last executing test programs:

2.952820214s ago: executing program 4 (id=2169):
syz_init_net_socket$ax25(0x3, 0x3, 0xca)

2.825067922s ago: executing program 4 (id=2170):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r3, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
sendmsg$nl_route_sched(r2, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000480)=@deltaction={0xc0, 0x31, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xb}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @TCA_ACT_TAB={0x70, 0x1, [{0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8d9e}}, {0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4000000}}, {0x10, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x11d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}]}]}, 0xc0}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1, 0x0, 0x20007fffffff}, 0x18)
bind$bt_l2cap(r0, &(0x7f00000000c0), 0xe)
listen(r0, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
connect$unix(r4, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r6 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r6, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x802)
r7 = socket$netlink(0x10, 0x3, 0x4)
write(r7, &(0x7f00000000c0)="29000000140005b7ff000051915f95eb01010003a606a40e07fff024bb000000000000000040000000", 0x29)
r8 = accept4(r0, 0x0, 0x0, 0x80000)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, 0x0)
r9 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r9, &(0x7f0000000080)=@name={0x1e, 0x2, 0x3, {{0x42}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r8, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
r10 = socket(0x28, 0x5, 0x0)
accept4$unix(r10, 0x0, 0x0, 0x80800)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000340)={@private1, 0x10001, 0x2, 0x3, 0x2, 0x9, 0x3}, 0x20)

2.500952772s ago: executing program 3 (id=2176):
r0 = socket$inet6(0xa, 0x806, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="0203000910000000010000000000000005000600000000000a00000000000000000000000000000000000000000000000000000000000000020001000000000000000702000000ff05000500000000000a00000000000000ff17000580ff000000000000000000010000000000000000020008"], 0x80}}, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x5)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r3}, 0x8)
close(r4)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r4, r3, 0x4, r3}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0xfffffd7c, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010000507000000000000000000000006", @ANYRES32=0x0, @ANYBLOB="4000020020000500240012800c0001006d6163766c616e001400028008000100020000000800030002000000"], 0x44}}, 0x0)
listen(r0, 0x3)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r6 = accept4(r0, 0x0, 0x0, 0x0)
r7 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r7, &(0x7f00000066c0)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="140000000000000900000000080000009a01000000000000"], 0x18}}], 0x1, 0x167e)
syz_genetlink_get_family_id$smc(&(0x7f0000000040), r6)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c1200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000200000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kfree\x00', r10}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x1c, r11, 0x800, 0x70bd2c, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0)
read(r5, &(0x7f0000000680)=""/201, 0xc9)
openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
close(0x4)

2.000112007s ago: executing program 0 (id=2184):
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB="08000aff", @ANYRES32], 0x54}}, 0x0)

1.920132123s ago: executing program 0 (id=2186):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}}, 0x18)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, <r3=>0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r4, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x8, &(0x7f0000001280)=ANY=[@ANYBLOB="6b0000000000000029000000080000000000000000000000000000007f000001080000000700000000000034366567f221978756640000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="000000007f00000100010000"], 0x6b}, 0xfc00)
ioctl$BTRFS_IOC_RM_DEV_V2(r1, 0x5000943a, &(0x7f0000000640)={{r0}, r3, 0x8, @inherit={0x90, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000000900000000000000000060000000000003000000000000002000000000000000010000800000008b401effffffffffff090000000000000007000000000000000600000000000000ff010000000000000d00000000000000ff07000000000000ffff000000000000ff070000000000000500000000000000010000000100000008000000"]}, @subvolid=0xff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000400)=@newqdisc={0x2c, 0x24, 0x70f, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x5}, {0xffff, 0xe}, {0xa, 0x3}}, [@TCA_RATE={0x6, 0x5, {0x13, 0x7}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c00000000000200000000000000000000040000000000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x1d6225b, 0x0, 0x0, 0x14, 0x0, @void, @value}, 0x90)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
connect$can_j1939(r1, &(0x7f0000000300)={0x1d, r6, 0x3, {0x0, 0xf1, 0x6}, 0xfe}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r8, 0x0)
listen(r8, 0x9ce2)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d80)=ANY=[@ANYBLOB="3c0100001000130728bd700000000000ac1414aa0000000000000000000000007f000001000000000000000000000000000001000000000a00002084000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000000002b00000020010000000000000000000000000001ff000000000000000000000000000000080000000000000001000000010000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000fcffffffffffffff0c000000000000000000000028bd7000000000000a00000000000000000000004c001200726663343534332867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000"], 0x13c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r11, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)

1.833356681s ago: executing program 4 (id=2187):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703003f00000000850000003100000095"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)

1.813231897s ago: executing program 1 (id=2188):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r0, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f00000003c0)=""/152, 0x98}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x3}}], 0x7, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0xb, &(0x7f0000002e00)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002120207b1a00fe00000000bfa10000000000000701000078ffffffb702000008000000b70300000000000085000000c700000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.644871915s ago: executing program 4 (id=2190):
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000fc0)={@fallback, 0xffffffffffffffff, 0x15, 0x0, 0x0, @void, @value}, 0x20)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x28, 0x0, 0x0, 0xffffefff}, {0x6, 0x0, 0x0, 0x6}]}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240))
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f00000000c0)="1c0000001e005f0214fffffffffffff8070000001700000000000000", 0x1c)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x809}, {0xa, 0x8, 0x0, @empty}, 0x2, {[0x0, 0x1, 0xfffffffe, 0x0, 0xffffffff, 0x8]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9]}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x4e22, 0x0, @mcast1}}, 0x5c)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$kcm(0x15, 0x5, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000780)=@l2tp={0xa, 0x0, @private, 0xc0ff}, 0x80, 0x0}, 0x4000040)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r4, 0x29, 0xd4, &(0x7f0000000080)=0xa, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x40000)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c000000100039040010e4ffffffffffffff0000837bdb13db38d829c85d9288b3bb191f79628fb02852", @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c000280140003002001"], 0x5c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
syz_emit_ethernet(0x10ce, &(0x7f0000001d00)=ANY=[], 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0xffffffff, [{0xa, 0x3, 0x10}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @restrict={0x0, 0x0, 0x0, 0x10, 0x2}]}}, 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

1.562245s ago: executing program 0 (id=2191):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)="711fc0e3579edf91501b5773dfbc", 0xe}, 0x1, 0x0, 0x0, 0x80}, 0x24000840)
recvmmsg(r0, &(0x7f0000002e40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}}], 0x40000000000019e, 0x142, 0x0)

1.561758582s ago: executing program 1 (id=2192):
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = socket$inet6(0xa, 0x806, 0x0)
listen(r1, 0x3)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r3, @ANYBLOB="800202000a0002"], 0x48}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="000386dd0a00100000004000000060ec97020fc82b00fe8000000000000000000000000000aaff020000000000000000"], 0xffe)

1.505295685s ago: executing program 3 (id=2193):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x1}, 0x6)
ioctl$sock_bt_hci(r0, 0x800448d7, &(0x7f00000000c0))

1.453084923s ago: executing program 2 (id=2194):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) (async)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000009c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000980)={&(0x7f0000000880)={0xc8, r0, 0x300, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0xc}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xa6}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x1}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x7}]}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_TX_RATES={0x70, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x6c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x19, 0x1, [0x12, 0x18, 0xc, 0x60, 0x16, 0x3, 0x1, 0x9, 0x3, 0x4, 0x24, 0x5, 0x48, 0x4, 0x6c, 0x60, 0x16, 0x5, 0x16, 0x16, 0x4]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0xf, 0x2, [{0x3, 0x8}, {0x7, 0x9}, {0x1, 0x9}, {0x2, 0x3}, {0x4, 0x1}, {0x4, 0x9}, {0x6, 0x6}, {0x5, 0x6}, {0x6, 0x7}, {0x4, 0xa}, {0x0, 0x6}]}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x1b, 0x18, 0x48, 0x4, 0x24, 0x30, 0x36, 0x12, 0x18]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x5, 0x2}]}, @NL80211_TXRATE_HT={0x7, 0x2, [{0x1, 0x3}, {0x4, 0x6}, {0x5, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x6, 0xf5, 0x1400, 0x1, 0x3800, 0x4, 0xff87]}}]}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0xc8}, 0x1, 0x0, 0x0, 0x100000d1}, 0x4000000)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x3, 0x4, 0x1, 0x4, {0xa, 0x4e22, 0x8, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x7}}}, 0x32) (async)
setsockopt$packet_int(r2, 0x107, 0xc, &(0x7f0000000040)=0x5, 0x4) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRESHEX=r3, @ANYRES64=r3, @ANYRES16=r3, @ANYRES64=r3, @ANYRESOCT=r3], 0x58}}, 0x4000004)

1.356379622s ago: executing program 0 (id=2195):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000b40)="a2", 0xfffffd2a}], 0x1, 0x0, 0x0, 0x20000000}, 0x4000041)
close(r1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ppoll(&(0x7f0000000380)=[{r1}, {r2}, {r0, 0x8}, {r0, 0x8000}, {r0, 0x2000}, {r0, 0x40}], 0x6, &(0x7f0000000240)={0x77359400}, &(0x7f0000000340)={[0x7f]}, 0x8)
r3 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast2, 0x90}, 0x1c)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x2, 0x0, @local, 0x2}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000300)=0x35)
pselect6(0x40, &(0x7f0000000040)={0x5, 0x1, 0x3, 0x4, 0xbd38, 0x1, 0x6, 0xfff}, &(0x7f0000000080)={0x1, 0x5, 0x9, 0x3, 0x1, 0x7, 0x1, 0xffffffffffff8001}, &(0x7f00000000c0)={0x7a43, 0x3, 0x2, 0xf51, 0x7, 0x0, 0x1, 0x8}, &(0x7f0000000100), &(0x7f0000000180)={&(0x7f0000000140)={[0x10001]}, 0x8})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000c0000000400000001000084010000000ae6ffffff0000000000000005000000200000000000000000000002afff8900020000000200000000000000006100302e6161616100610049bf4063e71238bd8847e39388833c8ec07f23e17a5aa30048918849fac7462f55f1d586317f269930f08ef9193f0000"], 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r9)
sendmsg$IEEE802154_LIST_IFACE(r8, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f00000027c0)={0x14, r10, 0x731, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000540)={'syztnl2\x00', &(0x7f00000004c0)={'syztnl2\x00', <r11=>0x0, 0x4, 0x8, 0x6, 0x6, 0x0, @local, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x8049, 0x8, 0x3, 0xfffffffe}})
sendmsg$nl_route(r3, &(0x7f0000000640)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000600)={&(0x7f00000007c0)=ANY=[@ANYBLOB="6c000000160010002dbd7000fbdbdf250a0804ff", @ANYRES32=r11, @ANYBLOB="08000800000600001400010000000000000000000000ffffac1e010114000200fe80000000000000000000000000000e083e3b000308000008000900018807ff140006000200000008000000050000000a000000dded37c1abac8950c6dcf9dfd6ca8402b8ee610b45e0d5743768690393709ae47369cf93831f408a0b0ad303467e64074e61d82ae6f07a7f46bd98858f7ea18c45656b3b1bce"], 0x6c}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
setsockopt$sock_attach_bpf(r6, 0x1, 0x10, &(0x7f0000000400), 0x4)
sendmsg$unix(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x40085)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000440)={r5, 0x400, 0x10, 0x49, 0x400}, &(0x7f0000000480)=0x18)

1.309420384s ago: executing program 3 (id=2196):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000440)={0x3, &(0x7f0000000000)=[{0x1d, 0x0, 0x1, 0x4}, {}, {0x6, 0x0, 0x6}]})

1.257407362s ago: executing program 4 (id=2197):
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0)

1.194072441s ago: executing program 2 (id=2198):
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000780)=@security={'security\x00', 0x44, 0x4, 0x3f0, 0xffffffff, 0x218, 0x218, 0x218, 0xffffffff, 0xffffffff, 0x320, 0x320, 0x320, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x203, 0x120, 0x148, 0x8502, {}, [@common=@ah={{0x30}, {[0x4d6, 0x4d6], 0xe, 0x0, 0x1}}, @common=@unspec=@helper={{0x48}, {0x1, 'irc-20000\x00'}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x11}}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x0, 0x600}}}, {{@uncond, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0x0, 0xff000000], 0x0, 0x4e21, 0x0, 0x4e23}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)

1.161395477s ago: executing program 1 (id=2199):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
unshare(0x26020480)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0x0, 0x3}, 0x6)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c8, &(0x7f0000000100))
r2 = socket(0x2b, 0x1, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r2, 0x11e, 0x1, 0x0, 0x20000000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"/16], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r3}, 0x10)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r6, 0x11, 0x0, 0x0, @void, @value=r5}, 0x20)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000100)=@req={0x2, 0x6, 0x10200, 0x43}, 0x10)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x6c, r9, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4, 0x0, @loopback}}, {0x12, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}}, 0x0)
sendmsg$TIPC_NL_BEARER_ADD(r2, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f00000002c0)={0x1a4, r9, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xbce}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xd7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xc8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xb}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x25}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0x68, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x7f}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xb4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xaf2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xe1c}]}, @TIPC_NLA_SOCK_ADDR={0x8}]}, @TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x401}]}, @TIPC_NLA_BEARER={0x50, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_BEARER_NAME={0xfffffff1, 0x1, @l2={'eth', 0x3a, 'veth1_to_hsr\x00'}}]}]}, 0x1a4}}, 0xd2)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r10, &(0x7f00000000c0)='cgroup.events\x00', 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r7, 0x800454e0, &(0x7f0000000080)=r0)

1.096406979s ago: executing program 4 (id=2200):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x340, 0x0, 0x4c, 0x1a, 0x190, 0x73, 0x270, 0x258, 0x258, 0x270, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @mcast2, [], [], 'netdevsim0\x00', 'macvlan1\x00'}, 0x0, 0x160, 0x190, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x2}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00', @dev}}]}, @common=@inet=@SET2={0x30}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a)
sendfile(r1, r2, 0x0, 0xffffffff000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r2, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f00000008c0)=[0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0xe4, &(0x7f0000000840)=[{}], 0x8, 0x10, &(0x7f0000000880), &(0x7f0000000a80), 0x8, 0xc4, 0x8, 0x8, &(0x7f0000000900)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x12, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000010000000000000000000000711212000000000053"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'veth0_to_hsr\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f00000000c0)="3f03fe7f0302140000001e0089e9aaa911d7c2290f0086010027c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c560908525b7de1511fdf9435e3ffe46", 0x48, 0x0, &(0x7f0000000540)={0xc9, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000140)=0x1, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="88000000000101040000000000000000020000002c00018014000180080001007f00000108000200e00000020c000280050001000000000006000340000300002400028014000180080001000000000008000200ac1414bb0c000280050001000000000008000740000000001c000f8008000140000000000800034000000000080002"], 0x88}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB="14010000010101020000000000000000000000001400198008000100a000000008000100040000000800074000000000900002800c0002800500010021000000140001800800010064010101080002006401010106000340000000000c0002800500011502035726d61c13003a0000002c000180140003000000000000000000000000000000000114000400fe8000000000000000000000000000aa2c00018014000300fc01000000000000000000000000000114000400fc0200000000000000000000000000012c001080080003400000000908000340000000010800014000000008080003400001000108000240000000b418000d8014000500000000000000000000000000000000010600124004000000"], 0x114}, 0x1, 0x0, 0x0, 0x50}, 0x2c004000)
socket(0xa, 0x3, 0x3a)
r8 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
setsockopt$ax25_int(r8, 0x101, 0xc, 0x0, 0x0)
connect$ax25(r8, &(0x7f0000000100)={{0x3, @bcast, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
setsockopt$ax25_int(r8, 0x101, 0x0, &(0x7f0000000240)=0x69a1, 0x4)
epoll_create1(0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
close(r9)
socket$phonet_pipe(0x23, 0x5, 0x2)

985.308927ms ago: executing program 2 (id=2201):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703004000000000850000003100000095"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)

984.261994ms ago: executing program 3 (id=2202):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}}, 0x18)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, <r3=>0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r4, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x8, &(0x7f0000001280)=ANY=[@ANYBLOB="6b0000000000000029000000080000000000000000000000000000007f000001080000000700000000000034366567f221978756640000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="000000007f00000100010000"], 0x6b}, 0xfc00)
ioctl$BTRFS_IOC_RM_DEV_V2(r1, 0x5000943a, &(0x7f0000000640)={{r0}, r3, 0x8, @inherit={0x90, &(0x7f0000000100)=ANY=[@ANYBLOB="01000000000000000900000000000000000060000000000003000000000000002000000000000000010000800000008b401effffffffffff090000000000000007000000000000000600000000000000ff010000000000000d00000000000000ff07000000000000ffff000000000000ff070000000000000500000000000000010000000100000008000000"]}, @subvolid=0xff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000400)=@newqdisc={0x2c, 0x24, 0x70f, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x5}, {0xffff, 0xe}, {0xa, 0x3}}, [@TCA_RATE={0x6, 0x5, {0x13, 0x7}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c00000000000200000000000000000000040000000000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x1d6225b, 0x0, 0x0, 0x14, 0x0, @void, @value}, 0x90)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
connect$can_j1939(r1, &(0x7f0000000300)={0x1d, r6, 0x3, {0x0, 0xf1, 0x6}, 0xfe}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r8, 0x0)
listen(r8, 0x9ce2)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d80)=ANY=[@ANYBLOB="3c0100001000130728bd700000000000ac1414aa0000000000000000000000007f000001000000000000000000000000000001000000000a00002084000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff010000000000000000000000000001000000002b00000020010000000000000000000000000001ff000000000000000000000000000000080000000000000001000000010000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000fcffffffffffffff0c000000000000000000000028bd7000000000000a00000000000000000000004c001200726663343534332867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000"], 0x13c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r11, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)

880.710415ms ago: executing program 2 (id=2203):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @local, 0x2}, 0x1c)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x16, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

866.498488ms ago: executing program 3 (id=2204):
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3fab00000000000000002e0000000e0001006e657464653673696d00"], 0x50}}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f00000009c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000980)={&(0x7f0000000880)={0xc4, r2, 0x300, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0xc}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xa6}, @NL80211_MESHCONF_AUTO_OPEN_PLINKS={0x5, 0x7, 0x1}, @NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x7}]}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_TX_RATES={0x6c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x68, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x12, 0x18, 0xc, 0x60, 0x16, 0x3, 0x1, 0x9, 0x3, 0x4, 0x24, 0x5, 0x48, 0x6c, 0x60, 0x16, 0x5, 0x16, 0x16, 0x4]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0xf, 0x2, [{0x3, 0x8}, {0x7, 0x9}, {0x1, 0x9}, {0x2, 0x3}, {0x4, 0x1}, {0x4, 0x9}, {0x6, 0x6}, {0x5, 0x6}, {0x6, 0x7}, {0x4, 0xa}, {0x0, 0x6}]}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x1b, 0x18, 0x48, 0x4, 0x24, 0x30, 0x36, 0x12, 0x18]}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x5, 0x2}]}, @NL80211_TXRATE_HT={0x7, 0x2, [{0x1, 0x3}, {0x4, 0x6}, {0x5, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x6, 0xf5, 0x1400, 0x1, 0x3800, 0x4, 0xff87]}}]}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0xc4}, 0x1, 0x0, 0x0, 0x100000d1}, 0x4000000)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
connect$pppl2tp(r4, &(0x7f0000000340)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x2, 0x2, 0x0, 0x1, {0xa, 0x4e22, 0xff, @empty, 0x2}}}, 0x32)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r5, 0x8982, &(0x7f0000000580)={0x8, 'gre0\x00', {'lo\x00'}, 0x6})
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000040)=@req3, 0x1c)
setsockopt$packet_int(r6, 0x107, 0xa, &(0x7f0000001400)=0x3d72, 0x4)
sendto$inet6(r5, &(0x7f0000000080)="b1", 0x20000, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000540)=0x3, 0x4)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r7=>0x0})
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f00000002c0)='netdevsim0\x00', 0x10)
sendmsg$nl_route(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@bridge_getvlan={0x58, 0x72, 0x2, 0x70bd25, 0x25dfdbfe, {0x7, 0x0, 0x0, r7}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x40881}, 0x40005)

