last executing test programs:

39.841228643s ago: executing program 4 (id=1220):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}]}, 0x50}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000600)=@newtaction={0x94, 0x30, 0x1, 0x0, 0x0, {}, [{0x80, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x2}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x10040}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}}, 0x4000)
r3 = socket$unix(0x1, 0x1, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="0448a599dc4c", @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x4, 0x1c, 0x66, 0x0, 0x7, 0x2, 0x0, @private=0xa010102, @local}, {0x12, 0x1, 0x0, @multicast1}}}}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000280)={'syztnl1\x00', <r4=>0x0, 0x8000, 0x7800, 0x5, 0x4, {{0xb, 0x4, 0x3, 0x27, 0x2c, 0x64, 0x0, 0x8, 0x0, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_addr={0x44, 0x14, 0xac, 0x1, 0xe, [{@loopback, 0x2}, {@remote, 0x9}]}, @noop]}}}}})
sendmsg$nl_route_sched(r1, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@delqdisc={0x34, 0x25, 0x200, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x9, 0x8}, {0xc, 0xffe0}, {0xfff2, 0xfff9}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008852}, 0x1)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r1, 0x89f4, &(0x7f0000000140)={'sit0\x00', &(0x7f0000000040)={@dev={0xac, 0x14, 0x14, 0x34}, 0x0, 0x0, 0x10, 0x0, [{@private}]}})
r6 = openat$cgroup_subtree(r5, &(0x7f0000000200), 0x2, 0x0)
sendfile(r6, r6, &(0x7f0000000440)=0x80009400, 0x10000)
r7 = socket$nl_generic(0x11, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010918"], &(0x7f00000002c0)=""/7, 0x33, 0x7, 0x1}, 0x20)
sendmsg(r7, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'veth0_to_batadv\x00', <r8=>0x0})
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002780)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="dd", 0x1}], 0x1}}], 0x1, 0x24004c41)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r9)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r10, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r11, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x40, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xffff, 0xf}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0x10, 0x2, [@TCA_FLOWER_KEY_ETH_DST={0xa, 0x4, @remote}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x80)

39.61053249s ago: executing program 4 (id=1224):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0}) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, &(0x7f0000000280)="ca", &(0x7f0000000000)=""/3, 0x2}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000980)={r2, &(0x7f0000000800)="468ea009", 0x0}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x470bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0xc}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000016}, 0x2000400c)

39.278016427s ago: executing program 4 (id=1232):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r7}]}, 0x20}}, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LINK={0x8, 0x1, r7}]}}}]}, 0x6c}}, 0x0)
bind$packet(r0, &(0x7f00000000c0)={0x11, 0x18, r2, 0x1, 0x81}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, '\x00', r2, @fallback=0xf}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@getrule={0x14, 0x22, 0x400, 0x70bd25, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="98000000100001002abd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a009000000000000140003006e657464657673696d3000000000000008002800babc00005c0016805800018054000c80"], 0x98}, 0x1, 0x0, 0x0, 0x24040854}, 0x40000)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r9, &(0x7f00000001c0), 0x10)
close(0x3)
socket$netlink(0x10, 0x3, 0xaea3fa37f004e5fb)

38.280533858s ago: executing program 4 (id=1242):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000001080)=0x8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xe, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x508d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000380)={'dummy0\x00', 0x400})
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f0000000040)={0x0, 0x0})
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x1a0, 0x18, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFTA_FLOWTABLE_HOOK={0x178, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x52570463}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ipvlan1\x00'}, {0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_virt_wifi\x00'}, {0x14, 0x1, 'veth0\x00'}, {0x14, 0x1, 'veth1_macvtap\x00'}, {0x14, 0x1, 'geneve0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_hsr\x00'}, {0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'dvmrp0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'macvtap0\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'syz_tun\x00'}, {0x14, 0x1, 'tunl0\x00'}, {0x14, 0x1, 'pim6reg0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x60, 0x2, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0x13, 0x6, "1d4484ce78cd72ddd2ff745bc9345a"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x248}, 0x1, 0x0, 0x0, 0x8011}, 0x8080)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000500)={r1, 0x20, 0x30, 0x1, 0x4}, &(0x7f00000005c0)=0x18)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000100)={0x0, 'dummy0\x00', {0x2}, 0x94b6})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000000200)=ANY=[@ANYBLOB="340000001100010027bd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="c000000000140000140035"], 0x34}, 0x1, 0x0, 0x0, 0x40000100}, 0x40004)

37.988455052s ago: executing program 4 (id=1247):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendto$isdn(r0, &(0x7f0000000400)={0xfffffffd, 0xfffeffff, "de03ffc9417aeb842b087625335040be5b4995be0bc4576aee0ef732c6afbbb3bbd98867bedee6daaa2f55938b69c8c36c64044da8e868500aaf086dcf6f240b15fce77cc1629a166a884d20e692721ff9bff2f9be15104c88d072d59975e4ebdd4d206cc85384db6095b6d57c001af059f9442344bd05331f1e4a06452d78034a62ae31beaf84e42dfec83f4145eebb7844ee7b867ce298633328915ca0feb0abdc0b71f3687fb6caf5daa96d069dd714c3cfab9155d6ae0a6474d80e05fe001829bf3c9ccf08a47dbed4"}, 0xd3, 0x24000000, &(0x7f0000000080)={0x22, 0x4f, 0x40, 0x4}, 0x6)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x4c, r8, 0x1, 0x0, 0x25dfdbfb, {0x41}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x87}}]}, 0x4c}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

37.369249202s ago: executing program 4 (id=1257):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x42118, 0x42002}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x665}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x8}]}}}]}, 0x48}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c05000010000104000000000000008000000000", @ANYRES32=r5, @ANYBLOB="00000000001400001c00128009000100626f6e64000000000c0002800800030000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a030073797a320000000014000000110001"], 0x7c}}, 0x5)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004d00)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a010300000000000000000200000008000340000000000900010073797a30000000000c0006"], 0x5c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000400)=@name={0x1e, 0x2, 0x3, {{0x1, 0x3}, 0x3}}, 0x10)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r6, &(0x7f0000007a80)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x1, @local, 0x7}, 0x1c, &(0x7f0000000580)=[{&(0x7f00000000c0)="9fd80081c706955d795a54f80785cb8883483528bcb4d6d33226", 0x1a}, {&(0x7f0000000100)="2abd9b8ecdc8c1519f087ea4eb7143cfde8911fcd0b86338de93965f81687a4a8d18034d8fd4d9dbb406ed37854b3f8a7fa3747ef0484887b75236a888776f0de19fda35887ca4d1adb0b7ddc15920f2f507f9d5e773d2ae100a69d0d1ff1fbeb9c4feedec8cc78a26b1152be904964e0c1bd32f0eae59b8518ce4da4f4b674eeaeb6f75a3fe10af8230d82df1b73c6910d6d9c66a9a3b8097e3165322de55e2a9831ebfcca65d20491e027fef33257a3af30d2922a93c6b958923a7e502af38ac1a83046a52bb91f7210f4e575120a4c0bf235cc45fe8deba0e71951d285b8e30023b746adbaedf237057d40501", 0xee}, {&(0x7f0000000200)="91d20460160d0e68e18f9a23764023300cd8ab7d0ed2d83074a868823f586f69ed8c7403f2dfa1de5e5656f947de408c2144cf1cbd321d6b5a62ed8370d043d5327cf6ac3eeba91197ec60080cc9b9b527107d79a38a28b8e5d6754f438ac45a05081514688773122dbde5ff7be539ce7b9e95be1e3d9a906927819f17ff9e4c66ecf6350b1076ea2a556a4d182153c91fc2f5b74dd725f908142392110df5cd218f6461ea3e308443aa6709d425d53ccbafbc35ea4719666eaf40f5188d527cd065240466a269a944983b0eb12e80d41debf4aa83a250d0", 0xd8}, {&(0x7f0000000440)="60f66b493cc2ad2c9ce860c2418ad3e4b76b463ff0b2c82a27b7cb528f8b671fca9b3aa6da538bdf9ef5d3d1fcf1d59005461fc05b2f36d68ce677d6f73ecba87932a543896dd7495ce7a6188bd4b95414872a06185e397f0b5f02565f3972c6ba384f5f57291388d77aa28810567a0c8d5f6fafa9efd255f72e06f13f6f1046b501144e853eaa59b2a25f3eff8c17fcf2c931b581f593d5ddd5b9277b91d1a956424bc3c3e0776f4d", 0xa9}], 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180100000000000029000000360000002f20000000000000074800000003100272000600000000000000050000000000000000040000000000000900000000000000ff010000000000000500000000000000080000000000000008000000000000000608ba1856c7288e734ec910fc0100000000000000000000000000010502000940917cca5fb46da328c24b50df983eb324ac0270f35dc142dbf37128bd9961f9c95a5f9d04477a2936fcf1d8ef883ebc1277c410993c68dd1c269e80c199c0c91022c587ae1d0c7c9ed1e5e5d4a38b71fab48f1d17be2865bf60873b7f76f2ab96779f5d04dd2219228e880047a61673a7140b390f2afddbb9280d7eda7ceb741d9d8d66e2b5aa46cd47cdf0992a28bba1d3ed0401fe88020000000000002900000004000000892e000000000000010100c2040000003d009d05656cfb0821665151fadc8d75f7ca13d6d2f798a1034094da02f891860ecf085017f09ca1ac896a062792883d8ec0a6f8676cafed6bfdcecb9672616dbab606271a8b4b99ca11db486e88729b41398ff460ea487863336927750deb179bdf09d04f8cf33af9facb6b74607e3b024385beb3544ddd4a3c02f813da041c09a167ad8d73f1a82d51bacedbf19ff953be59470a41eb60dba645c35bb8074800000001100cf201f10d000000000000020000000000000006000000000000001d000000000000000300000000000000144e87153715a821580e00000000000006000000000000000758000000021400080008000000000000000700000000000000a507000000000000cdf6000000000000010000000100000002000000000000000800000000000000b29300000000000081000000000000001800000000000000c910ff010000000000000000000000000001c91000000000000000000000ffff000000000000b5b83372fa48ce828313c4ac9e9d61a9cd29ed11c554ec520d52e6639258436eb4915e7f06641b7888b278bda0ecf0941f125e0b675cb70917842a6310549beb726a2efee45408c043e093ba444b84dc8fb69ce221b7b1a3fb7fc52f6f542921649d3367c4a09bf5a51a1d0277e511b61fd318dd26ec95580b7e953ae8457ab1b67a5b041afeb4103afdd0e0b1e32f460be42969fc3dfab326b6957a681f88"], 0x2a0}}], 0x1, 0x20000000)
r7 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=<r11=>0x0)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r11], 0x1c}}, 0x0)
recvmmsg(r7, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000380)=""/185, 0xb9}], 0x1}, 0xb}], 0x1, 0x40012163, 0x0)
r12 = socket$inet6(0x10, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r12, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xffefffff}, {0x16}]}, 0x10)
sendto$inet6(r12, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x0, 0x0, 0x0)
shutdown(r12, 0x1)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000003c0)={&(0x7f0000000040), 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x50, 0x1, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x7}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x5}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1000}, @CTA_STATUS={0x8}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x80}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0xe8}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x60f1}, @CTA_STATUS_MASK={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x44)

22.299508799s ago: executing program 32 (id=1257):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x42118, 0x42002}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x665}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x8}]}}}]}, 0x48}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c05000010000104000000000000008000000000", @ANYRES32=r5, @ANYBLOB="00000000001400001c00128009000100626f6e64000000000c0002800800030000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a030073797a320000000014000000110001"], 0x7c}}, 0x5)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004d00)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a010300000000000000000200000008000340000000000900010073797a30000000000c0006"], 0x5c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000400)=@name={0x1e, 0x2, 0x3, {{0x1, 0x3}, 0x3}}, 0x10)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r6, &(0x7f0000007a80)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x1, @local, 0x7}, 0x1c, &(0x7f0000000580)=[{&(0x7f00000000c0)="9fd80081c706955d795a54f80785cb8883483528bcb4d6d33226", 0x1a}, {&(0x7f0000000100)="2abd9b8ecdc8c1519f087ea4eb7143cfde8911fcd0b86338de93965f81687a4a8d18034d8fd4d9dbb406ed37854b3f8a7fa3747ef0484887b75236a888776f0de19fda35887ca4d1adb0b7ddc15920f2f507f9d5e773d2ae100a69d0d1ff1fbeb9c4feedec8cc78a26b1152be904964e0c1bd32f0eae59b8518ce4da4f4b674eeaeb6f75a3fe10af8230d82df1b73c6910d6d9c66a9a3b8097e3165322de55e2a9831ebfcca65d20491e027fef33257a3af30d2922a93c6b958923a7e502af38ac1a83046a52bb91f7210f4e575120a4c0bf235cc45fe8deba0e71951d285b8e30023b746adbaedf237057d40501", 0xee}, {&(0x7f0000000200)="91d20460160d0e68e18f9a23764023300cd8ab7d0ed2d83074a868823f586f69ed8c7403f2dfa1de5e5656f947de408c2144cf1cbd321d6b5a62ed8370d043d5327cf6ac3eeba91197ec60080cc9b9b527107d79a38a28b8e5d6754f438ac45a05081514688773122dbde5ff7be539ce7b9e95be1e3d9a906927819f17ff9e4c66ecf6350b1076ea2a556a4d182153c91fc2f5b74dd725f908142392110df5cd218f6461ea3e308443aa6709d425d53ccbafbc35ea4719666eaf40f5188d527cd065240466a269a944983b0eb12e80d41debf4aa83a250d0", 0xd8}, {&(0x7f0000000440)="60f66b493cc2ad2c9ce860c2418ad3e4b76b463ff0b2c82a27b7cb528f8b671fca9b3aa6da538bdf9ef5d3d1fcf1d59005461fc05b2f36d68ce677d6f73ecba87932a543896dd7495ce7a6188bd4b95414872a06185e397f0b5f02565f3972c6ba384f5f57291388d77aa28810567a0c8d5f6fafa9efd255f72e06f13f6f1046b501144e853eaa59b2a25f3eff8c17fcf2c931b581f593d5ddd5b9277b91d1a956424bc3c3e0776f4d", 0xa9}], 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180100000000000029000000360000002f20000000000000074800000003100272000600000000000000050000000000000000040000000000000900000000000000ff010000000000000500000000000000080000000000000008000000000000000608ba1856c7288e734ec910fc0100000000000000000000000000010502000940917cca5fb46da328c24b50df983eb324ac0270f35dc142dbf37128bd9961f9c95a5f9d04477a2936fcf1d8ef883ebc1277c410993c68dd1c269e80c199c0c91022c587ae1d0c7c9ed1e5e5d4a38b71fab48f1d17be2865bf60873b7f76f2ab96779f5d04dd2219228e880047a61673a7140b390f2afddbb9280d7eda7ceb741d9d8d66e2b5aa46cd47cdf0992a28bba1d3ed0401fe88020000000000002900000004000000892e000000000000010100c2040000003d009d05656cfb0821665151fadc8d75f7ca13d6d2f798a1034094da02f891860ecf085017f09ca1ac896a062792883d8ec0a6f8676cafed6bfdcecb9672616dbab606271a8b4b99ca11db486e88729b41398ff460ea487863336927750deb179bdf09d04f8cf33af9facb6b74607e3b024385beb3544ddd4a3c02f813da041c09a167ad8d73f1a82d51bacedbf19ff953be59470a41eb60dba645c35bb8074800000001100cf201f10d000000000000020000000000000006000000000000001d000000000000000300000000000000144e87153715a821580e00000000000006000000000000000758000000021400080008000000000000000700000000000000a507000000000000cdf6000000000000010000000100000002000000000000000800000000000000b29300000000000081000000000000001800000000000000c910ff010000000000000000000000000001c91000000000000000000000ffff000000000000b5b83372fa48ce828313c4ac9e9d61a9cd29ed11c554ec520d52e6639258436eb4915e7f06641b7888b278bda0ecf0941f125e0b675cb70917842a6310549beb726a2efee45408c043e093ba444b84dc8fb69ce221b7b1a3fb7fc52f6f542921649d3367c4a09bf5a51a1d0277e511b61fd318dd26ec95580b7e953ae8457ab1b67a5b041afeb4103afdd0e0b1e32f460be42969fc3dfab326b6957a681f88"], 0x2a0}}], 0x1, 0x20000000)
r7 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=<r11=>0x0)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r11], 0x1c}}, 0x0)
recvmmsg(r7, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000380)=""/185, 0xb9}], 0x1}, 0xb}], 0x1, 0x40012163, 0x0)
r12 = socket$inet6(0x10, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r12, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xffefffff}, {0x16}]}, 0x10)
sendto$inet6(r12, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x0, 0x0, 0x0)
shutdown(r12, 0x1)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000003c0)={&(0x7f0000000040), 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x50, 0x1, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x7}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x5}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1000}, @CTA_STATUS={0x8}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x80}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0xe8}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x60f1}, @CTA_STATUS_MASK={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x44)

17.494650204s ago: executing program 1 (id=1548):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4], 0x0, [0x8, 0x4, 0x2, 0x2, 0x8, 0xfffe, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0xe]}}]}}]}, 0x8c}}, 0x8000)
r3 = socket(0x2a, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$sock_proto_private(r4, 0x89e9, &(0x7f0000000340)="e766d5e7a78419b45260ee6c88cb928472cc522f1114f09b40f4cd47bd755017da9993b46b52bd9955f6dc9725b7ab3552a13f9f6c245ebd487b70994932af141f941a922369eef202619f949c30a3df987253ffed66249b998f6a52d0ca07acd7528c4fc1130d8939397a62248ef4d8648fbab7731eb6c2ac88fce4ee920b48d996bb6e2d81f0028bd415225cf4124bd512824d9a3f4ffdf9b70b0277def01d6e49da01dc5a479fd72c364c161aa0cd")
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x7a}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
getsockopt$bt_hci(r4, 0x84, 0x74, 0x0, &(0x7f0000000000))
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x400448dd, &(0x7f0000000240)={0x0, 0xfffd, '\x00', 0x7b})
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r7 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f00000002c0), 0x4)
sendmsg$kcm(r7, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x300, 0x4}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000000)="27031c00160014000000002f1eafacf706e105000000894f00030001ee0b80558ddbba9b37242d29a50ed004484890af0755b798a0", 0x35}, {&(0x7f0000000480)="5d2cfa", 0x3}], 0x2}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000280)={0x0, 0x3, &(0x7f0000000240)={&(0x7f0000000100)={0x14, 0x1, 0xa, 0x201, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a01010000000000000000020000000900010073797a3100000000080002400000000120000000000a03000000000000000000070000000900010073a27a310000000028000000000a030000000000000000000200000008000240000000000900010073797a310000000014000000110001"], 0x98}}, 0x0)
recvmmsg(r5, &(0x7f00000058c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

