please check.
[  368.791445][T18240] bridge0: port 3(batadv1) entered blocking state
[  368.798418][T18240] bridge0: port 3(batadv1) entered disabled state
[  368.811196][T18240] batadv1: entered allmulticast mode
[  368.818783][T18240] batadv1: entered promiscuous mode
[  369.088893][T18255] hsr0 speed is unknown, defaulting to 1000
[  369.140887][T18255] lo speed is unknown, defaulting to 1000
[  369.322051][T10794] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  369.332388][T10794] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  369.411506][T18277] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  369.609593][T18285] bridge0: port 2(batadv1) entered blocking state
[  369.659690][T18285] bridge0: port 2(batadv1) entered disabled state
[  369.675883][T18285] batadv1: entered allmulticast mode
[  369.705038][T18285] batadv1: entered promiscuous mode
[  369.870824][T18300] validate_nla: 66 callbacks suppressed
[  369.870841][T18300] netlink: 'syz.4.4145': attribute type 1 has an invalid length.
[  369.884258][T18300] __nla_validate_parse: 10 callbacks suppressed
[  369.884273][T18300] netlink: 172 bytes leftover after parsing attributes in process `syz.4.4145'.
[  370.059549][T18255] netlink: 'syz.1.4135': attribute type 13 has an invalid length.
[  370.102828][T18255] netlink: 'syz.1.4135': attribute type 17 has an invalid length.
[  370.112341][   T59] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  370.121914][   T59] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  370.151983][T18307] netlink: 'syz.0.4146': attribute type 1 has an invalid length.
[  370.173976][T18255] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  370.196685][T18307] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.4146'.
[  370.217143][T18315] netdevsim netdevsim3: Firmware load for './file0/../file0' refused, path contains '..' component
[  370.247956][T18322] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4152'.
[  370.269452][T18262] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4135'.
[  370.822009][T18343] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4161'.
[  371.039629][T18354] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4165'.
[  371.049500][T18353] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4164'.
[  371.268937][T18368] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  371.357257][T18374] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4173'.
[  371.389901][T18379] netlink: 'syz.4.4175': attribute type 4 has an invalid length.
[  371.407968][T18374] 8021q: VLANs not supported on gre0
[  371.473701][T18379] netlink: 'syz.4.4175': attribute type 4 has an invalid length.
[  371.664450][T18392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4177'.
[  371.680982][T18392] chnl_net:caif_netlink_parms(): no params data found
[  371.783682][T18405] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4182'.
[  372.119279][T18425] syzkaller1: entered promiscuous mode
[  372.124800][T18425] syzkaller1: entered allmulticast mode
[  372.573977][T18454] bridge0: port 2(batadv1) entered blocking state
[  372.584287][T18454] bridge0: port 2(batadv1) entered disabled state
[  372.592343][T18454] batadv1: entered allmulticast mode
[  372.606024][T18454] batadv1: entered promiscuous mode
[  372.613633][T18452] gretap0: entered allmulticast mode
[  372.829839][T18465] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  372.978462][T18470] netlink: 'syz.1.4208': attribute type 1 has an invalid length.
[  373.005911][T18470] netlink: 'syz.1.4208': attribute type 1 has an invalid length.
[  373.027271][T18470] netlink: 'syz.1.4208': attribute type 1 has an invalid length.
[  373.057422][T18470] netlink: 'syz.1.4208': attribute type 2 has an invalid length.
[  373.085660][ T1007] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  373.095452][ T1007] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  373.578785][T18505] FAULT_INJECTION: forcing a failure.
[  373.578785][T18505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  373.598510][T18505] CPU: 1 UID: 0 PID: 18505 Comm: syz.0.4221 Not tainted syzkaller #0 PREEMPT(full) 
[  373.598534][T18505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  373.598545][T18505] Call Trace:
[  373.598553][T18505]  <TASK>
[  373.598560][T18505]  dump_stack_lvl+0x189/0x250
[  373.598584][T18505]  ? __pfx____ratelimit+0x10/0x10
[  373.598605][T18505]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.598624][T18505]  ? __pfx__printk+0x10/0x10
[  373.598645][T18505]  ? __might_fault+0xb0/0x130
[  373.598676][T18505]  should_fail_ex+0x414/0x560
[  373.598702][T18505]  _copy_from_user+0x2d/0xb0
[  373.598721][T18505]  ___sys_sendmsg+0x158/0x2a0
[  373.598742][T18505]  ? __pfx____sys_sendmsg+0x10/0x10
[  373.598795][T18505]  ? __fget_files+0x2a/0x420
[  373.598817][T18505]  ? __fget_files+0x3a0/0x420
[  373.598849][T18505]  __x64_sys_sendmsg+0x19b/0x260
[  373.598867][T18505]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  373.598892][T18505]  ? __pfx_ksys_write+0x10/0x10
[  373.598909][T18505]  ? rcu_is_watching+0x15/0xb0
[  373.598932][T18505]  ? do_syscall_64+0xbe/0x3b0
[  373.598952][T18505]  do_syscall_64+0xfa/0x3b0
[  373.598966][T18505]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.598986][T18505]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.599002][T18505]  ? clear_bhb_loop+0x60/0xb0
[  373.599022][T18505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.599038][T18505] RIP: 0033:0x7f217438ebe9
[  373.599054][T18505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.599067][T18505] RSP: 002b:00007f217520a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  373.599085][T18505] RAX: ffffffffffffffda RBX: 00007f21745c5fa0 RCX: 00007f217438ebe9
[  373.599097][T18505] RDX: 00000000000000c0 RSI: 0000200000000080 RDI: 0000000000000003
[  373.599108][T18505] RBP: 00007f217520a090 R08: 0000000000000000 R09: 0000000000000000
[  373.599119][T18505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  373.599129][T18505] R13: 00007f21745c6038 R14: 00007f21745c5fa0 R15: 00007ffc301cf2c8
[  373.599158][T18505]  </TASK>
[  374.924611][T18566] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  375.049214][T18567] __nla_validate_parse: 12 callbacks suppressed
[  375.049232][T18567] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4246'.
[  375.147321][T18581] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4252'.
[  375.747372][T18606] nbd5: detected capacity change from 0 to 127
[  375.749750][T18614] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4264'.
[  375.781023][   T51] block nbd5: Receive control failed (result -32)
[  375.786416][T18612] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4264'.
[  375.820200][T18615] nbd: must specify at least one socket
[  375.835919][T18617] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4266'.
[  376.021693][T18624] validate_nla: 2 callbacks suppressed
[  376.021711][T18624] netlink: 'syz.2.4269': attribute type 5 has an invalid length.