677.18993ms ago: executing program 1 (id=2205):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="000080000000002d2a9b4eef5c49b000003500"/28], 0x1c}, 0x1, 0x0, 0x0, 0x20010050}, 0x4000000)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000002200010600000000a1dd3f6e0c000024"], 0x1c}], 0x1}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f0000000300)={&(0x7f00000000c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r3, 0x2, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x90f, 0x51}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x20000002}, 0x8000)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRES16=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x4810}, 0x20000000)

675.752571ms ago: executing program 2 (id=2206):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f00000000c0)=0xffff, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r4=>r3, @ANYRESHEX, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1e0000000000200000000000001000002dcf5d46", @ANYRES32=0x1, @ANYRESDEC=r1, @ANYRES32=0x0, @ANYRESDEC=r2, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000280)={r5, 0x0, &(0x7f0000000200)=""/76}, 0x20)
syz_emit_ethernet(0x4a, &(0x7f0000000680)=ANY=[@ANYRES8=r3, @ANYRES32=0x41424344, @ANYRESHEX=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x80}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b19, &(0x7f0000000000)={'wlan0\x00', <r7=>0x0})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r3}, 0x0, &(0x7f00000013c0)}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r3, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000200)={'syztnl0\x00', &(0x7f0000000540)={'erspan0\x00', r8, 0x8, 0x47, 0x2, 0x9, {{0x12, 0x4, 0x3, 0x9, 0x48, 0x64, 0x0, 0xa, 0x5cdfe7ae52d67ec8, 0x0, @dev={0xac, 0x14, 0x14, 0x3f}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_prespec={0x44, 0x14, 0x5, 0x3, 0x1, [{@multicast2}, {@loopback, 0x80}]}, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x14, 0x63, 0x3, 0x3, [{@rand_addr=0x64010100, 0x800}, {@remote, 0x3}]}, @lsrr={0x83, 0x7, 0xf9, [@private=0xa010101]}]}}}}})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="94000000", @ANYRES16=0x0, @ANYBLOB="00012abd7000fedbdf256b00000008000300", @ANYRES32=r7, @ANYBLOB="0c0088000f0000005e0000000a001a0008021100000000000a001a0008021100000100000a00060008021100000000000a001a00ffffffffffff00000a001a00ffffffffffff00000a000600ffffffffffff00000a001a00ffffffffffff00000a001a0008021100000100000a000600ffffffffffff0000"], 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x20008010)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="6006000040000900ffffffff02dbdf250100000099001f00460601"], 0x660}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0xe, 0x4, &(0x7f0000001380)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x928, @void, @value}, 0x94)
sendmsg$NFULNL_MSG_CONFIG(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000800)=ANY=[@ANYRESDEC=r0, @ANYRES16=r0, @ANYRES64=r8, @ANYRES8=r4, @ANYRESOCT=r10], 0x1c}, 0x1, 0x0, 0x0, 0x4485}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0xc)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
r13 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000700)=ANY=[@ANYRESOCT=r9], 0x0, 0x34, 0x0, 0x0, 0x1, 0x10000, @value=r12}, 0x28)
r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r13, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={r14, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000001200)=[{}], 0x8, 0x0, 0x0, 0x0, 0x37, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$NFQNL_MSG_CONFIG(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0)

546.495135ms ago: executing program 1 (id=2207):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x20008080)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1e0000000600000007000000ff03000000400000", @ANYRES32, @ANYBLOB="01000000718a4c752e981420000000c988000000", @ANYRES32=r3, @ANYRES32, @ANYBLOB="0100000005000000020000000700"/28], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xc, 0xc, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800150000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff0f0524a4be4a176148f5688ecdbc00000000bfa200000000000007020000f8ffffffb703000008000000b70400001d0000008500000015009aa1a0e3cbecf7ae826fe162d1792270726849ba01c943ecd082c3d4337a9266f8a2bdc2bf0b7159fbd134a107125ba351dbf613c89e2d78b96bb7d3350f3c62d6c9e994f6b106464226e680f461f5568823e02588e4efa37d9d717471f08b10a46012e5a8da7107c7da9121a0c5b277bec0b33197b416a310a2ce3837a7d644743dd88c1a31dd663994b71e939ecbb079975aebe65833ba765430693ca031ab2c5028535d4ea473f449723ee28381c6ee085d6f0f7b339e9ed6f0d604710000f79f123cf3e6000000000e67b2f996a55649d2de8187e4a73d2ff6f0f4575e1177d3c7fe79c692426cbe0284b5f766a10319aeac941c2dd98d4d6f580c76c44414224a6a3271863c8e10db5a18edcbfe7f233492b5fa2a56cd63eefabe96711d5b1d459940e618a47c40dadf9de853b9f5095b25d6b6d0247c77738b2db356704bb1cc76f9c1f28da67b4c650dbc9eb6b8c0576f2d21b5980f8e8154b03548598f0c59118a98957254f546a196967e81ecf885d026bc4aab9924a7d72587a0af9e9c6a5438b2e68dffa069c3", @ANYRESDEC=r3, @ANYRES32=0x0, @ANYRES8=r3, @ANYRESDEC=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x80, 0x0, &(0x7f0000000700)="e0857fffff2f1d0622fa5060c528a2232d2afe2d2b136de658ed5714ab64d1575a5a4631d6f484ce84c0c7dedc7defd6cbda5fffcab4aab961b3c0c3fac3c93f28310b6c689b19be50d02eafbdffd8abddb86c5f3d3f91c7e92deba2d3c01a175436282a82e7b751bf41db3ada8dac6421dc70c31142e770b746982bf96541f2", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@delchain={0x50, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x9, 0xffe0}, {0x10, 0xffff}, {0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}]}}]}, 0x50}}, 0x0)
mmap(&(0x7f000045a000/0x1000)=nil, 0x1000, 0x2000005, 0x12, 0xffffffffffffffff, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket(0x18, 0x0, 0x0)
connect$pppoe(r7, &(0x7f0000000080)={0x18, 0x0, {0x4, @random="45e3f364e554", 'sit0\x00'}}, 0x1e)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r9, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r10=>0x0})
sendmsg$can_raw(r9, &(0x7f0000000440)={&(0x7f0000000000)={0x1d, r10}, 0x10, &(0x7f00000005c0)={&(0x7f00000004c0)=@can={{}, 0x80, 0x1, 0x4, 0x2, "07000000008000"}, 0x72}}, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x7, &(0x7f00000001c0), 0x4)
r11 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101a40, 0x0)
ioctl$PPPIOCATTCHAN(r11, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r11, 0x40047435, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(r7, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04d42dbd7000ffdbdf25250000000c0023377a5221903a8e0a06a9784e99000100fe2f91140e218b311186c00899cac62e595c00000000"], 0x30}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001040000400000000f7dbdf2500000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x30}}, 0x0)

322.953204ms ago: executing program 1 (id=2208):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, 0x8, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x804}, 0x800)
syz_init_net_socket$ax25(0x3, 0x0, 0x392e704620e8222c)
accept$ax25(0xffffffffffffffff, &(0x7f0000000040)={{0x3, @null}, [@null, @netrom, @netrom, @null, @rose, @default, @remote, @default]}, &(0x7f00000000c0)=0x48) (async)
r1 = accept$ax25(0xffffffffffffffff, &(0x7f0000000040)={{0x3, @null}, [@null, @netrom, @netrom, @null, @rose, @default, @remote, @default]}, &(0x7f00000000c0)=0x48)
setsockopt$ax25_SO_BINDTODEVICE(r1, 0x101, 0x19, &(0x7f0000000100)=@bpq0, 0x10)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r2, 0x0) (async)
listen(r2, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000000)=0x6, 0x4) (async)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000000)=0x6, 0x4)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000000)=ANY=[@ANYBLOB="86fe0000030801010000000000000000000000020500030001e200000c000480080001400000040106000240093a0000"], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x408d0)

197.185654ms ago: executing program 0 (id=2209):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x3, @rose}, [@netrom, @netrom, @default, @netrom, @bcast, @bcast, @bcast, @rose]}, &(0x7f0000000100)=0x48, 0x800)
getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, &(0x7f0000000140), &(0x7f0000000180)=0x30)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001040)=ANY=[@ANYBLOB="88060000", @ANYRES16=r2, @ANYBLOB="0502000000000000ff000f00000008000300", @ANYRES32=r3, @ANYBLOB="52000e0080000000080211000001ffffffffffffffffffffffff0000fdffffffffffffff64007f5d0301b82a01022d1a1000190900000000000000c90007001900000008000b00000008720603030303030300000400910014000e800400010009000200a811faafa70000000a002a003c04010fadf90000da059100794f1ca31907b6cce9d251c6ee7e67a528e683a4b7b7c838b7a23064dc8bef85bce932dd054b54e0b6eac5eed2a35cd8a0d2835e2596b4e2efa414b9eed7787eeb6e13272fe3d3da044ff545b2936441dbc7ac6efd1da6a67e9ba769dfbd68e4c7fd399582a4fea7550d1e17299088c786da6d02da823cc984a8b0efebe527c134ab51557518aa2e5d3a12cb059237ecb62d3d5c85f3a4de859c1d80364f4f2a51b8dca3ad924bbfb17ffdc7f3320564586d5b5110aa860eaf893c9f82e2c3eb05b69a2feb67f2727e0668ef3d9a0174b26ff1248b25f76258a65392d40cc3d7e128f704d7ebe46d47e3bf67722332da59bbe7d2333ffc9a22f1f697d00d3e02614effa8c56a04c0b486fbe0259be6049eda3273bf88da254c8d7d5859a2c2a03bc036c4f508305cb51b289988559c75e845ba8f5b8874cc6fa9a2927fb6f8f03bf884fe844745b2da98c743b93206472bcd4a21306d488d0b75fe68f596cc43d71474e04ed7f66053e51f06594348e39162caa94a8affb1146c5e75f1b73ad26a2de3c2e2b297db1163e75f7c6c62bf6160e688d9527382d1e0074fd9a5d31ecfab36f2aa9e0c7bad0443e95d5ef816bd6b35526a566fe56741215f6a31ca7b1250c98d9d2d6d0c841ce9b620fa1a4747f5c94d5d84c3737bd83741a6a50e00ffb0321669982f18efd53fd562b8dfe3d126293f61a006fee5bbdf254ece4e2b3e21ee05a8ef88ca73d1fb6ee3c05ecd91bba5bdce5ee73dab480079617f5e3a56dfca4258901ccc619b5968a5e791ef72760b9bd165632eb73a6fcdbdd88ca09876d1569d16a4dd975f24825ef699548d55e84c5a38297fbb71e773bd24ce7f9647706329e73a32605d3bece65c3bf52a5bb82b981710ad038349fc9248c905ccc43fd0f49e6bb69bda5a31194e90dba5ed8c095897948680261cd536f4ea4e2e7487166bad2c78d2c625bae23ee6afe67b1a330f50458a16546e22a6c642bf14f700b8f669fec4f285584aeff3f850568053a30fd9f6f1b4350cd49b47bc4ef3984b3f6608b320ae8ea33cd3dd91c52d3d0cb8090d77b5b40c557624b2e2319baec9d7d1ac60b77de382d3585433a6989972feaf2efd3854af717e50a6ac64832ceb9024c0d1664314373e1362f411a9480456684ff37572b42d2e7568bf73186a7be387b6d2ab1177a2e2f0f0b3e65c7f48049699b0c6cf8ef6f5909df9faa38dfeaeb75ff8dd06b7510d0fa4286d59c9ba2fec040c86bfdeb6958ea8fc76b56020ae34c873c6c92b1dd2512ebeb14b87549b59696ada5f3e6ddae7123eccd329eb10509d496f1f4769d6083c3c151b7896b883b43b38edd02f1b50af81bec35a5c680b06b19870365bc766eea9d422dfa04b43f61b123150fb4a022ac6637e3a423655a7b408549c948841fe071dafda212491d98a8501b6dd7ce1a6fc61716330b756158924baf8f5b3d41dc8a09cd101342d4092c7f89f42ed0523d046f761260f2b1c3a82543d6692786aeef3594c794815e8334c3e7b55dee32262f4c1dc5e6def9767e24ab28990e6544b909941a9dd848db4b867f19df1b03e1bf1074a84f0f41f632498cbfdd9b6ef6a8bb6484acc0c9f9ca4250730b28d6ede7e4c240b12c009d06e2119465b7d20986fedc0fcf11398f72b0038f8daaadecf57271cdef1b1fd47023984c0cbd18066cc22bc764649791d05e107ba27fad6bcd35d8bdcc0a0bde79b9529bc15778ba4ab197c86f57f1cb3b41bba33ed102ff4769862af95e9aeacb7ec8c82149893066b510a439acdea2e342e7172cb7d2b4c359237f08cd2be525d4b2770c0bbc855e3dc8b9740089ba0a079281b9c7917dddd979d89f79d2b05844d51e932e1fe7426c64a0536e8220defb8611202da35b9e28ca48be050c808e2dbe2b729bc75e79032ce94677b664d1befa028ae43c985e73f62187a89e444329beac4f645e4e5b38a7a49341ff257b8d40a494d806253edb7a1d96e8cdd05e0b85d454414817f88c7507a7462b37e43234f48bbc43c93b1d968a383a8e64409a3a21ae9ca5dc42bd67021748a62c31691307a5169ca7b0959206a2da5415723bc3314cacb2243169c18bbc9c4ac0000080026006c09000008000c00ff7f000008000d0000000000"], 0x688}}, 0x2004c000)

6.721466ms ago: executing program 2 (id=2210):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'tunl0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000003c40)=@newtaction={0x90, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_connmark={0x34, 0x2, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020300001b0000000000000000000000040003000000000000000000000000000000000000000000000000000000000005000600000000000a00000000000000fc010000000000000000000000000000000000000000000004000400000000000000000000000000000000000000000000000000000000000200010000000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa"], 0xd8}}, 0x0)

934.387µs ago: executing program 0 (id=2211):
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000780)=@security={'security\x00', 0x44, 0x4, 0x3f0, 0xffffffff, 0x218, 0x218, 0x218, 0xffffffff, 0xffffffff, 0x320, 0x320, 0x320, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x203, 0x120, 0x148, 0x8502, {}, [@common=@ah={{0x30}, {[0x4d6, 0x4d6], 0xe, 0x0, 0x1}}, @common=@unspec=@helper={{0x48}, {0x1, 'irc-20000\x00'}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x11}}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x600, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0x0, 0x0, 0xff000000], 0x0, 0x4e21, 0x0, 0x4e23}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)

0s ago: executing program 3 (id=2212):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) (async)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6, 0x37, 0x0, 0x9}]}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e00000006"], 0x50)
close(r1) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c00)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x300, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x29}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) (async, rerun: 32)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 32)
r7 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
setsockopt$inet_MCAST_JOIN_GROUP(r7, 0x0, 0x2a, 0x0, 0x0) (async)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8000}}], &(0x7f0000000200)='GPL\x00', 0x5, 0x20, &(0x7f00000002c0)=""/32, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x101, @void, @value}, 0x94) (async, rerun: 64)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff) (async, rerun: 64)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000000280)={0xa, 0x4e21, 0xff, @private1, 0x7}, 0x1c) (async, rerun: 64)
setsockopt$inet6_udp_encap(r8, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) (rerun: 64)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYRES32=r2, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4110020060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200", @ANYBLOB, @ANYRES16=r2, @ANYRES8=r8], 0x1c8}, 0x1, 0x0, 0x0, 0x4}, 0x0) (async)
socket$kcm(0x10, 0x2, 0x0) (async)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r9, 0x89f8, &(0x7f0000000040)={'sit0\x00', &(0x7f00000001c0)={'gre0\x00', 0x0, 0x20, 0x8, 0x7, 0x8, {{0x5, 0x4, 0x1, 0x3, 0xb, 0x64, 0x0, 0x7, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}}}}) (async, rerun: 32)
socket$inet6_sctp(0xa, 0x5, 0x84) (rerun: 32)

kernel console output (not intermixed with test programs):