17.381565858s ago: executing program 2 (id=1550):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2], 0x34}, 0x1, 0x0, 0x0, 0x20040000}, 0x80c0)

17.316868595s ago: executing program 1 (id=1551):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000405000300070000000900010073797a30000000000900020073797a32"], 0x84}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000dfc1ce02cb107e59000007"], 0x14}}, 0x0)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000100)=0x2, 0x4)

17.316145293s ago: executing program 2 (id=1552):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3b, &(0x7f0000000000)='/proc/sys/net/ipv4\x00\x00s/sync_\x00le\xf44.\xab%\xf8\xff\xff\xff\xff\xff\xff\xff?\x11\xc8\xdd\x15\xcc\xd2\xf1\xfb\'%\xa0\x00\x00\x00,'}, 0x30)
write$tun(r0, &(0x7f0000000000)=ANY=[], 0x38)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x9, 0x30, r0, 0xcbe64000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4d4881, 0x0)

17.153196217s ago: executing program 2 (id=1554):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x100}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x6}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0xfe93, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000001d00070f000000000000000007000000", @ANYRES32=r5, @ANYBLOB='\x00\x00g\x00\b\x00\b\x00', @ANYRESDEC=0x0], 0x24}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000280)={'syztnl2\x00', &(0x7f00000001c0)={'ip6_vti0\x00', <r6=>0x0, 0x29, 0x98, 0x9, 0x5, 0xa, @mcast1, @empty, 0x40, 0x40, 0x2, 0x609}})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_KEY={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x7c}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000)
clock_gettime(0x0, &(0x7f0000000480)={<r8=>0x0, <r9=>0x0})
ppoll(&(0x7f0000000440)=[{r4, 0x20}, {r7, 0x2408}], 0x2, &(0x7f00000004c0)={r8, r9+10000000}, &(0x7f0000000500)={[0x2]}, 0x8)
r10 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r10, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x1, r12}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r2, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x9c, r3, 0xc, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xa91d}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x67}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1}, @MPTCP_PM_ATTR_ADDR={0x40, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xfffffffb}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x80000000}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r6}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r12}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0xc0}, 0x804)

17.075710469s ago: executing program 1 (id=1556):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f210000028000001294", 0x2e}], 0x1}, 0x0)

16.91269895s ago: executing program 0 (id=1558):
epoll_create1(0x80000) (async)
r0 = epoll_create1(0x80000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x50) (async)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x4}, 0x50)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x30000008})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r2=>0x0})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={<r3=>r1, 0x100000000, 0x40000000000000, 0x2})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x20000, '\x00', r2, r3, 0x2, 0x4, 0x3}, 0x50)
clock_gettime(0x0, &(0x7f0000000280)={<r5=>0x0, <r6=>0x0})
pselect6(0x40, &(0x7f00000001c0)={0x8, 0x1, 0xd, 0x5, 0xb18, 0xcaf, 0x7, 0x1000}, &(0x7f0000000200)={0x7, 0x3fdbe354, 0x5, 0x0, 0x5, 0x8, 0x7a50}, &(0x7f0000000240)={0x5, 0x9, 0x2, 0xb6ea, 0xace, 0x5, 0x7, 0xc}, &(0x7f00000002c0)={r5, r6+60000000}, &(0x7f0000000340)={&(0x7f0000000300)={[0xc0fe]}, 0x8})
nanosleep(&(0x7f0000000380)={0x0, 0x3938700}, &(0x7f00000003c0))
setsockopt$packet_int(r3, 0x107, 0xb, &(0x7f0000000400)=0x5, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='rpcgss_seqno\x00', r3, 0x0, 0xfffffffffffffffb}, 0x18)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000580)={&(0x7f00000004c0), 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x3c, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x7c}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x3}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0xffffff32}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x4b}]}, 0x3c}, 0x1, 0x0, 0x0, 0x5}, 0x4000) (async)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000580)={&(0x7f00000004c0), 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x3c, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x7c}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x3}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0xffffff32}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x4b}]}, 0x3c}, 0x1, 0x0, 0x0, 0x5}, 0x4000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f00000005c0)={0x18})
pselect6(0x40, &(0x7f0000000600)={0x1, 0x2f7c, 0x7, 0xb, 0x6, 0x9, 0x7f, 0xfffffffffffffffa}, &(0x7f0000000640)={0x4, 0x6, 0x8001, 0xb14, 0x8001, 0x6, 0x4, 0x1}, &(0x7f0000000680)={0x5, 0x1, 0xa, 0xbd, 0xfffffffffffffffc, 0xfffffffff9047aee, 0x6, 0x4}, &(0x7f00000006c0)={0x77359400}, &(0x7f0000000740)={&(0x7f0000000700)={[0x4]}, 0x8}) (async)
pselect6(0x40, &(0x7f0000000600)={0x1, 0x2f7c, 0x7, 0xb, 0x6, 0x9, 0x7f, 0xfffffffffffffffa}, &(0x7f0000000640)={0x4, 0x6, 0x8001, 0xb14, 0x8001, 0x6, 0x4, 0x1}, &(0x7f0000000680)={0x5, 0x1, 0xa, 0xbd, 0xfffffffffffffffc, 0xfffffffff9047aee, 0x6, 0x4}, &(0x7f00000006c0)={0x77359400}, &(0x7f0000000740)={&(0x7f0000000700)={[0x4]}, 0x8})
recvmmsg$unix(r3, &(0x7f0000001080)=[{{&(0x7f0000000780), 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000800)=""/164, 0xa4}, {&(0x7f00000008c0)=""/95, 0x5f}, {&(0x7f0000000940)=""/76, 0x4c}], 0x3}}, {{&(0x7f0000000a00), 0x6e, &(0x7f0000000c40)=[{&(0x7f0000000a80)=""/26, 0x1a}, {&(0x7f0000000ac0)=""/136, 0x88}, {&(0x7f0000000b80)=""/186, 0xba}], 0x3, &(0x7f0000000c80)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [<r8=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f0000000d80)=@abs, 0x6e, &(0x7f0000000f00)=[{&(0x7f0000000e00)=""/242, 0xf2}], 0x1, &(0x7f0000000f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff, 0xffffffffffffffff, <r11=>0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r12=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r13=>0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r14=>0xffffffffffffffff, <r15=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0x110}}], 0x3, 0x40010100, &(0x7f0000001140)={0x0, 0x3938700})
clock_gettime(0x0, &(0x7f0000001180))
bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=@bloom_filter={0x1e, 0x8001, 0x9, 0x7, 0x8400, r13, 0x81, '\x00', r2, r9, 0x4, 0x1, 0x1, 0xa, @value=r8}, 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=@bloom_filter={0x1e, 0x8001, 0x9, 0x7, 0x8400, r13, 0x81, '\x00', r2, r9, 0x4, 0x1, 0x1, 0xa, @value=r8}, 0x50)
r16 = accept$unix(r7, &(0x7f0000001240), &(0x7f00000012c0)=0x6e)
ioctl$SIOCGSTAMPNS(r16, 0x8907, &(0x7f0000001300))
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001380)={0x38, 0x1, 0x2, 0x0, 0x0, 0x0, {0x3, 0x0, 0x1}, [@CTA_EXPECT_HELP_NAME={0x8, 0x6, 'RAS\x00'}, @CTA_EXPECT_MASTER={0xc, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_EXPECT_HELP_NAME={0xf, 0x6, 'tftp-20000\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x81) (async)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000001340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001380)={0x38, 0x1, 0x2, 0x0, 0x0, 0x0, {0x3, 0x0, 0x1}, [@CTA_EXPECT_HELP_NAME={0x8, 0x6, 'RAS\x00'}, @CTA_EXPECT_MASTER={0xc, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_EXPECT_HELP_NAME={0xf, 0x6, 'tftp-20000\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x81)
r17 = socket$inet6_sctp(0xa, 0x4, 0x84)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r17, 0x29, 0x37, &(0x7f0000001440)={0xc, 0x8, '\x00', [@ra={0x5, 0x2, 0x7}, @padn={0x1, 0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x28, {0x2, 0x8, 0x1, 0x1c, [0x8, 0x8, 0x9, 0x8000000000000000]}}, @pad1, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x7}]}, 0x50)
sendmsg$kcm(r10, &(0x7f0000001940)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000014c0)="65d13b8c524a214d12f843879de5019fa1f3f7e0ea10196c6746a34f349fe2d31d828517e82129647ce3fc1214c7258eaeff8a8c0b44a1811f11e370c21bd671ecd55737a72368af7394dd32202ac4ead2a0ce228f1383da8e1fd24ea551fe08ae7aadbdfaafbdf489b67f82cb8fefa5bb5a96f4c10e2c9a45cf2d9b84d0ccff3822e8c4f1c7107a6fc03f20b47bfdd8c166a3d4db8968701efc34dc8b91ff2e8fe01636c4f2fb0e99c84c8941bfcfbb26965a3e56b1a137cd421218011625d506e7e0b61235a3171a8e64459e", 0xcd}], 0x1, &(0x7f0000001600)=[{0xb8, 0xff, 0x5, "ac8c6791f4cceed0d9671e4e0244a6e3222119e824004037428996da8601298e7f5f6b87a1b264f385613dd8da0ef3d7e3acad1bf06859d719ea94fa54d7c42c8b43afc705d6ba38985762484d9a341d2820b765892612b5177a35412f059e19615d39525301dea42a8d460c082d32f3d96eebd2927c441fc0d071dd4b54346dc278cb65ac976bd6df4673b7a7a8e74d7a5455a9f9c49ded6c70d509c0d06404f69d4789c67274"}, {0x38, 0x29, 0x6, "d557560e0bb1a42341cdc4a1a07db4893e2006a1f97586cb4987a8e62f4294370d211b78db201c9c"}, {0xf8, 0x29, 0x401, "d2c023bdc1e6f474a2d72433ee67dcc5b5da08d466f3d56cc53bd5f4ba883aaf884225043e68b2b0b03120a18bd96809356131a6255d64ace6c7c0bcd8c8b3f4563b8a4871aab2c23a8c9d838f24ae6c3dc10bb85fec28010f58e7ea6f99fc6bcc9ec96d7bbe556994b08990179d1708b21a7191f53505a3e41542758d5e7ce74318ba356f81dfc1e1aa822563615f1150c34da06fa86e8b39520f88f697119ff74d7fab121b922a5d4c78f5605dcd044e8a63b7c9568d240fee8a9daef3387c174622055591ff6d3cb360160a646c177472fe6d4bf346ee89d48d3aeaf02dc8fae109db"}, {0x80, 0xff, 0x9, "e4f1749a43a85a5c0a82754f14e3dd5f1f242755cdd997af5895fb2749172bc7fc819f2d57177ecf128fb97205bfb7bf33dcfdd7c2cdc62e0350db867bf6a935861370eee5fadfc7d022cfac65fc2d1cd997981677686a17597246af1449fd97986e1aec96c99f234c"}, {0xb8, 0x115, 0xf4, "c2ca958f3f1c9ebc2d8983109475d9748390d59aed6d3b5c16f8a891e4f782f3d8af43384a4ac737648e76827d277b5b43cb4907e1ea6f2ae291ea0312764449afdd48837c7e1136bb35118879f9ce676a400d6f6aef8ad7bba52763a3be8723bb1912a328582c17ab54147d5e8fcd5e9c3a96c0050c5614bd505db76df6189c8cb358fb74217cadfb26bc82a90c19a1da4da8b089a883f8d3b20f167b5d4b7a8a"}], 0x320}, 0x8000) (async)
sendmsg$kcm(r10, &(0x7f0000001940)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000014c0)="65d13b8c524a214d12f843879de5019fa1f3f7e0ea10196c6746a34f349fe2d31d828517e82129647ce3fc1214c7258eaeff8a8c0b44a1811f11e370c21bd671ecd55737a72368af7394dd32202ac4ead2a0ce228f1383da8e1fd24ea551fe08ae7aadbdfaafbdf489b67f82cb8fefa5bb5a96f4c10e2c9a45cf2d9b84d0ccff3822e8c4f1c7107a6fc03f20b47bfdd8c166a3d4db8968701efc34dc8b91ff2e8fe01636c4f2fb0e99c84c8941bfcfbb26965a3e56b1a137cd421218011625d506e7e0b61235a3171a8e64459e", 0xcd}], 0x1, &(0x7f0000001600)=[{0xb8, 0xff, 0x5, "ac8c6791f4cceed0d9671e4e0244a6e3222119e824004037428996da8601298e7f5f6b87a1b264f385613dd8da0ef3d7e3acad1bf06859d719ea94fa54d7c42c8b43afc705d6ba38985762484d9a341d2820b765892612b5177a35412f059e19615d39525301dea42a8d460c082d32f3d96eebd2927c441fc0d071dd4b54346dc278cb65ac976bd6df4673b7a7a8e74d7a5455a9f9c49ded6c70d509c0d06404f69d4789c67274"}, {0x38, 0x29, 0x6, "d557560e0bb1a42341cdc4a1a07db4893e2006a1f97586cb4987a8e62f4294370d211b78db201c9c"}, {0xf8, 0x29, 0x401, "d2c023bdc1e6f474a2d72433ee67dcc5b5da08d466f3d56cc53bd5f4ba883aaf884225043e68b2b0b03120a18bd96809356131a6255d64ace6c7c0bcd8c8b3f4563b8a4871aab2c23a8c9d838f24ae6c3dc10bb85fec28010f58e7ea6f99fc6bcc9ec96d7bbe556994b08990179d1708b21a7191f53505a3e41542758d5e7ce74318ba356f81dfc1e1aa822563615f1150c34da06fa86e8b39520f88f697119ff74d7fab121b922a5d4c78f5605dcd044e8a63b7c9568d240fee8a9daef3387c174622055591ff6d3cb360160a646c177472fe6d4bf346ee89d48d3aeaf02dc8fae109db"}, {0x80, 0xff, 0x9, "e4f1749a43a85a5c0a82754f14e3dd5f1f242755cdd997af5895fb2749172bc7fc819f2d57177ecf128fb97205bfb7bf33dcfdd7c2cdc62e0350db867bf6a935861370eee5fadfc7d022cfac65fc2d1cd997981677686a17597246af1449fd97986e1aec96c99f234c"}, {0xb8, 0x115, 0xf4, "c2ca958f3f1c9ebc2d8983109475d9748390d59aed6d3b5c16f8a891e4f782f3d8af43384a4ac737648e76827d277b5b43cb4907e1ea6f2ae291ea0312764449afdd48837c7e1136bb35118879f9ce676a400d6f6aef8ad7bba52763a3be8723bb1912a328582c17ab54147d5e8fcd5e9c3a96c0050c5614bd505db76df6189c8cb358fb74217cadfb26bc82a90c19a1da4da8b089a883f8d3b20f167b5d4b7a8a"}], 0x320}, 0x8000)
r18 = syz_genetlink_get_family_id$ethtool(&(0x7f00000019c0), r9)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r14, &(0x7f0000001ac0)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001a80)={&(0x7f0000001a00)={0x5c, r18, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8, 0x12, 0x3}, @ETHTOOL_A_COALESCE_RX_USECS_HIGH={0x8, 0x13, 0x3}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x81}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0x6}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x9}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ={0x8, 0x5, 0x6}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8, 0x12, 0x10001}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x2}]}, 0x5c}}, 0x84)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r12, 0x89f2, &(0x7f0000001bc0)={'syztnl0\x00', &(0x7f0000001b40)={'ip6tnl0\x00', <r19=>r2, 0x75, 0x5, 0x3, 0x80000001, 0x7f, @loopback, @private0, 0x8000, 0x1, 0x9, 0x6}})
ioctl$ifreq_SIOCGIFINDEX_team(r15, 0x8933, &(0x7f0000001c00)={'team0\x00', <r20=>0x0})
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r11, &(0x7f0000001d40)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001d00)={&(0x7f0000001c40)={0xc0, r18, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r19}]}, @HEADER={0x4}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r20}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40400d0}, 0x14) (async)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r11, &(0x7f0000001d40)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001d00)={&(0x7f0000001c40)={0xc0, r18, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r19}]}, @HEADER={0x4}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r20}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x40400d0}, 0x14)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r21 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_SE_IO(r21, &(0x7f0000001f80)={&(0x7f0000001d80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001f40)={&(0x7f0000001e80)={0xc0, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_SE_APDU={0x8a, 0x19, "6607d7019e7b4d21666acb0593784cba62956748248e9d9f4c74c944a2416c3271c91885411e9b3869643cb49c35dcafaadf0303426d3b0c0d0f2be25eaa86899b46dc42569e6e063363a97e6a3615f30a6b07d58ab7c3f62b3f2c44fb551c9fc7e56da77667ab41282fc9e22a2ea8de9e7dc199d838655da3e167489140f24b9d4d11ebe494"}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20048804}, 0x20008804) (async)
sendmsg$NFC_CMD_SE_IO(r21, &(0x7f0000001f80)={&(0x7f0000001d80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001f40)={&(0x7f0000001e80)={0xc0, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_SE_APDU={0x8a, 0x19, "6607d7019e7b4d21666acb0593784cba62956748248e9d9f4c74c944a2416c3271c91885411e9b3869643cb49c35dcafaadf0303426d3b0c0d0f2be25eaa86899b46dc42569e6e063363a97e6a3615f30a6b07d58ab7c3f62b3f2c44fb551c9fc7e56da77667ab41282fc9e22a2ea8de9e7dc199d838655da3e167489140f24b9d4d11ebe494"}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20048804}, 0x20008804)

16.912361511s ago: executing program 1 (id=1559):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c000280080001400000000014000180090001006cdbf80789f3f947dd00028008000340000001", @ANYRESHEX], 0xe4}, 0x1, 0x0, 0x0, 0x40004}, 0x20050800)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=@newsa={0x14c, 0x10, 0x1, 0x0, 0x0, {{@in=@empty, @in6=@remote, 0x0, 0xfff7, 0x2000, 0x1, 0x0, 0x0, 0x0, 0x3b, 0x0, 0xffffffffffffffff}, {@in=@rand_addr=0x64010102, 0x0, 0x6c}, @in=@remote, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4}, {0x0, 0x4, 0x40000000}, {}, 0x0, 0x0, 0x2, 0x0, 0x1}, [@XFRMA_IF_ID={0x8, 0x1f, 0x4}, @algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @sec_ctx={0xc, 0x8, {0x8, 0x8, 0x0, 0x7}}]}, 0x14c}}, 0x4810)