[  376.037953][T18624] netlink: 140 bytes leftover after parsing attributes in process `syz.2.4269'.
[  376.132188][T18627] netlink: zone id is out of range
[  376.138455][T18627] netlink: zone id is out of range
[  376.166542][T18627] netlink: zone id is out of range
[  376.171702][T18627] netlink: zone id is out of range
[  376.207718][T18627] netlink: zone id is out of range
[  376.213098][T18627] netlink: zone id is out of range
[  376.258968][T18627] netlink: del zone limit has 4 unknown bytes
[  376.507735][T18653] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4280'.
[  376.513849][T18659] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4283'.
[  376.558214][T18656] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4282'.
[  376.767850][T18657] netlink: 'syz.1.4281': attribute type 10 has an invalid length.
[  376.803776][T18657] team0: Port device dummy0 added
[  376.856520][T18657] netlink: 'syz.1.4281': attribute type 10 has an invalid length.
[  376.927939][T18657] team0: Port device dummy0 removed
[  376.951187][T18680] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4288'.
[  376.968156][T18657] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  377.305217][T18696] FAULT_INJECTION: forcing a failure.
[  377.305217][T18696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  377.349640][T18696] CPU: 1 UID: 0 PID: 18696 Comm: syz.4.4296 Not tainted syzkaller #0 PREEMPT(full) 
[  377.349666][T18696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  377.349677][T18696] Call Trace:
[  377.349685][T18696]  <TASK>
[  377.349694][T18696]  dump_stack_lvl+0x189/0x250
[  377.349718][T18696]  ? __pfx____ratelimit+0x10/0x10
[  377.349741][T18696]  ? __pfx_dump_stack_lvl+0x10/0x10
[  377.349760][T18696]  ? __pfx__printk+0x10/0x10
[  377.349782][T18696]  ? __might_fault+0xb0/0x130
[  377.349815][T18696]  should_fail_ex+0x414/0x560
[  377.349840][T18696]  _copy_from_iter+0x1de/0x1790
[  377.349865][T18696]  ? rcu_is_watching+0x15/0xb0
[  377.349881][T18696]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  377.349904][T18696]  ? __pfx__copy_from_iter+0x10/0x10
[  377.349923][T18696]  ? __build_skb_around+0x257/0x3e0
[  377.349942][T18696]  ? netlink_sendmsg+0x642/0xb30
[  377.349964][T18696]  ? skb_put+0x11b/0x210
[  377.349979][T18696]  netlink_sendmsg+0x6b2/0xb30
[  377.349998][T18696]  ? __pfx_netlink_sendmsg+0x10/0x10
[  377.350013][T18696]  ? aa_sock_msg_perm+0xf1/0x1d0
[  377.350030][T18696]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  377.350044][T18696]  ? __pfx_netlink_sendmsg+0x10/0x10
[  377.350057][T18696]  __sock_sendmsg+0x219/0x270
[  377.350076][T18696]  ____sys_sendmsg+0x505/0x830
[  377.350096][T18696]  ? __pfx_____sys_sendmsg+0x10/0x10
[  377.350116][T18696]  ? import_iovec+0x74/0xa0
[  377.350133][T18696]  ___sys_sendmsg+0x21f/0x2a0
[  377.350149][T18696]  ? __pfx____sys_sendmsg+0x10/0x10
[  377.350191][T18696]  ? __fget_files+0x2a/0x420
[  377.350209][T18696]  ? __fget_files+0x3a0/0x420
[  377.350234][T18696]  __x64_sys_sendmsg+0x19b/0x260
[  377.350250][T18696]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  377.350272][T18696]  ? __pfx_ksys_write+0x10/0x10
[  377.350286][T18696]  ? rcu_is_watching+0x15/0xb0
[  377.350302][T18696]  ? do_syscall_64+0xbe/0x3b0
[  377.350317][T18696]  do_syscall_64+0xfa/0x3b0
[  377.350328][T18696]  ? lockdep_hardirqs_on+0x9c/0x150
[  377.350344][T18696]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.350357][T18696]  ? clear_bhb_loop+0x60/0xb0
[  377.350372][T18696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.350385][T18696] RIP: 0033:0x7f9d76d8ebe9
[  377.350397][T18696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.350408][T18696] RSP: 002b:00007f9d77ca2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.350422][T18696] RAX: ffffffffffffffda RBX: 00007f9d76fc5fa0 RCX: 00007f9d76d8ebe9
[  377.350432][T18696] RDX: 00000000000000c0 RSI: 0000200000000080 RDI: 0000000000000003
[  377.350440][T18696] RBP: 00007f9d77ca2090 R08: 0000000000000000 R09: 0000000000000000
[  377.350448][T18696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.350456][T18696] R13: 00007f9d76fc6038 R14: 00007f9d76fc5fa0 R15: 00007fff769d3168
[  377.350478][T18696]  </TASK>
[  377.799841][T18706] : renamed from hsr0 (while UP)
[  378.174673][T18728] netlink: 'syz.4.4308': attribute type 10 has an invalid length.
[  378.214212][T18728] bond0: (slave wlan1): Opening slave failed
[  378.347093][T18735] netlink: 'syz.0.4312': attribute type 1 has an invalid length.
[  378.473908][T18735] 8021q: adding VLAN 0 to HW filter on device bond1
[  378.601395][T18742] bond1: (slave veth0_to_bond): making interface the new active one
[  378.680253][T18742] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  379.017400][T18775] tc_dump_action: action bad kind
[  379.103706][T18781] netlink: 'syz.0.4325': attribute type 32 has an invalid length.
[  379.126798][T18781] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  379.718886][T18819] netlink: 'syz.1.4338': attribute type 7 has an invalid length.
[  379.900315][T18827] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[  379.932925][T18827] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  379.958717][T18832] tipc: Enabled bearer <eth:vlan1>, priority 12
[  380.972828][T18886] __nla_validate_parse: 14 callbacks suppressed
[  380.972852][T18886] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4358'.
[  380.973222][T18889] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4358'.