1.626472][ T9777] netlink: 'syz.0.983': attribute type 58 has an invalid length.
[  212.317785][ T9816] netlink: 'syz.4.995': attribute type 32 has an invalid length.
[  212.437142][ T9818] lo speed is unknown, defaulting to 1000
[  213.905785][ T9874] __nla_validate_parse: 10 callbacks suppressed
[  213.905808][ T9874] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1012'.
[  213.927418][ T9877] FAULT_INJECTION: forcing a failure.
[  213.927418][ T9877] name failslab, interval 1, probability 0, space 0, times 0
[  213.966852][ T9877] CPU: 0 UID: 0 PID: 9877 Comm: syz.3.1015 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  213.966889][ T9877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  213.966902][ T9877] Call Trace:
[  213.966909][ T9877]  <TASK>
[  213.966918][ T9877]  dump_stack_lvl+0x241/0x360
[  213.966959][ T9877]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.966988][ T9877]  ? __pfx__printk+0x10/0x10
[  213.967011][ T9877]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  213.967043][ T9877]  ? __pfx___might_resched+0x10/0x10
[  213.967068][ T9877]  ? rcu_is_watching+0x15/0xb0
[  213.967098][ T9877]  should_fail_ex+0x40a/0x550
[  213.967136][ T9877]  should_failslab+0xac/0x100
[  213.967166][ T9877]  __kmalloc_node_noprof+0xe1/0x4d0
[  213.967201][ T9877]  ? __kvmalloc_node_noprof+0x72/0x190
[  213.967242][ T9877]  __kvmalloc_node_noprof+0x72/0x190
[  213.967278][ T9877]  nf_hook_entries_grow+0x288/0x720
[  213.967334][ T9877]  __nf_register_net_hook+0x278/0x8d0
[  213.967423][ T9877]  nf_register_net_hook+0xb0/0x190
[  213.967456][ T9877]  nf_register_net_hooks+0x41/0x1a0
[  213.967491][ T9877]  nf_ct_netns_do_get+0x20a/0x630
[  213.967535][ T9877]  ? __pfx_lock_release+0x10/0x10
[  213.967576][ T9877]  ? __pfx_nf_ct_netns_do_get+0x10/0x10
[  213.967606][ T9877]  ? rcu_is_watching+0x15/0xb0
[  213.967637][ T9877]  ? trace_contention_end+0x3c/0x120
[  213.967662][ T9877]  ? __mutex_lock+0x397/0x1010
[  213.967703][ T9877]  helper_mt_check+0x75/0x150
[  213.967738][ T9877]  xt_check_match+0x368/0xa40
[  213.967763][ T9877]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  213.967801][ T9877]  ? __pfx_xt_check_match+0x10/0x10
[  213.967839][ T9877]  ? xt_find_match+0x1df/0x230
[  213.967883][ T9877]  translate_table+0x1704/0x2490
[  213.967953][ T9877]  ? __pfx_translate_table+0x10/0x10
[  213.967985][ T9877]  ? __might_fault+0xaa/0x120
[  213.968007][ T9877]  ? __pfx_lock_release+0x10/0x10
[  213.968046][ T9877]  ? __virt_addr_valid+0x183/0x530
[  213.968071][ T9877]  ? __might_fault+0xc6/0x120
[  213.968098][ T9877]  ? copy_from_sockptr_offset+0x6b/0xb0
[  213.968140][ T9877]  do_ip6t_set_ctl+0xe4c/0x1270
[  213.968179][ T9877]  ? nf_setsockopt+0x240/0x2c0
[  213.968201][ T9877]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  213.968234][ T9877]  ? rcu_is_watching+0x15/0xb0
[  213.968258][ T9877]  ? trace_contention_end+0x3c/0x120
[  213.968295][ T9877]  ? __mutex_unlock_slowpath+0x227/0x800
[  213.968336][ T9877]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  213.968375][ T9877]  ? __lock_acquire+0x1397/0x2100
[  213.968423][ T9877]  nf_setsockopt+0x295/0x2c0
[  213.968453][ T9877]  dccp_setsockopt+0x17c/0x1140
[  213.968484][ T9877]  ? __pfx_aa_sk_perm+0x10/0x10
[  213.968524][ T9877]  ? __pfx_dccp_setsockopt+0x10/0x10
[  213.968551][ T9877]  ? __pfx_lock_acquire+0x10/0x10
[  213.968580][ T9877]  ? aa_sock_opt_perm+0x79/0x120
[  213.968613][ T9877]  ? sock_common_setsockopt+0x37/0xc0
[  213.968651][ T9877]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  213.968684][ T9877]  do_sock_setsockopt+0x3af/0x720
[  213.968723][ T9877]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  213.968754][ T9877]  ? __fget_files+0x395/0x410
[  213.968784][ T9877]  ? __fget_files+0x2a/0x410
[  213.968825][ T9877]  __x64_sys_setsockopt+0x1ee/0x280
[  213.968859][ T9877]  do_syscall_64+0xf3/0x230
[  213.968891][ T9877]  ? clear_bhb_loop+0x35/0x90
[  213.968930][ T9877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.968959][ T9877] RIP: 0033:0x7fdf0cb8d169
[  213.968978][ T9877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.968994][ T9877] RSP: 002b:00007fdf0d91a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  213.969016][ T9877] RAX: ffffffffffffffda RBX: 00007fdf0cda5fa0 RCX: 00007fdf0cb8d169
[  213.969031][ T9877] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  213.969043][ T9877] RBP: 00007fdf0d91a090 R08: 0000000000000550 R09: 0000000000000000
[  213.969056][ T9877] R10: 0000200000000780 R11: 0000000000000246 R12: 0000000000000001
[  213.969069][ T9877] R13: 0000000000000000 R14: 00007fdf0cda5fa0 R15: 00007ffc1dc149d8
[  213.969112][ T9877]  </TASK>
[  213.970378][ T9877] xt_helper: cannot load conntrack support for proto=10
[  214.331723][ T9882] netlink: 'syz.4.1017': attribute type 32 has an invalid length.
[  214.808992][ T9899] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1022'.
[  215.014872][ T9908] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[  215.034163][ T9908] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[  215.045548][ T9908] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[  215.457308][ T9925] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1031'.
[  215.478552][ T9928] netlink: 'syz.2.1029': attribute type 4 has an invalid length.
[  215.650542][ T9938] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1034'.
[  215.665020][ T9937] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1035'.
[  215.680753][ T9938] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1034'.
[  215.695234][ T9937] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1035'.
[  215.710505][ T9939] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1034'.
[  215.965632][ T9952] Illegal XDP return value 154 on prog  (id 380) dev N/A, expect packet loss!
[  215.985903][ T9956] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1037'.
[  216.402201][ T9967] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1044'.
[  216.466504][ T9969] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  216.585916][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.605772][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.652811][ T9974] lo speed is unknown, defaulting to 1000
[  216.744412][ T9981] TCP: TCP_TX_DELAY enabled
[  216.900436][ T9989] netlink: 'syz.4.1052': attribute type 27 has an invalid length.
[  216.955696][ T9989] sit0: left promiscuous mode
[  216.997258][ T9989] bond3: left promiscuous mode
[  217.003450][ T9989] bond4: left promiscuous mode
[  217.017332][ T9989] bond4: left allmulticast mode
[  217.022450][ T9989] batadv1: left allmulticast mode
[  217.036998][ T9989] batadv1: left promiscuous mode
[  217.060940][ T9989] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.086757][ T9989] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.106590][ T9989] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.115582][ T9989] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.259571][ T9996] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.268768][ T9996] 8021q: adding VLAN 0 to HW filter on device team0
[  217.285582][ T9996] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  217.344781][ T2152] lo speed is unknown, defaulting to 1000
[  217.433507][T10008] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  217.541078][T10010] netlink: 'syz.0.1058': attribute type 1 has an invalid length.
[  217.640447][T10013] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  217.652932][T10010] netlink: 'syz.0.1058': attribute type 1 has an invalid length.
[  217.671195][T10010] netlink: 'syz.0.1058': attribute type 2 has an invalid length.
[  217.705544][T10010] netlink: 'syz.0.1058': attribute type 1 has an invalid length.
[  217.723724][T10010] netlink: 'syz.0.1058': attribute type 2 has an invalid length.
[  217.885536][T10020] netlink: 'syz.4.1062': attribute type 32 has an invalid length.
[  218.005399][T10030] lo speed is unknown, defaulting to 1000
[  218.477558][T10045] macvlan1: entered promiscuous mode
[  218.488701][T10045] ipvlan0: entered promiscuous mode
[  218.503422][T10045] ipvlan0: left promiscuous mode
[  218.515891][T10045] macvlan1: left promiscuous mode
[  218.763340][T10058] Bluetooth: MGMT ver 1.23
[  218.821075][T10062] netlink: 'syz.2.1076': attribute type 11 has an invalid length.
[  219.014715][T10071] __nla_validate_parse: 4 callbacks suppressed
[  219.014736][T10071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1079'.
[  219.051910][T10071] tipc: Started in network mode
[  219.066414][T10071] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  219.099358][T10071] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  219.110152][T10071] tipc: Enabled bearer <udp:syz1>, priority 10
[  219.292146][T10079] syzkaller0: entered promiscuous mode
[  219.307502][T10079] syzkaller0: entered allmulticast mode
[  219.431640][    T9] IPVS: starting estimator thread 0...
[  219.460197][T10097] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1084'.
[  219.529273][T10094] IPVS: using max 18 ests per chain, 43200 per kthread
[  220.230181][    T9] tipc: Node number set to 1
[  221.898170][T10114] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  221.976286][T10122] lo speed is unknown, defaulting to 1000
[  222.057628][T10138] batadv_slave_1: entered promiscuous mode
[  222.077310][T10136] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1095'.
[  222.096131][T10136] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:0000
[  222.106136][T10136] tipc: Enabled bearer <udp:syz1>, priority 10
[  222.263749][T10144] batadv_slave_1: left promiscuous mode
[  222.428513][T10154] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  222.457815][T10156] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1099'.
[  222.790667][T10163] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  223.217713][   T26] tipc: Node number set to 1
[  223.693398][T10188] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1111'.
[  223.755142][T10190] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  223.913384][T10192] netlink: 'syz.2.1114': attribute type 10 has an invalid length.
[  223.962907][T10197] xt_hashlimit: size too large, truncated to 1048576
[  224.391503][T10209] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1119'.
[  224.448113][T10213] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1121'.
[  224.546816][T10217] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  224.694656][T10225] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1124'.
[  224.752852][T10228] netlink: 'syz.0.1124': attribute type 10 has an invalid length.
[  225.162148][T10237] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1128'.
[  225.201005][T10237] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1128'.
[  225.250107][T10237] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1128'.
[  225.478281][T10254] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0
[  225.519477][T10257] netlink: 'syz.2.1133': attribute type 32 has an invalid length.
[  225.706379][T10264] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1137'.
[  225.874909][T10271] lo speed is unknown, defaulting to 1000
[  225.913281][T10273] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  225.949546][T10274] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1140'.
[  226.942923][T10300] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  227.042311][T10311] netlink: del zone limit has 4 unknown bytes
[  227.254602][T10327] netlink: 'syz.3.1154': attribute type 32 has an invalid length.
[  227.341930][T10333] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1158'.
[  227.680530][T10339] tipc: Failed to remove unknown binding: 66,1,1/1:887018832/887018834
[  227.690910][T10339] netlink: 'syz.2.1160': attribute type 10 has an invalid length.
[  227.728054][T10339] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  228.277384][T10355] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  228.551530][T10368] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  228.621266][T10367] lo speed is unknown, defaulting to 1000
[  228.984799][T10383] lo speed is unknown, defaulting to 1000
[  229.102483][T10368] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1170'.
[  229.162323][T10385] lo speed is unknown, defaulting to 1000
[  229.586537][T10393] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1177'.
[  229.875902][T10400] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  230.045455][T10404] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1181'.
[  230.291370][T10408] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  230.316027][T10406] lo speed is unknown, defaulting to 1000
[  230.729172][ T2152] lo speed is unknown, defaulting to 1000
[  230.814021][T10416] lo speed is unknown, defaulting to 1000
[  231.533598][T10428] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1187'.
[  231.543271][T10423] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1186'.
[  231.721296][T10431] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  232.445891][T10450] netlink: 'syz.3.1195': attribute type 1 has an invalid length.
[  232.748042][T10471] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1198'.
[  232.782522][T10361] syz.2.1167: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  232.803622][T10460] netlink: 'syz.1.1197': attribute type 29 has an invalid length.
[  232.813456][T10361] CPU: 0 UID: 0 PID: 10361 Comm: syz.2.1167 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  232.813486][T10361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  232.813499][T10361] Call Trace:
[  232.813506][T10361]  <TASK>
[  232.813515][T10361]  dump_stack_lvl+0x241/0x360
[  232.813548][T10361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  232.813573][T10361]  ? __pfx__printk+0x10/0x10
[  232.813601][T10361]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  232.813630][T10361]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  232.813662][T10361]  warn_alloc+0x278/0x410
[  232.813690][T10361]  ? __pfx_warn_alloc+0x10/0x10
[  232.813721][T10361]  ? translate_table+0x179/0x2490
[  232.813754][T10361]  ? __get_vm_area_node+0x1c8/0x2d0
[  232.813787][T10361]  ? __get_vm_area_node+0x25c/0x2d0
[  232.813829][T10361]  __vmalloc_node_range_noprof+0x62f/0x1380
[  232.813882][T10361]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  232.813905][T10361]  ? rcu_is_watching+0x15/0xb0
[  232.813931][T10361]  ? trace_kmalloc+0x1f/0xd0
[  232.813958][T10361]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  232.813990][T10361]  ? __kvmalloc_node_noprof+0x72/0x190
[  232.814029][T10361]  __kvmalloc_node_noprof+0x142/0x190
[  232.814065][T10361]  ? translate_table+0x179/0x2490
[  232.814099][T10361]  translate_table+0x179/0x2490
[  232.814161][T10361]  ? __pfx_translate_table+0x10/0x10
[  232.814194][T10361]  ? __might_fault+0xaa/0x120
[  232.814216][T10361]  ? __pfx_lock_release+0x10/0x10
[  232.814256][T10361]  ? __virt_addr_valid+0x183/0x530
[  232.814286][T10361]  ? __might_fault+0xaa/0x120
[  232.814307][T10361]  ? __might_fault+0xc6/0x120
[  232.814335][T10361]  ? copy_from_sockptr_offset+0x6b/0xb0
[  232.814372][T10361]  do_ip6t_set_ctl+0xe4c/0x1270
[  232.814411][T10361]  ? nf_setsockopt+0x240/0x2c0
[  232.814435][T10361]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  232.814475][T10361]  ? rcu_is_watching+0x15/0xb0
[  232.814499][T10361]  ? trace_contention_end+0x3c/0x120
[  232.814534][T10361]  ? __mutex_unlock_slowpath+0x227/0x800
[  232.814577][T10361]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  232.814617][T10361]  ? __lock_acquire+0x1397/0x2100
[  232.814659][T10361]  nf_setsockopt+0x295/0x2c0
[  232.814689][T10361]  dccp_setsockopt+0x17c/0x1140
[  232.814719][T10361]  ? __pfx_aa_sk_perm+0x10/0x10
[  232.814752][T10361]  ? __pfx_dccp_setsockopt+0x10/0x10
[  232.814780][T10361]  ? __pfx_lock_acquire+0x10/0x10
[  232.814812][T10361]  ? aa_sock_opt_perm+0x79/0x120
[  232.814846][T10361]  ? sock_common_setsockopt+0x37/0xc0
[  232.814885][T10361]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  232.814920][T10361]  do_sock_setsockopt+0x3af/0x720
[  232.814953][T10361]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  232.814985][T10361]  ? __fget_files+0x395/0x410
[  232.815016][T10361]  ? __fget_files+0x2a/0x410
[  232.815058][T10361]  __x64_sys_setsockopt+0x1ee/0x280
[  232.815092][T10361]  do_syscall_64+0xf3/0x230
[  232.815126][T10361]  ? clear_bhb_loop+0x35/0x90
[  232.815161][T10361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.815191][T10361] RIP: 0033:0x7f88c278d169
[  232.815211][T10361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.815230][T10361] RSP: 002b:00007f88c36a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  232.815253][T10361] RAX: ffffffffffffffda RBX: 00007f88c29a5fa0 RCX: 00007f88c278d169
[  232.815269][T10361] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  232.815291][T10361] RBP: 00007f88c280e2a0 R08: 0000000000000550 R09: 0000000000000000
[  232.815305][T10361] R10: 0000200000000780 R11: 0000000000000246 R12: 0000000000000000
[  232.815319][T10361] R13: 0000000000000000 R14: 00007f88c29a5fa0 R15: 00007ffc43f485c8
[  232.815352][T10361]  </TASK>
[  232.815622][T10361] Mem-Info:
[  233.071617][T10465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.125239][T10361] active_anon:8329 inactive_anon:0 isolated_anon:0
[  233.125239][T10361]  active_file:1766 inactive_file:38363 isolated_file:0
[  233.125239][T10361]  unevictable:768 dirty:368 writeback:0
[  233.125239][T10361]  slab_reclaimable:11463 slab_unreclaimable:106398
[  233.125239][T10361]  mapped:29728 shmem:1442 pagetables:782
[  233.125239][T10361]  sec_pagetables:0 bounce:0
[  233.125239][T10361]  kernel_misc_reclaimable:0
[  233.125239][T10361]  free:1316061 free_pcp:791 free_cma:0
[  233.270588][T10361] Node 0 active_anon:33348kB inactive_anon:0kB active_file:7064kB inactive_file:153376kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119184kB dirty:1196kB writeback:100kB shmem:4152kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11144kB pagetables:3260kB sec_pagetables:0kB all_unreclaimable? no
[  233.305665][T10361] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  233.340982][T10361] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  233.368838][T10361] lowmem_reserve[]: 0 2489 2490 2490 2490
[  233.376256][T10361] Node 0 DMA32 free:1342476kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:33312kB inactive_anon:0kB active_file:7064kB inactive_file:153048kB unevictable:1536kB writepending:1196kB present:3129332kB managed:2549692kB mlocked:0kB bounce:0kB free_pcp:2108kB local_pcp:948kB free_cma:0kB
[  233.408268][T10361] lowmem_reserve[]: 0 0 0 0 0
[  233.413652][T10361] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  233.445781][T10361] lowmem_reserve[]: 0 0 0 0 0
[  233.451009][T10361] Node 1 Normal free:3907656kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  233.495436][T10361] lowmem_reserve[]: 0 0 0 0 0
[  233.505220][T10361] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  233.521376][T10361] Node 0 DMA32: 1*4kB (U) 21*8kB (UME) 50*16kB (UME) 86*32kB (UME) 49*64kB (UME) 68*128kB (UME) 83*256kB (UME) 68*512kB (UME) 38*1024kB (UME) 23*2048kB (UM) 289*4096kB (UM) = 1341388kB
[  233.570181][T10361] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  233.601452][T10361] Node 1 Normal: 226*4kB (UE) 50*8kB (UME) 52*16kB (UME) 217*32kB (UME) 100*64kB (UME) 28*128kB (UME) 14*256kB (UM) 8*512kB (UME) 6*1024kB (UME) 4*2048kB (UE) 944*4096kB (M) = 3907704kB
[  233.633007][T10361] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  233.653413][T10361] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  233.677370][T10361] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  233.687156][T10361] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  233.702945][T10478] bridge0: port 3(gretap0) entered blocking state
[  233.713162][T10478] bridge0: port 3(gretap0) entered disabled state
[  233.723146][T10361] 41551 total pagecache pages
[  233.736093][T10361] 0 pages in swap cache
[  233.746597][T10478] gretap0: entered allmulticast mode
[  233.751563][T10361] Free swap  = 124996kB
[  233.756659][T10361] Total swap = 124996kB
[  233.761661][T10361] 2097051 pages RAM
[  233.762317][T10478] gretap0: entered promiscuous mode
[  233.765589][T10361] 0 pages HighMem/MovableOnly
[  233.776003][T10361] 427906 pages reserved
[  233.780671][T10361] 0 pages cma reserved
[  233.786111][T10478] bridge0: port 3(gretap0) entered blocking state
[  233.792725][T10478] bridge0: port 3(gretap0) entered forwarding state