16.853086571s ago: executing program 1 (id=1560):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv6_delroute={0x2c, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_OIF={0x8, 0x1e}, @RTA_OIF={0x8}]}, 0x2c}}, 0x0)
socket$tipc(0x1e, 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, 0x0, 0x0, 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x7}, 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x94)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r4, 0x0, 0x8000)
write$tun(r2, &(0x7f0000000200)={@val={0xa, 0x8847}, @void, @eth={@multicast, @multicast, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, "101b01", 0x8, 0x11, 0xff, @empty, @mcast2, {[], {0x4f19, 0x4e20, 0x8}}}}}}}, 0x42)
r5 = socket$nl_generic(0x11, 0x3, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00000009200102001a000900020073797a2100000000050001000700000004000780000000000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
sendmsg(r5, &(0x7f0000000640)={&(0x7f00000000c0)=@rxrpc=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e23, 0x8a, @mcast2, 0x596}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000f80)="849d721861bd2dcc5e7064345f024a7a72ba717362c0cfc49199dd238b3ec15e", 0x20}], 0x1, 0x0, 0x0, 0x11000000}, 0x40000)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r7, 0x890b, 0x0)
ioctl$sock_netrom_SIOCADDRT(r7, 0x890b, &(0x7f0000000300)={0x1, @default, @bpq0, 0x0, 'syz1\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x7, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]})
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r8 = socket(0x1d, 0x803, 0x7)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x1c, 0x15, 0x301, 0x0, 0x0, {0xc}, [@typed={0x8, 0x1, 0x0, 0x0, @fd=r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x8000)

16.669343631s ago: executing program 0 (id=1562):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0xfffffffc, 0x2}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44010}, 0xfffffffffffffff5)

16.591956391s ago: executing program 0 (id=1564):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r0, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)="991347c388249d2e", 0x8}, 0x1, 0x0, 0x0, 0x40000c0}, 0x10)

16.493332565s ago: executing program 1 (id=1565):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
pwritev(r2, &(0x7f0000001a00)=[{&(0x7f0000000600)="24ba8d4416efcb4768e949522f47331d4548861502149843b0606505ad3255eb63568e3c6147e90cc21f78d2323128c8d375102a2bcdb5cd78e7f3d6ff64da1b49a467badc8e4f6d699c789929cf02ca9c7165d13c7f7b8be98dcf5a0eb01a3df3e9bdfde437d11f4f599ad8bb03bf63efc4183d44de47eaf11ec43172db7ef524be9203ad39a624829527f8c30773b6", 0x90}], 0x1, 0x5e, 0xdc)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a"], 0x7c}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000001c0)=ANY=[@ANYBLOB="180000006a2a3f1888cfc20dddb72f57cc370338b40683e4ffd41e31896f0e"], 0x18}, 0x1, 0x0, 0x0, 0x48800}, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x6a, 0x3, 0x0, &(0x7f0000000000)=0xfffffffffffffd68)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, 0x0)

16.492932382s ago: executing program 0 (id=1566):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r1=>0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @empty}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f5, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000140)={'sit0\x00', r1, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0xd}, @multicast2}}}})
close(0xffffffffffffffff)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_inet_sctp_SIOCINQ(r2, 0x541b, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0x3, &(0x7f0000000640)=@framed={{0x18, 0x2, 0x0, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3}, 0x94)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@generic={&(0x7f0000000640)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
syz_emit_ethernet(0x42, &(0x7f0000000040)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000086dd7d76b2af00042f00fc000000000000000000000000000000ff0200000000000000000000000000010000883e"], 0x0)

16.424395458s ago: executing program 0 (id=1568):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=@newneigh={0x1c, 0x1c, 0x1}, 0x1c}}, 0x0) (async)
r3 = socket$alg(0x26, 0x5, 0x0)
ioctl$sock_x25_SIOCDELRT(r2, 0x890c, &(0x7f0000000200)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}, 0x8, 'veth0_to_bridge\x00'}) (async)
bind$alg(r3, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r4 = accept4$alg(r3, 0x0, 0x0, 0x0)
read$alg(r4, &(0x7f00000012c0)=""/4109, 0x100d) (async)
sendmsg$alg(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000e00)="7911bf87e318844b7b7ece8fe95693844ba2b4c29049c749521cf970374e19e3e0eb47e456c6b48e9e6cbd7bf0c99099ca842917790c07a3922b2732c0b26c06681e5f6eeb013cae354f9e4cbdb1e2740ed027e6cea3bf48243cf3a4dfea964f056d9750a3845e1afa1cd4746ed1de3dcd86984fcb49e380144defb2648b5d28438225bdb08ba43fde421a07274d5d77389ddda7dbfec5ce2019fb2b85555c3adbf6812125af1e846cf1c0e4b88a751c58dfad1d210fbec40a1b21115f69230ca80b3ed558b27f6c46fe25c01fe4c18c0ba7d1e6861f6eb75b6f4903971921f799a56c12097998d9cfdce430335046f02dd1fef77b36c617b8b67621", 0xfc}, {&(0x7f0000002300)="efc738a16cc28c4946440ccbad4a5f1d56d06c415fd74d3f7ae7fede9df25861ac370f6d867d6672f8e7024df494ac35bd04b35f68b11663b146746ef3f58b12cfd7cd648c12a75f123d9cf5f9c10bcb48f942b34db9fbddcea5e0c3999da708bc472cd687c8f27748d1839e219628ad9687678201b445a59e0da96ecd38c0ce8bca1acbc78f9a3335e5db0eb0cd454006b4e3a5988e038b05322dad026df32c378b20fd75460e1205020d105c5115d2893e413b8b80e36946d011863b5a21472f1bd0d48b0c58211aff50a91e31112d632b56886d75ee84f49ffe015e33237150d3a3c4d871d348fa8e16f94c9e9d1e08d37c8b58f05f1a7c7133aae433f4564b8120d926c8ed8945d774620ec50deb1b3de7e66655d52f397f1811a024d870a4be151a15908b871992af52db41a28cb43633e1f9727e5373e318da8155d3e00b5b5eb28da52e8d364ec5de7614d8fd52401a6367e32464752d7379aaee4b08445ab9ca96663e47584d7470acf0312c545ffcee66d1903bc965caf4d66faf0c8e82ce4bd9c769d3440aca255e97c95a9810f33244d3963ec5610d0dcf62394ba8241351909acab1c154d1796ab44f683a08b307cc1905573642f6b2ef46e764d7f6d692de0fdefe6363a586f50d385e14b5b4209fd4efd93668ef020eaa8e3a70e6511438f81a2e6236b90628ac919ba9eeb04a9fd736a2681489427fa2fbd7f9fe559db1070fe3876e3217626fa811af2b2e3efb3587b19460f885c277e81a94277bbd3f19d4427538a4d93185e6647c4b8ffba034fe43e288dbb2eaf46299255aa246eb720a58224fc8490ed19cc40edd59552ec36b4645edc4e72e4c0ec8c48be18626f32c6aa982f821c40a0ba2d9b19c18a2e3a6b82e562c11620551de6364cc836ccd438823cbb2be8883a46d1141e136fdef2b1b19b879bd1be9a9993265758044ec33a87c625607ceda2e8245ebd7610b8c779957a1186a1611bd0caf66de3bcfbe904e28bae0174818f47eec3e79d74624b57d0b0dd173bfb5dbc4292e817bb03a0725bf11769fcf53ea95ef538be9a33c841f618fe4bc731cd8c826caec2691aee93ca57624e693947484163b3ae01d947155b499f56d7283b7d82c8000ba4a5457a1b1e40a17b7d4a54b45ebb0e8322e9dc9e2743a030c54f637381f10676d747cf8d1f982285187126b6da1e6fb374a8d87c956f9ad7c0328e8452fb6801e1c4db11dba4fd3ac3c382a05ab7148dcfb2266eac19399469c7aaf60eecbb1a92d6abf4bdda90752059106149645c6f5ea20b66c3ca634145c64b0c86ff46edc2b7d6269df97efd2f3e6fcda4cc9dc636951a9d6f0dc01f51ae273dcfeb66ec749d3cfe7cb11c45a473e126cab55450c5ffa59b3f3afb686f8258200bb8a529faff7f988d632300b890f73d51c60c64f4679cd86cc1f4602089f93ba03a51c846eed467432084f71c38413d0d9d1b83f9605207e9b28142d7bf94c7aedcd19f0fc93d4b95a1fea7babe2cb8de1a1a08f3a2d8d0aa1e718c1460e15329700e9e14c5cffff9c7a62b09df0a025e96ab03fa316e50d5b3b01ca4c5e0c6ac23f9703462e14f5fb6d5c1c2514d714746db1b5a5cee1111640114a9556cc518168b161b13e989e8f9ac51e2c01f7fbefea6ce6a8714c47279093fbb59fb760b7dd3138004343063485b506b120728d22c422324871c34f2dc7c53ce0bbab87bcd3efcf8fd4fa2bce12a10b00bdbb24791758516d02012613dd74caac26a176392ec11250e81d2566b2373a2b6536c3e2f28742cbca11b201934d19b42241d94a9da5b282eff530ddd3ed20318be47e9264b0a8fb0745e78c9c1f612ed03479ae14a176cfe52edb5eb2712c21fae58bf4c4143da57a9ee28acede9f56700bfa0f5c51da975fec9f8141b76cacdbfe69be80a325666cbd8fe458ed7f8965166b120ffb5e28dfbb5b3141cf963fd07548a4a35d2c749ce3adea69e0e0d4fd4158142fb7050d477fc51b2ef7e6f0e09cb8016a9bdfff7a200cd992a71a156339160b5757e163a14246c94fe11a0e210c5946b3147bc6870c9900e102b82e9a66a243a2e23e7ff98f7d9f017301740ac157f804afebf2f5bebbbf68583d86b01daaf02bc086bc2c4ddecf1a30795cb23a37bcff24ac3307545acc9bc7949edb2ea5b851ceb3bf2d34f049f1664100b0fc8ea326000e032bc5e50cdec80803a468e334002cfa7ccbef11f951f7679f403ce0cff42101702999218a15396952a3faa0154764c4359f037414bad967afca45285bd5ab985364e6b8bec744c00b3f95010eda041112ace0f09833c9b1049c36f03cca4e9264485d5784466e4b908b4b6216bd935abf49553dcdd4e48bc39f8b22f9b4bef1339b5121ad34ef3df4051333b8ea4ce83cff7abc863c43440ab6892281bc96fbf848ae9e82cb1a2d791b8bcf98ddb65baada7c08075dfe27cd06aedb0ff458880d600ba5bdb14c0858415c43c0aa6660298a944d568487853e7dac0c955d1268f70874756f6316e6181313f215ed3724ef760d89df82a178b51169506ada831725827c62b80f2e47fdac38b86192f68fe2fe5794f7adeac9c5bfc9e1fa8d5199fd7df202ee6e1ba38d40b7750f900771ea8e4f00d4c25065cf8867dc929c892f8e4652040862d48e8af1a48fc500882e874995c48cace7754bf0be2765be83001958946c8cb794f8813816e505de401d789223bc0af5739045751640272afb39d45d2be00cac743bfbce9a9a7f4b8f55511f3ad26264a09c19f26ed1b45b0fb254f98e5e1473bbccaa21219b327d1bbedab4a4dfdf516259feef632f72f5092bf78d886772e73ed2250f5ec20ac6fa66cf8c2626d3b5973ce9f4f95ead5c8a65db49966de0fd9e9ce97894b764ec3f75093a4f3ec4507e2507256c59a52969fdabfc100e6ae23acf121bb3acf34d190211b4001b632b10a252be0430bd107ee884a0ba16fc50eb717ae36aba0dbb130dc64b5cc21d1fe87856c8787474333c3a793fe81c9b9b56ee41fd2e1f2d6150495dc3379bf66fa4d53f868047b6c50f8c5a4c2ea2a355b5eb1ab3d3f32791b9ffcb08698dbe841f3338be19e5d927dfb14711b4aed2435fc53340162c878bee30d9d7d2409be614240540f7f5702be3e2ba38d8f999a624acdcaef37dabb86d225f35e92691de25bf68e0115e6680107f07380b28254e9df2e54a5179ed064fc9744dcb553b56720171b0325876c9b82d0120add35ac3f38b41fc28b149f944c66555051ca92341a953739a1674fae837bdb8d8d10adf7ef74092f505375c8414d82805176b680908d5c0f6c2a14bd526631c5abeccaf3469e3ae01c4db2371a77219ee109a83d62aef26efff181f240a163bc0cb253405018b69ba8d62ac582cb186c8c89e3c140bffaa4d99fab17975ccd925efab24b6a181773fe1daac55f18ab1e0264f8d1f7aabe395ce80792bb77cbd0b58fcd928ad74f0342876e098c93f9611887022a92e4d9b1da9c911bb7d762bdcdba36f749e16aad0bcf6f8596b2b50fc65a6811b709d9ad6593c2eb9867af3a276de26d6a6f87ec5173ca79e88122bf5151e98dee268fc8a79a4e83f2427a02ed702b0926ecf0b4bb1a3051f0a4d3cf31038fb600c7eb0cedc0d59ac99bff3b31a9065efecca740fcd948fb9c2eb6197b8226c397de7a4c268fa41877ca1618f77ffa93b2e17348301899bb1a5b389422d7364eb1e5ddd0daf2065894cf10886ce0d3920c0a283de54ec57942d456579851ca3590c26f8c360b7cbaa0328c29532aad80b2627b25641e613b38a2accf5881bbbc7086085a8fcf25895da9244c7dd773bff995e159ea3899487f202d97f2977e4527f75ec64a85cb21b120828b2ac24c711ea2b7cba4b0a195a1840aec7d34a4745b42596f186820584b4b75af29fba5b6d3623718efeebf52e848fe48160fbfd5a0f6511649e3e1c58e599c6d9c7597e5e12227e281204921819fbf9e0c9bd16d598aec601bbdc87e8d94225368cb65da83cbb722d79957a7c0bcea91a45f9b52558ccdcd2754da40fc0fbf78abd06c05f1fc7381eb06e4a0afcca6db7cace72aaacdf498cf9ca42c9b3c6615d9df167ef2d1b868e56a9652beea2f72530f24fe373333d9a524ed48e52e51d3784649a9b9a9f1cfdfabd3cdf832b2dda019bb4e1e1e71e75f88cbc3a16a6848ac2385024abb76249841f630008f3805462604d65eebf4e14b6c2ad9f9e2dc2a5a55d7ce5dde8307ac655b4dfcc99d0f050e838d310957915b4fc838f26f2659d72f801e8c62c6477cc33d7f60e659881422ddad61819b93f0f7817acab429b3c7d3923abce00993ada7fd7e5987cab4f4aea02acabad3f27f223c0108f44d8d5833932b4eb427f83f7b336f214293f8adc0ed2cd45d792cc69a84e01f6fe7020f96cd05c1dd792f30f1dec2c21ecf00ca956e4a2c71b52b1c298ae6e319cf845b97b60e07ab82afa30ffe94c16efb971959951746edde9639bb055feebe25611b595e23cade8420a2ee207977ab47dd559f09d17823e6184f83c44b881e4baa5d9abd6e2f8156a1fff943e61eea0e9b2fe26236e8288c5116ae9a8b0f110794f629c800d08729ea2000d56dbe404a747c149b7890bd6ac91319200b7078e2e039a29f45ffac3ecbafbc8b00db9f2e8eeb92ebf0a494bd4616925c9b289522c76f87d2c73342db85cc9a3ff09ae84c2c4b3618ba220bb6442968d9ae9eec02e577412fbedd827678a320b7dd8503d0bab20ca7fe7d982330506fc38eaaa6f1cde45377b08f0b66590b75fd6d390da80d01bf6c6dfc12f3b31312b75d1c6e8c6b86527b4f7c5464465b655b1c76a2b7dc202cf50f88f41bae5d7b8e8c38f3b254628f2418e2fe00b63f8162c60cd95fc9b0b6bba3a0989bbb858d2f1c892713e3bdc1a50bddfbb5c11f242464183ee9b85734b5683c242a264ea415df1284ffd87a36516518a09171cbad0149753e836aa41b27ff441460cf0f0d59ca9c1023b2bac5be5512827d4a64e6d7283e335682f9f4e0ad5471839e447b803c6b43d7daa2709536bc2ab955880cd25d1a50aa78fd646e31b3382426e1e77429d37712968223046698b51362b974a6c6782bfb17f40ade50c82523c1c87b59ba4cab6db7ea321b345133ef90039ddf3465043f05e0c1f0d9322aaf67408cf0c81162c17fd0a3fa195df5b6916b008110e4d713810a268d360a4056d36887765410b420101fc35833c3b0ec5b1990eaafdedcec60154fbbf8665c2ad750b4717235f3eb5f508dbc8d8119b7ccad544ff12b4837de891c0bc17d8316d1faaa1b178de7c335501d42cd03cec3cd364d48d73e1e1c19320f5d9842f746cb3cc10ce0079a9faec3f23ee2cdc84503bd2f86c175d3fd7951c4a7267908aaccde39326f4689eda42da763103ebb2383878851af1679def7bd14a78d6f387bd0042", 0xf11}], 0x2, 0x0, 0x0, 0x8801}, 0x4000001)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) (async)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e) (async)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b'], 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000000005000000000000000108000f"], 0x74}}, 0x0)

16.257127437s ago: executing program 2 (id=1569):
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000080)={&(0x7f0000000000)=""/123, 0x7b, 0x4, 0x6}) (async)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000080)={&(0x7f0000000000)=""/123, 0x7b, 0x4, 0x6})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000d00)={0x7c, r2, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@void, @val={0xc, 0x99, {0x0, 0x5d}}}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x52, 0xe, {{{0x0, 0x2}, {0x9}, @device_b, @broadcast, @random="ec03f3b85ad3"}, 0xffffffffffffffa1, @random=0x4, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1}, @val={0x4, 0x6, {0xa, 0x1, 0x8}}, @val={0x6, 0x2, 0x8343}, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6}}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8810}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@deltaction={0x54, 0x18, 0x1, 0x70bd2a, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x8f, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x37}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x44000}, 0x20040844) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@deltaction={0x54, 0x18, 0x1, 0x70bd2a, 0x25dfdc00, {0xa}, [@TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x8f, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x37}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x44000}, 0x20040844)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000000280)={0x3, [0x2, 0xb8cb, 0x8001]}, 0xa)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r2, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "9ec531dcb62c1cc4673b8b6b3eeb51e3"}, @NL80211_ATTR_PMKID={0x14, 0x55, "f31183ab2b94973e9ba59dacadd03fe0"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x20004080) (async)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r2, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "9ec531dcb62c1cc4673b8b6b3eeb51e3"}, @NL80211_ATTR_PMKID={0x14, 0x55, "f31183ab2b94973e9ba59dacadd03fe0"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x20004080)