[  381.780181][T18920] bond0: (slave bridge0): Releasing backup interface
[  381.804147][T18920] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.831903][T18920] bridge_slave_0: left allmulticast mode
[  381.837728][T18920] bridge_slave_0: left promiscuous mode
[  381.843597][T18920] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.876677][T18920] bond0: (slave bridge_slave_1): Releasing backup interface
[  381.899586][T18920] bond0: (slave bond_slave_0): Releasing backup interface
[  381.939634][T18920] bond0: (slave bond_slave_1): Releasing backup interface
[  381.988931][T18920] team0: Port device team_slave_0 removed
[  382.011044][T18920] team0: Port device team_slave_1 removed
[  382.027407][T18920] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  382.035244][T18920] batman_adv: batadv0: Removing interface: batadv_slave_0
[  382.047009][T18920] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  382.065231][T18920] batman_adv: batadv0: Removing interface: batadv_slave_1
[  382.101403][T18920] vlan3: left promiscuous mode
[  382.106860][T18920] bridge0: left promiscuous mode
[  382.112113][T18920] bridge2: port 1(vlan3) entered disabled state
[  382.130085][T18920] batadv1: left allmulticast mode
[  382.135269][T18920] batadv1: left promiscuous mode
[  382.142170][T18920] bridge0: port 2(batadv1) entered disabled state
[  382.288760][T18939] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4377'.
[  385.130001][T19018] openvswitch: netlink: Key 9 has unexpected len 0 expected 4
[  385.646652][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  393.996451][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 180 seconds
[  394.008597][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 180 seconds
[  394.019691][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 180 seconds
[  394.030728][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 180 seconds
[  414.728299][ T1335] bond6 (unregistering): (slave gretap1): Releasing active interface
[  414.796054][ T1335] dvmrp0 (unregistering): left allmulticast mode
[  415.169092][ T1335] bond4 (unregistering): (slave bridge6): Releasing active interface
[  415.367953][ T1335] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  415.382644][ T1335] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  415.394046][ T1335] bond0 (unregistering): Released all slaves
[  415.507668][ T1335] bond1 (unregistering): Released all slaves
[  415.626066][ T1335] bond2 (unregistering): Released all slaves
[  415.742793][ T1335] bond3 (unregistering): Released all slaves
[  415.760485][ T1335] bond4 (unregistering): Released all slaves
[  415.894944][ T1335] bond5 (unregistering): (slave veth5): Releasing active interface
[  415.905576][ T1335] bond5 (unregistering): Released all slaves
[  415.919935][ T1335] bond6 (unregistering): Released all slaves
[  416.018951][ T1335] : left promiscuous mode
[  416.078819][ T1335] tipc: Left network mode
[  421.487741][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  424.051749][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 210 seconds
[  424.062724][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 210 seconds
[  424.073933][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 210 seconds
[  424.085045][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 210 seconds
[  454.127852][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 240 seconds
[  454.138853][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 240 seconds
[  454.149914][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 240 seconds
[  454.161337][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 240 seconds
[  470.818590][T10794] batman_adv: batadv2: IGMP Querier disappeared - multicast optimizations disabled
[  470.828543][T10794] batman_adv: batadv1: IGMP Querier disappeared - multicast optimizations disabled
[  470.850275][T10794] batman_adv: batadv3: IGMP Querier disappeared - multicast optimizations disabled
[  484.207330][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 270 seconds
[  484.218157][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 270 seconds
[  484.229266][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 270 seconds
[  484.240341][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 270 seconds
[  496.366447][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  514.286478][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 300 seconds
[  514.297447][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 300 seconds
[  514.308608][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 300 seconds
[  514.319701][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 300 seconds
[  543.087012][   T31] INFO: task kworker/0:2:982 blocked for more than 143 seconds.
[  543.094899][   T31]       Not tainted syzkaller #0
[  543.100857][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  543.110264][   T31] task:kworker/0:2     state:D stack:20024 pid:982   tgid:982   ppid:2      task_flags:0x4208060 flags:0x00004000
[  543.122432][   T31] Workqueue: events rfkill_sync_work
[  543.127781][   T31] Call Trace:
[  543.131062][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  543.133998][   T31]  __schedule+0x1798/0x4cc0
[  543.146299][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  543.152678][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  543.172612][   T31]  ? __pfx___schedule+0x10/0x10
[  543.203792][   T31]  ? schedule+0x91/0x360
[  543.226207][   T31]  schedule+0x165/0x360
[  543.230425][   T31]  schedule_preempt_disabled+0x13/0x30
[  543.235909][   T31]  __mutex_lock+0x7e6/0x1350
[  543.262238][   T31]  ? __mutex_lock+0x5bb/0x1350
[  543.268437][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[  543.273752][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  543.279139][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.284351][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  543.291717][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  543.298746][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  543.304476][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[  543.310052][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  543.315862][   T31]  rfkill_set_block+0x1cf/0x440
[  543.321355][   T31]  rfkill_sync_work+0x114/0x200
[  543.326873][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  543.332675][   T31]  process_scheduled_works+0xae1/0x17b0
[  543.338969][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  543.344988][   T31]  worker_thread+0x8a0/0xda0
[  543.350199][   T31]  kthread+0x70e/0x8a0
[  543.354282][   T31]  ? __pfx_worker_thread+0x10/0x10
[  543.360758][   T31]  ? __pfx_kthread+0x10/0x10
[  543.365377][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.371382][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.377540][   T31]  ? __pfx_kthread+0x10/0x10
[  543.382149][   T31]  ret_from_fork+0x3f9/0x770
[  543.386889][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  543.392019][   T31]  ? __switch_to_asm+0x39/0x70
[  543.396949][   T31]  ? __switch_to_asm+0x33/0x70
[  543.401719][   T31]  ? __pfx_kthread+0x10/0x10
[  543.406569][   T31]  ret_from_fork_asm+0x1a/0x30
[  543.411383][   T31]  </TASK>
[  543.414525][   T31] INFO: task kworker/0:5:5979 blocked for more than 143 seconds.
[  543.422307][   T31]       Not tainted syzkaller #0
[  543.427397][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  543.436056][   T31] task:kworker/0:5     state:D stack:22568 pid:5979  tgid:5979  ppid:2      task_flags:0x4208060 flags:0x00004000
[  543.457642][   T31] Workqueue: events rfkill_global_led_trigger_worker
[  543.464343][   T31] Call Trace:
[  543.467760][   T31]  <TASK>
[  543.470708][   T31]  __schedule+0x1798/0x4cc0
[  543.475241][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  543.481826][   T31]  ? __pfx___schedule+0x10/0x10
[  543.486794][   T31]  ? schedule+0x91/0x360
[  543.491052][   T31]  schedule+0x165/0x360
[  543.495218][   T31]  schedule_preempt_disabled+0x13/0x30
[  543.500773][   T31]  __mutex_lock+0x7e6/0x1350
[  543.505375][   T31]  ? __mutex_lock+0x5bb/0x1350
[  543.510356][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  543.516880][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  543.521918][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  543.527901][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  543.533627][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[  543.539794][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  543.545514][   T31]  process_scheduled_works+0xae1/0x17b0
[  543.551229][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  543.557441][   T31]  worker_thread+0x8a0/0xda0
[  543.562039][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  543.568554][   T31]  ? __kthread_parkme+0x7b/0x200
[  543.573508][   T31]  kthread+0x70e/0x8a0
[  543.577756][   T31]  ? __pfx_worker_thread+0x10/0x10
[  543.582870][   T31]  ? __pfx_kthread+0x10/0x10
[  543.587567][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.592773][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.598127][   T31]  ? __pfx_kthread+0x10/0x10
[  543.602733][   T31]  ret_from_fork+0x3f9/0x770
[  543.607851][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  543.612977][   T31]  ? __switch_to_asm+0x39/0x70
[  543.617868][   T31]  ? __switch_to_asm+0x33/0x70
[  543.622636][   T31]  ? __pfx_kthread+0x10/0x10
[  543.627421][   T31]  ret_from_fork_asm+0x1a/0x30
[  543.632206][   T31]  </TASK>
[  543.635310][   T31] INFO: task syz.4.4385:18966 blocked for more than 143 seconds.