[  233.841823][T10481] lo speed is unknown, defaulting to 1000
[  233.842351][T10483] gretap0: left allmulticast mode
[  233.861934][T10483] gretap0: left promiscuous mode
[  233.869400][T10483] bridge0: port 3(gretap0) entered disabled state
[  234.392446][T10500] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1209'.
[  234.477990][T10506] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  234.520013][T10506] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1211'.
[  234.681467][T10511] netlink: 'syz.3.1214': attribute type 4 has an invalid length.
[  234.726073][T10506] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  234.930422][T10521] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1217'.
[  235.174971][T10532] lo speed is unknown, defaulting to 1000
[  235.179819][T10537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1223'.
[  235.463149][T10546] lo speed is unknown, defaulting to 1000
[  235.940522][T10575] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1233'.
[  235.971303][T10574] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1233'.
[  236.065338][T10580] macsec1: entered promiscuous mode
[  236.076400][T10580] macsec1: entered allmulticast mode
[  236.219716][T10588] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1238'.
[  236.300141][T10590] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1239'.
[  236.310576][T10590] Set syz1 is full, maxelem 0 reached
[  237.181048][T10626] sctp: [Deprecated]: syz.1.1250 (pid 10626) Use of int in max_burst socket option.
[  237.181048][T10626] Use struct sctp_assoc_value instead
[  237.305735][T10615] bridge0: entered promiscuous mode
[  237.322089][T10615] macvlan6: entered promiscuous mode
[  237.364736][T10620] macvlan7: entered promiscuous mode
[  237.648999][T10642] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1253'.
[  237.707873][T10646] bond0: entered promiscuous mode
[  237.715228][T10642] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1253'.
[  237.721077][T10646] bond_slave_0: entered promiscuous mode
[  237.752926][T10646] bond_slave_1: entered promiscuous mode
[  237.798643][T10651] bridge0: port 3(netdevsim2) entered blocking state
[  237.817693][T10651] bridge0: port 3(netdevsim2) entered disabled state
[  237.834802][T10656] netlink: 'syz.4.1257': attribute type 32 has an invalid length.
[  237.845004][T10651] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  237.896759][T10651] netdevsim netdevsim3 netdevsim2: entered promiscuous mode
[  238.195677][T10671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1261'.
[  238.289595][T10679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1262'.
[  238.623158][T10693] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  239.176755][T10716] netlink: 'syz.2.1272': attribute type 1 has an invalid length.
[  239.203476][T10716] netlink: 'syz.2.1272': attribute type 2 has an invalid length.
[  239.233522][T10716] netlink: 'syz.2.1272': attribute type 1 has an invalid length.
[  239.285591][T10716] netlink: 'syz.2.1272': attribute type 2 has an invalid length.
[  239.695909][T10742] netlink: 'syz.1.1275': attribute type 10 has an invalid length.
[  239.809769][T10746] netlink: 'syz.3.1278': attribute type 32 has an invalid length.
[  240.058311][T10742] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  240.329049][T10749] __nla_validate_parse: 2 callbacks suppressed
[  240.329070][T10749] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1279'.
[  240.543609][T10758] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1282'.
[  240.644729][T10763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1285'.
[  241.056620][ T5841] Bluetooth: hci2: command 0x0406 tx timeout
[  241.108377][T10782] lo speed is unknown, defaulting to 1000
[  241.431418][T10782] x_tables: duplicate entry at hook 2
[  241.737992][T10799] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1291'.
[  241.888354][T10801] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1292'.
[  242.536671][T10818] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1297'.
[  242.604362][T10816] netdevsim netdevsim3 netdevsim2 (unregistering): left allmulticast mode
[  242.630183][T10816] netdevsim netdevsim3 netdevsim2 (unregistering): left promiscuous mode
[  242.648803][T10816] bridge0: port 3(netdevsim2) entered disabled state
[  242.706657][T10820] lo speed is unknown, defaulting to 1000
[  242.839701][T10824] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  243.046536][T10826] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.1301'.
[  243.177331][T10832] lo speed is unknown, defaulting to 1000
[  243.291274][T10838] team0: No ports can be present during mode change
[  243.347885][T10832] lo speed is unknown, defaulting to 1000
[  243.354246][T10832] lo speed is unknown, defaulting to 1000
[  243.371054][T10844] bridge_slave_0: invalid flags given to default FDB implementation
[  243.621360][T10820] netlink: 596 bytes leftover after parsing attributes in process `syz.2.1299'.
[  243.747680][  T975] lo speed is unknown, defaulting to 1000
[  243.760936][T10832] infiniband syz0: set active
[  243.773674][T10832] infiniband syz0: added lo
[  243.828229][T10832] RDS/IB: syz0: added
[  243.836782][T10832] smc: adding ib device syz0 with port count 1
[  243.858101][T10862] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1311'.
[  243.890412][T10832] smc:    ib device syz0 port 1 has pnetid SYZ1 (user defined)
[  243.933479][T10832] lo speed is unknown, defaulting to 1000
[  244.036248][   T47] lo speed is unknown, defaulting to 1000
[  244.219295][T10874] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  244.425088][T10881] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  244.450556][T10832] lo speed is unknown, defaulting to 1000
[  244.527293][T10887] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  244.773695][T10832] lo speed is unknown, defaulting to 1000
[  244.801890][T10893] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1322'.
[  245.046133][T10901] Bluetooth: MGMT ver 1.23
[  245.222996][T10832] lo speed is unknown, defaulting to 1000
[  245.580317][T10832] lo speed is unknown, defaulting to 1000
[  245.611635][T10925] __nla_validate_parse: 2 callbacks suppressed
[  245.611656][T10925] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1332'.
[  245.752999][T10911] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1327'.
[  245.789511][T10832] lo speed is unknown, defaulting to 1000
[  245.924478][T10832] lo speed is unknown, defaulting to 1000
[  246.064047][T10832] lo speed is unknown, defaulting to 1000
[  246.216683][T10905] lo speed is unknown, defaulting to 1000
[  246.228474][T10898] lo speed is unknown, defaulting to 1000
[  246.389322][T10943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1337'.
[  246.672037][T10953] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1339'.
[  247.064902][T10968] syz.3.1342: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  247.133818][T10968] CPU: 1 UID: 0 PID: 10968 Comm: syz.3.1342 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  247.133853][T10968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  247.133866][T10968] Call Trace:
[  247.133873][T10968]  <TASK>
[  247.133882][T10968]  dump_stack_lvl+0x241/0x360
[  247.133932][T10968]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.133956][T10968]  ? __pfx__printk+0x10/0x10
[  247.133983][T10968]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  247.134012][T10968]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  247.134043][T10968]  warn_alloc+0x278/0x410
[  247.134068][T10968]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  247.134091][T10968]  ? __pfx_warn_alloc+0x10/0x10
[  247.134115][T10968]  ? kasan_save_track+0x3f/0x80
[  247.134136][T10968]  ? __kasan_kmalloc+0x98/0xb0
[  247.134161][T10968]  ? xsk_setsockopt+0x4aa/0x810
[  247.134182][T10968]  ? do_sock_setsockopt+0x3af/0x720
[  247.134205][T10968]  ? __x64_sys_setsockopt+0x1ee/0x280
[  247.134228][T10968]  ? do_syscall_64+0xf3/0x230
[  247.134258][T10968]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.134298][T10968]  __vmalloc_node_range_noprof+0x126/0x1380
[  247.134351][T10968]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  247.134378][T10968]  ? __kasan_kmalloc+0x98/0xb0
[  247.134409][T10968]  vmalloc_user_noprof+0x74/0x80
[  247.134432][T10968]  ? xskq_create+0xb6/0x170
[  247.134454][T10968]  xskq_create+0xb6/0x170
[  247.134479][T10968]  xsk_init_queue+0xa1/0x100
[  247.134505][T10968]  xsk_setsockopt+0x4aa/0x810
[  247.134530][T10968]  ? __pfx_xsk_setsockopt+0x10/0x10
[  247.134553][T10968]  ? __pfx_aa_sk_perm+0x10/0x10
[  247.134589][T10968]  ? aa_sock_opt_perm+0x79/0x120
[  247.134629][T10968]  ? __pfx_xsk_setsockopt+0x10/0x10
[  247.134655][T10968]  do_sock_setsockopt+0x3af/0x720
[  247.134687][T10968]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  247.134717][T10968]  ? __fget_files+0x395/0x410
[  247.134748][T10968]  ? __fget_files+0x2a/0x410
[  247.134788][T10968]  __x64_sys_setsockopt+0x1ee/0x280
[  247.134821][T10968]  do_syscall_64+0xf3/0x230
[  247.134852][T10968]  ? clear_bhb_loop+0x35/0x90
[  247.134885][T10968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.134920][T10968] RIP: 0033:0x7fdf0cb8d169
[  247.134943][T10968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.134960][T10968] RSP: 002b:00007fdf0a9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  247.134984][T10968] RAX: ffffffffffffffda RBX: 00007fdf0cda6080 RCX: 00007fdf0cb8d169
[  247.134999][T10968] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  247.135012][T10968] RBP: 00007fdf0cc0e2a0 R08: 0000000000000004 R09: 0000000000000000
[  247.135025][T10968] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  247.135038][T10968] R13: 0000000000000000 R14: 00007fdf0cda6080 R15: 00007ffc1dc149d8
[  247.135070][T10968]  </TASK>
[  247.420876][T10968] Mem-Info:
[  247.424049][T10968] active_anon:11141 inactive_anon:0 isolated_anon:0
[  247.424049][T10968]  active_file:1766 inactive_file:38371 isolated_file:0
[  247.424049][T10968]  unevictable:3824 dirty:192 writeback:0
[  247.424049][T10968]  slab_reclaimable:11774 slab_unreclaimable:108488
[  247.424049][T10968]  mapped:31650 shmem:4292 pagetables:761
[  247.424049][T10968]  sec_pagetables:0 bounce:0
[  247.424049][T10968]  kernel_misc_reclaimable:0
[  247.424049][T10968]  free:1324068 free_pcp:272 free_cma:0
[  247.470192][T10968] Node 0 active_anon:44564kB inactive_anon:0kB active_file:7064kB inactive_file:153408kB unevictable:13760kB isolated(anon):0kB isolated(file):0kB mapped:126600kB dirty:768kB writeback:0kB shmem:15632kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10928kB pagetables:3044kB sec_pagetables:0kB all_unreclaimable? no
[  247.504544][T10968] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  247.534952][T10968] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  247.562539][T10968] lowmem_reserve[]: 0 2489 2490 2490 2490
[  247.568915][T10968] Node 0 DMA32 free:1374148kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:44628kB inactive_anon:0kB active_file:7064kB inactive_file:153080kB unevictable:13760kB writepending:768kB present:3129332kB managed:2549692kB mlocked:12224kB bounce:0kB free_pcp:140kB local_pcp:108kB free_cma:0kB
[  247.600030][T10968] lowmem_reserve[]: 0 0 0 0 0
[  247.604878][T10968] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  247.634447][T10968] lowmem_reserve[]: 0 0 0 0 0
[  247.639339][T10968] Node 1 Normal free:3907704kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  247.668854][T10968] lowmem_reserve[]: 0 0 0 0 0
[  247.673654][T10968] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  247.687188][T10968] Node 0 DMA32: 45*4kB (UME) 76*8kB (UME) 271*16kB (UME) 400*32kB (UME) 339*64kB (UME) 87*128kB (UE) 77*256kB (UME) 58*512kB (UME) 38*1024kB (UM) 23*2048kB (U) 290*4096kB (UM) = 1374020kB
[  247.706665][T10968] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  247.718800][T10968] Node 1 Normal: 226*4kB (UE) 50*8kB (UME) 52*16kB (UME) 217*32kB (UME) 100*64kB (UME) 28*128kB (UME) 14*256kB (UM) 8*512kB (UME) 6*1024kB (UME) 4*2048kB (UE) 944*4096kB (M) = 3907704kB
[  247.739208][T10968] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  247.750318][T10968] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  247.760818][T10968] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  247.770699][T10968] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  247.787940][T10968] 44429 total pagecache pages
[  247.792918][T10968] 0 pages in swap cache
[  247.797274][T10968] Free swap  = 124996kB
[  247.811403][T10972] 8021q: adding VLAN 0 to HW filter on device macvlan7
[  247.820183][T10977] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1345'.
[  247.826065][T10968] Total swap = 124996kB
[  247.835883][T10968] 2097051 pages RAM
[  247.864801][T10968] 0 pages HighMem/MovableOnly
[  247.869855][T10968] 427906 pages reserved
[  247.874059][T10968] 0 pages cma reserved
[  247.966862][T10977] 8021q: adding VLAN 0 to HW filter on device bond2
[  248.066727][T10978] 8021q: adding VLAN 0 to HW filter on device bond2
[  248.126432][T10978] bond2: (slave ipip1): The slave device specified does not support setting the MAC address
[  248.162967][T10978] bond2: (slave ipip1): Error -95 calling set_mac_address
[  248.255462][T10984] syzkaller1: entered promiscuous mode
[  248.298415][T10984] syzkaller1: entered allmulticast mode
[  248.318766][T10989] netlink: 'syz.1.1349': attribute type 29 has an invalid length.
[  248.382515][T11001] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1350'.
[  248.459658][T10998] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.485597][T10998] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  248.532249][T11007] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1352'.
[  248.668502][T11014] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1353'.
[  248.919590][T11023] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1355'.
[  249.010187][   T30] audit: type=1800 audit(1742854096.411:2): pid=11005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1351" name="memory.events" dev="tmpfs" ino=1547 res=0 errno=0
[  249.223032][T11032] batadv_slave_1: entered promiscuous mode
[  249.239091][T11031] batadv_slave_1: left promiscuous mode
[  249.475764][T11040] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1359'.
[  249.525650][T11040] netlink: 'syz.4.1359': attribute type 3 has an invalid length.
[  249.621022][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  249.627276][T11041] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  249.692403][T11052] lo speed is unknown, defaulting to 1000
[  249.701354][T11052] lo speed is unknown, defaulting to 1000
[  250.317488][T11074] wireguard0: entered promiscuous mode
[  250.323202][T11074] wireguard0: entered allmulticast mode
[  250.402192][T11077] netlink: 'syz.1.1370': attribute type 1 has an invalid length.
[  250.540914][T11075] macsec1: entered promiscuous mode
[  250.566409][T11075] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[  250.573640][T11075] macsec1: entered allmulticast mode
[  250.594682][T11075] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode
[  250.950635][T11093] __nla_validate_parse: 7 callbacks suppressed
[  250.950657][T11093] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1374'.
[  250.966532][T11093] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1374'.
[  251.137803][T11097] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1376'.
[  251.150615][T11103] No such timeout policy "syz0"
[  251.212574][T11106] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1377'.
[  251.295593][T11108] netlink: 'syz.2.1375': attribute type 21 has an invalid length.
[  251.330451][T11108] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1375'.
[  251.355889][T11108] netlink: 'syz.2.1375': attribute type 5 has an invalid length.
[  251.369861][T11110] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1378'.
[  251.383687][T11113] openvswitch: netlink: IP tunnel TTL not specified.
[  251.410796][T11108] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1375'.
[  251.433008][T11112] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1379'.
[  251.670252][T11121] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1381'.
[  251.692139][T11122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1382'.
[  251.826413][   T47] IPVS: starting estimator thread 0...
[  251.905840][T11125] batadv0: left promiscuous mode
[  251.917243][T11131] IPVS: using max 22 ests per chain, 52800 per kthread
[  251.944839][T11125] wg1: left promiscuous mode
[  251.953603][T11125] wg1: left allmulticast mode
[  251.987215][T11125] ip6gre1: left promiscuous mode
[  252.016597][T11125] bond1: left promiscuous mode
[  252.026647][T11125] veth3: left promiscuous mode
[  252.050026][T11125] macvlan6: left promiscuous mode
[  252.878835][T11172] sctp: [Deprecated]: syz.0.1398 (pid 11172) Use of struct sctp_assoc_value in delayed_ack socket option.
[  252.878835][T11172] Use struct sctp_sack_info instead
[  253.314790][T11180] syzkaller0: entered promiscuous mode
[  253.331272][T11180] syzkaller0: entered allmulticast mode
[  256.654491][T11195] lo speed is unknown, defaulting to 1000
[  256.666386][T11202] lo: entered promiscuous mode
[  256.763056][T11213] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.792388][T11213] 8021q: adding VLAN 0 to HW filter on device team0
[  256.816320][T11223] netlink: 'syz.1.1412': attribute type 3 has an invalid length.
[  256.831061][T11213] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  256.834977][T11223] __nla_validate_parse: 12 callbacks suppressed
[  256.834997][T11223] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1412'.
[  256.878930][T11215] lo speed is unknown, defaulting to 1000
[  256.880091][ T2152] lo speed is unknown, defaulting to 1000
[  256.886066][T11195] lo speed is unknown, defaulting to 1000
[  257.098798][T11231] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1414'.
[  257.162405][T11234] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1415'.
[  257.274693][T11215] lo speed is unknown, defaulting to 1000
[  257.506358][T11245] 8021q: VLANs not supported on lo
[  257.761906][T11249] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1419'.
[  257.822227][T11254] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1420'.
[  257.913223][T11260] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1422'.
[  258.410093][T11274] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  258.807234][T11276] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1427'.
[  259.220932][T11285] lo speed is unknown, defaulting to 1000
[  259.254469][T11285] lo speed is unknown, defaulting to 1000
[  259.276538][T11292] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1428'.
[  259.365190][T11298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1433'.
[  259.565669][T11304] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1437'.
[  259.652315][T11307] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  259.701960][T11307] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  259.872460][T11319] netem: unknown loss type 13
[  259.888747][T11319] netem: change failed
[  260.282977][T11331] syzkaller0: entered promiscuous mode
[  260.326642][T11331] syzkaller0: entered allmulticast mode
[  260.362896][T11335] ipip0: entered promiscuous mode
[  262.715479][T11346] __nla_validate_parse: 6 callbacks suppressed
[  262.715499][T11346] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1450'.
[  262.731071][T11349] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1450'.
[  262.746379][T11356] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1453'.
[  262.911972][T11369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1456'.
[  263.208077][T11380] lo speed is unknown, defaulting to 1000
[  263.216116][T11381] bpq0: entered allmulticast mode
[  263.252996][T11380] lo speed is unknown, defaulting to 1000
[  263.335658][T11385] xt_TCPMSS: Only works on TCP SYN packets
[  263.479580][T11395] veth2: entered allmulticast mode
[  263.513540][T11398] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1466'.
[  263.685459][T11403] syzkaller0: entered promiscuous mode
[  263.697699][T11403] syzkaller0: entered allmulticast mode
[  263.819662][T11410] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1468'.
[  266.224746][T11407] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  266.233584][T11409] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1469'.
[  266.258947][T11410] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  266.403720][T11427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1471'.