16.227131228s ago: executing program 0 (id=1570):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
write$nci(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="71050528024bc854705c01ec710604034ecb8d"], 0x13)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000022780)=ANY=[@ANYBLOB="4000000010003b050c00"/20, @ANYRES32=0x0, @ANYBLOB="c1900000815c00001800128008000100677470000c00028008000200", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x48010)

15.936239854s ago: executing program 2 (id=1572):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x20, 0x1402, 0x1, 0x70bd2d, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x40000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
pipe(0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$PPPIOCGL2TPSTATS(r1, 0x80487436, &(0x7f0000000000)="23a5")
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(0xffffffffffffffff, 0x0, 0x50000)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
sendmsg$nl_route(r0, 0x0, 0x10)

15.935202602s ago: executing program 2 (id=1574):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x58, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x28, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x24, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x1c, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x1}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x220008e8}, 0x804)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000100)={0x4, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r7, 0x5452, &(0x7f0000000180)=0x401)
listen(r7, 0x0)
ioctl$sock_SIOCSPGRP(r7, 0x8902, &(0x7f0000000000)=0xffffffffffffffff)
shutdown(r7, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000240)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000f00030001332564aaee7b1d58b9a64411f6bbf44d", 0x39}], 0x1)

15.934859667s ago: executing program 3 (id=1575):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={<r0=>0xffffffffffffffff, 0x200, 0x2, 0x5})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x1e2, '\x00', 0x0, r0, 0x5, 0x2, 0x1}, 0x50)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x40000, 0x0, r1, 0x5, '\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x19}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x98}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x200, 0x2, 0x5}) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x1e2, '\x00', 0x0, r0, 0x5, 0x2, 0x1}, 0x50) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x40000, 0x0, r1, 0x5, '\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x19}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x98}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)

15.934577992s ago: executing program 3 (id=1576):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(blake2b-160-generic)\x00'}, 0x58)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x0, 0xca, 0x3, 0x0, 0x1}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x1d, 0xf, &(0x7f0000000000)=@ringbuf={{0x18, 0x2}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0x9f}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x6c}}}, &(0x7f0000000200)='GPL\x00'}, 0x90)
close(0x4)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
unshare(0x28000600)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000940)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f00006b7000/0x14000)=nil, 0x14000, 0x4, 0x1010, r5, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r5, 0x0, 0x81, 0xc6, &(0x7f0000000240)="9b68b4ce22ee0bcc94a55d835d7286ad4575eb22b7f6729d5d78105c501870099617ebf502b91238cfc265af168ea805482ad9aee6887abcf8b355ce5d779ccc4a93ec8b6ebb4136ba1bb7f490b6ccea5797be2c0c431cc95e995e0a10e9c8abf4111c176bf04836161a9ee68c28ad960b56d8195011d88bced7b44daeba6606fd", &(0x7f0000000580)=""/198, 0xfffffff0, 0x0, 0x79, 0xe3, &(0x7f00000000c0)="ddd7a7f3001022cb37877815896cfba13a580374123f3f2410719fb95e7247495b150268bfaf147061cce62c8ae9ac9031f9ceec112a791c4c044bb4f4abe7423099bb14f23c0a6e6095ca5a41dba207a6920fe94c076da278e246ce129d6b91bec2097e69d983ed5ecb389838ed627d090537511aad79d8a6", &(0x7f0000000680)="a7672e73d3b1baf52eb68c3001b219601f5e3909ecf4c3f925b33da234e031466540e18c793fe5ff317eba257f7a18ed95cf593f2844d863641f7db5aef853fad1cdaace2fafb1b479dd766156347e9ee5a99bcc7c2fa2b2daa4a39612447d3a4f6ae5c051719d29148ecb1ad16597312a71080927939e8b293a39dba9c51a7131a8a3bddf8decc7edfd2d99520da1ceb04cf9b0a778d4105ead20decbc9780571b100892a2c2b9c879223036c8e8435c36e9137c8b54ff2169b95be5361b58ffb704bdf396ecad7d472ba6520113e1b09eec5922d45f04f432bb1bc6dbe9fb1c8f50b"}, 0x50)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r6, &(0x7f0000002d00)=[{{&(0x7f0000001800)={0xa, 0x4e22, 0x1, @private2, 0x10001}, 0x1c, &(0x7f00000010c0)=[{&(0x7f00000011c0)="e6", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r6, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r6, 0x84, 0x23, &(0x7f0000000140)={0x0, 0xc7}, 0x8)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000340)="4b1db4f1", 0x4)
openat$cgroup_procs(r4, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9a0d00", 0x44, 0x2f, 0xff, @private0, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be}, {}, {}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x32}}}}}}}}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r5, 0x89f8, &(0x7f0000000400)={'sit0\x00', &(0x7f0000000180)={'sit0\x00', <r8=>r2, 0x10, 0x8, 0x5, 0x1, {{0x6, 0x4, 0x0, 0x5, 0x18, 0x67, 0x0, 0x9e, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x9}, @broadcast, {[@end]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x4, &(0x7f0000000400)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xcf, &(0x7f0000000980)=""/207, 0x41100, 0x45, '\x00', r8, @fallback=0x4}, 0x94)

15.807269206s ago: executing program 3 (id=1577):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r1=>0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @empty}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f5, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000140)={'sit0\x00', r1, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0xd}, @multicast2}}}})
close(0xffffffffffffffff)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_inet_sctp_SIOCINQ(r2, 0x541b, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0x3, &(0x7f0000000640)=@framed={{0x18, 0x2, 0x0, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3}, 0x94)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000680)=@generic={&(0x7f0000000640)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
syz_emit_ethernet(0x42, &(0x7f0000000040)=ANY=[@ANYBLOB="bbbbbbbbbbbb00000000000086dd7d76b2af00042f00fc000000000000000000000000000000ff0200000000000000000000000000010000883e"], 0x0)

15.764723442s ago: executing program 3 (id=1578):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000480), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="daba1950778a8c189b4bb5010028bd70c7d2006656663f1fbb9b9f06000b000000a00d8828dcb0debc1ada45132e8e0f5d145782ad89c679c3f18e214b2a21d03e46067fc705ebc70cad520e88569ce0bec8c6612a5a11628b28e833aac2ea22ee6a61a3cc88ed7d056ec0fb464ab4c2892172bf8a98c584a11fdceb55eba37f9ab0f4549afbe82972319fd0430100cee3612e7da87526d500816a7bff3fc1d2e79352a536ae89eca9e5232cacfc846b553d4a8f499e967d3127070009004634bcb97c5fcaec62ec5177d76ceac9726bd4a42da9c6b4f3e67706e43e27ef21bee19d801e220ce2b92435ef231d12edf7b3d1bb114b428cd726b3ea5d857f60dee80c3be62ec9f2f30e276438c74b53e78ce7e7c2babc0e212afa6518eddb24368edb85be30ad61b7f3f6f72d1d94afe0fcb2239864e6bc4e924fab5e47977c99faded54cb45d45"], 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x4180)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, r4, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, 0x0)
r6 = socket(0x14, 0x2, 0x4)
ioctl$SIOCX25GDTEFACILITIES(r6, 0x5411, 0x0)
r7 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'sit0\x00', <r8=>0x0})
ioctl$sock_SIOCADDRT(r0, 0x890b, 0x0)
sendto$packet(r0, &(0x7f0000000040)="05031600d3fc140000004788031c09102c28a6846dec54651dde16b313c9a80223795f0828142b1b46a84734b0f318a7a9e7637ab9472c5a235566c6845de7643dc1ddeec965445b4aad09b51dd05eaf7b73569860ac98cb7b8d19ae130cec0543059e497dd8c89e92b8babc7b5041e6d135dd69d48c9f481d6e810008845b34363eb8b2c1a1e3bfc30460bbc41bb0d2875064e84a195761b39979576e6c97e6af55cd5e2ec77996fc7fa20cb22e5491f877e45ef07666d9e1c28ef0d1845f", 0xbf, 0x44, &(0x7f0000000140)={0x11, 0x86dd, r8, 0x1, 0x0, 0x6, @broadcast}, 0x14)

15.35761781s ago: executing program 3 (id=1579):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x2, {{0xa, 0x4e23, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x2711, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
close(r0)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0xfe, @remote}}}, 0x108)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})

15.355590534s ago: executing program 3 (id=1580):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x8000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050) (async)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r3) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x100, 0x0)
close(r5) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket$caif_seqpacket(0x25, 0x5, 0x0)
read(r7, &(0x7f0000000300)=""/93, 0x5d) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x4008000)
r8 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xa, 0x3, &(0x7f0000000300)=@framed={{0x61, 0x0, 0xa, 0xfe00, 0x0, 0x69, 0x10, 0x85}}, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
sendfile(r0, r8, &(0x7f00000000c0)=0xfffffffffffffffa, 0x895) (async)
getsockopt$SO_COOKIE(r2, 0x1, 0x39, &(0x7f0000000200), &(0x7f0000000280)=0x8) (async)
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000080)=<r9=>0x0) (async)
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000011002901000000000000000007000000", @ANYRES32=r10, @ANYBLOB="00000000000000001c001a800800068004000500080000003e"], 0x44}}, 0x0) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r12=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x2261, 0x2416, 0x0, 0xffffffffffffffff, 0x0, '\x00', r12}, 0x50)
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000001180)={{r8}, r9, 0x0, @inherit={0x48, &(0x7f0000000140)={0x0, 0x0, 0x9, 0x7, {0x2a, 0x6, 0x7, 0xfffffffffffffff4, 0x9}}}, @subvolid})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="6115bd00000000006113100000000000bfa000000000000007000000ee00160e5e0301000000000014050000000000006916320000000000bf07000000000000360507000fff0720670600001f000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
sendfile(0xffffffffffffffff, r0, &(0x7f00000001c0)=0xff, 0xffffffffffffffff)

1.093174266s ago: executing program 33 (id=1570):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
write$nci(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="71050528024bc854705c01ec710604034ecb8d"], 0x13)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r5 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000022780)=ANY=[@ANYBLOB="4000000010003b050c00"/20, @ANYRES32=0x0, @ANYBLOB="c1900000815c00001800128008000100677470000c00028008000200", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x48010)

1.063331195s ago: executing program 34 (id=1565):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
pwritev(r2, &(0x7f0000001a00)=[{&(0x7f0000000600)="24ba8d4416efcb4768e949522f47331d4548861502149843b0606505ad3255eb63568e3c6147e90cc21f78d2323128c8d375102a2bcdb5cd78e7f3d6ff64da1b49a467badc8e4f6d699c789929cf02ca9c7165d13c7f7b8be98dcf5a0eb01a3df3e9bdfde437d11f4f599ad8bb03bf63efc4183d44de47eaf11ec43172db7ef524be9203ad39a624829527f8c30773b6", 0x90}], 0x1, 0x5e, 0xdc)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a"], 0x7c}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000001c0)=ANY=[@ANYBLOB="180000006a2a3f1888cfc20dddb72f57cc370338b40683e4ffd41e31896f0e"], 0x18}, 0x1, 0x0, 0x0, 0x48800}, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x6a, 0x3, 0x0, &(0x7f0000000000)=0xfffffffffffffd68)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, 0x0)

31.486633ms ago: executing program 35 (id=1574):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x58, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x28, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x24, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x1c, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x1}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x220008e8}, 0x804)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000100)={0x4, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r7, 0x5452, &(0x7f0000000180)=0x401)
listen(r7, 0x0)
ioctl$sock_SIOCSPGRP(r7, 0x8902, &(0x7f0000000000)=0xffffffffffffffff)
shutdown(r7, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000240)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000f00030001332564aaee7b1d58b9a64411f6bbf44d", 0x39}], 0x1)

0s ago: executing program 36 (id=1580):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x8000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050) (async)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r3) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x100, 0x0)
close(r5) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket$caif_seqpacket(0x25, 0x5, 0x0)
read(r7, &(0x7f0000000300)=""/93, 0x5d) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x4008000)
r8 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0xa, 0x3, &(0x7f0000000300)=@framed={{0x61, 0x0, 0xa, 0xfe00, 0x0, 0x69, 0x10, 0x85}}, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
sendfile(r0, r8, &(0x7f00000000c0)=0xfffffffffffffffa, 0x895) (async)
getsockopt$SO_COOKIE(r2, 0x1, 0x39, &(0x7f0000000200), &(0x7f0000000280)=0x8) (async)
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000080)=<r9=>0x0) (async)
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000011002901000000000000000007000000", @ANYRES32=r10, @ANYBLOB="00000000000000001c001a800800068004000500080000003e"], 0x44}}, 0x0) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r12=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x2261, 0x2416, 0x0, 0xffffffffffffffff, 0x0, '\x00', r12}, 0x50)
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000001180)={{r8}, r9, 0x0, @inherit={0x48, &(0x7f0000000140)={0x0, 0x0, 0x9, 0x7, {0x2a, 0x6, 0x7, 0xfffffffffffffff4, 0x9}}}, @subvolid})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="6115bd00000000006113100000000000bfa000000000000007000000ee00160e5e0301000000000014050000000000006916320000000000bf07000000000000360507000fff0720670600001f000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
sendfile(0xffffffffffffffff, r0, &(0x7f00000001c0)=0xff, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