[  543.643226][   T31]       Not tainted syzkaller #0
[  543.648446][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  543.657226][   T31] task:syz.4.4385      state:D stack:25096 pid:18966 tgid:18966 ppid:15101  task_flags:0x400040 flags:0x00004004
[  543.669251][   T31] Call Trace:
[  543.672533][   T31]  <TASK>
[  543.675467][   T31]  __schedule+0x1798/0x4cc0
[  543.680182][   T31]  ? validate_chain+0x897/0x2140
[  543.685146][   T31]  ? __lock_acquire+0xab9/0xd20
[  543.690273][   T31]  ? __pfx___schedule+0x10/0x10
[  543.695156][   T31]  ? schedule+0x91/0x360
[  543.699558][   T31]  schedule+0x165/0x360
[  543.703726][   T31]  schedule_timeout+0x9a/0x270
[  543.708633][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  543.714021][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.720170][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.725377][   T31]  ? wait_for_completion+0x267/0x5d0
[  543.731587][   T31]  wait_for_completion+0x2bf/0x5d0
[  543.736953][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  543.742605][   T31]  ? __flush_work+0xd2/0xbc0
[  543.747294][   T31]  ? __flush_work+0xd2/0xbc0
[  543.751893][   T31]  __flush_work+0x9b9/0xbc0
[  543.756579][   T31]  ? __flush_work+0xd2/0xbc0
[  543.761173][   T31]  ? __pfx___flush_work+0x10/0x10
[  543.766244][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  543.771574][   T31]  ? __pfx___cancel_work+0x10/0x10
[  543.776848][   T31]  ? nfc_genl_device_removed+0x23c/0x330
[  543.782490][   T31]  __cancel_work_sync+0xbe/0x110
[  543.788325][   T31]  rfkill_unregister+0x92/0x220
[  543.793202][   T31]  nfc_unregister_device+0x96/0x2a0
[  543.799025][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  543.804752][   T31]  virtual_ncidev_close+0x56/0x90
[  543.810259][   T31]  __fput+0x44c/0xa70
[  543.814251][   T31]  task_work_run+0x1d4/0x260
[  543.819516][   T31]  ? __pfx_task_work_run+0x10/0x10
[  543.824643][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  543.830798][   T31]  exit_to_user_mode_loop+0xec/0x110
[  543.837901][   T31]  do_syscall_64+0x2bd/0x3b0
[  543.842508][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.848025][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.854095][   T31]  ? clear_bhb_loop+0x60/0xb0
[  543.859173][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.865073][   T31] RIP: 0033:0x7f9d76d8ebe9
[  543.869591][   T31] RSP: 002b:00007fff769d32c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  543.878182][   T31] RAX: 0000000000000000 RBX: 00007f9d76fc7da0 RCX: 00007f9d76d8ebe9
[  543.886541][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  543.894515][   T31] RBP: 00007f9d76fc7da0 R08: 00000000000001cc R09: 00000019769d35bf
[  543.902750][   T31] R10: 00007f9d76fc7cb0 R11: 0000000000000246 R12: 000000000005db5f
[  543.910885][   T31] R13: 00007f9d76fc6180 R14: ffffffffffffffff R15: 00007fff769d33e0
[  543.919084][   T31]  </TASK>
[  543.922160][   T31] INFO: task syz.0.4387:18983 blocked for more than 144 seconds.
[  543.929961][   T31]       Not tainted syzkaller #0
[  543.934892][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  543.943750][   T31] task:syz.0.4387      state:D stack:26760 pid:18983 tgid:18977 ppid:15667  task_flags:0x400140 flags:0x00004004
[  543.956042][   T31] Call Trace:
[  543.959573][   T31]  <TASK>
[  543.962517][   T31]  __schedule+0x1798/0x4cc0
[  543.967509][   T31]  ? __lock_acquire+0xab9/0xd20
[  543.972392][   T31]  ? __lock_acquire+0xab9/0xd20
[  543.977393][   T31]  ? __pfx___schedule+0x10/0x10
[  543.982269][   T31]  ? schedule+0x91/0x360
[  543.986619][   T31]  schedule+0x165/0x360
[  543.990783][   T31]  schedule_preempt_disabled+0x13/0x30
[  543.996411][   T31]  __mutex_lock+0x7e6/0x1350
[  544.001008][   T31]  ? __mutex_lock+0x5bb/0x1350
[  544.005766][   T31]  ? rfkill_register+0x37/0x8e0
[  544.010750][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  544.015786][   T31]  ? __init_waitqueue_head+0xa9/0x150
[  544.021281][   T31]  ? device_initialize+0x24b/0x440
[  544.026511][   T31]  rfkill_register+0x37/0x8e0
[  544.031200][   T31]  nfc_register_device+0x14a/0x320
[  544.036495][   T31]  nci_register_device+0x87f/0x9d0
[  544.041647][   T31]  ? __pfx_nci_register_device+0x10/0x10
[  544.047374][   T31]  ? __raw_spin_lock_init+0x45/0x100
[  544.052668][   T31]  ? __init_waitqueue_head+0xa9/0x150
[  544.058199][   T31]  virtual_ncidev_open+0x129/0x1a0
[  544.063317][   T31]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  544.069170][   T31]  misc_open+0x2bc/0x330
[  544.073425][   T31]  chrdev_open+0x4c9/0x5e0
[  544.078242][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  544.083193][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[  544.089794][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  544.094741][   T31]  do_dentry_open+0x950/0x13f0
[  544.099661][   T31]  vfs_open+0x3b/0x340
[  544.103728][   T31]  ? path_openat+0x2ecd/0x3830
[  544.108584][   T31]  path_openat+0x2ee5/0x3830
[  544.113174][   T31]  ? arch_stack_walk+0xfc/0x150
[  544.118247][   T31]  ? stack_depot_save_flags+0x40/0x860
[  544.123728][   T31]  ? __pfx_path_openat+0x10/0x10
[  544.128946][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.135037][   T31]  do_filp_open+0x1fa/0x410
[  544.139651][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.144509][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  544.149727][   T31]  ? _raw_spin_unlock+0x28/0x50
[  544.154582][   T31]  ? alloc_fd+0x64c/0x6c0
[  544.159259][   T31]  do_sys_openat2+0x121/0x1c0
[  544.163943][   T31]  ? __se_sys_futex+0x36f/0x400
[  544.168917][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  544.174150][   T31]  ? rcu_is_watching+0x15/0xb0
[  544.180498][   T31]  __x64_sys_openat+0x138/0x170
[  544.185382][   T31]  do_syscall_64+0xfa/0x3b0
[  544.190257][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  544.195468][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.202244][   T31]  ? clear_bhb_loop+0x60/0xb0
[  544.207630][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.213535][   T31] RIP: 0033:0x7f217438ebe9
[  544.218583][   T31] RSP: 002b:00007f21751e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  544.228242][   T31] RAX: ffffffffffffffda RBX: 00007f21745c6090 RCX: 00007f217438ebe9
[  544.236908][   T31] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  544.244889][   T31] RBP: 00007f2174411e19 R08: 0000000000000000 R09: 0000000000000000
[  544.253191][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  544.261736][   T31] R13: 00007f21745c6128 R14: 00007f21745c6090 R15: 00007ffc301cf2c8
[  544.270046][   T31]  </TASK>
[  544.273095][   T31] INFO: task syz.2.4390:18992 blocked for more than 144 seconds.