[  266.429990][T11427] FAULT_INJECTION: forcing a failure.
[  266.429990][T11427] name failslab, interval 1, probability 0, space 0, times 0
[  266.467523][T11427] CPU: 0 UID: 0 PID: 11427 Comm: syz.0.1471 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  266.467554][T11427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  266.467567][T11427] Call Trace:
[  266.467574][T11427]  <TASK>
[  266.467583][T11427]  dump_stack_lvl+0x241/0x360
[  266.467616][T11427]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.467639][T11427]  ? __pfx__printk+0x10/0x10
[  266.467663][T11427]  ? __kmalloc_cache_noprof+0x48/0x390
[  266.467695][T11427]  ? __pfx___might_resched+0x10/0x10
[  266.467728][T11427]  should_fail_ex+0x40a/0x550
[  266.467766][T11427]  should_failslab+0xac/0x100
[  266.467797][T11427]  __kmalloc_cache_noprof+0x70/0x390
[  266.467825][T11427]  ? nfnetlink_rcv+0x1265/0x2ab0
[  266.467856][T11427]  nfnetlink_rcv+0x1265/0x2ab0
[  266.467931][T11427]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  266.468010][T11427]  ? netlink_deliver_tap+0x2e/0x1b0
[  266.468042][T11427]  ? skb_clone+0x240/0x390
[  266.468070][T11427]  ? __pfx_lock_release+0x10/0x10
[  266.468119][T11427]  ? netlink_deliver_tap+0x2e/0x1b0
[  266.468156][T11427]  netlink_unicast+0x7f6/0x990
[  266.468196][T11427]  ? __pfx_netlink_unicast+0x10/0x10
[  266.468224][T11427]  ? __virt_addr_valid+0x45f/0x530
[  266.468246][T11427]  ? __phys_addr_symbol+0x2f/0x70
[  266.468266][T11427]  ? __check_object_size+0x47a/0x730
[  266.468301][T11427]  netlink_sendmsg+0x8de/0xcb0
[  266.468335][T11427]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.468361][T11427]  ? aa_sock_msg_perm+0x91/0x160
[  266.468401][T11427]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.468420][T11427]  __sock_sendmsg+0x221/0x270
[  266.468456][T11427]  ____sys_sendmsg+0x53a/0x860
[  266.468492][T11427]  ? __pfx_____sys_sendmsg+0x10/0x10
[  266.468517][T11427]  ? __fget_files+0x2a/0x410
[  266.468551][T11427]  ? __fget_files+0x2a/0x410
[  266.468593][T11427]  __sys_sendmsg+0x269/0x350
[  266.468626][T11427]  ? __pfx___sys_sendmsg+0x10/0x10
[  266.468667][T11427]  ? do_sys_openat2+0x17a/0x1d0
[  266.468729][T11427]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  266.468764][T11427]  ? do_syscall_64+0x100/0x230
[  266.468800][T11427]  ? do_syscall_64+0xb6/0x230
[  266.468835][T11427]  do_syscall_64+0xf3/0x230
[  266.468875][T11427]  ? clear_bhb_loop+0x35/0x90
[  266.468908][T11427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.468937][T11427] RIP: 0033:0x7f9b69f8d169
[  266.468956][T11427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.468974][T11427] RSP: 002b:00007f9b6ad27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.468997][T11427] RAX: ffffffffffffffda RBX: 00007f9b6a1a5fa0 RCX: 00007f9b69f8d169
[  266.469012][T11427] RDX: 0000000000000000 RSI: 0000200000000840 RDI: 0000000000000007
[  266.469025][T11427] RBP: 00007f9b6ad27090 R08: 0000000000000000 R09: 0000000000000000
[  266.469038][T11427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.469050][T11427] R13: 0000000000000000 R14: 00007f9b6a1a5fa0 R15: 00007ffe26672b18
[  266.469083][T11427]  </TASK>
[  266.884677][T11433] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  267.252358][T11433] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1473'.
[  267.282998][T11442] lo speed is unknown, defaulting to 1000
[  267.320060][T11442] lo speed is unknown, defaulting to 1000
[  267.371429][T11454] syzkaller0: entered promiscuous mode
[  267.379515][T11454] syzkaller0: entered allmulticast mode
[  267.413681][T11458] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1481'.
[  269.692488][ T5841] Bluetooth: hci4: link tx timeout
[  269.699453][ T5841] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  269.711518][ T5845] Bluetooth: hci4: link tx timeout
[  269.716877][ T5845] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  269.726040][ T5845] Bluetooth: hci4: link tx timeout
[  269.731280][ T5845] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  269.749811][T11469] __nla_validate_parse: 1 callbacks suppressed
[  269.749827][T11469] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1483'.
[  269.800506][T11467] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.935855][T11476] lo speed is unknown, defaulting to 1000
[  269.965227][T11467] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.110579][T11467] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.171542][T11476] lo speed is unknown, defaulting to 1000
[  270.241341][T11467] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.367439][T11492] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1491'.
[  270.382292][T11492] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1491'.
[  270.509120][T11499] bridge0: port 3(macsec1) entered blocking state
[  270.515696][T11499] bridge0: port 3(macsec1) entered disabled state
[  270.534481][T11499] macsec1: entered allmulticast mode
[  270.544349][T11499] bridge0: entered allmulticast mode
[  270.563949][T11499] macsec1: left allmulticast mode
[  270.569628][T11499] bridge0: left allmulticast mode
[  270.622091][T11467] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.645295][T11467] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.662701][T11502] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1493'.
[  270.708226][T11502] netlink: 'syz.4.1493': attribute type 1 has an invalid length.
[  270.724271][T11502] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1493'.
[  270.752871][T11467] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.803886][T11467] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.980933][T11506] xt_NFQUEUE: number of total queues is 0
[  271.318828][T11523] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1499'.
[  271.454318][T11530] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  271.759661][T11542] veth1_macvtap: left promiscuous mode
[  271.786352][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  271.816614][T11542] macsec0: entered promiscuous mode
[  271.856932][T11542] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.864476][T11542] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.887375][T11544] FAULT_INJECTION: forcing a failure.
[  271.887375][T11544] name failslab, interval 1, probability 0, space 0, times 0
[  271.935059][T11546] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1509'.
[  271.962873][T11544] CPU: 1 UID: 0 PID: 11544 Comm: syz.1.1508 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  271.962911][T11544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  271.962923][T11544] Call Trace:
[  271.962930][T11544]  <TASK>
[  271.962938][T11544]  dump_stack_lvl+0x241/0x360
[  271.962969][T11544]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.962993][T11544]  ? __pfx__printk+0x10/0x10
[  271.963016][T11544]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  271.963047][T11544]  ? __pfx___might_resched+0x10/0x10
[  271.963080][T11544]  should_fail_ex+0x40a/0x550
[  271.963117][T11544]  should_failslab+0xac/0x100
[  271.963146][T11544]  __kmalloc_node_noprof+0xe1/0x4d0
[  271.963175][T11544]  ? apparmor_capable+0x13b/0x1b0
[  271.963198][T11544]  ? __kvmalloc_node_noprof+0x72/0x190
[  271.963236][T11544]  __kvmalloc_node_noprof+0x72/0x190
[  271.963271][T11544]  xt_alloc_table_info+0x3d/0xa0
[  271.963294][T11544]  do_ip6t_set_ctl+0xba0/0x1270
[  271.963332][T11544]  ? nf_setsockopt+0x240/0x2c0
[  271.963354][T11544]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  271.963394][T11544]  ? rcu_is_watching+0x15/0xb0
[  271.963418][T11544]  ? trace_contention_end+0x3c/0x120
[  271.963453][T11544]  ? __mutex_unlock_slowpath+0x227/0x800
[  271.963493][T11544]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  271.963531][T11544]  ? __lock_acquire+0x1397/0x2100
[  271.963572][T11544]  nf_setsockopt+0x295/0x2c0
[  271.963600][T11544]  dccp_setsockopt+0x17c/0x1140
[  271.963629][T11544]  ? __pfx_aa_sk_perm+0x10/0x10
[  271.963659][T11544]  ? __pfx_dccp_setsockopt+0x10/0x10
[  271.963685][T11544]  ? __pfx_lock_acquire+0x10/0x10
[  271.963714][T11544]  ? aa_sock_opt_perm+0x79/0x120
[  271.963745][T11544]  ? sock_common_setsockopt+0x37/0xc0
[  271.963782][T11544]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  271.963814][T11544]  do_sock_setsockopt+0x3af/0x720
[  271.963846][T11544]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  271.963876][T11544]  ? __fget_files+0x395/0x410
[  271.963905][T11544]  ? __fget_files+0x2a/0x410
[  271.963944][T11544]  __x64_sys_setsockopt+0x1ee/0x280
[  271.963976][T11544]  do_syscall_64+0xf3/0x230
[  271.964006][T11544]  ? clear_bhb_loop+0x35/0x90
[  271.964039][T11544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.964067][T11544] RIP: 0033:0x7f0ca4b8d169
[  271.964086][T11544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.964103][T11544] RSP: 002b:00007f0ca5a7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  271.964125][T11544] RAX: ffffffffffffffda RBX: 00007f0ca4da5fa0 RCX: 00007f0ca4b8d169
[  271.964140][T11544] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  271.964152][T11544] RBP: 00007f0ca5a7d090 R08: 0000000000000450 R09: 0000000000000000
[  271.964164][T11544] R10: 0000200000000780 R11: 0000000000000246 R12: 0000000000000001
[  271.964177][T11544] R13: 0000000000000000 R14: 00007f0ca4da5fa0 R15: 00007ffccd725328
[  271.964208][T11544]  </TASK>
[  271.972829][T11546] FAULT_INJECTION: forcing a failure.
[  271.972829][T11546] name failslab, interval 1, probability 0, space 0, times 0
[  272.243963][T11530] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1503'.
[  272.286705][T11546] CPU: 0 UID: 0 PID: 11546 Comm: syz.4.1509 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  272.286735][T11546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  272.286747][T11546] Call Trace:
[  272.286754][T11546]  <TASK>
[  272.286762][T11546]  dump_stack_lvl+0x241/0x360
[  272.286794][T11546]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.286817][T11546]  ? __pfx__printk+0x10/0x10
[  272.286843][T11546]  ? ref_tracker_alloc+0x332/0x490
[  272.286868][T11546]  should_fail_ex+0x40a/0x550
[  272.286905][T11546]  should_failslab+0xac/0x100
[  272.286935][T11546]  ? skb_clone+0x20c/0x390
[  272.286961][T11546]  kmem_cache_alloc_noprof+0x70/0x380
[  272.286997][T11546]  skb_clone+0x20c/0x390
[  272.287029][T11546]  __netlink_deliver_tap+0x3c4/0x7f0
[  272.287075][T11546]  ? netlink_deliver_tap+0x2e/0x1b0
[  272.287107][T11546]  netlink_deliver_tap+0x19d/0x1b0
[  272.287142][T11546]  netlink_sendskb+0x68/0x140
[  272.287174][T11546]  netlink_unicast+0x39d/0x990
[  272.287201][T11546]  ? __asan_memcpy+0x40/0x70
[  272.287231][T11546]  ? __pfx_netlink_unicast+0x10/0x10
[  272.287286][T11546]  nfnetlink_rcv+0x26bd/0x2ab0
[  272.287350][T11546]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  272.287430][T11546]  ? netlink_deliver_tap+0x2e/0x1b0
[  272.287461][T11546]  ? skb_clone+0x240/0x390
[  272.287501][T11546]  ? __pfx_lock_release+0x10/0x10
[  272.287550][T11546]  ? netlink_deliver_tap+0x2e/0x1b0
[  272.287586][T11546]  netlink_unicast+0x7f6/0x990
[  272.287625][T11546]  ? __pfx_netlink_unicast+0x10/0x10
[  272.287653][T11546]  ? __virt_addr_valid+0x45f/0x530
[  272.287674][T11546]  ? __phys_addr_symbol+0x2f/0x70
[  272.287694][T11546]  ? __check_object_size+0x47a/0x730
[  272.287729][T11546]  netlink_sendmsg+0x8de/0xcb0
[  272.287763][T11546]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.287789][T11546]  ? aa_sock_msg_perm+0x91/0x160
[  272.287828][T11546]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.287847][T11546]  __sock_sendmsg+0x221/0x270
[  272.287882][T11546]  ____sys_sendmsg+0x53a/0x860
[  272.287918][T11546]  ? __pfx_____sys_sendmsg+0x10/0x10
[  272.287943][T11546]  ? __fget_files+0x2a/0x410
[  272.287977][T11546]  ? __fget_files+0x2a/0x410
[  272.288018][T11546]  __sys_sendmsg+0x269/0x350
[  272.288050][T11546]  ? __pfx___sys_sendmsg+0x10/0x10
[  272.288091][T11546]  ? do_sys_openat2+0x17a/0x1d0
[  272.288152][T11546]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  272.288186][T11546]  ? do_syscall_64+0x100/0x230
[  272.288221][T11546]  ? do_syscall_64+0xb6/0x230
[  272.288255][T11546]  do_syscall_64+0xf3/0x230
[  272.288301][T11546]  ? clear_bhb_loop+0x35/0x90
[  272.288334][T11546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.288362][T11546] RIP: 0033:0x7f2c97b8d169
[  272.288380][T11546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.288398][T11546] RSP: 002b:00007f2c98974038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  272.288420][T11546] RAX: ffffffffffffffda RBX: 00007f2c97da5fa0 RCX: 00007f2c97b8d169
[  272.288435][T11546] RDX: 0000000000000000 RSI: 0000200000000840 RDI: 0000000000000007
[  272.288448][T11546] RBP: 00007f2c98974090 R08: 0000000000000000 R09: 0000000000000000
[  272.288461][T11546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  272.288473][T11546] R13: 0000000000000000 R14: 00007f2c97da5fa0 R15: 00007ffcfeb416f8
[  272.288505][T11546]  </TASK>
[  272.640834][T11547] lo speed is unknown, defaulting to 1000
[  272.648981][T11547] lo speed is unknown, defaulting to 1000
[  272.841382][T11554] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1512'.
[  272.850773][T11554] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1512'.
[  272.892322][T11554] syzkaller1: tun_chr_ioctl cmd 1074025677
[  272.898460][T11554] syzkaller1: Refused to change device type
[  273.110264][T11561] netlink: 'syz.0.1513': attribute type 8 has an invalid length.
[  273.634809][T11590] xt_NFQUEUE: number of total queues is 0
[  273.856386][ T5841] Bluetooth: hci4: command 0x0405 tx timeout
[  274.193528][T11608] xt_bpf: check failed: parse error
[  274.294804][T11617] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  274.397925][T11621] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  274.515109][T11629] netlink: 'syz.3.1535': attribute type 32 has an invalid length.
[  274.556109][  T975] IPVS: starting estimator thread 0...
[  274.716511][T11634] IPVS: using max 19 ests per chain, 45600 per kthread
[  275.012879][T11632] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  275.032124][T11632] tipc: Enabled bearer <udp:s>, priority 10
[  275.146419][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  275.220802][T11659] lo speed is unknown, defaulting to 1000
[  275.268186][T11661] netlink: 'syz.4.1543': attribute type 1 has an invalid length.
[  275.308710][T11659] lo speed is unknown, defaulting to 1000
[  275.416243][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  275.548563][T11670] __nla_validate_parse: 5 callbacks suppressed
[  275.548585][T11670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1543'.
[  275.612548][T11661] 8021q: adding VLAN 0 to HW filter on device bond5
[  275.703851][T11677] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  275.705421][T11663] 8021q: adding VLAN 0 to HW filter on device bond5
[  275.731257][T11663] bond5: (slave vcan1): The slave device specified does not support setting the MAC address
[  275.755401][T11663] bond5: (slave vcan1): Error -95 calling set_mac_address
[  275.807736][T11670] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1543'.
[  275.849862][T11681] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1549'.
[  275.946263][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  276.176525][T11693] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  276.372936][T11702] netlink: 'syz.1.1557': attribute type 1 has an invalid length.
[  276.558709][T11702] 8021q: adding VLAN 0 to HW filter on device bond1
[  276.587048][T11704] bond1: (slave dummy0): making interface the new active one
[  276.597217][T11704] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  276.727294][T11713] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1559'.
[  276.736603][T11713] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  276.970770][T11720] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1559'.
[  276.976359][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  277.035212][T11719] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1560'.
[  277.352278][T11731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1565'.
[  277.411777][T11733] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1564'.
[  277.674159][T11746] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  277.684432][T11748] xt_NFQUEUE: number of total queues is 0
[  277.712332][T11747] netlink: 'syz.0.1570': attribute type 1 has an invalid length.
[  278.000915][T11752] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1573'.
[  278.016377][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  278.204655][T11765] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1575'.
[  278.270746][T11770] xt_cluster: node mask cannot exceed total number of nodes
[  278.643194][T11787] xt_NFQUEUE: number of total queues is 0
[  278.717695][T11788] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  278.955948][T11807] openvswitch: netlink: Key 2 has unexpected len 8 expected 4
[  279.040981][T11813] netlink: 'syz.1.1589': attribute type 4 has an invalid length.
[  279.056432][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  279.576604][T11836] xt_NFQUEUE: number of total queues is 0
[  279.620296][T11839] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  279.636777][T11840] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  280.096380][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  280.666671][T11885] xt_NFQUEUE: number of total queues is 0
[  280.757043][T11887] IPVS: stopping backup sync thread 11888 ...
[  280.763441][T11888] IPVS: sync thread started: state = BACKUP, mcast_ifn = wlan0, syncid = 1, id = 0
[  280.932384][T11890] __nla_validate_parse: 5 callbacks suppressed
[  280.932405][T11890] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1615'.
[  280.999290][T11892] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  281.136232][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  281.278385][T11903] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1619'.
[  281.491004][T11915] batman_adv: batadv0: Adding interface: dummy0
[  281.527138][T11915] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.622253][T11915] batman_adv: batadv0: Interface activated: dummy0
[  281.630966][T11931] xt_NFQUEUE: number of total queues is 0
[  281.874519][T11939] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  281.897493][T11940] x_tables: ip6_tables: rpfilter.0 match: invalid size 8 (kernel) != (user) 48
[  282.176324][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  282.288727][T11950] syzkaller0: entered promiscuous mode
[  282.306525][T11950] syzkaller0: entered allmulticast mode
[  282.407331][T11955] IPVS: length: 24 != 16106127384
[  282.418029][T11961] xt_NFQUEUE: number of total queues is 0
[  282.701774][T11971] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1638'.
[  283.216270][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  284.256283][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  284.609972][T11971] FAULT_INJECTION: forcing a failure.
[  284.609972][T11971] name failslab, interval 1, probability 0, space 0, times 0
[  284.645822][T11971] CPU: 0 UID: 0 PID: 11971 Comm: syz.4.1638 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  284.645857][T11971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  284.645871][T11971] Call Trace:
[  284.645878][T11971]  <TASK>
[  284.645886][T11971]  dump_stack_lvl+0x241/0x360
[  284.645919][T11971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.645943][T11971]  ? __pfx__printk+0x10/0x10
[  284.645967][T11971]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  284.646000][T11971]  ? __pfx___might_resched+0x10/0x10
[  284.646034][T11971]  should_fail_ex+0x40a/0x550
[  284.646073][T11971]  should_failslab+0xac/0x100
[  284.646103][T11971]  kmem_cache_alloc_node_noprof+0x77/0x380
[  284.646138][T11971]  ? __alloc_skb+0x1c3/0x440
[  284.646166][T11971]  __alloc_skb+0x1c3/0x440
[  284.646189][T11971]  ? ____sys_sendmsg+0x53a/0x860
[  284.646218][T11971]  ? __pfx___alloc_skb+0x10/0x10
[  284.646246][T11971]  ? netlink_ack_tlv_len+0x6e/0x200
[  284.646283][T11971]  netlink_ack+0x145/0xa60
[  284.646319][T11971]  ? __pfx_lock_acquire+0x10/0x10
[  284.646351][T11971]  ? __pfx_nl80211_flush_pmksa+0x10/0x10
[  284.646376][T11971]  ? __pfx___might_resched+0x10/0x10
[  284.646414][T11971]  netlink_rcv_skb+0x294/0x480
[  284.646446][T11971]  ? __pfx_genl_rcv_msg+0x10/0x10
[  284.646474][T11971]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  284.646519][T11971]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  284.646567][T11971]  genl_rcv+0x28/0x40