ork, BSSID 50:50:50:50:50:50
[   94.283692][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.329824][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.341763][ T5870] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   94.369389][ T5882] veth0_macvtap: entered promiscuous mode
[   94.376360][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.386587][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.397892][ T5884] veth0_macvtap: entered promiscuous mode
[   94.412488][ T5882] veth1_macvtap: entered promiscuous mode
[   94.446352][ T5884] veth1_macvtap: entered promiscuous mode
[   94.484679][ T5873] Bluetooth: hci4: command tx timeout
[   94.494163][ T5873] Bluetooth: hci3: command tx timeout
[   94.545417][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.561379][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.617599][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.641502][ T1140] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.678538][ T1140] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.727335][ T3596] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.733142][ T1140] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.745306][ T3596] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.783527][ T1140] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.794252][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.890324][ T1140] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.908963][ T1140] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.921519][ T1140] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.940870][ T1156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.959966][ T1156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.998853][ T1140] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.072376][ T5993] netlink: 72 bytes leftover after parsing attributes in process `syz.3.9'.
[   95.095898][ T5995] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7'.
[   95.124690][ T1003] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.132534][ T1003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.283045][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.319269][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.390898][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.407083][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.587673][ T6011] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[   95.625099][ T3596] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.646875][ T6011] netlink: 'syz.1.14': attribute type 1 has an invalid length.
[   95.665253][ T3596] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.778066][ T6019] netlink: 132 bytes leftover after parsing attributes in process `syz.3.15'.
[   96.020607][ T6027] gtp0: entered promiscuous mode
[   96.036905][ T6027] gtp0: entered allmulticast mode
[   96.075676][ T6033] netlink: 'syz.3.18': attribute type 3 has an invalid length.
[   96.089989][ T6032] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   96.130941][ T6033] netlink: 201372 bytes leftover after parsing attributes in process `syz.3.18'.
[   96.143713][ T6027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18'.
[   96.165278][ T5873] Bluetooth: hci0: command tx timeout
[   96.190783][ T6027] netlink: 24 bytes leftover after parsing attributes in process `syz.3.18'.
[   96.248807][ T6038] netlink: 'syz.1.22': attribute type 1 has an invalid length.
[   96.252655][ T6036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21'.
[   96.275447][ T6038] netlink: 224 bytes leftover after parsing attributes in process `syz.1.22'.
[   96.319997][ T6038] nbd: couldn't find device at index 1048576
[   96.327935][ T5873] Bluetooth: hci1: command tx timeout
[   96.333977][ T5873] Bluetooth: hci2: command tx timeout
[   96.566563][ T5873] Bluetooth: hci3: command tx timeout
[   96.572010][ T5873] Bluetooth: hci4: command tx timeout
[   96.796268][ T6062] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31'.
[   96.831504][ T6064] netlink: 16 bytes leftover after parsing attributes in process `syz.0.28'.
[   96.968444][ T6070] Zero length message leads to an empty skb
[   97.351298][ T6086] syz.1.38 uses obsolete (PF_INET,SOCK_PACKET)
[   97.426058][ T6091] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   98.209942][ T5922] IPVS: starting estimator thread 0...
[   98.333335][ T6125] IPVS: using max 28 ests per chain, 67200 per kthread
[   99.051906][ T6175] netlink: 'syz.2.68': attribute type 11 has an invalid length.
[   99.156073][ T6179] nft_compat: unsupported protocol 0
[   99.170763][ T6179] netlink: 'syz.2.70': attribute type 14 has an invalid length.
[   99.180808][ T6179] netlink: 'syz.2.70': attribute type 13 has an invalid length.
[   99.592863][ T6196] netlink: 'syz.3.74': attribute type 153 has an invalid length.
[   99.634645][ T6202] netlink: 'syz.3.74': attribute type 153 has an invalid length.
[   99.997963][ T6215] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.095174][ T6224] netlink: 'syz.0.81': attribute type 21 has an invalid length.
[  100.141011][ T6224] netlink: 'syz.0.81': attribute type 1 has an invalid length.
[  100.555933][ T6249] lo: entered allmulticast mode
[  100.561773][ T6249] lo: left allmulticast mode
[  100.588853][ T6249] Bluetooth: MGMT ver 1.23
[  100.794935][ T6261] delete_channel: no stack
[  100.830051][ T6262] __nla_validate_parse: 35 callbacks suppressed
[  100.830069][ T6262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.92'.
[  101.005930][ T6274] validate_nla: 2 callbacks suppressed
[  101.005960][ T6274] netlink: 'syz.4.92': attribute type 10 has an invalid length.
[  101.058320][ T6274] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.120934][ T6274] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  101.199529][ T6284] netlink: 8 bytes leftover after parsing attributes in process `syz.3.98'.
[  101.217022][ T6285] netlink: 24 bytes leftover after parsing attributes in process `syz.1.97'.
[  101.231523][ T6277] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.239501][ T6277] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.248633][ T6277] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.256685][ T6277] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.272147][ T6277] bond0: (slave batadv0): Releasing backup interface
[  102.132881][ T6330] xt_policy: too many policy elements
[  102.155011][ T6333] netlink: 'syz.3.110': attribute type 1 has an invalid length.
[  102.162989][ T6333] netlink: 'syz.3.110': attribute type 3 has an invalid length.
[  102.171626][ T6333] netlink: 224 bytes leftover after parsing attributes in process `syz.3.110'.
[  102.207692][ T6330] netlink: 92 bytes leftover after parsing attributes in process `syz.1.113'.
[  102.225348][ T6336] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  102.241007][ T6338] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.116'.
[  102.261945][ T6330] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.332972][ T6343] netlink: 'syz.2.117': attribute type 83 has an invalid length.
[  102.541135][ T6338] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.549049][ T6338] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.717902][ T6371] netlink: 24 bytes leftover after parsing attributes in process `syz.1.121'.
[  102.764797][ T6338] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.795922][ T6338] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.060867][ T1003] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.089146][ T1003] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.111184][ T1003] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.206508][ T1003] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.389360][ T6396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.127'.
[  103.494712][ T6389] netlink: 24 bytes leftover after parsing attributes in process `syz.2.123'.
[  103.718977][ T6404] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  103.898705][ T6417] netlink: 36 bytes leftover after parsing attributes in process `syz.2.133'.
[  104.889986][ T6467] bridge_slave_0: left allmulticast mode
[  104.910563][ T6467] bridge_slave_0: left promiscuous mode
[  104.918624][ T6467] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.939886][ T6467] bridge_slave_1: left allmulticast mode
[  104.968302][ T6467] bridge_slave_1: left promiscuous mode
[  105.001592][ T6467] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.051619][ T6467] bond0: (slave bond_slave_0): Releasing backup interface
[  105.072888][ T6467] bond0: (slave bond_slave_1): Releasing backup interface
[  105.086264][   T30] audit: type=1800 audit(1758929474.455:2): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.156" name="000004" dev="tmpfs" ino=179 res=0 errno=0
[  105.131475][ T6467] team0: Port device team_slave_0 removed
[  105.152442][ T6467] team0: Port device team_slave_1 removed
[  105.162874][ T6467] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.174666][ T6467] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.187597][ T6473] team0: Mode changed to "broadcast"
[  105.211890][ T6480] netlink: 'syz.3.155': attribute type 4 has an invalid length.
[  105.569920][ T6496] netlink: 'syz.0.164': attribute type 12 has an invalid length.
[  105.925442][ T6510] netlink: 'syz.1.170': attribute type 83 has an invalid length.
[  105.928130][ T6512] netlink: 'syz.0.171': attribute type 1 has an invalid length.
[  105.952369][ T6514] netlink: 'syz.1.170': attribute type 83 has an invalid length.
[  105.987204][ T6512] 8021q: adding VLAN 0 to HW filter on device bond2
[  106.056493][ T6516] bond2: (slave geneve2): making interface the new active one
[  106.065987][ T6516] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  106.116327][ T6512] bridge_slave_0: entered promiscuous mode
[  106.147139][   T64] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.167057][   T64] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.196912][   T64] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.212901][   T64] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.766680][ T6546] __nla_validate_parse: 6 callbacks suppressed
[  106.766699][ T6546] netlink: 8 bytes leftover after parsing attributes in process `syz.4.183'.
[  106.892199][ T6557] netlink: 'syz.0.187': attribute type 10 has an invalid length.
[  106.908232][ T6547] syzkaller0: entered promiscuous mode
[  106.914421][ T6547] syzkaller0: entered allmulticast mode
[  106.941779][ T6546] openvswitch: netlink: IP tunnel dst address not specified
[  107.982978][ T6564] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.236347][ T6564] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.297548][ T6578] netlink: 'syz.1.196': attribute type 3 has an invalid length.
[  108.435829][ T6564] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.645389][ T6564] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.950539][ T6613] netlink: 12 bytes leftover after parsing attributes in process `syz.0.209'.
[  108.979672][ T6607] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  109.077858][ T6618] netlink: 4 bytes leftover after parsing attributes in process `syz.4.210'.
[  109.106943][ T6608] warning: `syz.0.209' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  109.169951][   T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.182124][ T6614] netlink: 36 bytes leftover after parsing attributes in process `syz.4.210'.
[  109.197103][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.285905][ T1140] syzkaller0: tun_net_xmit 76
[  109.291007][ T1140] syzkaller0: tun_net_xmit 48
[  109.299497][   T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.324180][ T6362] syzkaller0: tun_net_xmit 76
[  109.335766][ T6610] syzkaller0: tun_chr_ioctl cmd 1074025677
[  109.341612][ T6610] syzkaller0: Linktype set failed because interface is up
[  109.939616][ T6643] netlink: 24 bytes leftover after parsing attributes in process `syz.0.216'.
[  110.421553][   T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.444307][ T6625] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  110.454755][ T6625] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  110.463749][ T6625] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  110.504915][ T6380] syzkaller0: tun_net_xmit 76
[  110.525085][ T6643] netlink: 'syz.0.216': attribute type 2 has an invalid length.
[  110.543778][ T6380] syzkaller0: tun_net_xmit 76
[  110.547785][ T6643] netlink: 12 bytes leftover after parsing attributes in process `syz.0.216'.
[  110.770518][ T6656] netlink: 'syz.0.220': attribute type 11 has an invalid length.
[  110.818506][ T6656] netlink: 'syz.0.220': attribute type 11 has an invalid length.
[  110.826648][ T6649] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  110.884365][ T6656] netlink: 224 bytes leftover after parsing attributes in process `syz.0.220'.
[  110.927176][ T6667] netlink: 'syz.1.222': attribute type 1 has an invalid length.
[  111.350254][ T6675] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  111.367108][ T6682] netlink: 'syz.4.226': attribute type 10 has an invalid length.
[  111.376955][ T6675] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  111.874021][ T6708] nftables ruleset with unbound chain
[  111.965275][ T6712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.236'.
[  112.009783][ T6712] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  112.041908][ T6721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.238'.
[  112.095378][ T6721] netlink: 16 bytes leftover after parsing attributes in process `syz.3.238'.
[  112.392355][ T6734] lo: entered allmulticast mode
[  112.400649][ T6731] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  112.426106][ T6734] tunl0: entered allmulticast mode
[  112.457816][ T6734] gre0: entered allmulticast mode
[  112.519708][ T6734] gretap0: entered allmulticast mode
[  112.553834][ T6734] erspan0: entered allmulticast mode
[  112.577450][ T6734] ip_vti0: entered allmulticast mode
[  112.587370][ T6734] ip6_vti0: entered allmulticast mode
[  112.597078][ T6734] sit0: entered allmulticast mode
[  112.603627][ T6744] netlink: 24 bytes leftover after parsing attributes in process `syz.3.245'.
[  112.618944][ T6734] ip6tnl0: entered allmulticast mode
[  112.628757][ T6734] ip6gre0: entered allmulticast mode
[  112.695278][ T6734] syz_tun: entered allmulticast mode
[  112.764221][ T6734] ip6gretap0: entered allmulticast mode
[  112.803447][ T6734] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.811200][ T6734] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.824032][ T6754] netlink: 48 bytes leftover after parsing attributes in process `syz.0.247'.
[  112.825863][ T6734] bridge0: entered allmulticast mode
[  112.849444][ T6734] vcan0: entered allmulticast mode
[  112.868601][ T6734] bond0: entered allmulticast mode
[  112.877459][ T6734] bond_slave_0: entered allmulticast mode
[  112.884181][ T6734] bond_slave_1: entered allmulticast mode
[  112.898496][ T6734] team0: entered allmulticast mode
[  112.904612][ T6734] team_slave_0: entered allmulticast mode
[  112.910595][ T6734] team_slave_1: entered allmulticast mode
[  112.925865][ T6734] dummy0: entered allmulticast mode
[  112.937275][ T6734] nlmon0: entered allmulticast mode
[  112.948620][ T6734] caif0: entered allmulticast mode
[  112.954920][ T6734] batadv0: entered allmulticast mode
[  112.976925][ T6734] vxcan0: entered allmulticast mode
[  112.991461][ T6734] vxcan1: entered allmulticast mode
[  113.001915][ T6734] veth0: entered allmulticast mode
[  113.012216][ T6734] veth1: entered allmulticast mode
[  113.022702][ T6734] wg0: entered allmulticast mode
[  113.048759][ T6734] wg1: entered allmulticast mode
[  113.078408][ T6734] wg2: entered allmulticast mode
[  113.096035][ T6734] veth0_to_bridge: entered allmulticast mode
[  113.125056][ T6734] veth1_to_bridge: entered allmulticast mode
[  113.140227][ T6734] veth0_to_bond: entered allmulticast mode
[  113.162456][ T6734] veth1_to_bond: entered allmulticast mode
[  113.189091][ T6734] veth0_to_team: entered allmulticast mode
[  113.201562][ T6734] veth1_to_team: entered allmulticast mode
[  113.219116][ T6734] veth0_to_batadv: entered allmulticast mode
[  113.232631][ T6734] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  113.241055][ T6734] batadv_slave_0: entered allmulticast mode
[  113.254917][ T6734] veth1_to_batadv: entered allmulticast mode
[  113.266197][ T6734] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.276020][ T6734] batadv_slave_1: entered allmulticast mode
[  113.289818][ T6734] xfrm0: entered allmulticast mode
[  113.298881][ T6734] veth0_to_hsr: entered allmulticast mode
[  113.312203][ T6734] hsr_slave_0: entered allmulticast mode
[  113.336077][ T6734] veth1_to_hsr: entered allmulticast mode
[  113.355663][ T6734] hsr_slave_1: entered allmulticast mode
[  113.375266][ T6734] hsr0: entered allmulticast mode
[  113.393049][ T6734] veth1_virt_wifi: entered allmulticast mode
[  113.404188][ T6734] veth0_virt_wifi: entered allmulticast mode
[  113.416319][ T6734] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  113.424396][ T6734] veth1_vlan: entered allmulticast mode
[  113.436991][ T6734] veth0_vlan: entered allmulticast mode
[  113.466301][ T6734] vlan0: entered allmulticast mode
[  113.472542][ T6734] vlan1: entered allmulticast mode
[  113.479889][ T6734] macvlan0: entered allmulticast mode
[  113.492833][ T6734] macvlan1: entered allmulticast mode
[  113.516748][ T6734] ipvlan0: entered allmulticast mode
[  113.524139][ T6734] ipvlan1: entered allmulticast mode
[  113.530100][ T6734] veth1_macvtap: entered allmulticast mode
[  113.542106][ T6734] veth0_macvtap: entered allmulticast mode
[  113.557306][ T6734] macvtap0: entered allmulticast mode
[  113.570448][ T6734] macsec0: entered allmulticast mode
[  113.586583][ T6734] geneve0: entered allmulticast mode
[  113.600414][ T6734] geneve1: entered allmulticast mode
[  113.621296][ T6734] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  113.647129][ T6734] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  113.665887][ T6734] macsec1: entered allmulticast mode
[  113.671502][ T6734] vxlan0: entered allmulticast mode
[  113.678190][ T6734] bridge1: entered allmulticast mode
[  113.687924][ T6734] xfrm1: entered allmulticast mode
[  113.694460][ T6734] netdevsim netdevsim2 eth0: entered allmulticast mode
[  113.701706][ T6734] netdevsim netdevsim2 eth1: entered allmulticast mode
[  113.709045][ T6734] netdevsim netdevsim2 eth2: entered allmulticast mode
[  113.716361][ T6734] netdevsim netdevsim2 eth3: entered allmulticast mode
[  113.804507][ T6758] netem: change failed
[  113.836882][   T49] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  113.855803][ T6766] netlink: 'syz.2.250': attribute type 10 has an invalid length.
[  113.881104][   T49] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  113.993124][ T6766] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  114.017228][   T49] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  114.151895][   T49] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  114.257669][ T6772] lo: Caught tx_queue_len zero misconfig
[  114.274371][ T6768] netlink: 4 bytes leftover after parsing attributes in process `syz.4.251'.
[  114.504607][ T6794] FAULT_INJECTION: forcing a failure.
[  114.504607][ T6794] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  114.519938][ T6794] CPU: 1 UID: 0 PID: 6794 Comm: syz.4.257 Not tainted syzkaller #0 PREEMPT(full) 
[  114.519977][ T6794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  114.520003][ T6794] Call Trace:
[  114.520011][ T6794]  <TASK>
[  114.520019][ T6794]  dump_stack_lvl+0x189/0x250
[  114.520047][ T6794]  ? __pfx____ratelimit+0x10/0x10
[  114.520068][ T6794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.520092][ T6794]  ? __pfx__printk+0x10/0x10
[  114.520119][ T6794]  ? __might_fault+0xb0/0x130
[  114.520157][ T6794]  should_fail_ex+0x414/0x560
[  114.520191][ T6794]  _copy_from_user+0x2d/0xb0
[  114.520218][ T6794]  ___sys_sendmsg+0x158/0x2a0
[  114.520246][ T6794]  ? __pfx____sys_sendmsg+0x10/0x10
[  114.520313][ T6794]  ? __fget_files+0x2a/0x420
[  114.520330][ T6794]  ? __fget_files+0x3a0/0x420
[  114.520358][ T6794]  __x64_sys_sendmsg+0x19b/0x260
[  114.520386][ T6794]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  114.520420][ T6794]  ? __pfx_ksys_write+0x10/0x10
[  114.520445][ T6794]  ? rcu_is_watching+0x15/0xb0
[  114.520470][ T6794]  ? do_syscall_64+0xbe/0x3b0
[  114.520496][ T6794]  do_syscall_64+0xfa/0x3b0
[  114.520516][ T6794]  ? lockdep_hardirqs_on+0x9c/0x150
[  114.520536][ T6794]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.520555][ T6794]  ? clear_bhb_loop+0x60/0xb0
[  114.520579][ T6794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.520597][ T6794] RIP: 0033:0x7ff8f918eec9
[  114.520618][ T6794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.520634][ T6794] RSP: 002b:00007ff8f9fd9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  114.520654][ T6794] RAX: ffffffffffffffda RBX: 00007ff8f93e5fa0 RCX: 00007ff8f918eec9
[  114.520669][ T6794] RDX: 0000000004000010 RSI: 0000200000000d00 RDI: 0000000000000004
[  114.520681][ T6794] RBP: 00007ff8f9fd9090 R08: 0000000000000000 R09: 0000000000000000
[  114.520693][ T6794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.520704][ T6794] R13: 00007ff8f93e6038 R14: 00007ff8f93e5fa0 R15: 00007ffcdd0b87f8
[  114.520733][ T6794]  </TASK>
[  114.739198][ T6792] bridge2: entered promiscuous mode
[  114.746452][ T6792] bridge2: entered allmulticast mode
[  114.869515][ T6806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  114.942962][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.951255][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.091391][ T6815] netlink: 'syz.4.265': attribute type 27 has an invalid length.
[  115.105216][ T6815] netlink: 12 bytes leftover after parsing attributes in process `syz.4.265'.
[  115.171426][ T6812] netlink: 24 bytes leftover after parsing attributes in process `syz.3.264'.
[  115.613038][ T6837] netlink: 12 bytes leftover after parsing attributes in process `syz.3.271'.
[  115.761544][ T6844] team_slave_0: entered promiscuous mode
[  115.767441][ T6844] team_slave_1: entered promiscuous mode
[  115.798600][ T6843] netlink: 36 bytes leftover after parsing attributes in process `syz.3.271'.
[  115.835502][ T6844] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  115.843112][ T6844] team0: Device macvtap1 is already an upper device of the team interface
[  115.951389][ T6844] team_slave_0: left promiscuous mode
[  115.956897][ T6844] team_slave_1: left promiscuous mode
[  115.967361][ T6855] netlink: 'syz.2.277': attribute type 7 has an invalid length.
[  115.999803][ T6855] : entered promiscuous mode
[  116.323624][ T5873] Bluetooth: hci4: command 0x0405 tx timeout
[  116.739715][ T6883] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.795565][ T6883] 8021q: adding VLAN 0 to HW filter on device team0
[  116.839704][ T6883] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.921194][ T6895] gretap0: entered promiscuous mode
[  116.946757][ T6895] gretap0: left promiscuous mode
[  117.052656][ T6903] netlink: 'syz.4.290': attribute type 142 has an invalid length.
[  117.148407][ T6907] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.266444][ T6907] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.361711][ T6924] __nla_validate_parse: 5 callbacks suppressed
[  117.361729][ T6924] netlink: 16 bytes leftover after parsing attributes in process `syz.3.296'.
[  117.390850][ T6907] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.461267][ T6925] netlink: 96 bytes leftover after parsing attributes in process `syz.3.296'.
[  117.520616][ T6907] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.661654][ T6938] netlink: 80 bytes leftover after parsing attributes in process `syz.3.300'.
[  117.716116][   T64] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.830681][ T3596] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.877754][ T1003] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.949161][ T6953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.303'.
[  117.960777][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.235823][ T6962] netlink: 199172 bytes leftover after parsing attributes in process `syz.4.309'.
[  118.261737][ T6972] netlink: 4 bytes leftover after parsing attributes in process `syz.2.311'.
[  118.354792][ T6974] netlink: 'syz.2.312': attribute type 9 has an invalid length.
[  118.411971][ T6980] netlink: 60 bytes leftover after parsing attributes in process `syz.0.310'.
[  118.425638][ T6980] netlink: 60 bytes leftover after parsing attributes in process `syz.0.310'.
[  118.626292][ T6989] netlink: 80 bytes leftover after parsing attributes in process `syz.0.315'.
[  118.968335][ T7009] netlink: 16 bytes leftover after parsing attributes in process `syz.3.321'.
[  119.284492][ T5186] Bluetooth: hci4: command 0x0405 tx timeout
[  119.392601][   T30] audit: type=1107 audit(1758929488.735:3): pid=7029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='鶩&�苄y.2镗喾�&蒛WF鸥;韅8縖閐Υt(vv喀垡�;�閸O薘嘱,.�	�wh鶙�6`ォu胜硂嗫F蝂M
[  119.392601][   T30] ^�,�?��s(浇O焢珅L�M紀幽m�>"瑃>i釤bv碢>蚀簥�聤冖-,K�-'
[  120.052997][ T7069] sctp: [Deprecated]: syz.1.344 (pid 7069) Use of struct sctp_assoc_value in delayed_ack socket option.
[  120.052997][ T7069] Use struct sctp_sack_info instead
[  120.516382][ T7087] netlink: 'syz.3.348': attribute type 1 has an invalid length.
[  120.533836][ T7089] netlink: 'syz.0.346': attribute type 1 has an invalid length.
[  121.441259][ T7116] netlink: 'syz.3.357': attribute type 30 has an invalid length.
[  121.598566][   T12] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  121.637099][   T12] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  121.717337][ T3596] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  121.757155][ T3596] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  122.112010][ T7144] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551614)
[  122.153884][ T7144] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647
[  122.292906][ T7146] bond3: entered promiscuous mode
[  122.314642][ T7158] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  122.331581][ T7146] bond3: entered allmulticast mode
[  122.340144][ T7146] 8021q: adding VLAN 0 to HW filter on device bond3
[  122.642598][ T7170] FAULT_INJECTION: forcing a failure.
[  122.642598][ T7170] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.665568][ T7170] CPU: 1 UID: 0 PID: 7170 Comm: syz.0.376 Not tainted syzkaller #0 PREEMPT(full) 
[  122.665595][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  122.665608][ T7170] Call Trace:
[  122.665616][ T7170]  <TASK>
[  122.665624][ T7170]  dump_stack_lvl+0x189/0x250
[  122.665661][ T7170]  ? __pfx____ratelimit+0x10/0x10
[  122.665683][ T7170]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.665705][ T7170]  ? __pfx__printk+0x10/0x10
[  122.665733][ T7170]  ? __might_fault+0xb0/0x130
[  122.665772][ T7170]  should_fail_ex+0x414/0x560
[  122.665815][ T7170]  _copy_from_user+0x2d/0xb0
[  122.665843][ T7170]  do_sock_getsockopt+0x17d/0x450
[  122.665872][ T7170]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  122.665895][ T7170]  ? write_ibpb+0x30/0x40
[  122.665915][ T7170]  ? __fget_files+0x3a0/0x420
[  122.665932][ T7170]  ? __fget_files+0x2a/0x420
[  122.665958][ T7170]  __x64_sys_getsockopt+0x1a5/0x250
[  122.665981][ T7170]  ? write_ibpb+0x30/0x40
[  122.666004][ T7170]  ? write_ibpb+0x30/0x40
[  122.666029][ T7170]  do_syscall_64+0xfa/0x3b0
[  122.666050][ T7170]  ? lockdep_hardirqs_on+0x9c/0x150
[  122.666070][ T7170]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.666090][ T7170]  ? clear_bhb_loop+0x60/0xb0
[  122.666114][ T7170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.666137][ T7170] RIP: 0033:0x7f569618eec9
[  122.666160][ T7170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.666176][ T7170] RSP: 002b:00007f5696fe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  122.666201][ T7170] RAX: ffffffffffffffda RBX: 00007f56963e5fa0 RCX: 00007f569618eec9
[  122.666215][ T7170] RDX: 000000000000271b RSI: 0000200000000114 RDI: 0000000000000003
[  122.666227][ T7170] RBP: 00007f5696fe3090 R08: 0000200000000000 R09: 0000000000000000
[  122.666240][ T7170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.666251][ T7170] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  122.666282][ T7170]  </TASK>
[  122.959359][ T7175] __nla_validate_parse: 8 callbacks suppressed
[  122.959376][ T7175] netlink: 12 bytes leftover after parsing attributes in process `syz.2.378'.
[  123.090898][ T7183] netlink: 'syz.0.380': attribute type 1 has an invalid length.
[  123.170737][ T7183] netlink: 'syz.0.380': attribute type 2 has an invalid length.
[  123.548938][ T7199] netlink: 252 bytes leftover after parsing attributes in process `syz.0.387'.
[  123.746929][ T7200] netlink: 252 bytes leftover after parsing attributes in process `syz.0.387'.
[  124.594382][ T7235] veth0_virt_wifi: renamed from team_slave_0
[  124.814976][ T7237] syzkaller0: entered promiscuous mode
[  124.820506][ T7237] syzkaller0: entered allmulticast mode
[  126.830904][ T7305] netlink: 'syz.2.417': attribute type 7 has an invalid length.
[  127.125920][ T7314] netlink: 108 bytes leftover after parsing attributes in process `syz.2.420'.
[  127.214919][ T7314] netlink: 'syz.2.420': attribute type 2 has an invalid length.
[  127.263277][ T7314] netlink: 244 bytes leftover after parsing attributes in process `syz.2.420'.
[  127.313085][ T7330] netlink: 256 bytes leftover after parsing attributes in process `syz.3.422'.
[  127.585680][ T7341] FAULT_INJECTION: forcing a failure.
[  127.585680][ T7341] name failslab, interval 1, probability 0, space 0, times 1
[  127.633538][ T7341] CPU: 1 UID: 0 PID: 7341 Comm: syz.4.426 Not tainted syzkaller #0 PREEMPT(full) 
[  127.633566][ T7341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  127.633579][ T7341] Call Trace:
[  127.633588][ T7341]  <TASK>
[  127.633597][ T7341]  dump_stack_lvl+0x189/0x250
[  127.633628][ T7341]  ? __pfx____ratelimit+0x10/0x10
[  127.633651][ T7341]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.633677][ T7341]  ? __pfx__printk+0x10/0x10
[  127.633709][ T7341]  ? __lock_acquire+0xab9/0xd20
[  127.633751][ T7341]  should_fail_ex+0x414/0x560
[  127.633789][ T7341]  should_failslab+0xa8/0x100
[  127.633823][ T7341]  kmem_cache_alloc_noprof+0x73/0x3c0
[  127.633851][ T7341]  ? skb_clone+0x212/0x3a0
[  127.633884][ T7341]  skb_clone+0x212/0x3a0
[  127.633915][ T7341]  __netlink_deliver_tap+0x404/0x850
[  127.633952][ T7341]  ? netlink_deliver_tap+0x2e/0x1b0
[  127.633977][ T7341]  netlink_deliver_tap+0x19c/0x1b0
[  127.634002][ T7341]  netlink_unicast+0x7fa/0x9e0
[  127.634046][ T7341]  ? __pfx_netlink_unicast+0x10/0x10
[  127.634081][ T7341]  ? netlink_sendmsg+0x642/0xb30
[  127.634106][ T7341]  ? skb_put+0x11b/0x210
[  127.634142][ T7341]  netlink_sendmsg+0x805/0xb30
[  127.634176][ T7341]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.634203][ T7341]  ? aa_sock_msg_perm+0xf1/0x1d0
[  127.634227][ T7341]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  127.634250][ T7341]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.634275][ T7341]  __sock_sendmsg+0x219/0x270
[  127.634311][ T7341]  ____sys_sendmsg+0x505/0x830
[  127.634345][ T7341]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.634382][ T7341]  ? import_iovec+0x74/0xa0
[  127.634417][ T7341]  ___sys_sendmsg+0x21f/0x2a0
[  127.634446][ T7341]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.634513][ T7341]  ? __fget_files+0x2a/0x420
[  127.634531][ T7341]  ? __fget_files+0x3a0/0x420
[  127.634563][ T7341]  __x64_sys_sendmsg+0x19b/0x260
[  127.634593][ T7341]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  127.634632][ T7341]  ? __pfx_ksys_write+0x10/0x10
[  127.634658][ T7341]  ? rcu_is_watching+0x15/0xb0
[  127.634686][ T7341]  ? do_syscall_64+0xbe/0x3b0
[  127.634725][ T7341]  do_syscall_64+0xfa/0x3b0
[  127.634746][ T7341]  ? lockdep_hardirqs_on+0x9c/0x150
[  127.634766][ T7341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.634786][ T7341]  ? clear_bhb_loop+0x60/0xb0
[  127.634810][ T7341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.634847][ T7341] RIP: 0033:0x7ff8f918eec9
[  127.634866][ T7341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.634883][ T7341] RSP: 002b:00007ff8f9fd9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.634905][ T7341] RAX: ffffffffffffffda RBX: 00007ff8f93e5fa0 RCX: 00007ff8f918eec9
[  127.634920][ T7341] RDX: 0000000000044800 RSI: 00002000000006c0 RDI: 0000000000000004
[  127.634945][ T7341] RBP: 00007ff8f9fd9090 R08: 0000000000000000 R09: 0000000000000000
[  127.634957][ T7341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.634969][ T7341] R13: 00007ff8f93e6038 R14: 00007ff8f93e5fa0 R15: 00007ffcdd0b87f8
[  127.635000][ T7341]  </TASK>
[  128.060646][ T7349] netlink: 64 bytes leftover after parsing attributes in process `syz.1.430'.
[  128.207004][ T7351] FAULT_INJECTION: forcing a failure.
[  128.207004][ T7351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.262710][ T7351] CPU: 1 UID: 0 PID: 7351 Comm: syz.0.431 Not tainted syzkaller #0 PREEMPT(full) 
[  128.262741][ T7351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  128.262755][ T7351] Call Trace:
[  128.262764][ T7351]  <TASK>
[  128.262773][ T7351]  dump_stack_lvl+0x189/0x250
[  128.262806][ T7351]  ? __pfx____ratelimit+0x10/0x10
[  128.262830][ T7351]  ? __pfx_dump_stack_lvl+0x10/0x10
[  128.262857][ T7351]  ? __pfx__printk+0x10/0x10
[  128.262888][ T7351]  ? __might_fault+0xb0/0x130
[  128.262931][ T7351]  should_fail_ex+0x414/0x560
[  128.262970][ T7351]  _copy_from_iter+0x1de/0x1790
[  128.263005][ T7351]  ? rcu_is_watching+0x15/0xb0
[  128.263029][ T7351]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  128.263061][ T7351]  ? __pfx__copy_from_iter+0x10/0x10
[  128.263090][ T7351]  ? __build_skb_around+0x257/0x3e0
[  128.263119][ T7351]  ? netlink_sendmsg+0x642/0xb30
[  128.263141][ T7351]  ? skb_put+0x11b/0x210
[  128.263175][ T7351]  netlink_sendmsg+0x6b2/0xb30
[  128.263208][ T7351]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.263235][ T7351]  ? aa_sock_msg_perm+0xf1/0x1d0
[  128.263260][ T7351]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  128.263284][ T7351]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.263317][ T7351]  __sock_sendmsg+0x219/0x270
[  128.263355][ T7351]  ____sys_sendmsg+0x505/0x830
[  128.263389][ T7351]  ? __pfx_____sys_sendmsg+0x10/0x10
[  128.263428][ T7351]  ? import_iovec+0x74/0xa0
[  128.263461][ T7351]  ___sys_sendmsg+0x21f/0x2a0
[  128.263492][ T7351]  ? __pfx____sys_sendmsg+0x10/0x10
[  128.263560][ T7351]  ? __fget_files+0x2a/0x420
[  128.263579][ T7351]  ? __fget_files+0x3a0/0x420
[  128.263610][ T7351]  __x64_sys_sendmsg+0x19b/0x260
[  128.263642][ T7351]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  128.263681][ T7351]  ? __pfx_ksys_write+0x10/0x10
[  128.263708][ T7351]  ? rcu_is_watching+0x15/0xb0
[  128.263736][ T7351]  ? do_syscall_64+0xbe/0x3b0
[  128.263765][ T7351]  do_syscall_64+0xfa/0x3b0
[  128.263788][ T7351]  ? lockdep_hardirqs_on+0x9c/0x150
[  128.263810][ T7351]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.263832][ T7351]  ? clear_bhb_loop+0x60/0xb0
[  128.263858][ T7351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.263879][ T7351] RIP: 0033:0x7f569618eec9
[  128.263899][ T7351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.263917][ T7351] RSP: 002b:00007f5696fe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.263938][ T7351] RAX: ffffffffffffffda RBX: 00007f56963e5fa0 RCX: 00007f569618eec9
[  128.263953][ T7351] RDX: 0000000004000010 RSI: 0000200000000d00 RDI: 0000000000000004
[  128.263966][ T7351] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  128.263979][ T7351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.263992][ T7351] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  128.264025][ T7351]  </TASK>
[  129.188288][ T7367] netlink: 52 bytes leftover after parsing attributes in process `syz.2.436'.
[  129.302301][ T7387] netlink: 'syz.1.440': attribute type 23 has an invalid length.
[  129.309895][ T7386] netlink: 24 bytes leftover after parsing attributes in process `syz.4.441'.
[  129.422059][ T7395] netlink: 4 bytes leftover after parsing attributes in process `syz.4.441'.
[  129.550369][ T7399] FAULT_INJECTION: forcing a failure.
[  129.550369][ T7399] name failslab, interval 1, probability 0, space 0, times 0
[  129.625234][ T7399] CPU: 0 UID: 0 PID: 7399 Comm: syz.0.445 Not tainted syzkaller #0 PREEMPT(full) 
[  129.625263][ T7399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  129.625276][ T7399] Call Trace:
[  129.625284][ T7399]  <TASK>
[  129.625294][ T7399]  dump_stack_lvl+0x189/0x250
[  129.625325][ T7399]  ? __pfx____ratelimit+0x10/0x10
[  129.625349][ T7399]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.625374][ T7399]  ? __pfx__printk+0x10/0x10
[  129.625417][ T7399]  ? __lock_acquire+0xab9/0xd20
[  129.625455][ T7399]  should_fail_ex+0x414/0x560
[  129.625491][ T7399]  should_failslab+0xa8/0x100
[  129.625522][ T7399]  kmem_cache_alloc_noprof+0x73/0x3c0
[  129.625567][ T7399]  ? skb_clone+0x212/0x3a0
[  129.625614][ T7399]  skb_clone+0x212/0x3a0
[  129.625643][ T7399]  __netlink_deliver_tap+0x404/0x850
[  129.625677][ T7399]  ? netlink_deliver_tap+0x2e/0x1b0
[  129.625701][ T7399]  netlink_deliver_tap+0x19c/0x1b0
[  129.625724][ T7399]  netlink_unicast+0x7fa/0x9e0
[  129.625763][ T7399]  ? __pfx_netlink_unicast+0x10/0x10
[  129.625796][ T7399]  ? netlink_sendmsg+0x642/0xb30
[  129.625816][ T7399]  ? skb_put+0x11b/0x210
[  129.625842][ T7399]  netlink_sendmsg+0x805/0xb30
[  129.625874][ T7399]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.625899][ T7399]  ? aa_sock_msg_perm+0xf1/0x1d0
[  129.625921][ T7399]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  129.625943][ T7399]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.625966][ T7399]  __sock_sendmsg+0x219/0x270
[  129.626000][ T7399]  ____sys_sendmsg+0x505/0x830
[  129.626032][ T7399]  ? __pfx_____sys_sendmsg+0x10/0x10
[  129.626067][ T7399]  ? import_iovec+0x74/0xa0
[  129.626097][ T7399]  ___sys_sendmsg+0x21f/0x2a0
[  129.626124][ T7399]  ? __pfx____sys_sendmsg+0x10/0x10
[  129.626201][ T7399]  ? __fget_files+0x2a/0x420
[  129.626218][ T7399]  ? __fget_files+0x3a0/0x420
[  129.626246][ T7399]  __x64_sys_sendmsg+0x19b/0x260
[  129.626278][ T7399]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  129.626314][ T7399]  ? __pfx_ksys_write+0x10/0x10
[  129.626338][ T7399]  ? rcu_is_watching+0x15/0xb0
[  129.626363][ T7399]  ? do_syscall_64+0xbe/0x3b0
[  129.626390][ T7399]  do_syscall_64+0xfa/0x3b0
[  129.626411][ T7399]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.626431][ T7399]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.626450][ T7399]  ? clear_bhb_loop+0x60/0xb0
[  129.626474][ T7399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.626494][ T7399] RIP: 0033:0x7f569618eec9