[  544.281096][   T31]       Not tainted syzkaller #0
[  544.286034][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  544.294931][   T31] task:syz.2.4390      state:D stack:28328 pid:18992 tgid:18989 ppid:14656  task_flags:0x400040 flags:0x00004004
[  544.307578][   T31] Call Trace:
[  544.310863][   T31]  <TASK>
[  544.313777][   T31]  __schedule+0x1798/0x4cc0
[  544.318963][   T31]  ? kasan_save_free_info+0x46/0x50
[  544.324182][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.329712][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.334572][   T31]  ? __pfx___schedule+0x10/0x10
[  544.340076][   T31]  ? schedule+0x91/0x360
[  544.344327][   T31]  schedule+0x165/0x360
[  544.349115][   T31]  schedule_preempt_disabled+0x13/0x30
[  544.354587][   T31]  __mutex_lock+0x7e6/0x1350
[  544.359837][   T31]  ? __mutex_lock+0x5bb/0x1350
[  544.364614][   T31]  ? misc_open+0x51/0x330
[  544.369996][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  544.375055][   T31]  misc_open+0x51/0x330
[  544.379807][   T31]  chrdev_open+0x4c9/0x5e0
[  544.384240][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  544.389925][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[  544.389941][   T94] block nbd2: Possible stuck request ffff888025597000: control (read@0,1024B). Runtime 330 seconds
[  544.398327][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  544.407430][   T94] block nbd2: Possible stuck request ffff8880255971c0: control (read@1024,1024B). Runtime 330 seconds
[  544.407461][   T94] block nbd2: Possible stuck request ffff888025597380: control (read@2048,1024B). Runtime 330 seconds
[  544.407487][   T94] block nbd2: Possible stuck request ffff888025597540: control (read@3072,1024B). Runtime 330 seconds
[  544.447150][   T31]  do_dentry_open+0x950/0x13f0
[  544.451956][   T31]  vfs_open+0x3b/0x340
[  544.456051][   T31]  ? path_openat+0x2ecd/0x3830
[  544.461431][   T31]  path_openat+0x2ee5/0x3830
[  544.466032][   T31]  ? arch_stack_walk+0xfc/0x150
[  544.471530][   T31]  ? stack_depot_save_flags+0x40/0x860
[  544.477660][   T31]  ? __pfx_path_openat+0x10/0x10
[  544.482607][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.489304][   T31]  do_filp_open+0x1fa/0x410
[  544.493812][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.499235][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  544.504274][   T31]  ? _raw_spin_unlock+0x28/0x50
[  544.509938][   T31]  ? alloc_fd+0x64c/0x6c0
[  544.514303][   T31]  do_sys_openat2+0x121/0x1c0
[  544.519636][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  544.524846][   T31]  ? exc_page_fault+0x76/0xf0
[  544.530149][   T31]  ? do_user_addr_fault+0xc8a/0x1390
[  544.535451][   T31]  __x64_sys_openat+0x138/0x170
[  544.540577][   T31]  do_syscall_64+0xfa/0x3b0
[  544.545089][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  544.550987][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.557684][   T31]  ? clear_bhb_loop+0x60/0xb0
[  544.562374][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.569104][   T31] RIP: 0033:0x7f34a918ebe9
[  544.573545][   T31] RSP: 002b:00007f34a73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  544.582164][   T31] RAX: ffffffffffffffda RBX: 00007f34a93c5fa0 RCX: 00007f34a918ebe9
[  544.590252][   T31] RDX: 0000000000000000 RSI: 0000200000000240 RDI: ffffffffffffff9c
[  544.598372][   T31] RBP: 00007f34a9211e19 R08: 0000000000000000 R09: 0000000000000000
[  544.612972][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  544.621703][   T31] R13: 00007f34a93c6038 R14: 00007f34a93c5fa0 R15: 00007ffeb3c6fdf8
[  544.630308][   T31]  </TASK>
[  544.633341][   T31] INFO: task syz.3.4394:19006 blocked for more than 144 seconds.