[  284.646591][T11971]  netlink_unicast+0x7f6/0x990
[  284.646628][T11971]  ? __pfx_netlink_unicast+0x10/0x10
[  284.646655][T11971]  ? __virt_addr_valid+0x45f/0x530
[  284.646676][T11971]  ? __phys_addr_symbol+0x2f/0x70
[  284.646695][T11971]  ? __check_object_size+0x47a/0x730
[  284.646728][T11971]  netlink_sendmsg+0x8de/0xcb0
[  284.646759][T11971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  284.646784][T11971]  ? aa_sock_msg_perm+0x91/0x160
[  284.646822][T11971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  284.646841][T11971]  __sock_sendmsg+0x221/0x270
[  284.646877][T11971]  ____sys_sendmsg+0x53a/0x860
[  284.646913][T11971]  ? __pfx_____sys_sendmsg+0x10/0x10
[  284.646937][T11971]  ? __fget_files+0x2a/0x410
[  284.646972][T11971]  ? __fget_files+0x2a/0x410
[  284.647011][T11971]  __sys_sendmsg+0x269/0x350
[  284.647041][T11971]  ? __pfx___sys_sendmsg+0x10/0x10
[  284.647079][T11971]  ? do_sys_openat2+0x17a/0x1d0
[  284.647135][T11971]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  284.647170][T11971]  ? do_syscall_64+0x100/0x230
[  284.647203][T11971]  ? do_syscall_64+0xb6/0x230
[  284.647235][T11971]  do_syscall_64+0xf3/0x230
[  284.647266][T11971]  ? clear_bhb_loop+0x35/0x90
[  284.647309][T11971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.647337][T11971] RIP: 0033:0x7f2c97b8d169
[  284.647357][T11971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.647374][T11971] RSP: 002b:00007f2c98974038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  284.647397][T11971] RAX: ffffffffffffffda RBX: 00007f2c97da5fa0 RCX: 00007f2c97b8d169
[  284.647412][T11971] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  284.647425][T11971] RBP: 00007f2c98974090 R08: 0000000000000000 R09: 0000000000000000
[  284.647438][T11971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  284.647450][T11971] R13: 0000000000000000 R14: 00007f2c97da5fa0 R15: 00007ffcfeb416f8
[  284.647482][T11971]  </TASK>
[  285.007003][T11979] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  285.206598][T11990] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  285.213494][T11990] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  285.223367][T11987] siw: device registration error -23
[  285.283988][T11990] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  285.296229][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  285.606498][T12012] xt_NFQUEUE: number of total queues is 0
[  285.964349][T12026] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  286.086011][T12023] syzkaller0: entered promiscuous mode
[  286.092013][T12023] syzkaller0: entered allmulticast mode
[  286.336224][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  287.384788][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  288.419928][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  289.153203][T12067] netlink: 'syz.2.1664': attribute type 12 has an invalid length.
[  289.186442][T12067] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1664'.
[  289.227291][T12069] netlink: 'syz.2.1664': attribute type 12 has an invalid length.
[  289.239432][T12069] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1664'.
[  289.269371][T12073] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1670'.
[  289.291953][T12074] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1669'.
[  289.333233][T12076] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  289.408445][T12076] netlink: 'syz.4.1671': attribute type 9 has an invalid length.
[  289.426387][T12076] netlink: 201384 bytes leftover after parsing attributes in process `syz.4.1671'.
[  289.436825][T12076] openvswitch: netlink: Message has 6 unknown bytes.
[  289.456232][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  289.469135][T12082] netlink: 'syz.0.1668': attribute type 1 has an invalid length.
[  289.494986][T12082] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1668'.
[  289.497897][T12083] netlink: 'syz.2.1673': attribute type 1 has an invalid length.
[  289.564380][T12082] lo speed is unknown, defaulting to 1000
[  289.586116][T12082] lo speed is unknown, defaulting to 1000
[  289.617054][T12087] sit0: entered promiscuous mode
[  289.622190][T12087] netlink: 'syz.1.1674': attribute type 1 has an invalid length.
[  289.656323][T12087] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1674'.
[  289.671477][T12093] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  289.710445][T12091] bpq0: left allmulticast mode
[  289.977134][T12097] lo speed is unknown, defaulting to 1000
[  289.985989][T12097] lo speed is unknown, defaulting to 1000
[  289.993238][T12105] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  290.182071][T12111] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1682'.
[  290.285655][T12113] x_tables: duplicate underflow at hook 1
[  290.496268][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  290.612559][T12121] lo speed is unknown, defaulting to 1000
[  290.670868][T12126] netlink: 'syz.2.1686': attribute type 1 has an invalid length.
[  290.706620][T12105] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1681'.
[  290.719792][T12123] lo speed is unknown, defaulting to 1000
[  290.766278][T12121] lo speed is unknown, defaulting to 1000
[  290.799719][T12126] bond3: entered promiscuous mode
[  290.805125][T12126] 8021q: adding VLAN 0 to HW filter on device bond3
[  290.882523][T12134] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1686'.
[  290.942729][T12133] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  291.209323][T12138] lo speed is unknown, defaulting to 1000
[  291.210596][T12123] lo speed is unknown, defaulting to 1000
[  291.536221][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  291.612962][T12138] lo speed is unknown, defaulting to 1000
[  292.363684][T12160] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  292.576215][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  292.707606][T12172] xt_NFQUEUE: number of total queues is 0
[  292.716868][T12170] pimreg3: entered allmulticast mode
[  292.970858][T12176] lo speed is unknown, defaulting to 1000
[  293.012146][T12176] lo speed is unknown, defaulting to 1000
[  293.199705][T12192] netlink: 'syz.1.1708': attribute type 1 has an invalid length.
[  293.216620][T12192] netlink: 'syz.1.1708': attribute type 2 has an invalid length.
[  293.500268][T12209] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  293.616243][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  293.763803][T12220] xt_NFQUEUE: number of total queues is 0
[  294.173418][T12227] xt_NFQUEUE: number of total queues is 0
[  294.242680][T12209] __nla_validate_parse: 12 callbacks suppressed
[  294.242704][T12209] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1713'.
[  294.296550][T12229] lo speed is unknown, defaulting to 1000
[  294.308261][T12229] lo speed is unknown, defaulting to 1000
[  294.458228][T12233] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1722'.
[  294.493351][T12236] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1723'.
[  294.535596][T12237] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1724'.
[  294.548930][T12238] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1723'.
[  294.656229][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  294.918596][T12247] xt_NFQUEUE: number of total queues is 0
[  294.950270][T12249] xt_NFQUEUE: number of total queues is 0
[  295.343879][T12259] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1734'.
[  295.373067][T12261] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1733'.
[  295.607943][T12269] bridge_slave_1: left allmulticast mode
[  295.613691][T12269] bridge_slave_1: left promiscuous mode
[  295.619624][T12269] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.659475][T12272] netlink: 'syz.3.1737': attribute type 10 has an invalid length.
[  295.696291][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  295.704659][T12269] bridge_slave_0: left allmulticast mode
[  295.721369][T12269] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.773896][T12283] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1737'.
[  295.789346][T12273] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1740'.
[  295.800535][T12285] xt_NFQUEUE: number of total queues is 0
[  296.173443][T12298] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1747'.
[  296.413017][T12311] xt_NFQUEUE: number of total queues is 0
[  296.599511][T12324] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  296.736216][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  296.869469][T12340] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  296.888151][T12340] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  296.895592][T12339] : entered promiscuous mode
[  297.627862][T12373] lo speed is unknown, defaulting to 1000
[  297.635882][T12373] lo speed is unknown, defaulting to 1000
[  297.776221][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  298.570724][T12414] xt_NFQUEUE: number of total queues is 0
[  298.653373][T12416] syzkaller1: entered promiscuous mode
[  298.675547][T12416] syzkaller1: entered allmulticast mode
[  298.816348][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  298.857723][T12423] vcan0: mtu less than device minimum
[  299.179357][T12435] lo speed is unknown, defaulting to 1000
[  299.205198][T12441] veth1_macvtap: left promiscuous mode
[  299.245158][T12435] lo speed is unknown, defaulting to 1000
[  299.294475][T12448] __nla_validate_parse: 11 callbacks suppressed
[  299.294497][T12448] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1787'.
[  299.527169][T12454] lo speed is unknown, defaulting to 1000
[  299.633638][T12459] netlink: 'syz.0.1791': attribute type 1 has an invalid length.
[  299.661212][T12459] netlink: 16179 bytes leftover after parsing attributes in process `syz.0.1791'.
[  299.671925][T12454] lo speed is unknown, defaulting to 1000
[  299.855787][T12462] xt_NFQUEUE: number of total queues is 0
[  299.861695][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  300.181095][T12471] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  300.510845][T12483] lo speed is unknown, defaulting to 1000
[  300.569745][T12492] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1801'.
[  300.601958][T12483] lo speed is unknown, defaulting to 1000
[  300.617930][T12487] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1800'.
[  300.673406][T12487] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1800'.
[  300.683545][T12498] FAULT_INJECTION: forcing a failure.
[  300.683545][T12498] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.718538][T12498] CPU: 0 UID: 0 PID: 12498 Comm: syz.1.1802 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  300.718570][T12498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.718582][T12498] Call Trace:
[  300.718590][T12498]  <TASK>
[  300.718599][T12498]  dump_stack_lvl+0x241/0x360
[  300.718631][T12498]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.718655][T12498]  ? __pfx__printk+0x10/0x10
[  300.718679][T12498]  ? __pfx_lock_release+0x10/0x10
[  300.718720][T12498]  should_fail_ex+0x40a/0x550
[  300.718759][T12498]  _copy_from_user+0x2d/0xb0
[  300.718790][T12498]  do_sock_getsockopt+0x1d1/0x740
[  300.718824][T12498]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  300.718848][T12498]  ? __fget_files+0x2a/0x410
[  300.718880][T12498]  ? __fget_files+0x395/0x410
[  300.718909][T12498]  ? __fget_files+0x2a/0x410
[  300.718948][T12498]  __x64_sys_getsockopt+0x2a1/0x370
[  300.718981][T12498]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  300.719009][T12498]  ? do_syscall_64+0x100/0x230
[  300.719050][T12498]  ? do_syscall_64+0xb6/0x230
[  300.719084][T12498]  do_syscall_64+0xf3/0x230
[  300.719117][T12498]  ? clear_bhb_loop+0x35/0x90
[  300.719151][T12498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.719179][T12498] RIP: 0033:0x7f0ca4b8d169
[  300.719198][T12498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.719216][T12498] RSP: 002b:00007f0ca5a5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  300.719239][T12498] RAX: ffffffffffffffda RBX: 00007f0ca4da6080 RCX: 00007f0ca4b8d169
[  300.719255][T12498] RDX: 0000000000000070 RSI: 0000000000000084 RDI: 0000000000000003
[  300.719267][T12498] RBP: 00007f0ca5a5c090 R08: 0000200000000340 R09: 0000000000000000
[  300.719281][T12498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.719293][T12498] R13: 0000000000000001 R14: 00007f0ca4da6080 R15: 00007ffccd725328
[  300.719325][T12498]  </TASK>
[  300.720236][T12487] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1800'.
[  300.897319][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  301.039659][T12504] xt_NFQUEUE: number of total queues is 0
[  301.160907][T12506] lo speed is unknown, defaulting to 1000
[  301.298713][T12515] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1808'.
[  301.459758][T12515] bond0: option miimon: invalid value (18446744073537628286)
[  301.486544][T12515] bond0: option miimon: allowed values 0 - 2147483647
[  301.640682][T12506] lo speed is unknown, defaulting to 1000
[  301.936227][    C0] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  301.969223][T12525] netlink: 'syz.3.1811': attribute type 4 has an invalid length.
[  302.317463][T12532] netlink: 'syz.3.1813': attribute type 9 has an invalid length.
[  302.725571][T12539] xt_NFQUEUE: number of total queues is 0
[  303.003176][T12543] lo speed is unknown, defaulting to 1000
[  303.067718][T12543] lo speed is unknown, defaulting to 1000
[  303.414225][T12556] FAULT_INJECTION: forcing a failure.
[  303.414225][T12556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.468300][T12556] CPU: 1 UID: 0 PID: 12556 Comm: syz.1.1820 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  303.468332][T12556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  303.468346][T12556] Call Trace:
[  303.468353][T12556]  <TASK>
[  303.468361][T12556]  dump_stack_lvl+0x241/0x360
[  303.468415][T12556]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.468440][T12556]  ? __pfx__printk+0x10/0x10
[  303.468468][T12556]  ? snprintf+0xda/0x120
[  303.468495][T12556]  should_fail_ex+0x40a/0x550
[  303.468535][T12556]  _copy_to_user+0x31/0xb0
[  303.468568][T12556]  simple_read_from_buffer+0xca/0x150
[  303.468600][T12556]  proc_fail_nth_read+0x1e9/0x250
[  303.468632][T12556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  303.468665][T12556]  ? rw_verify_area+0x243/0x630
[  303.468687][T12556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  303.468719][T12556]  vfs_read+0x1f8/0xb40
[  303.468742][T12556]  ? fdget_pos+0x254/0x320
[  303.468775][T12556]  ? __pfx___mutex_lock+0x10/0x10
[  303.468806][T12556]  ? __pfx_vfs_read+0x10/0x10
[  303.468833][T12556]  ? __fget_files+0x2a/0x410
[  303.468863][T12556]  ? __fget_files+0x395/0x410
[  303.468893][T12556]  ? __fget_files+0x2a/0x410
[  303.468934][T12556]  ksys_read+0x18f/0x2b0
[  303.468960][T12556]  ? __pfx_ksys_read+0x10/0x10
[  303.468984][T12556]  ? do_syscall_64+0x100/0x230
[  303.469018][T12556]  ? do_syscall_64+0xb6/0x230
[  303.469052][T12556]  do_syscall_64+0xf3/0x230
[  303.469085][T12556]  ? clear_bhb_loop+0x35/0x90
[  303.469119][T12556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.469149][T12556] RIP: 0033:0x7f0ca4b8bb7c
[  303.469168][T12556] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  303.469186][T12556] RSP: 002b:00007f0ca5a5c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  303.469207][T12556] RAX: ffffffffffffffda RBX: 00007f0ca4da6080 RCX: 00007f0ca4b8bb7c
[  303.469223][T12556] RDX: 000000000000000f RSI: 00007f0ca5a5c0a0 RDI: 0000000000000004
[  303.469236][T12556] RBP: 00007f0ca5a5c090 R08: 0000000000000000 R09: 0000000000000000
[  303.469248][T12556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.469260][T12556] R13: 0000000000000001 R14: 00007f0ca4da6080 R15: 00007ffccd725328
[  303.469292][T12556]  </TASK>
[  303.958459][T12567] xt_NFQUEUE: number of total queues is 0
[  304.145777][T12580] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1828'.
[  304.344826][T12579] lo speed is unknown, defaulting to 1000
[  304.383990][T12590] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1830'.
[  304.408558][T12579] lo speed is unknown, defaulting to 1000
[  304.522405][T12594] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  304.549995][T12596] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  304.831456][T12603] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1835'.
[  305.195144][T12619] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1838'.
[  305.198562][T12614] lo speed is unknown, defaulting to 1000
[  305.226705][T12611] netlink: 'syz.1.1837': attribute type 1 has an invalid length.
[  305.244353][T12619] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1838'.
[  305.246840][T12611] netlink: 'syz.1.1837': attribute type 2 has an invalid length.
[  305.286877][T12611] netlink: 'syz.1.1837': attribute type 1 has an invalid length.
[  305.329853][T12619] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1838'.
[  305.361424][T12622] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1840'.
[  305.447492][T12614] lo speed is unknown, defaulting to 1000
[  305.584494][T12631] xt_NFQUEUE: number of total queues is 0
[  305.871971][T12641] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1847'.
[  306.075962][T12637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1845'.
[  306.842694][T12663] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  306.976788][T12668] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1856'.
[  307.069950][T12657] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1851'.
[  307.198229][T12671] syzkaller1: entered promiscuous mode
[  307.204111][T12671] syzkaller1: entered allmulticast mode
[  307.349061][T12678] lo speed is unknown, defaulting to 1000
[  307.397578][T12678] lo speed is unknown, defaulting to 1000
[  307.424070][T12680] lo speed is unknown, defaulting to 1000
[  307.494914][T12657] x_tables: duplicate entry at hook 2
[  307.757213][T12680] lo speed is unknown, defaulting to 1000
[  307.802083][T12691] netlink: 'syz.2.1863': attribute type 4 has an invalid length.
[  307.882812][T12695] netlink: 'syz.2.1863': attribute type 4 has an invalid length.
[  308.067864][T12698] lo speed is unknown, defaulting to 1000
[  308.191889][T12698] lo speed is unknown, defaulting to 1000
[  308.591214][T12717] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  308.976493][T12727] lo speed is unknown, defaulting to 1000
[  308.985279][T12727] lo speed is unknown, defaulting to 1000
[  309.224994][T12740] gretap0: left allmulticast mode
[  309.244530][T12740] gretap0: left promiscuous mode
[  309.263370][T12740] bridge0: port 1(gretap0) entered disabled state
[  309.311665][T12740] bond0: (slave wlan1): Releasing backup interface
[  309.370083][T12740] bond1: (slave gretap1): Releasing active interface
[  309.402941][T12740] bond0: (slave bond2): Releasing backup interface
[  309.622406][T12748] __nla_validate_parse: 11 callbacks suppressed
[  309.622431][T12748] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1880'.
[  309.944633][T12753] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1882'.
[  310.017055][T12759] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1882'.
[  310.074306][T12753] sch_tbf: burst 0 is lower than device lo mtu (81) !
[  310.166557][T12762] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  310.395552][T12769] netlink: 'syz.0.1886': attribute type 10 has an invalid length.
[  310.497812][T12769] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode
[  310.528744][T12769] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  310.701868][T12780] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1889'.
[  311.187017][T12801] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  311.395922][T12810] FAULT_INJECTION: forcing a failure.
[  311.395922][T12810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.411968][T12810] CPU: 0 UID: 0 PID: 12810 Comm: syz.4.1901 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  311.411999][T12810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  311.412013][T12810] Call Trace:
[  311.412021][T12810]  <TASK>
[  311.412030][T12810]  dump_stack_lvl+0x241/0x360
[  311.412062][T12810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.412087][T12810]  ? __pfx__printk+0x10/0x10
[  311.412111][T12810]  ? __pfx_lock_release+0x10/0x10
[  311.412150][T12810]  should_fail_ex+0x40a/0x550
[  311.412189][T12810]  _copy_from_user+0x2d/0xb0
[  311.412219][T12810]  bpf_test_init+0xfc/0x160