[  129.626512][ T7399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.626528][ T7399] RSP: 002b:00007f5696fe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.626549][ T7399] RAX: ffffffffffffffda RBX: 00007f56963e5fa0 RCX: 00007f569618eec9
[  129.626564][ T7399] RDX: 0000000004000010 RSI: 0000200000000d00 RDI: 0000000000000004
[  129.626577][ T7399] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  129.626588][ T7399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.626599][ T7399] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  129.626630][ T7399]  </TASK>
[  130.011669][ T7415] netlink: 16 bytes leftover after parsing attributes in process `syz.2.448'.
[  130.040134][ T7415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.448'.
[  130.051647][ T7415] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  130.110071][ T7415] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  130.249206][ T7415] netlink: 104 bytes leftover after parsing attributes in process `syz.2.448'.
[  130.572088][ T7445] netlink: 'syz.4.454': attribute type 10 has an invalid length.
[  131.030040][ T7462] netlink: 12 bytes leftover after parsing attributes in process `syz.1.460'.
[  131.170199][ T7466] netlink: 4 bytes leftover after parsing attributes in process `syz.3.462'.
[  131.980664][ T7504] �
: renamed from veth1_vlan (while UP)
[  132.208982][ T7518] netdevsim netdevsim0: Direct firmware load for ..� failed with error -2
[  132.254393][ T7518] netdevsim netdevsim0: Falling back to sysfs fallback for: ..�
[  132.338662][ T7526] netlink: 12 bytes leftover after parsing attributes in process `syz.4.478'.
[  132.366231][ T7526] netlink: 'syz.4.478': attribute type 1 has an invalid length.
[  132.388493][ T7526] netlink: 'syz.4.478': attribute type 1 has an invalid length.
[  132.426930][ T7526] netlink: 'syz.4.478': attribute type 2 has an invalid length.
[  132.435590][ T7529] bond1: entered allmulticast mode
[  132.441203][ T7529] 8021q: adding VLAN 0 to HW filter on device bond1
[  132.729020][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  132.747278][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  133.164100][ T7555] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  133.228517][ T7556] 8021q: adding VLAN 0 to HW filter on device bond2
[  133.304648][ T7555] __nla_validate_parse: 4 callbacks suppressed
[  133.304667][ T7555] netlink: 12 bytes leftover after parsing attributes in process `syz.1.485'.
[  133.388590][ T7555] netlink: 60 bytes leftover after parsing attributes in process `syz.1.485'.
[  133.419181][ T7573] delete_channel: no stack
[  133.444011][ T7555] netlink: 12 bytes leftover after parsing attributes in process `syz.1.485'.
[  133.474119][ T7555] netlink: 60 bytes leftover after parsing attributes in process `syz.1.485'.
[  133.483014][ T7555] netlink: 104 bytes leftover after parsing attributes in process `syz.1.485'.
[  133.589395][ T7579] IPVS: set_ctl: invalid protocol: 31 10.1.1.1:20004
[  133.806477][ T7584] netlink: 12 bytes leftover after parsing attributes in process `syz.2.491'.
[  133.864770][ T7584] geneve2: entered promiscuous mode
[  134.074736][ T7596] veth1_macvtap: left promiscuous mode
[  134.199381][ T7596] IPv6: NLM_F_REPLACE set, but no existing node found!
[  134.205813][ T7598] IPv6: sit1: Disabled Multicast RS
[  134.243098][ T7598] sit1: entered allmulticast mode
[  134.350684][ T3576] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0x1b
[  134.419601][ T7612] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_vlan, syncid = 4, id = 0
[  134.605372][ T7621] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.501'.
[  134.652862][ T7622] trusted_key: syz.3.499 sent an empty control message without MSG_MORE.
[  134.866978][ T7634] netlink: 24 bytes leftover after parsing attributes in process `syz.4.504'.
[  135.308378][ T7638] netlink: 'syz.2.505': attribute type 19 has an invalid length.
[  136.294244][ T7690] ieee802154 phy0 wpan0: encryption failed: -22
[  136.677065][ T7708] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  136.695811][ T7708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.525'.
[  137.056859][ T7729] netlink: 'syz.1.532': attribute type 10 has an invalid length.
[  137.460249][ T7750] netlink: zone id is out of range
[  137.480067][ T7750] netlink: del zone limit has 4 unknown bytes
[  137.784614][ T7764] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  137.979278][ T7763] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.986973][ T7763] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.145597][ T7763] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.162823][ T7763] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.353616][ T7763] gtp0: left promiscuous mode
[  138.358362][ T7763] gtp0: left allmulticast mode
[  138.399141][ T3596] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  138.411141][ T3596] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.437639][ T3596] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  138.460902][ T3596] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.501638][ T3596] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  138.541132][ T3596] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  138.577981][ T3596] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  138.591395][ T3596] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.012413][ T7797] netlink: 4 bytes leftover after parsing attributes in process `syz.0.555'.
[  139.024639][ T7797] netlink: 'syz.0.555': attribute type 3 has an invalid length.
[  139.130699][ T7799] netlink: 48 bytes leftover after parsing attributes in process `syz.3.556'.
[  139.342619][ T7803] netlink: 104 bytes leftover after parsing attributes in process `syz.1.558'.
[  139.385257][ T7803] netlink: 8 bytes leftover after parsing attributes in process `syz.1.558'.
[  139.624754][ T7810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.561'.
[  139.656745][ T7810] netlink: 'syz.1.561': attribute type 1 has an invalid length.
[  139.666461][ T7810] netlink: 'syz.1.561': attribute type 2 has an invalid length.
[  140.166784][ T7827] tipc: Started in network mode
[  140.172129][ T7827] tipc: Node identity ea7ea4845687, cluster identity 4711
[  140.186622][ T7827] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  140.211993][ T7830] syzkaller0: entered promiscuous mode
[  140.232561][ T7830] syzkaller0: entered allmulticast mode
[  140.276062][ T7827] tipc: Resetting bearer <eth:syzkaller0>
[  140.358087][ T7826] tipc: Resetting bearer <eth:syzkaller0>
[  140.366835][ T7833] netlink: 'syz.1.569': attribute type 9 has an invalid length.
[  140.406522][ T7826] tipc: Disabling bearer <eth:syzkaller0>
[  140.565033][ T7848] netlink: 256 bytes leftover after parsing attributes in process `syz.0.572'.
[  140.770354][ T7860] sctp: [Deprecated]: syz.2.575 (pid 7860) Use of struct sctp_assoc_value in delayed_ack socket option.
[  140.770354][ T7860] Use struct sctp_sack_info instead
[  141.024808][ T7868] netlink: 36 bytes leftover after parsing attributes in process `syz.0.578'.
[  141.360811][ T7880] netlink: 44 bytes leftover after parsing attributes in process `syz.0.580'.
[  141.389357][ T7882] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  141.422168][ T7880] netlink: 4 bytes leftover after parsing attributes in process `syz.0.580'.
[  141.582850][ T7894] netlink: 'syz.0.584': attribute type 1 has an invalid length.
[  141.641685][ T7894] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  141.855520][ T7908] netlink: 'syz.2.586': attribute type 12 has an invalid length.
[  141.947723][ T7914] netlink: 220 bytes leftover after parsing attributes in process `syz.3.589'.
[  142.699954][   T64] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  143.570322][ T7994] netlink: 'syz.2.610': attribute type 21 has an invalid length.
[  143.590635][ T8000] netlink: 'syz.2.610': attribute type 21 has an invalid length.
[  143.895081][ T8009] netlink: 'syz.3.616': attribute type 10 has an invalid length.
[  143.917842][ T8010] FAULT_INJECTION: forcing a failure.
[  143.917842][ T8010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.945983][ T8009] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  143.958158][ T8010] CPU: 0 UID: 0 PID: 8010 Comm: syz.0.615 Not tainted syzkaller #0 PREEMPT(full) 
[  143.958181][ T8010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  143.958209][ T8010] Call Trace:
[  143.958217][ T8010]  <TASK>
[  143.958225][ T8010]  dump_stack_lvl+0x189/0x250
[  143.958254][ T8010]  ? __pfx____ratelimit+0x10/0x10
[  143.958275][ T8010]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.958299][ T8010]  ? __pfx__printk+0x10/0x10
[  143.958327][ T8010]  ? __might_fault+0xb0/0x130
[  143.958366][ T8010]  should_fail_ex+0x414/0x560
[  143.958401][ T8010]  _copy_from_iter+0x1de/0x1790
[  143.958431][ T8010]  ? __lock_acquire+0xab9/0xd20
[  143.958467][ T8010]  ? __pfx__copy_from_iter+0x10/0x10
[  143.958506][ T8010]  tun_get_user+0x488/0x3ea0
[  143.958549][ T8010]  ? aa_file_perm+0x44d/0x1550
[  143.958571][ T8010]  ? __pfx_tun_get_user+0x10/0x10
[  143.958593][ T8010]  ? _parse_integer_limit+0x1ae/0x1f0
[  143.958622][ T8010]  ? __lock_acquire+0xab9/0xd20
[  143.958655][ T8010]  ? ref_tracker_alloc+0x318/0x460
[  143.958672][ T8010]  ? __lock_acquire+0xab9/0xd20
[  143.958702][ T8010]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  143.958727][ T8010]  ? tun_get+0x1c/0x2f0
[  143.958754][ T8010]  ? tun_get+0x1c/0x2f0
[  143.958775][ T8010]  ? tun_get+0x1c/0x2f0
[  143.958812][ T8010]  tun_chr_write_iter+0x113/0x200
[  143.958837][ T8010]  vfs_write+0x5c9/0xb30
[  143.958866][ T8010]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  143.958888][ T8010]  ? __pfx_vfs_write+0x10/0x10
[  143.958940][ T8010]  ? __fget_files+0x2a/0x420
[  143.958967][ T8010]  ksys_write+0x145/0x250
[  143.958996][ T8010]  ? __pfx_ksys_write+0x10/0x10
[  143.959027][ T8010]  ? rcu_is_watching+0x15/0xb0
[  143.959052][ T8010]  ? do_syscall_64+0xbe/0x3b0
[  143.959079][ T8010]  do_syscall_64+0xfa/0x3b0
[  143.959099][ T8010]  ? lockdep_hardirqs_on+0x9c/0x150
[  143.959120][ T8010]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.959139][ T8010]  ? clear_bhb_loop+0x60/0xb0
[  143.959163][ T8010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.959181][ T8010] RIP: 0033:0x7f569618eec9
[  143.959198][ T8010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.959215][ T8010] RSP: 002b:00007f5696fe3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  143.959235][ T8010] RAX: ffffffffffffffda RBX: 00007f56963e5fa0 RCX: 00007f569618eec9
[  143.959249][ T8010] RDX: 000000000000003a RSI: 0000200000000280 RDI: 0000000000000004
[  143.959261][ T8010] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  143.959272][ T8010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.959284][ T8010] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  143.959315][ T8010]  </TASK>
[  144.310006][ T8018] __nla_validate_parse: 10 callbacks suppressed
[  144.310024][ T8018] netlink: 18 bytes leftover after parsing attributes in process `syz.2.619'.
[  144.620090][ T8037] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.624'.
[  144.714045][ T8045] netlink: 12 bytes leftover after parsing attributes in process `syz.2.628'.
[  144.840975][ T8052] netlink: 'syz.3.630': attribute type 10 has an invalid length.
[  145.136271][ T8063] netlink: 24 bytes leftover after parsing attributes in process `syz.2.635'.
[  145.198835][ T8066] FAULT_INJECTION: forcing a failure.
[  145.198835][ T8066] name failslab, interval 1, probability 0, space 0, times 0
[  145.213698][ T8066] CPU: 1 UID: 0 PID: 8066 Comm: syz.1.636 Not tainted syzkaller #0 PREEMPT(full) 
[  145.213725][ T8066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  145.213736][ T8066] Call Trace:
[  145.213744][ T8066]  <TASK>
[  145.213751][ T8066]  dump_stack_lvl+0x189/0x250
[  145.213778][ T8066]  ? __pfx____ratelimit+0x10/0x10
[  145.213799][ T8066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.213821][ T8066]  ? __pfx__printk+0x10/0x10
[  145.213849][ T8066]  ? __pfx___might_resched+0x10/0x10
[  145.213867][ T8066]  ? fs_reclaim_acquire+0x7d/0x100
[  145.213890][ T8066]  should_fail_ex+0x414/0x560
[  145.213922][ T8066]  should_failslab+0xa8/0x100
[  145.213950][ T8066]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  145.213977][ T8066]  ? __alloc_skb+0x112/0x2d0
[  145.214001][ T8066]  __alloc_skb+0x112/0x2d0
[  145.214025][ T8066]  alloc_skb_with_frags+0xca/0x890
[  145.214062][ T8066]  sock_alloc_send_pskb+0x857/0x990
[  145.214106][ T8066]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  145.214143][ T8066]  ? iov_iter_advance+0x8b/0x1c0
[  145.214168][ T8066]  tun_get_user+0xa43/0x3ea0
[  145.214208][ T8066]  ? aa_file_perm+0x44d/0x1550
[  145.214228][ T8066]  ? __pfx_tun_get_user+0x10/0x10
[  145.214249][ T8066]  ? _parse_integer_limit+0x1ae/0x1f0
[  145.214276][ T8066]  ? __lock_acquire+0xab9/0xd20
[  145.214309][ T8066]  ? ref_tracker_alloc+0x318/0x460
[  145.214325][ T8066]  ? __lock_acquire+0xab9/0xd20
[  145.214354][ T8066]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  145.214377][ T8066]  ? tun_get+0x1c/0x2f0
[  145.214403][ T8066]  ? tun_get+0x1c/0x2f0
[  145.214422][ T8066]  ? tun_get+0x1c/0x2f0
[  145.214446][ T8066]  tun_chr_write_iter+0x113/0x200
[  145.214470][ T8066]  vfs_write+0x5c9/0xb30
[  145.214499][ T8066]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  145.214521][ T8066]  ? __pfx_vfs_write+0x10/0x10
[  145.214555][ T8066]  ? __fget_files+0x2a/0x420
[  145.214580][ T8066]  ksys_write+0x145/0x250
[  145.214607][ T8066]  ? __pfx_ksys_write+0x10/0x10
[  145.214653][ T8066]  ? rcu_is_watching+0x15/0xb0
[  145.214677][ T8066]  ? do_syscall_64+0xbe/0x3b0
[  145.214703][ T8066]  do_syscall_64+0xfa/0x3b0
[  145.214724][ T8066]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.214744][ T8066]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.214763][ T8066]  ? clear_bhb_loop+0x60/0xb0
[  145.214787][ T8066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.214805][ T8066] RIP: 0033:0x7f03d8b8eec9
[  145.214822][ T8066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.214838][ T8066] RSP: 002b:00007f03d9ae9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  145.214857][ T8066] RAX: ffffffffffffffda RBX: 00007f03d8de5fa0 RCX: 00007f03d8b8eec9
[  145.214873][ T8066] RDX: 000000000000003a RSI: 0000200000000280 RDI: 0000000000000004
[  145.214885][ T8066] RBP: 00007f03d9ae9090 R08: 0000000000000000 R09: 0000000000000000
[  145.214896][ T8066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.214907][ T8066] R13: 00007f03d8de6038 R14: 00007f03d8de5fa0 R15: 00007ffc5b99a118
[  145.214937][ T8066]  </TASK>
[  145.746799][ T8075] netlink: 12 bytes leftover after parsing attributes in process `syz.4.639'.
[  146.249756][ T8105] FAULT_INJECTION: forcing a failure.
[  146.249756][ T8105] name failslab, interval 1, probability 0, space 0, times 0
[  146.280607][ T8105] CPU: 0 UID: 0 PID: 8105 Comm: syz.2.650 Not tainted syzkaller #0 PREEMPT(full) 
[  146.280632][ T8105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  146.280643][ T8105] Call Trace:
[  146.280650][ T8105]  <TASK>
[  146.280658][ T8105]  dump_stack_lvl+0x189/0x250
[  146.280685][ T8105]  ? __pfx____ratelimit+0x10/0x10
[  146.280706][ T8105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.280728][ T8105]  ? __pfx__printk+0x10/0x10
[  146.280767][ T8105]  ? __pfx___might_resched+0x10/0x10
[  146.280785][ T8105]  ? fs_reclaim_acquire+0x7d/0x100
[  146.280807][ T8105]  should_fail_ex+0x414/0x560
[  146.280840][ T8105]  should_failslab+0xa8/0x100
[  146.280870][ T8105]  __kmalloc_noprof+0xcb/0x4f0
[  146.280893][ T8105]  ? kfree+0x4d/0x440
[  146.280914][ T8105]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  146.280939][ T8105]  tomoyo_realpath_from_path+0xe3/0x5d0
[  146.280961][ T8105]  ? tomoyo_domain+0xd9/0x130
[  146.280987][ T8105]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  146.281015][ T8105]  tomoyo_path_number_perm+0x1e8/0x5a0
[  146.281045][ T8105]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  146.281089][ T8105]  ? __lock_acquire+0xab9/0xd20
[  146.281136][ T8105]  ? __fget_files+0x2a/0x420
[  146.281156][ T8105]  ? __fget_files+0x2a/0x420
[  146.281171][ T8105]  ? __fget_files+0x3a0/0x420
[  146.281186][ T8105]  ? __fget_files+0x2a/0x420
[  146.281206][ T8105]  security_file_ioctl+0xcb/0x2d0
[  146.281234][ T8105]  __se_sys_ioctl+0x47/0x170
[  146.281260][ T8105]  do_syscall_64+0xfa/0x3b0
[  146.281279][ T8105]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.281298][ T8105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.281317][ T8105]  ? clear_bhb_loop+0x60/0xb0
[  146.281339][ T8105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.281357][ T8105] RIP: 0033:0x7f563c98eec9
[  146.281374][ T8105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.281389][ T8105] RSP: 002b:00007f563d7ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.281409][ T8105] RAX: ffffffffffffffda RBX: 00007f563cbe5fa0 RCX: 00007f563c98eec9
[  146.281422][ T8105] RDX: 0000200000000140 RSI: 000000000000890b RDI: 0000000000000004
[  146.281434][ T8105] RBP: 00007f563d7ba090 R08: 0000000000000000 R09: 0000000000000000
[  146.281445][ T8105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.281456][ T8105] R13: 00007f563cbe6038 R14: 00007f563cbe5fa0 R15: 00007fffc3e85be8
[  146.281485][ T8105]  </TASK>
[  146.281493][ T8105] ERROR: Out of memory at tomoyo_realpath_from_path.
[  146.509243][ T8111] netlink: 'syz.1.653': attribute type 10 has an invalid length.
[  146.602851][ T8111] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  146.678517][ T8118] IPVS: set_ctl: invalid protocol: 33 172.20.20.187:20000
[  146.730690][ T8119] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.807841][ T8123] netlink: 'syz.1.657': attribute type 10 has an invalid length.
[  147.014582][ T8119] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.205223][ T8119] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.335547][ T8155] netlink: 20 bytes leftover after parsing attributes in process `syz.1.663'.
[  147.381359][ T8119] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.539416][ T8162] netlink: 16 bytes leftover after parsing attributes in process `syz.2.666'.
[  147.671438][ T8126] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  147.677861][ T8126] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  147.702481][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.728371][ T8126] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  147.758866][ T8126] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  147.774709][ T1003] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.837255][ T8171] netlink: 'syz.2.669': attribute type 10 has an invalid length.
[  147.852257][ T8126] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  147.862682][ T8126] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  147.876545][ T1003] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.925039][ T8126] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  147.955874][ T8126] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  148.021666][ T1003] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.105736][ T8126] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  148.159343][ T8126] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  148.303845][ T8191] netlink: 'syz.3.675': attribute type 17 has an invalid length.
[  148.330269][ T8191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.675'.