[  544.641686][   T31]       Not tainted syzkaller #0
[  544.647282][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  544.655949][   T31] task:syz.3.4394      state:D stack:26856 pid:19006 tgid:19004 ppid:13955  task_flags:0x400040 flags:0x00004004
[  544.668181][   T31] Call Trace:
[  544.671449][   T31]  <TASK>
[  544.674363][   T31]  __schedule+0x1798/0x4cc0
[  544.679486][   T31]  ? kasan_save_free_info+0x46/0x50
[  544.684700][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.691011][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.695883][   T31]  ? __pfx___schedule+0x10/0x10
[  544.701009][   T31]  ? schedule+0x91/0x360
[  544.705239][   T31]  schedule+0x165/0x360
[  544.710002][   T31]  schedule_preempt_disabled+0x13/0x30
[  544.715473][   T31]  __mutex_lock+0x7e6/0x1350
[  544.720737][   T31]  ? __mutex_lock+0x5bb/0x1350
[  544.725512][   T31]  ? misc_open+0x51/0x330
[  544.730283][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  544.735301][   T31]  misc_open+0x51/0x330
[  544.740002][   T31]  chrdev_open+0x4c9/0x5e0
[  544.744431][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  544.750018][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[  544.757013][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  544.761959][   T31]  do_dentry_open+0x950/0x13f0
[  544.767334][   T31]  vfs_open+0x3b/0x340
[  544.771404][   T31]  ? path_openat+0x2ecd/0x3830
[  544.776694][   T31]  path_openat+0x2ee5/0x3830
[  544.781297][   T31]  ? arch_stack_walk+0xfc/0x150
[  544.786783][   T31]  ? stack_depot_save_flags+0x40/0x860
[  544.792272][   T31]  ? __pfx_path_openat+0x10/0x10
[  544.797827][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.803928][   T31]  do_filp_open+0x1fa/0x410
[  544.809045][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.813916][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  544.819525][   T31]  ? _raw_spin_unlock+0x28/0x50
[  544.824490][   T31]  ? alloc_fd+0x64c/0x6c0
[  544.829486][   T31]  do_sys_openat2+0x121/0x1c0
[  544.834180][   T31]  ? __se_sys_futex+0x36f/0x400
[  544.839810][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  544.845028][   T31]  ? rcu_is_watching+0x15/0xb0
[  544.850622][   T31]  __x64_sys_openat+0x138/0x170
[  544.855486][   T31]  do_syscall_64+0xfa/0x3b0
[  544.860539][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  544.865751][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.872435][   T31]  ? clear_bhb_loop+0x60/0xb0
[  544.877342][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.883235][   T31] RIP: 0033:0x7f3537d8ebe9
[  544.887740][   T31] RSP: 002b:00007f3538b25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  544.896210][   T31] RAX: ffffffffffffffda RBX: 00007f3537fc5fa0 RCX: 00007f3537d8ebe9
[  544.904185][   T31] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  544.912499][   T31] RBP: 00007f3537e11e19 R08: 0000000000000000 R09: 0000000000000000
[  544.921111][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  544.929825][   T31] R13: 00007f3537fc6038 R14: 00007f3537fc5fa0 R15: 00007ffc10edc748
[  544.938373][   T31]  </TASK>
[  544.941419][   T31] INFO: task syz.1.4397:19020 blocked for more than 145 seconds.
[  544.950097][   T31]       Not tainted syzkaller #0
[  544.955042][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  544.964359][   T31] task:syz.1.4397      state:D stack:27808 pid:19020 tgid:19019 ppid:14325  task_flags:0x400040 flags:0x00004004
[  544.976645][   T31] Call Trace:
[  544.979953][   T31]  <TASK>
[  544.982884][   T31]  __schedule+0x1798/0x4cc0
[  544.987952][   T31]  ? kasan_save_free_info+0x46/0x50
[  544.993162][   T31]  ? __lock_acquire+0xab9/0xd20
[  544.998759][   T31]  ? __lock_acquire+0xab9/0xd20
[  545.003665][   T31]  ? __pfx___schedule+0x10/0x10
[  545.008809][   T31]  ? schedule+0x91/0x360
[  545.013061][   T31]  schedule+0x165/0x360
[  545.017814][   T31]  schedule_preempt_disabled+0x13/0x30
[  545.023289][   T31]  __mutex_lock+0x7e6/0x1350
[  545.028430][   T31]  ? __mutex_lock+0x5bb/0x1350
[  545.033207][   T31]  ? misc_open+0x51/0x330
[  545.038257][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  545.043294][   T31]  misc_open+0x51/0x330
[  545.048024][   T31]  chrdev_open+0x4c9/0x5e0
[  545.052454][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  545.058113][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[  545.064468][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  545.069984][   T31]  do_dentry_open+0x950/0x13f0
[  545.074768][   T31]  vfs_open+0x3b/0x340
[  545.079533][   T31]  ? path_openat+0x2ecd/0x3830
[  545.084313][   T31]  path_openat+0x2ee5/0x3830
[  545.089727][   T31]  ? arch_stack_walk+0xfc/0x150
[  545.094614][   T31]  ? stack_depot_save_flags+0x40/0x860
[  545.100739][   T31]  ? __pfx_path_openat+0x10/0x10
[  545.105687][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.112036][   T31]  do_filp_open+0x1fa/0x410
[  545.117215][   T31]  ? __lock_acquire+0xab9/0xd20
[  545.122083][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  545.127693][   T31]  ? _raw_spin_unlock+0x28/0x50
[  545.132555][   T31]  ? alloc_fd+0x64c/0x6c0
[  545.137510][   T31]  do_sys_openat2+0x121/0x1c0
[  545.142195][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  545.147945][   T31]  ? exc_page_fault+0x76/0xf0
[  545.152634][   T31]  ? do_user_addr_fault+0xc8a/0x1390
[  545.158625][   T31]  __x64_sys_openat+0x138/0x170
[  545.163493][   T31]  do_syscall_64+0xfa/0x3b0
[  545.168781][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  545.173994][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.180260][   T31]  ? clear_bhb_loop+0x60/0xb0
[  545.184949][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.190904][   T31] RIP: 0033:0x7f4ea258ebe9
[  545.195324][   T31] RSP: 002b:00007f4ea33a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  545.203931][   T31] RAX: ffffffffffffffda RBX: 00007f4ea27c5fa0 RCX: 00007f4ea258ebe9
[  545.212956][   T31] RDX: 0000000000008202 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  545.221564][   T31] RBP: 00007f4ea2611e19 R08: 0000000000000000 R09: 0000000000000000
[  545.230152][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  545.238752][   T31] R13: 00007f4ea27c6038 R14: 00007f4ea27c5fa0 R15: 00007ffc82344088
[  545.247375][   T31]  </TASK>
[  545.250430][   T31] INFO: task syz-executor:19025 blocked for more than 145 seconds.