[  311.412255][T12810]  bpf_prog_test_run_nf+0x345/0xbc0
[  311.412284][T12810]  ? __pfx_lock_release+0x10/0x10
[  311.412323][T12810]  ? __pfx_bpf_prog_test_run_nf+0x10/0x10
[  311.412359][T12810]  ? __fget_files+0x2a/0x410
[  311.412392][T12810]  ? __fget_files+0x395/0x410
[  311.412421][T12810]  ? __fget_files+0x2a/0x410
[  311.412457][T12810]  ? fput+0x21b/0x290
[  311.412486][T12810]  ? __pfx_bpf_prog_test_run_nf+0x10/0x10
[  311.412511][T12810]  bpf_prog_test_run+0x2e4/0x360
[  311.412548][T12810]  __sys_bpf+0x487/0x820
[  311.412580][T12810]  ? __pfx___sys_bpf+0x10/0x10
[  311.412625][T12810]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  311.412661][T12810]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  311.412695][T12810]  ? do_syscall_64+0x100/0x230
[  311.412733][T12810]  __x64_sys_bpf+0x7c/0x90
[  311.412761][T12810]  do_syscall_64+0xf3/0x230
[  311.412792][T12810]  ? clear_bhb_loop+0x35/0x90
[  311.412830][T12810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.412859][T12810] RIP: 0033:0x7f2c97b8d169
[  311.412877][T12810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.412895][T12810] RSP: 002b:00007f2c98974038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  311.412918][T12810] RAX: ffffffffffffffda RBX: 00007f2c97da5fa0 RCX: 00007f2c97b8d169
[  311.412933][T12810] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  311.412946][T12810] RBP: 00007f2c98974090 R08: 0000000000000000 R09: 0000000000000000
[  311.412959][T12810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.412971][T12810] R13: 0000000000000000 R14: 00007f2c97da5fa0 R15: 00007ffcfeb416f8
[  311.413004][T12810]  </TASK>
[  311.739917][T12820] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1903'.
[  312.146439][T12838] FAULT_INJECTION: forcing a failure.
[  312.146439][T12838] name failslab, interval 1, probability 0, space 0, times 0
[  312.166514][T12835] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1909'.
[  312.194747][T12838] CPU: 1 UID: 0 PID: 12838 Comm: syz.3.1910 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  312.194786][T12838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  312.194799][T12838] Call Trace:
[  312.194807][T12838]  <TASK>
[  312.194816][T12838]  dump_stack_lvl+0x241/0x360
[  312.194848][T12838]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.194873][T12838]  ? __pfx__printk+0x10/0x10
[  312.194897][T12838]  ? fs_reclaim_acquire+0x93/0x130
[  312.194921][T12838]  ? __pfx___might_resched+0x10/0x10
[  312.194947][T12838]  ? dynamic_dname+0x144/0x1b0
[  312.194973][T12838]  should_fail_ex+0x40a/0x550
[  312.195011][T12838]  should_failslab+0xac/0x100
[  312.195041][T12838]  __kmalloc_noprof+0xdd/0x4c0
[  312.195071][T12838]  ? tomoyo_encode+0x26f/0x540
[  312.195098][T12838]  tomoyo_encode+0x26f/0x540
[  312.195121][T12838]  ? __pfx_sockfs_dname+0x10/0x10
[  312.195156][T12838]  tomoyo_realpath_from_path+0x59e/0x5e0
[  312.195192][T12838]  tomoyo_path_number_perm+0x239/0x770
[  312.195222][T12838]  ? __lock_acquire+0x1397/0x2100
[  312.195258][T12838]  ? tomoyo_path_number_perm+0x209/0x770
[  312.195291][T12838]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  312.195367][T12838]  ? __fget_files+0x2a/0x410
[  312.195402][T12838]  ? __fget_files+0x2a/0x410
[  312.195439][T12838]  security_file_ioctl+0xc6/0x2a0
[  312.195470][T12838]  __se_sys_ioctl+0x46/0x170
[  312.195497][T12838]  do_syscall_64+0xf3/0x230
[  312.195537][T12838]  ? clear_bhb_loop+0x35/0x90
[  312.195570][T12838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.195598][T12838] RIP: 0033:0x7fdf0cb8d169
[  312.195617][T12838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.195634][T12838] RSP: 002b:00007fdf0d91a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  312.195657][T12838] RAX: ffffffffffffffda RBX: 00007fdf0cda5fa0 RCX: 00007fdf0cb8d169
[  312.195672][T12838] RDX: 0000200000010b80 RSI: 00000000000089ea RDI: 0000000000000004
[  312.195685][T12838] RBP: 00007fdf0d91a090 R08: 0000000000000000 R09: 0000000000000000
[  312.195698][T12838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.195710][T12838] R13: 0000000000000000 R14: 00007fdf0cda5fa0 R15: 00007ffc1dc149d8
[  312.195743][T12838]  </TASK>
[  312.195827][T12838] ERROR: Out of memory at tomoyo_realpath_from_path.
[  312.374159][T12845] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1909'.
[  312.441951][    T9] hid-generic 0005:0458:0009.0003: unknown main item tag 0x0
[  312.449969][    T9] hid-generic 0005:0458:0009.0003: unknown main item tag 0x0
[  312.465308][T12845] netlink: 'syz.2.1909': attribute type 21 has an invalid length.
[  312.473989][    T9] hid-generic 0005:0458:0009.0003: hidraw0: BLUETOOTH HID v0.09 Device [syz0] on aa:aa:aa:aa:aa:aa
[  312.534855][T12851] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  312.621372][T12856] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1916'.
[  312.643659][T12858] FAULT_INJECTION: forcing a failure.
[  312.643659][T12858] name failslab, interval 1, probability 0, space 0, times 0
[  312.647378][T12855] lo speed is unknown, defaulting to 1000
[  312.666883][T12858] CPU: 1 UID: 0 PID: 12858 Comm: syz.0.1917 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  312.666916][T12858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  312.666929][T12858] Call Trace:
[  312.666937][T12858]  <TASK>
[  312.666946][T12858]  dump_stack_lvl+0x241/0x360
[  312.666979][T12858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.667003][T12858]  ? __pfx__printk+0x10/0x10
[  312.667028][T12858]  ? __kmalloc_noprof+0xb5/0x4c0
[  312.667062][T12858]  ? __pfx___might_resched+0x10/0x10
[  312.667093][T12858]  should_fail_ex+0x40a/0x550
[  312.667129][T12858]  should_failslab+0xac/0x100
[  312.667160][T12858]  __kmalloc_noprof+0xdd/0x4c0
[  312.667188][T12858]  ? bpf_ctx_init+0xb1/0x1b0
[  312.667223][T12858]  bpf_ctx_init+0xb1/0x1b0
[  312.667256][T12858]  bpf_prog_test_run_nf+0x3e8/0xbc0
[  312.667284][T12858]  ? __pfx_lock_release+0x10/0x10
[  312.667323][T12858]  ? __pfx_bpf_prog_test_run_nf+0x10/0x10
[  312.667349][T12858]  ? __fget_files+0x2a/0x410
[  312.667384][T12858]  ? __fget_files+0x395/0x410
[  312.667413][T12858]  ? __fget_files+0x2a/0x410
[  312.667448][T12858]  ? fput+0x21b/0x290
[  312.667484][T12858]  ? __pfx_bpf_prog_test_run_nf+0x10/0x10
[  312.667509][T12858]  bpf_prog_test_run+0x2e4/0x360
[  312.667546][T12858]  __sys_bpf+0x487/0x820
[  312.667577][T12858]  ? __pfx___sys_bpf+0x10/0x10
[  312.667620][T12858]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  312.667654][T12858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  312.667686][T12858]  ? do_syscall_64+0x100/0x230
[  312.667721][T12858]  __x64_sys_bpf+0x7c/0x90
[  312.667748][T12858]  do_syscall_64+0xf3/0x230
[  312.667779][T12858]  ? clear_bhb_loop+0x35/0x90
[  312.667812][T12858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.667841][T12858] RIP: 0033:0x7f9b69f8d169
[  312.667860][T12858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.667877][T12858] RSP: 002b:00007f9b6ad27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  312.667900][T12858] RAX: ffffffffffffffda RBX: 00007f9b6a1a5fa0 RCX: 00007f9b69f8d169
[  312.667925][T12858] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  312.667937][T12858] RBP: 00007f9b6ad27090 R08: 0000000000000000 R09: 0000000000000000
[  312.667950][T12858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.667961][T12858] R13: 0000000000000000 R14: 00007f9b6a1a5fa0 R15: 00007ffe26672b18
[  312.667991][T12858]  </TASK>
[  313.342075][T12873] FAULT_INJECTION: forcing a failure.
[  313.342075][T12873] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.373266][T12871] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1921'.
[  313.386699][T12873] CPU: 1 UID: 0 PID: 12873 Comm: syz.1.1922 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  313.386731][T12873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  313.386744][T12873] Call Trace:
[  313.386751][T12873]  <TASK>
[  313.386759][T12873]  dump_stack_lvl+0x241/0x360
[  313.386791][T12873]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.386815][T12873]  ? __pfx__printk+0x10/0x10
[  313.386839][T12873]  ? __pfx_lock_release+0x10/0x10
[  313.386881][T12873]  should_fail_ex+0x40a/0x550
[  313.386919][T12873]  _copy_from_user+0x2d/0xb0
[  313.386949][T12873]  sctp_getsockopt_pr_assocstatus+0xd2/0x850
[  313.386983][T12873]  ? __local_bh_enable_ip+0x168/0x200
[  313.387007][T12873]  ? lockdep_hardirqs_on+0x99/0x150
[  313.387038][T12873]  ? __local_bh_enable_ip+0x168/0x200
[  313.387063][T12873]  ? __pfx_sctp_getsockopt_pr_assocstatus+0x10/0x10
[  313.387094][T12873]  ? sctp_getsockopt+0x13a/0xbb0
[  313.387129][T12873]  sctp_getsockopt+0x9d1/0xbb0
[  313.387148][T12873]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  313.387193][T12873]  do_sock_getsockopt+0x38e/0x740
[  313.387226][T12873]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  313.387248][T12873]  ? __fget_files+0x2a/0x410
[  313.387281][T12873]  ? __fget_files+0x395/0x410
[  313.387310][T12873]  ? __fget_files+0x2a/0x410
[  313.387350][T12873]  __x64_sys_getsockopt+0x2a1/0x370
[  313.387384][T12873]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  313.387412][T12873]  ? do_syscall_64+0x100/0x230
[  313.387446][T12873]  ? do_syscall_64+0xb6/0x230
[  313.387481][T12873]  do_syscall_64+0xf3/0x230
[  313.387511][T12873]  ? clear_bhb_loop+0x35/0x90
[  313.387545][T12873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.387572][T12873] RIP: 0033:0x7f0ca4b8d169
[  313.387591][T12873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.387608][T12873] RSP: 002b:00007f0ca5a5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  313.387630][T12873] RAX: ffffffffffffffda RBX: 00007f0ca4da6080 RCX: 00007f0ca4b8d169
[  313.387645][T12873] RDX: 0000000000000073 RSI: 0000000000000084 RDI: 0000000000000003
[  313.387658][T12873] RBP: 00007f0ca5a5c090 R08: 0000200000000480 R09: 0000000000000000
[  313.387672][T12873] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  313.387684][T12873] R13: 0000000000000000 R14: 00007f0ca4da6080 R15: 00007ffccd725328
[  313.387715][T12873]  </TASK>
[  313.793125][T12882] FAULT_INJECTION: forcing a failure.
[  313.793125][T12882] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.836936][T12882] CPU: 1 UID: 0 PID: 12882 Comm: syz.3.1926 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  313.836969][T12882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  313.836983][T12882] Call Trace:
[  313.836991][T12882]  <TASK>
[  313.837000][T12882]  dump_stack_lvl+0x241/0x360
[  313.837033][T12882]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.837056][T12882]  ? __pfx__printk+0x10/0x10
[  313.837081][T12882]  ? __pfx_lock_release+0x10/0x10
[  313.837114][T12882]  ? rcu_is_watching+0x15/0xb0
[  313.837158][T12882]  should_fail_ex+0x40a/0x550
[  313.837198][T12882]  _copy_from_user+0x2d/0xb0
[  313.837229][T12882]  ax25_ioctl+0xbe1/0x1d60
[  313.837257][T12882]  ? mark_lock+0x9a/0x360
[  313.837278][T12882]  ? __pfx_ax25_ioctl+0x10/0x10
[  313.837340][T12882]  ? tomoyo_path_number_perm+0x209/0x770
[  313.837374][T12882]  ? __pfx_lock_release+0x10/0x10
[  313.837416][T12882]  ? tomoyo_path_number_perm+0x5dd/0x770
[  313.837451][T12882]  ? tomoyo_path_number_perm+0x5dd/0x770
[  313.837485][T12882]  ? tomoyo_path_number_perm+0x65d/0x770
[  313.837515][T12882]  ? __lock_acquire+0x1397/0x2100
[  313.837559][T12882]  sock_do_ioctl+0x158/0x460
[  313.837596][T12882]  ? __pfx_sock_do_ioctl+0x10/0x10
[  313.837646][T12882]  sock_ioctl+0x626/0x8e0
[  313.837678][T12882]  ? __pfx_sock_ioctl+0x10/0x10
[  313.837708][T12882]  ? __fget_files+0x2a/0x410
[  313.837743][T12882]  ? __fget_files+0x2a/0x410
[  313.837779][T12882]  ? __pfx_sock_ioctl+0x10/0x10
[  313.837811][T12882]  __se_sys_ioctl+0xf5/0x170
[  313.837838][T12882]  do_syscall_64+0xf3/0x230
[  313.837870][T12882]  ? clear_bhb_loop+0x35/0x90
[  313.837904][T12882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.837938][T12882] RIP: 0033:0x7fdf0cb8d169
[  313.837957][T12882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.837976][T12882] RSP: 002b:00007fdf0d91a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  313.837998][T12882] RAX: ffffffffffffffda RBX: 00007fdf0cda5fa0 RCX: 00007fdf0cb8d169
[  313.838013][T12882] RDX: 0000200000010b80 RSI: 00000000000089ea RDI: 0000000000000004
[  313.838026][T12882] RBP: 00007fdf0d91a090 R08: 0000000000000000 R09: 0000000000000000
[  313.838039][T12882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.838051][T12882] R13: 0000000000000000 R14: 00007fdf0cda5fa0 R15: 00007ffc1dc149d8
[  313.838083][T12882]  </TASK>
[  314.319387][T12897] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1930'.
[  314.662942][T12912] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1937'.
[  314.699124][T12912] RDS: rds_bind could not find a transport for fe88::5, load rds_tcp or rds_rdma?
[  314.739513][T12915] lo speed is unknown, defaulting to 1000
[  314.819312][T12924] FAULT_INJECTION: forcing a failure.
[  314.819312][T12924] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.870743][T12924] CPU: 0 UID: 0 PID: 12924 Comm: syz.0.1941 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  314.870775][T12924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  314.870788][T12924] Call Trace:
[  314.870796][T12924]  <TASK>
[  314.870805][T12924]  dump_stack_lvl+0x241/0x360
[  314.870837][T12924]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.870861][T12924]  ? __pfx__printk+0x10/0x10
[  314.870886][T12924]  ? __pfx_lock_release+0x10/0x10
[  314.870918][T12924]  ? rcu_is_watching+0x15/0xb0
[  314.870949][T12924]  should_fail_ex+0x40a/0x550
[  314.870996][T12924]  _copy_from_user+0x2d/0xb0
[  314.871027][T12924]  ax25_ioctl+0xbe1/0x1d60
[  314.871055][T12924]  ? mark_lock+0x9a/0x360
[  314.871076][T12924]  ? __pfx_ax25_ioctl+0x10/0x10
[  314.871113][T12924]  ? tomoyo_path_number_perm+0x209/0x770
[  314.871146][T12924]  ? __pfx_lock_release+0x10/0x10
[  314.871184][T12924]  ? tomoyo_path_number_perm+0x5dd/0x770
[  314.871218][T12924]  ? tomoyo_path_number_perm+0x5dd/0x770
[  314.871254][T12924]  ? tomoyo_path_number_perm+0x65d/0x770
[  314.871284][T12924]  ? __lock_acquire+0x1397/0x2100
[  314.871330][T12924]  sock_do_ioctl+0x158/0x460
[  314.871369][T12924]  ? __pfx_sock_do_ioctl+0x10/0x10
[  314.871427][T12924]  sock_ioctl+0x626/0x8e0
[  314.871460][T12924]  ? __pfx_sock_ioctl+0x10/0x10
[  314.871491][T12924]  ? __fget_files+0x2a/0x410
[  314.871526][T12924]  ? __fget_files+0x2a/0x410
[  314.871563][T12924]  ? __pfx_sock_ioctl+0x10/0x10
[  314.871594][T12924]  __se_sys_ioctl+0xf5/0x170
[  314.871621][T12924]  do_syscall_64+0xf3/0x230
[  314.871654][T12924]  ? clear_bhb_loop+0x35/0x90
[  314.871693][T12924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.871722][T12924] RIP: 0033:0x7f9b69f8d169
[  314.871741][T12924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.871759][T12924] RSP: 002b:00007f9b6ad27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  314.871782][T12924] RAX: ffffffffffffffda RBX: 00007f9b6a1a5fa0 RCX: 00007f9b69f8d169
[  314.871797][T12924] RDX: 0000200000010b80 RSI: 00000000000089ea RDI: 0000000000000004
[  314.871810][T12924] RBP: 00007f9b6ad27090 R08: 0000000000000000 R09: 0000000000000000
[  314.871823][T12924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.871835][T12924] R13: 0000000000000000 R14: 00007f9b6a1a5fa0 R15: 00007ffe26672b18
[  314.871868][T12924]  </TASK>
[  315.154054][T12929] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1943'.
[  315.580379][T12940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1944'.
[  315.637206][T12941] xt_addrtype: ipv6 does not support BROADCAST matching
[  315.669381][T12940] netlink: 'syz.0.1944': attribute type 21 has an invalid length.
[  315.991695][T12950] netlink: 'syz.1.1949': attribute type 32 has an invalid length.
[  316.021290][T12950] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1949'.
[  316.056510][T12950] (unnamed net_device) (uninitialized): option coupled_control: invalid value (192)
[  316.091630][T12910] lo speed is unknown, defaulting to 1000
[  316.138306][T12955] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  316.167764][T12957] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  316.474254][T12965] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1955'.
[  316.515016][T12965] netlink: 'syz.4.1955': attribute type 7 has an invalid length.
[  316.557014][T12967] xt_NFQUEUE: number of total queues is 0
[  316.685055][T12969] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1955'.
[  316.715480][T12957] lo speed is unknown, defaulting to 1000
[  317.057326][T12960] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1951'.
[  317.321976][T12990] lo speed is unknown, defaulting to 1000
[  317.480066][T12995] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  317.745735][T13000] netlink: 'syz.3.1965': attribute type 5 has an invalid length.
[  317.825561][T13005] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms
[  317.869777][T13005] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  317.889519][T13010] xt_NFQUEUE: number of total queues is 0
[  318.160372][T13016] x_tables: duplicate underflow at hook 3
[  318.515014][T13037] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1973'.
[  319.034701][T13052] xt_NFQUEUE: number of total queues is 0
[  319.360976][T13072] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  319.499237][T13074] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  319.650938][T13092] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1992'.
[  319.858489][T13101] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.964104][T13103] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1996'.
[  319.979564][T13101] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.082121][T13101] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.180613][T13101] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.408099][T13101] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  320.471980][T13101] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  320.503523][T13101] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  320.559834][T13101] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.310393][T13160] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2013'.
[  321.326750][T13154] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2014'.
[  321.366858][T13154] nbd: must specify at least one socket
[  321.844359][T13180] xt_NFQUEUE: number of total queues is 0
[  321.976972][T13184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2021'.
[  322.213920][T13188] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  322.781932][T13200] lo speed is unknown, defaulting to 1000
[  322.855151][T13188] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2022'.
[  322.882265][T13207] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2029'.
[  322.892498][T13207] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2029'.
[  322.908106][T13207] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2029'.
[  323.201257][T13219] xt_NFQUEUE: number of total queues is 0
[  323.333163][T13224] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  323.558565][T13233] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2038'.
[  323.753327][T13235] lo speed is unknown, defaulting to 1000
[  324.250975][T13252] ipt_REJECT: TCP_RESET invalid for non-tcp
[  324.355920][T13253] netlink: 'syz.3.2044': attribute type 10 has an invalid length.
[  324.460698][T13258] xt_NFQUEUE: number of total queues is 0
[  324.750660][T13269] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2050'.
[  325.131561][T13286] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2055'.
[  325.324843][T13295] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  325.366431][T13297] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2057'.
[  325.935133][T13313] lo speed is unknown, defaulting to 1000
[  325.937846][T13295] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2058'.
[  326.401775][T13334] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2067'.
[  326.729852][T13346] xt_NFQUEUE: number of total queues is 0
[  327.334664][T13360] delete_channel: no stack
[  327.496006][T13366] netlink: 'syz.1.2078': attribute type 1 has an invalid length.
[  327.541806][T13368] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  327.551641][T13373] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2081'.
[  327.588363][T13369] veth7: entered promiscuous mode
[  327.610883][T13374] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2081'.