[  545.258873][   T31]       Not tainted syzkaller #0
[  545.263816][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  545.273116][   T31] task:syz-executor    state:D stack:27240 pid:19025 tgid:19025 ppid:1      task_flags:0x400040 flags:0x00004000
[  545.285474][   T31] Call Trace:
[  545.289351][   T31]  <TASK>
[  545.292295][   T31]  __schedule+0x1798/0x4cc0
[  545.297349][   T31]  ? kasan_save_free_info+0x46/0x50
[  545.302564][   T31]  ? __lock_acquire+0xab9/0xd20
[  545.308074][   T31]  ? __lock_acquire+0xab9/0xd20
[  545.312932][   T31]  ? __pfx___schedule+0x10/0x10
[  545.318388][   T31]  ? schedule+0x91/0x360
[  545.322646][   T31]  schedule+0x165/0x360
[  545.327436][   T31]  schedule_preempt_disabled+0x13/0x30
[  545.332905][   T31]  __mutex_lock+0x7e6/0x1350
[  545.338048][   T31]  ? __mutex_lock+0x5bb/0x1350
[  545.342820][   T31]  ? misc_open+0x51/0x330
[  545.347801][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  545.352857][   T31]  misc_open+0x51/0x330
[  545.357591][   T31]  chrdev_open+0x4c9/0x5e0
[  545.362025][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  545.367579][   T31]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[  545.373925][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  545.379427][   T31]  do_dentry_open+0x950/0x13f0
[  545.384205][   T31]  vfs_open+0x3b/0x340
[  545.388997][   T31]  ? path_openat+0x2ecd/0x3830
[  545.393778][   T31]  path_openat+0x2ee5/0x3830
[  545.398972][   T31]  ? __pfx_css_rstat_updated+0x10/0x10
[  545.404439][   T31]  ? count_memcg_event_mm+0x21/0x260
[  545.410396][   T31]  ? __pfx_path_openat+0x10/0x10
[  545.415339][   T31]  ? __pfx___up_read+0x10/0x10
[  545.420680][   T31]  ? do_user_addr_fault+0xbc1/0x1390
[  545.425993][   T31]  do_filp_open+0x1fa/0x410
[  545.431151][   T31]  ? __lock_acquire+0xab9/0xd20
[  545.436015][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  545.441616][   T31]  ? _raw_spin_unlock+0x28/0x50
[  545.447087][   T31]  ? alloc_fd+0x64c/0x6c0
[  545.451451][   T31]  do_sys_openat2+0x121/0x1c0
[  545.456691][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  545.461905][   T31]  ? fd_install+0x97/0x540
[  545.466533][   T31]  ? fd_install+0x30d/0x540
[  545.471056][   T31]  __x64_sys_openat+0x138/0x170
[  545.475915][   T31]  do_syscall_64+0xfa/0x3b0
[  545.480467][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  545.485658][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.491864][   T31]  ? clear_bhb_loop+0x60/0xb0
[  545.497222][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.503130][   T31] RIP: 0033:0x7fd5ffd8d4d1
[  545.508175][   T31] RSP: 002b:00007ffce9ee0ed0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  545.517152][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd5ffd8d4d1
[  545.525132][   T31] RDX: 0000000000000002 RSI: 00007fd5ffe12822 RDI: 00000000ffffff9c
[  545.533442][   T31] RBP: 00007fd5ffe12822 R08: 0000000000000000 R09: 00007fd600afd6c0
[  545.541964][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  545.550558][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  545.559101][   T31]  </TASK>
[  545.562171][   T31] 
[  545.562171][   T31] Showing all locks held in the system:
[  545.570587][   T31] 1 lock held by khungtaskd/31:
[  545.575452][   T31]  #0: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  545.586744][   T31] 4 locks held by kworker/0:2/982:
[  545.591871][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  545.603817][   T31]  #1: ffffc9000369fbc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  545.616571][   T31]  #2: ffffffff8f812768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[  545.627298][   T31]  #3: ffff888053b2a100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[  545.637732][   T31] 2 locks held by kworker/u8:5/1007:
[  545.643030][   T31] 4 locks held by kworker/u8:8/1335:
[  545.655221][   T31]  #0: ffff88801b2fe948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  545.666491][   T31]  #1: ffffc900040ffbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  545.677549][   T31]  #2: ffffffff8f52bc30 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  545.687506][   T31]  #3: ffffffff8f812768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[  545.697922][   T31] 2 locks held by getty/5629:
[  545.702581][   T31]  #0: ffff88814d2130a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  545.712960][   T31]  #1: ffffc900036c32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  545.723652][   T31] 3 locks held by kworker/0:5/5979:
[  545.731126][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  545.742694][   T31]  #1: ffffc90005177bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  545.756528][   T31]  #2: ffffffff8f812768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  545.768391][   T31] 1 lock held by udevd/6358:
[  545.772982][   T31]  #0: ffff8880254f2358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  545.782859][   T31] 2 locks held by kworker/u8:14/10797:
[  545.788467][   T31]  #0: ffff8880b8639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  545.798538][   T31]  #1: ffff8880b8624008 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  545.807589][   T31] 1 lock held by syz.4.4385/18966:
[  545.812704][   T31]  #0: ffff888053b2a100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  545.822779][   T31] 3 locks held by syz.0.4387/18983:
[  545.828490][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.837670][   T31]  #1: ffff888032bcb100 (&dev->mutex){....}-{4:4}, at: nfc_register_device+0xa1/0x320
[  545.847850][   T31]  #2: ffffffff8f812768 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  545.858408][   T31] 1 lock held by syz.2.4390/18992:
[  545.863521][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.872546][   T31] 1 lock held by syz.3.4394/19006:
[  545.878275][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.887421][   T31] 1 lock held by syz.1.4397/19020:
[  545.892532][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.901647][   T31] 1 lock held by syz-executor/19025:
[  545.907472][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.915940][   T31] 1 lock held by syz-executor/19029:
[  545.922358][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.931386][   T31] 1 lock held by syz-executor/19030:
[  545.937279][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.945752][   T31] 1 lock held by syz-executor/19031:
[  545.951717][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.960808][   T31] 1 lock held by syz-executor/19033:
[  545.966620][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.975085][   T31] 1 lock held by syz-executor/19035:
[  545.980991][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  545.989899][   T31] 1 lock held by syz-executor/19037:
[  545.995162][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.004206][   T31] 1 lock held by syz-executor/19040:
[  546.010042][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.019124][   T31] 1 lock held by syz-executor/19041:
[  546.024400][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.033095][   T31] 1 lock held by syz-executor/19043:
[  546.038985][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.048019][   T31] 1 lock held by syz-executor/19045:
[  546.053304][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.062449][   T31] 1 lock held by syz-executor/19047:
[  546.068289][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.076936][   T31] 1 lock held by syz-executor/19050:
[  546.082219][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.090762][   T31] 1 lock held by syz-executor/19051:
[  546.096038][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.104609][   T31] 1 lock held by syz-executor/19053:
[  546.110440][   T31]  #0: ffffffff8e9c1b08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  546.119206][   T31] 
[  546.121524][   T31] =============================================
[  546.121524][   T31] 
[  546.130807][   T31] NMI backtrace for cpu 1
[  546.130823][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  546.130842][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  546.130853][   T31] Call Trace:
[  546.130861][   T31]  <TASK>
[  546.130869][   T31]  dump_stack_lvl+0x189/0x250
[  546.130896][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  546.130917][   T31]  ? __pfx__printk+0x10/0x10
[  546.130952][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  546.130976][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  546.131000][   T31]  ? __pfx__printk+0x10/0x10
[  546.131026][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  546.131052][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  546.131076][   T31]  watchdog+0xf93/0xfe0
[  546.131102][   T31]  ? watchdog+0x1de/0xfe0
[  546.131129][   T31]  kthread+0x70e/0x8a0
[  546.131153][   T31]  ? __pfx_watchdog+0x10/0x10
[  546.131173][   T31]  ? __pfx_kthread+0x10/0x10
[  546.131195][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  546.131216][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  546.131236][   T31]  ? __pfx_kthread+0x10/0x10
[  546.131257][   T31]  ret_from_fork+0x3f9/0x770
[  546.131277][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  546.131301][   T31]  ? __switch_to_asm+0x39/0x70
[  546.131320][   T31]  ? __switch_to_asm+0x33/0x70
[  546.131339][   T31]  ? __pfx_kthread+0x10/0x10
[  546.131360][   T31]  ret_from_fork_asm+0x1a/0x30
[  546.131397][   T31]  </TASK>
[  546.131405][   T31] Sending NMI from CPU 1 to CPUs 0:
[  546.283877][    C0] NMI backtrace for cpu 0
[  546.283894][    C0] CPU: 0 UID: 0 PID: 1007 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) 
[  546.283912][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  546.283923][    C0] Workqueue: bat_events batadv_nc_worker
[  546.283946][    C0] RIP: 0010:check_preemption_disabled+0x59/0x120
[  546.283965][    C0] Code: 8b 0d 9b 9e 26 07 48 3b 4c 24 08 0f 85 cc 00 00 00 48 83 c4 10 5b 41 5e 41 5f 5d e9 81 c9 02 00 cc 48 c7 04 24 00 00 00 00 9c <8f> 04 24 f7 04 24 00 02 00 00 74 c8 65 4c 8b 3c 25 08 80 a0 92 41
[  546.283978][    C0] RSP: 0018:ffffc9000378f940 EFLAGS: 00000046
[  546.283992][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080000000
[  546.284002][    C0] RDX: 0000000000000000 RSI: ffffffff8d9cbbbb RDI: ffffffff8be33800
[  546.284014][    C0] RBP: ffffffff8b475b02 R08: 0000000000000000 R09: 0000000000000000
[  546.284025][    C0] R10: dffffc0000000000 R11: ffffffff8b475a30 R12: 0000000000000002
[  546.284036][    C0] R13: ffffffff8e139ee0 R14: 0000000000000000 R15: 0000000000000246
[  546.284046][    C0] FS:  0000000000000000(0000) GS:ffff888125c18000(0000) knlGS:0000000000000000
[  546.284060][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  546.284070][    C0] CR2: 000056129f87b000 CR3: 000000000df36000 CR4: 00000000003526f0
[  546.284084][    C0] Call Trace:
[  546.284091][    C0]  <TASK>
[  546.284101][    C0]  ? batadv_nc_worker+0xd2/0x610
[  546.284117][    C0]  lock_acquire+0xe7/0x360
[  546.284140][    C0]  ? batadv_nc_worker+0xd2/0x610
[  546.284157][    C0]  ? batadv_nc_worker+0xd2/0x610
[  546.284175][    C0]  batadv_nc_worker+0xef/0x610
[  546.284191][    C0]  ? batadv_nc_worker+0xd2/0x610
[  546.284209][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  546.284225][    C0]  process_scheduled_works+0xae1/0x17b0
[  546.284254][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  546.284278][    C0]  worker_thread+0x8a0/0xda0
[  546.284294][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  546.284318][    C0]  ? __kthread_parkme+0x7b/0x200
[  546.284339][    C0]  kthread+0x70e/0x8a0
[  546.284356][    C0]  ? __pfx_worker_thread+0x10/0x10
[  546.284371][    C0]  ? __pfx_kthread+0x10/0x10
[  546.284388][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  546.284405][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  546.284422][    C0]  ? __pfx_kthread+0x10/0x10
[  546.284439][    C0]  ret_from_fork+0x3f9/0x770
[  546.284456][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  546.284474][    C0]  ? __switch_to_asm+0x39/0x70
[  546.284492][    C0]  ? __switch_to_asm+0x33/0x70
[  546.284508][    C0]  ? __pfx_kthread+0x10/0x10
[  546.284525][    C0]  ret_from_fork_asm+0x1a/0x30
[  546.284550][    C0]  </TASK>
[  546.284991][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  546.543870][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  546.552962][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  546.563002][   T31] Call Trace:
[  546.566267][   T31]  <TASK>
[  546.569184][   T31]  dump_stack_lvl+0x99/0x250
[  546.573764][   T31]  ? __asan_memcpy+0x40/0x70
[  546.578342][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  546.583531][   T31]  ? __pfx__printk+0x10/0x10
[  546.588116][   T31]  vpanic+0x281/0x750
[  546.592085][   T31]  ? __pfx_vpanic+0x10/0x10
[  546.596591][   T31]  ? preempt_schedule+0xae/0xc0
[  546.601434][   T31]  ? preempt_schedule_common+0x83/0xd0
[  546.606882][   T31]  panic+0xb9/0xc0
[  546.610591][   T31]  ? __pfx_panic+0x10/0x10
[  546.614991][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  546.620357][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  546.626501][   T31]  watchdog+0xfd2/0xfe0
[  546.630653][   T31]  ? watchdog+0x1de/0xfe0
[  546.634971][   T31]  kthread+0x70e/0x8a0
[  546.639028][   T31]  ? __pfx_watchdog+0x10/0x10
[  546.643694][   T31]  ? __pfx_kthread+0x10/0x10
[  546.648272][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  546.653456][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  546.658639][   T31]  ? __pfx_kthread+0x10/0x10
[  546.663214][   T31]  ret_from_fork+0x3f9/0x770
[  546.667787][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  546.672886][   T31]  ? __switch_to_asm+0x39/0x70
[  546.677635][   T31]  ? __switch_to_asm+0x33/0x70
[  546.682384][   T31]  ? __pfx_kthread+0x10/0x10
[  546.686959][   T31]  ret_from_fork_asm+0x1a/0x30
[  546.691720][   T31]  </TASK>
[  546.694983][   T31] Kernel Offset: disabled
[  546.699290][   T31] Rebooting in 86400 seconds..