[  327.759437][T13382] xt_NFQUEUE: number of total queues is 0
[  327.999312][T13389] netlink: ct family unspecified
[  328.045942][T13389] openvswitch: netlink: Actions may not be safe on all matching packets
[  328.123373][T13395] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2089'.
[  328.363924][T13406] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2093'.
[  328.392800][T13418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2097'.
[  331.052421][T13455] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  331.126665][T13453] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  331.218198][T13459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2112'.
[  331.255825][T13462] syz.4.2113: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  331.293032][T13462] CPU: 0 UID: 0 PID: 13462 Comm: syz.4.2113 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  331.293067][T13462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  331.293082][T13462] Call Trace:
[  331.293090][T13462]  <TASK>
[  331.293098][T13462]  dump_stack_lvl+0x241/0x360
[  331.293130][T13462]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.293153][T13462]  ? __pfx__printk+0x10/0x10
[  331.293180][T13462]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  331.293208][T13462]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  331.293240][T13462]  warn_alloc+0x278/0x410
[  331.293269][T13462]  ? __pfx_warn_alloc+0x10/0x10
[  331.293298][T13462]  ? hash_ip_create+0x801/0x1670
[  331.293328][T13462]  ? __get_vm_area_node+0x1c8/0x2d0
[  331.293359][T13462]  ? __get_vm_area_node+0x25c/0x2d0
[  331.293411][T13462]  __vmalloc_node_range_noprof+0x62f/0x1380
[  331.293460][T13462]  ? rcu_is_watching+0x15/0xb0
[  331.293493][T13462]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  331.293515][T13462]  ? rcu_is_watching+0x15/0xb0
[  331.293538][T13462]  ? trace_kmalloc+0x1f/0xd0
[  331.293563][T13462]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  331.293598][T13462]  ? __kvmalloc_node_noprof+0x72/0x190
[  331.293638][T13462]  __kvmalloc_node_noprof+0x142/0x190
[  331.293670][T13462]  ? hash_ip_create+0x801/0x1670
[  331.293701][T13462]  hash_ip_create+0x801/0x1670
[  331.293736][T13462]  ? __pfx_lock_acquire+0x10/0x10
[  331.293779][T13462]  ? __pfx_hash_ip_create+0x10/0x10
[  331.293817][T13462]  ? __nla_parse+0x40/0x60
[  331.293841][T13462]  ? __pfx_hash_ip_create+0x10/0x10
[  331.293874][T13462]  ip_set_create+0xa78/0x1960
[  331.293903][T13462]  ? ip_set_create+0x48a/0x1960
[  331.293934][T13462]  ? __pfx_ip_set_create+0x10/0x10
[  331.293991][T13462]  ? nfnetlink_rcv_msg+0x225/0x1180
[  331.294025][T13462]  nfnetlink_rcv_msg+0xbec/0x1180
[  331.294052][T13462]  ? nfnetlink_rcv_msg+0x225/0x1180
[  331.294099][T13462]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  331.294152][T13462]  ? dev_hard_start_xmit+0x27a/0x7d0
[  331.294178][T13462]  ? __netlink_deliver_tap+0x561/0x7f0
[  331.294210][T13462]  ? netlink_deliver_tap+0x19d/0x1b0
[  331.294240][T13462]  ? netlink_unicast+0x7c4/0x990
[  331.294278][T13462]  ? __pfx___schedule+0x10/0x10
[  331.294314][T13462]  netlink_rcv_skb+0x206/0x480
[  331.294349][T13462]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  331.294378][T13462]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  331.294426][T13462]  ? apparmor_capable+0x13b/0x1b0
[  331.294462][T13462]  ? bpf_lsm_capable+0x9/0x10
[  331.294494][T13462]  ? security_capable+0x7e/0x2d0
[  331.294535][T13462]  nfnetlink_rcv+0x297/0x2ab0
[  331.294576][T13462]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  331.294620][T13462]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  331.294664][T13462]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  331.294692][T13462]  ? lockdep_hardirqs_on+0x99/0x150
[  331.294723][T13462]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  331.294746][T13462]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  331.294774][T13462]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  331.294814][T13462]  ? rcu_preempt_deferred_qs_irqrestore+0x8c4/0xca0
[  331.294866][T13462]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  331.294898][T13462]  ? __skb_clone+0x5c/0x6c0
[  331.294932][T13462]  ? rcu_is_watching+0x15/0xb0
[  331.294957][T13462]  ? rcu_read_unlock_special+0x497/0x570
[  331.294988][T13462]  ? netlink_deliver_tap+0x2e/0x1b0
[  331.295018][T13462]  ? skb_clone+0x240/0x390
[  331.295044][T13462]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  331.295079][T13462]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  331.295125][T13462]  ? __rcu_read_unlock+0xa1/0x110
[  331.295159][T13462]  netlink_unicast+0x7f6/0x990
[  331.295200][T13462]  ? __pfx_netlink_unicast+0x10/0x10
[  331.295228][T13462]  ? __virt_addr_valid+0x45f/0x530
[  331.295249][T13462]  ? __phys_addr_symbol+0x2f/0x70
[  331.295269][T13462]  ? __check_object_size+0x47a/0x730
[  331.295304][T13462]  netlink_sendmsg+0x8de/0xcb0
[  331.295338][T13462]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.295365][T13462]  ? aa_sock_msg_perm+0x91/0x160
[  331.295404][T13462]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.295423][T13462]  __sock_sendmsg+0x221/0x270
[  331.295466][T13462]  ____sys_sendmsg+0x53a/0x860
[  331.295502][T13462]  ? __pfx_____sys_sendmsg+0x10/0x10
[  331.295527][T13462]  ? __fget_files+0x2a/0x410
[  331.295562][T13462]  ? __fget_files+0x2a/0x410
[  331.295611][T13462]  __sys_sendmsg+0x269/0x350
[  331.295644][T13462]  ? __pfx___sys_sendmsg+0x10/0x10
[  331.295689][T13462]  ? bpf_raw_tracepoint_open+0x18b/0x1f0
[  331.295755][T13462]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  331.295798][T13462]  ? do_syscall_64+0x100/0x230
[  331.295840][T13462]  ? do_syscall_64+0xb6/0x230
[  331.295875][T13462]  do_syscall_64+0xf3/0x230
[  331.295906][T13462]  ? clear_bhb_loop+0x35/0x90
[  331.295939][T13462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.295967][T13462] RIP: 0033:0x7f2c97b8d169
[  331.295986][T13462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.296005][T13462] RSP: 002b:00007f2c98953038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.296027][T13462] RAX: ffffffffffffffda RBX: 00007f2c97da6080 RCX: 00007f2c97b8d169
[  331.296043][T13462] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000006
[  331.296056][T13462] RBP: 00007f2c97c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  331.296068][T13462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  331.296081][T13462] R13: 0000000000000000 R14: 00007f2c97da6080 R15: 00007ffcfeb416f8
[  331.296115][T13462]  </TASK>
[  331.867322][T13462] Mem-Info:
[  331.870512][T13462] active_anon:9410 inactive_anon:0 isolated_anon:0
[  331.870512][T13462]  active_file:1804 inactive_file:38406 isolated_file:0
[  331.870512][T13462]  unevictable:768 dirty:224 writeback:0
[  331.870512][T13462]  slab_reclaimable:12556 slab_unreclaimable:113248
[  331.870512][T13462]  mapped:28760 shmem:1448 pagetables:813
[  331.870512][T13462]  sec_pagetables:0 bounce:0
[  331.870512][T13462]  kernel_misc_reclaimable:0
[  331.870512][T13462]  free:1322668 free_pcp:292 free_cma:0
[  332.007159][T13472] lo speed is unknown, defaulting to 1000
[  332.063227][T13475] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  332.085878][T13462] Node 0 active_anon:37440kB inactive_anon:0kB active_file:7216kB inactive_file:153548kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115040kB dirty:896kB writeback:0kB shmem:4156kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11352kB pagetables:3148kB sec_pagetables:0kB all_unreclaimable? no
[  332.285292][T13462] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  332.336479][T13462] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  332.364529][T13462] lowmem_reserve[]: 0 2489 2490 2490 2490
[  332.370595][T13462] Node 0 DMA32 free:1346076kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:49820kB inactive_anon:0kB active_file:7216kB inactive_file:153220kB unevictable:5336kB writepending:940kB present:3129332kB managed:2549692kB mlocked:3800kB bounce:0kB free_pcp:5772kB local_pcp:4572kB free_cma:0kB
[  332.372932][T13477] sit0: left promiscuous mode
[  332.434193][T13462] lowmem_reserve[]: 0 0 0 0 0
[  332.449776][T13462] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  332.480249][T13483] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  332.489820][T13462] lowmem_reserve[]: 0 0 0 0 0
[  332.494731][T13462] Node 1 Normal free:3907832kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  332.546929][T13483] vlan2: entered promiscuous mode
[  332.552250][T13483] vlan2: entered allmulticast mode
[  332.577011][T13462] lowmem_reserve[]: 0 0 0 0 0
[  332.581989][T13483] hsr_slave_1: entered allmulticast mode
[  332.590129][T13462] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  332.616510][T13462] Node 0 DMA32: 549*4kB (UME) 30*8kB (UE) 113*16kB (UME) 231*32kB (UE) 570*64kB (UE) 177*128kB (UM) 44*256kB (UM) 2*512kB (UM) 28*1024kB (UM) 25*2048kB (UME) 286*4096kB (UM) = 1334388kB
[  332.675484][T13462] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  332.700474][T13462] Node 1 Normal: 226*4kB (UE) 50*8kB (UME) 52*16kB (UME) 215*32kB (UME) 99*64kB (UME) 28*128kB (UME) 15*256kB (UM) 8*512kB (UME) 6*1024kB (UME) 4*2048kB (UE) 944*4096kB (M) = 3907832kB
[  332.723463][T13462] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  332.733220][T13475] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2116'.
[  332.841092][T13462] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  332.867989][T13462] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  332.902133][T13485] lo speed is unknown, defaulting to 1000
[  332.965379][T13462] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  333.005810][T13462] 41668 total pagecache pages
[  333.031289][T13462] 0 pages in swap cache
[  333.035510][T13462] Free swap  = 124996kB
[  333.061672][T13462] Total swap = 124996kB
[  333.078527][T13462] 2097051 pages RAM
[  333.092675][T13462] 0 pages HighMem/MovableOnly
[  333.112947][T13462] 427906 pages reserved
[  333.126302][T13462] 0 pages cma reserved
[  334.708400][T13539] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2134'.
[  334.845521][T13541] syzkaller0: entered promiscuous mode
[  334.852280][T13541] syzkaller0: entered allmulticast mode
[  334.952751][T13556] sctp: [Deprecated]: syz.3.2139 (pid 13556) Use of struct sctp_assoc_value in delayed_ack socket option.
[  334.952751][T13556] Use struct sctp_sack_info instead
[  335.007333][T13559] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2137'.
[  335.030544][T13559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2137'.
[  335.040897][T13559] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2137'.
[  335.051729][T13559] netlink: 'syz.2.2137': attribute type 1 has an invalid length.
[  335.060218][T13559] nbd: error processing sock list
[  335.076375][T13560] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2140'.
[  335.304703][T13571] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  337.261059][T13572] lo speed is unknown, defaulting to 1000
[  337.285192][T13571] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2144'.
[  337.500665][T13586] xt_hashlimit: max too large, truncated to 1048576
[  337.514552][T13586] No such timeout policy "syz1"
[  337.571883][T13576] lo speed is unknown, defaulting to 1000
[  337.784241][T13597] netlink: 800 bytes leftover after parsing attributes in process `syz.4.2150'.
[  337.886044][T13582] lo speed is unknown, defaulting to 1000
[  338.067490][T13587] lo speed is unknown, defaulting to 1000
[  338.400286][T13609] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  338.685088][T13621] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2157'.
[  339.075688][T13633] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2161'.
[  339.549658][T13648] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  340.004982][T13668] vlan0: entered promiscuous mode
[  340.053955][T13675] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2174'.
[  340.309906][T13688] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2177'.
[  340.728118][T13708] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2185'.
[  340.788846][T13710] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  340.906093][T13719] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2186'.
[  341.035140][T13724] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check.
[  341.052435][T13724] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  341.215508][T13726] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2190'.
[  341.234284][T13734] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2192'.
[  341.550146][T13753] xt_NFQUEUE: number of total queues is 0
[  341.576772][T13754] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  341.830713][T13767] ax25_connect(): syz.4.2200 uses autobind, please contact jreuter@yaina.de
[  342.161013][T13780] netlink: zone id is out of range
[  342.173377][T13780] netlink: zone id is out of range
[  342.186672][T13780] netlink: zone id is out of range
[  342.228566][T13780] netlink: zone id is out of range
[  342.274430][T13780] netlink: zone id is out of range
[  342.296989][T13780] netlink: zone id is out of range
[  342.302450][T13780] netlink: zone id is out of range
[  342.606330][T13756] ------------[ cut here ]------------
[  342.612365][T13756] refcount_t: decrement hit 0; leaking memory.
[  342.668117][T13756] WARNING: CPU: 1 PID: 13756 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0
[  342.678176][T13756] Modules linked in:
[  342.682130][T13756] CPU: 1 UID: 0 PID: 13756 Comm: syz.4.2200 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  342.693407][T13756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  342.704779][T13756] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  342.711010][T13756] Code: b2 00 00 00 e8 d7 2e cc fc 5b 5d c3 cc cc cc cc e8 cb 2e cc fc c6 05 38 7b 31 0b 01 90 48 c7 c7 80 b5 80 8c e8 87 e9 8b fc 90 <0f> 0b 90 90 eb d9 e8 ab 2e cc fc c6 05 15 7b 31 0b 01 90 48 c7 c7
[  342.730753][T13756] RSP: 0018:ffffc90002f77b68 EFLAGS: 00010246
[  342.737840][T13756] RAX: 14f219b5f1d21a00 RBX: ffff88807c34464c RCX: ffff88802ade5a00
[  342.745859][T13756] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  342.753968][T13756] RBP: 0000000000000004 R08: ffffffff8181ae52 R09: fffffbfff1d3a69c
[  342.762033][T13756] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: ffff88807c344608
[  342.770209][T13756] R13: 0000000000000000 R14: ffff88807c34464c R15: dffffc0000000000
[  342.778604][T13756] FS:  0000555586afe500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  342.787722][T13756] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  342.794346][T13756] CR2: 0000200000e6d000 CR3: 0000000024772000 CR4: 00000000003526f0
[  342.802425][T13756] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  342.810520][T13756] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  342.818608][T13756] Call Trace:
[  342.821918][T13756]  <TASK>
[  342.824917][T13756]  ? __warn+0x165/0x4d0
[  342.829183][T13756]  ? refcount_warn_saturate+0xfa/0x1d0
[  342.834702][T13756]  ? report_bug+0x2b3/0x500
[  342.839294][T13756]  ? refcount_warn_saturate+0xfa/0x1d0
[  342.844814][T13756]  ? handle_bug+0x60/0x90
[  342.849269][T13756]  ? exc_invalid_op+0x1a/0x50
[  342.853991][T13756]  ? asm_exc_invalid_op+0x1a/0x20
[  342.859123][T13756]  ? __warn_printk+0x292/0x360
[  342.863929][T13756]  ? refcount_warn_saturate+0xfa/0x1d0
[  342.869501][T13756]  ? refcount_warn_saturate+0xf9/0x1d0
[  342.875009][T13756]  ref_tracker_free+0x6af/0x7e0
[  342.880166][T13756]  ? __pfx_ref_tracker_free+0x10/0x10
[  342.885632][T13756]  ? ax25_destroy_socket+0x551/0x5c0
[  342.891037][T13756]  ax25_release+0x368/0x960
[  342.895605][T13756]  sock_close+0xbc/0x240
[  342.899931][T13756]  ? __pfx_sock_close+0x10/0x10
[  342.904834][T13756]  __fput+0x3e9/0x9f0
[  342.908935][T13756]  task_work_run+0x24f/0x310
[  342.913571][T13756]  ? _raw_spin_unlock+0x28/0x50
[  342.918547][T13756]  ? __pfx_task_work_run+0x10/0x10
[  342.923704][T13756]  ? syscall_exit_to_user_mode+0xa3/0x340
[  342.929556][T13756]  syscall_exit_to_user_mode+0x13f/0x340
[  342.935252][T13756]  do_syscall_64+0x100/0x230
[  342.939967][T13756]  ? clear_bhb_loop+0x35/0x90
[  342.944701][T13756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.950784][T13756] RIP: 0033:0x7f2c97b8d169
[  342.955264][T13756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.975046][T13756] RSP: 002b:00007ffcfeb41858 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  342.987314][T13756] RAX: 0000000000000000 RBX: 00007f2c97da7ba0 RCX: 00007f2c97b8d169
[  342.995361][T13756] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  343.003711][T13756] RBP: 00007f2c97da7ba0 R08: 0000000000000284 R09: 0000001dfeb41b4f
[  343.011841][T13756] R10: 00007f2c97da7ac0 R11: 0000000000000246 R12: 00000000000539cb
[  343.019932][T13756] R13: 00007f2c97da6160 R14: ffffffffffffffff R15: 00007ffcfeb41970
[  343.028157][T13756]  </TASK>
[  343.031233][T13756] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  343.038548][T13756] CPU: 1 UID: 0 PID: 13756 Comm: syz.4.2200 Not tainted 6.14.0-rc7-syzkaller-01433-g6bb0dcb3d321 #0
[  343.049352][T13756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  343.059450][T13756] Call Trace:
[  343.062770][T13756]  <TASK>
[  343.065741][T13756]  dump_stack_lvl+0x241/0x360
[  343.070557][T13756]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.075807][T13756]  ? __pfx__printk+0x10/0x10
[  343.080434][T13756]  ? _printk+0xd5/0x120
[  343.084631][T13756]  ? __init_begin+0x41000/0x41000
[  343.089709][T13756]  ? vscnprintf+0x5d/0x90
[  343.094103][T13756]  panic+0x349/0x880
[  343.098040][T13756]  ? __warn+0x174/0x4d0
[  343.102211][T13756]  ? __pfx_panic+0x10/0x10
[  343.106654][T13756]  __warn+0x344/0x4d0
[  343.110643][T13756]  ? refcount_warn_saturate+0xfa/0x1d0
[  343.116203][T13756]  report_bug+0x2b3/0x500
[  343.120603][T13756]  ? refcount_warn_saturate+0xfa/0x1d0
[  343.126098][T13756]  handle_bug+0x60/0x90
[  343.130373][T13756]  exc_invalid_op+0x1a/0x50
[  343.134896][T13756]  asm_exc_invalid_op+0x1a/0x20
[  343.139769][T13756] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  343.145869][T13756] Code: b2 00 00 00 e8 d7 2e cc fc 5b 5d c3 cc cc cc cc e8 cb 2e cc fc c6 05 38 7b 31 0b 01 90 48 c7 c7 80 b5 80 8c e8 87 e9 8b fc 90 <0f> 0b 90 90 eb d9 e8 ab 2e cc fc c6 05 15 7b 31 0b 01 90 48 c7 c7
[  343.165504][T13756] RSP: 0018:ffffc90002f77b68 EFLAGS: 00010246
[  343.171589][T13756] RAX: 14f219b5f1d21a00 RBX: ffff88807c34464c RCX: ffff88802ade5a00
[  343.179570][T13756] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  343.187550][T13756] RBP: 0000000000000004 R08: ffffffff8181ae52 R09: fffffbfff1d3a69c
[  343.195529][T13756] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: ffff88807c344608
[  343.203509][T13756] R13: 0000000000000000 R14: ffff88807c34464c R15: dffffc0000000000
[  343.211513][T13756]  ? __warn_printk+0x292/0x360
[  343.216310][T13756]  ? refcount_warn_saturate+0xf9/0x1d0
[  343.221801][T13756]  ref_tracker_free+0x6af/0x7e0
[  343.226668][T13756]  ? __pfx_ref_tracker_free+0x10/0x10
[  343.232062][T13756]  ? ax25_destroy_socket+0x551/0x5c0
[  343.237361][T13756]  ax25_release+0x368/0x960
[  343.241880][T13756]  sock_close+0xbc/0x240
[  343.246143][T13756]  ? __pfx_sock_close+0x10/0x10
[  343.251021][T13756]  __fput+0x3e9/0x9f0
[  343.255031][T13756]  task_work_run+0x24f/0x310
[  343.259647][T13756]  ? _raw_spin_unlock+0x28/0x50
[  343.264511][T13756]  ? __pfx_task_work_run+0x10/0x10
[  343.269810][T13756]  ? syscall_exit_to_user_mode+0xa3/0x340
[  343.275548][T13756]  syscall_exit_to_user_mode+0x13f/0x340
[  343.281200][T13756]  do_syscall_64+0x100/0x230
[  343.285900][T13756]  ? clear_bhb_loop+0x35/0x90
[  343.290944][T13756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.296860][T13756] RIP: 0033:0x7f2c97b8d169
[  343.301322][T13756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.320940][T13756] RSP: 002b:00007ffcfeb41858 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  343.329372][T13756] RAX: 0000000000000000 RBX: 00007f2c97da7ba0 RCX: 00007f2c97b8d169
[  343.337355][T13756] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  343.345333][T13756] RBP: 00007f2c97da7ba0 R08: 0000000000000284 R09: 0000001dfeb41b4f
[  343.353310][T13756] R10: 00007f2c97da7ac0 R11: 0000000000000246 R12: 00000000000539cb
[  343.361298][T13756] R13: 00007f2c97da6160 R14: ffffffffffffffff R15: 00007ffcfeb41970
[  343.369294][T13756]  </TASK>
[  343.372598][T13756] Kernel Offset: disabled
[  343.376975][T13756] Rebooting in 86400 seconds..