[  148.356517][ T8194] netlink: 12 bytes leftover after parsing attributes in process `syz.1.676'.
[  148.381206][ T8191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.675'.
[  148.612074][ T8204] Bluetooth: MGMT ver 1.23
[  148.670816][ T8208] sctp: [Deprecated]: syz.0.681 (pid 8208) Use of int in max_burst socket option.
[  148.670816][ T8208] Use struct sctp_assoc_value instead
[  148.750661][ T8205] tunl0: Caught tx_queue_len zero misconfig
[  149.357735][ T8238] FAULT_INJECTION: forcing a failure.
[  149.357735][ T8238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.420143][ T8238] CPU: 0 UID: 0 PID: 8238 Comm: syz.0.687 Not tainted syzkaller #0 PREEMPT(full) 
[  149.420172][ T8238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  149.420184][ T8238] Call Trace:
[  149.420192][ T8238]  <TASK>
[  149.420200][ T8238]  dump_stack_lvl+0x189/0x250
[  149.420230][ T8238]  ? __pfx____ratelimit+0x10/0x10
[  149.420265][ T8238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  149.420289][ T8238]  ? __pfx__printk+0x10/0x10
[  149.420318][ T8238]  ? __might_fault+0xb0/0x130
[  149.420358][ T8238]  should_fail_ex+0x414/0x560
[  149.420393][ T8238]  _copy_from_user+0x2d/0xb0
[  149.420421][ T8238]  kstrtouint_from_user+0xc4/0x170
[  149.420446][ T8238]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  149.420485][ T8238]  proc_fail_nth_write+0x88/0x200
[  149.420510][ T8238]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  149.420539][ T8238]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  149.420563][ T8238]  vfs_write+0x27e/0xb30
[  149.420599][ T8238]  ? __pfx_vfs_write+0x10/0x10
[  149.420627][ T8238]  ? __fget_files+0x2a/0x420
[  149.420648][ T8238]  ? __fget_files+0x3a0/0x420
[  149.420664][ T8238]  ? __fget_files+0x2a/0x420
[  149.420691][ T8238]  ksys_write+0x145/0x250
[  149.420721][ T8238]  ? __pfx_ksys_write+0x10/0x10
[  149.420744][ T8238]  ? rcu_is_watching+0x15/0xb0
[  149.420770][ T8238]  ? do_syscall_64+0xbe/0x3b0
[  149.420796][ T8238]  do_syscall_64+0xfa/0x3b0
[  149.420817][ T8238]  ? lockdep_hardirqs_on+0x9c/0x150
[  149.420837][ T8238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.420857][ T8238]  ? clear_bhb_loop+0x60/0xb0
[  149.420881][ T8238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.420900][ T8238] RIP: 0033:0x7f569618d97f
[  149.420917][ T8238] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  149.420933][ T8238] RSP: 002b:00007f5696fe3030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  149.420958][ T8238] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f569618d97f
[  149.420972][ T8238] RDX: 0000000000000001 RSI: 00007f5696fe30a0 RDI: 0000000000000006
[  149.420988][ T8238] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  149.420999][ T8238] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  149.421011][ T8238] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  149.421042][ T8238]  </TASK>
[  149.745352][ T8246] __nla_validate_parse: 1 callbacks suppressed
[  149.745369][ T8246] netlink: 104 bytes leftover after parsing attributes in process `syz.4.693'.
[  149.884708][ T8246] net veth1_virt_wifi .: renamed from virt_wifi0
[  150.395709][ T8285] netlink: 8 bytes leftover after parsing attributes in process `syz.4.704'.
[  150.431088][ T8285] netlink: 8 bytes leftover after parsing attributes in process `syz.4.704'.
[  150.467357][ T8288] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  150.474630][ T8288] IPv6: NLM_F_CREATE should be set when creating new route
[  150.481926][ T8288] IPv6: NLM_F_CREATE should be set when creating new route
[  150.489190][ T8288] IPv6: NLM_F_CREATE should be set when creating new route
[  150.534182][ T8295] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  150.543522][ T8288] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.676757][ T8302] netlink: 56 bytes leftover after parsing attributes in process `syz.1.708'.
[  150.688068][ T8302] netlink: 12 bytes leftover after parsing attributes in process `syz.1.708'.
[  150.701287][ T8302] netlink: 31 bytes leftover after parsing attributes in process `syz.1.708'.
[  150.717731][ T8302] netlink: 'syz.1.708': attribute type 2 has an invalid length.
[  150.743306][ T8302] netlink: 31 bytes leftover after parsing attributes in process `syz.1.708'.
[  151.012210][ T8318] netlink: 8 bytes leftover after parsing attributes in process `syz.3.711'.
[  151.026055][ T8323] netlink: 197820 bytes leftover after parsing attributes in process `syz.4.712'.
[  151.080241][ T8315] netlink: 'syz.1.710': attribute type 1 has an invalid length.
[  151.124939][ T8315] netlink: 172 bytes leftover after parsing attributes in process `syz.1.710'.
[  151.583779][ T8344] bond0: entered promiscuous mode
[  151.608094][ T8344] bond_slave_0: entered promiscuous mode
[  151.639692][ T8344] bond_slave_1: entered promiscuous mode
[  151.656239][ T8344] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  151.693499][ T8344] bond0: left allmulticast mode
[  152.081091][ T8372] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  152.272716][ T8387] netlink: 'syz.0.732': attribute type 10 has an invalid length.
[  152.306417][ T8387] bond0: (slave wlan1): Opening slave failed
[  152.330146][ T8391] netlink: 'syz.3.734': attribute type 10 has an invalid length.
[  152.758741][ T8403] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.786081][ T8403] bond_slave_0: left promiscuous mode
[  152.797473][ T8403] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.809239][ T8403] bond_slave_1: left promiscuous mode
[  152.829460][ T8403] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  152.844022][ T8403] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  152.851365][ T8403] bond0 (unregistering): Released all slaves
[  153.048489][ T8423] netlink: 'syz.0.746': attribute type 1 has an invalid length.
[  153.064897][ T8425] netlink: 'syz.3.747': attribute type 10 has an invalid length.
[  153.094361][ T8423] netlink: 'syz.0.746': attribute type 6 has an invalid length.
[  153.957673][ T8471] netlink: 'syz.3.762': attribute type 10 has an invalid length.
[  154.052259][ T8470] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  154.162210][ T8484] IPVS: ip_vs_add_dest(): server weight less than zero
[  154.190996][ T5971] IPVS: starting estimator thread 0...
[  154.293976][ T8486] IPVS: using max 27 ests per chain, 64800 per kthread
[  154.566030][ T8494] tipc: Started in network mode
[  154.597860][ T8494] tipc: Node identity , cluster identity 4711
[  154.637715][ T8494] tipc: Failed to obtain node identity
[  154.676129][ T8494] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  155.125839][ T8525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  155.810811][ T8548] openvswitch: netlink: IP tunnel dst address not specified
[  156.222831][ T8555] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  156.551159][ T8543] netlink: 'syz.1.775': attribute type 7 has an invalid length.
[  156.726665][ T8557] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  156.751254][ T8562] __nla_validate_parse: 8 callbacks suppressed
[  156.751270][ T8562] netlink: 64 bytes leftover after parsing attributes in process `syz.4.780'.
[  156.844663][ T8569] netlink: 'syz.1.778': attribute type 10 has an invalid length.
[  156.866617][ T8570] netlink: 'syz.0.782': attribute type 10 has an invalid length.
[  156.876777][ T8559] team0 (unregistering): Port device team_slave_0 removed
[  156.888019][ T8559] team0 (unregistering): Port device team_slave_1 removed
[  156.914491][ T8560] netlink: 12 bytes leftover after parsing attributes in process `syz.1.778'.
[  156.946573][ T8569] 8021q: adding VLAN 0 to HW filter on device team0
[  157.013835][ T8569] bond0: (slave team0): Enslaving as an active interface with an up link
[  157.061958][ T8570] bond0: (slave wlan1): Opening slave failed
[  157.110521][ T8573] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  157.144896][ T8578] netlink: 'syz.4.784': attribute type 10 has an invalid length.
[  157.197471][ T8578] bond0: (slave wlan1): Opening slave failed
[  157.474156][ T8585] netlink: 24 bytes leftover after parsing attributes in process `syz.0.788'.
[  157.910806][ T8622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.795'.
[  158.019055][ T8624] netlink: 'syz.2.796': attribute type 83 has an invalid length.
[  158.027852][ T8622] ipvlan2: entered promiscuous mode
[  158.218228][ T8638] netlink: 'syz.4.798': attribute type 10 has an invalid length.
[  158.251659][ T8638] bond0: (slave wlan1): Opening slave failed
[  158.405158][ T8645] netlink: 'syz.0.800': attribute type 10 has an invalid length.
[  158.443376][ T8645] bond0: (slave wlan1): Opening slave failed
[  158.684473][ T8652] netlink: 12 bytes leftover after parsing attributes in process `syz.3.803'.
[  158.982560][ T8668] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.809'.
[  159.046848][ T8671] netlink: 'syz.2.811': attribute type 10 has an invalid length.
[  159.269879][ T8678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.814'.
[  159.282913][ T8680] netlink: 12 bytes leftover after parsing attributes in process `syz.3.813'.
[  159.351756][ T8680] vlan2: entered promiscuous mode
[  159.374292][ T8680] gretap0: entered promiscuous mode
[  159.897251][ T8716] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.824'.
[  160.007751][ T8721] netlink: 'syz.3.826': attribute type 10 has an invalid length.
[  160.016010][ T8724] netlink: 16 bytes leftover after parsing attributes in process `syz.0.828'.
[  160.869797][ T8774] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  161.140380][ T8788] FAULT_INJECTION: forcing a failure.
[  161.140380][ T8788] name failslab, interval 1, probability 0, space 0, times 0
[  161.153443][ T8788] CPU: 0 UID: 0 PID: 8788 Comm: syz.4.845 Not tainted syzkaller #0 PREEMPT(full) 
[  161.153479][ T8788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  161.153492][ T8788] Call Trace:
[  161.153500][ T8788]  <TASK>
[  161.153510][ T8788]  dump_stack_lvl+0x189/0x250
[  161.153542][ T8788]  ? __pfx____ratelimit+0x10/0x10
[  161.153566][ T8788]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.153592][ T8788]  ? __pfx__printk+0x10/0x10
[  161.153633][ T8788]  ? __lock_acquire+0xab9/0xd20
[  161.153669][ T8788]  should_fail_ex+0x414/0x560
[  161.153709][ T8788]  should_failslab+0xa8/0x100
[  161.153744][ T8788]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  161.153775][ T8788]  ? __alloc_skb+0x112/0x2d0
[  161.153805][ T8788]  __alloc_skb+0x112/0x2d0
[  161.153834][ T8788]  __pfkey_xfrm_state2msg+0x495/0x3d30
[  161.153871][ T8788]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  161.153905][ T8788]  dump_sa+0xad/0x590
[  161.153936][ T8788]  xfrm_state_walk+0x292/0xa60
[  161.153973][ T8788]  ? __pfx_dump_sa+0x10/0x10
[  161.154005][ T8788]  pfkey_do_dump+0x5c/0x420
[  161.154041][ T8788]  pfkey_sendmsg+0xbfe/0x1090
[  161.154085][ T8788]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  161.154160][ T8788]  ? aa_sock_msg_perm+0xf1/0x1d0
[  161.154184][ T8788]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  161.154207][ T8788]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  161.154232][ T8788]  __sock_sendmsg+0x219/0x270
[  161.154268][ T8788]  ____sys_sendmsg+0x505/0x830
[  161.154301][ T8788]  ? __pfx_____sys_sendmsg+0x10/0x10
[  161.154339][ T8788]  ? import_iovec+0x74/0xa0
[  161.154372][ T8788]  ___sys_sendmsg+0x21f/0x2a0
[  161.154402][ T8788]  ? __pfx____sys_sendmsg+0x10/0x10
[  161.154478][ T8788]  ? __fget_files+0x2a/0x420
[  161.154498][ T8788]  ? __fget_files+0x3a0/0x420
[  161.154529][ T8788]  __x64_sys_sendmsg+0x19b/0x260
[  161.154572][ T8788]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  161.154607][ T8788]  ? __pfx_ksys_write+0x10/0x10
[  161.154641][ T8788]  ? rcu_is_watching+0x15/0xb0
[  161.154665][ T8788]  ? do_syscall_64+0xbe/0x3b0
[  161.154690][ T8788]  do_syscall_64+0xfa/0x3b0
[  161.154710][ T8788]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.154729][ T8788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.154747][ T8788]  ? clear_bhb_loop+0x60/0xb0
[  161.154769][ T8788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.154786][ T8788] RIP: 0033:0x7ff8f918eec9
[  161.154802][ T8788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.154818][ T8788] RSP: 002b:00007ff8f9fd9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  161.154837][ T8788] RAX: ffffffffffffffda RBX: 00007ff8f93e5fa0 RCX: 00007ff8f918eec9
[  161.154850][ T8788] RDX: 00000000040408c0 RSI: 0000200000000440 RDI: 0000000000000003
[  161.154862][ T8788] RBP: 00007ff8f9fd9090 R08: 0000000000000000 R09: 0000000000000000
[  161.154873][ T8788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.154884][ T8788] R13: 00007ff8f93e6038 R14: 00007ff8f93e5fa0 R15: 00007ffcdd0b87f8
[  161.154913][ T8788]  </TASK>
[  161.733270][ T8803] netlink: 'syz.3.847': attribute type 1 has an invalid length.
[  161.770844][ T8805] netlink: 'syz.4.848': attribute type 1 has an invalid length.
[  161.848893][ T8803] 8021q: adding VLAN 0 to HW filter on device bond3
[  161.879707][ T8805] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  162.081322][ T8825] __nla_validate_parse: 3 callbacks suppressed
[  162.081342][ T8825] netlink: 192 bytes leftover after parsing attributes in process `syz.4.852'.
[  162.434404][ T8838] netlink: 52 bytes leftover after parsing attributes in process `syz.0.854'.
[  164.545952][ T8815] 8021q: adding VLAN 0 to HW filter on device bond3
[  164.608922][ T8815] bond3: (slave vxcan5): The slave device specified does not support setting the MAC address
[  164.635239][ T8815] bond3: (slave vxcan5): Error -95 calling set_mac_address
[  164.815103][ T8816] veth5: entered promiscuous mode
[  164.835170][ T8816] bond3: (slave veth5): Enslaving as an active interface with a down link
[  165.176158][ T8866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  165.258412][ T8866] FAULT_INJECTION: forcing a failure.
[  165.258412][ T8866] name failslab, interval 1, probability 0, space 0, times 0
[  165.303993][ T8866] CPU: 0 UID: 0 PID: 8866 Comm: syz.0.862 Not tainted syzkaller #0 PREEMPT(full) 
[  165.304019][ T8866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  165.304030][ T8866] Call Trace:
[  165.304038][ T8866]  <TASK>
[  165.304047][ T8866]  dump_stack_lvl+0x189/0x250
[  165.304076][ T8866]  ? __pfx____ratelimit+0x10/0x10
[  165.304098][ T8866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.304122][ T8866]  ? __pfx__printk+0x10/0x10
[  165.304153][ T8866]  ? __pfx___might_resched+0x10/0x10
[  165.304173][ T8866]  ? fs_reclaim_acquire+0x7d/0x100
[  165.304197][ T8866]  should_fail_ex+0x414/0x560
[  165.304239][ T8866]  should_failslab+0xa8/0x100
[  165.304270][ T8866]  __kmalloc_noprof+0xcb/0x4f0
[  165.304296][ T8866]  ? ethnl_default_start+0x16f/0x3f0
[  165.304326][ T8866]  ethnl_default_start+0x16f/0x3f0
[  165.304357][ T8866]  genl_start+0x4c3/0x6c0
[  165.304393][ T8866]  __netlink_dump_start+0x469/0x7e0
[  165.304422][ T8866]  genl_family_rcv_msg_dumpit+0x1e7/0x2c0
[  165.304454][ T8866]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  165.304481][ T8866]  ? genl_get_cmd+0x67f/0x910
[  165.304513][ T8866]  ? __pfx_genl_start+0x10/0x10
[  165.304537][ T8866]  ? __pfx_genl_dumpit+0x10/0x10
[  165.304561][ T8866]  ? __pfx_genl_done+0x10/0x10
[  165.304603][ T8866]  genl_rcv_msg+0x5da/0x790
[  165.304637][ T8866]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.304663][ T8866]  ? __pfx_ethnl_default_start+0x10/0x10
[  165.304684][ T8866]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  165.304706][ T8866]  ? __pfx_ethnl_default_done+0x10/0x10
[  165.304731][ T8866]  ? __asan_memcpy+0x40/0x70
[  165.304753][ T8866]  ? __pfx_ref_tracker_free+0x10/0x10
[  165.304780][ T8866]  netlink_rcv_skb+0x205/0x470
[  165.304798][ T8866]  ? __lock_acquire+0xab9/0xd20
[  165.304828][ T8866]  ? __pfx_genl_rcv_msg+0x10/0x10
[  165.304857][ T8866]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  165.304898][ T8866]  ? down_read+0x1ad/0x2e0
[  165.304925][ T8866]  genl_rcv+0x28/0x40
[  165.304949][ T8866]  netlink_unicast+0x82f/0x9e0
[  165.304989][ T8866]  ? __pfx_netlink_unicast+0x10/0x10
[  165.305022][ T8866]  ? netlink_sendmsg+0x642/0xb30
[  165.305042][ T8866]  ? skb_put+0x11b/0x210
[  165.305069][ T8866]  netlink_sendmsg+0x805/0xb30
[  165.305100][ T8866]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.305126][ T8866]  ? aa_sock_msg_perm+0xf1/0x1d0
[  165.305148][ T8866]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  165.305170][ T8866]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.305193][ T8866]  __sock_sendmsg+0x219/0x270
[  165.305235][ T8866]  ____sys_sendmsg+0x505/0x830
[  165.305266][ T8866]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.305302][ T8866]  ? import_iovec+0x74/0xa0
[  165.305332][ T8866]  ___sys_sendmsg+0x21f/0x2a0
[  165.305360][ T8866]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.305424][ T8866]  ? __fget_files+0x2a/0x420
[  165.305441][ T8866]  ? __fget_files+0x3a0/0x420
[  165.305470][ T8866]  __x64_sys_sendmsg+0x19b/0x260
[  165.305499][ T8866]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  165.305535][ T8866]  ? __pfx_ksys_write+0x10/0x10
[  165.305559][ T8866]  ? rcu_is_watching+0x15/0xb0
[  165.305584][ T8866]  ? do_syscall_64+0xbe/0x3b0
[  165.305611][ T8866]  do_syscall_64+0xfa/0x3b0
[  165.305632][ T8866]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.305653][ T8866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.305672][ T8866]  ? clear_bhb_loop+0x60/0xb0
[  165.305697][ T8866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.305716][ T8866] RIP: 0033:0x7f569618eec9
[  165.305733][ T8866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.305749][ T8866] RSP: 002b:00007f5696fe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.305770][ T8866] RAX: ffffffffffffffda RBX: 00007f56963e5fa0 RCX: 00007f569618eec9
[  165.305784][ T8866] RDX: 0000000001000000 RSI: 0000200000000000 RDI: 0000000000000005
[  165.305797][ T8866] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  165.305809][ T8866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.305820][ T8866] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  165.305852][ T8866]  </TASK>
[  165.370309][ T8878] syzkaller1: entered promiscuous mode
[  165.455204][ T8875] netlink: 4 bytes leftover after parsing attributes in process `syz.1.865'.
[  165.561554][ T8878] syzkaller1: entered allmulticast mode
[  166.074254][ T8901] netlink: 'syz.3.868': attribute type 1 has an invalid length.
[  166.134304][ T8901] netlink: 220 bytes leftover after parsing attributes in process `syz.3.868'.
[  166.935641][ T8913] Illegal XDP return value 4294967274 on prog  (id 148) dev N/A, expect packet loss!
[  167.425896][ T8958] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.502638][ T8966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'.
[  167.638950][ T8974] netlink: 128 bytes leftover after parsing attributes in process `syz.4.883'.
[  167.669963][ T8974] netlink: 128 bytes leftover after parsing attributes in process `syz.4.883'.
[  167.740816][ T8974] dvmrp0: entered allmulticast mode
[  167.808866][ T8979] dvmrp0: left allmulticast mode
[  167.932097][ T8980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.884'.
[  168.026861][ T8999] syzkaller0: entered promiscuous mode
[  168.032476][ T8999] syzkaller0: entered allmulticast mode
[  168.262642][ T9012] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.888'.
[  168.644063][ T9029] netlink: 'syz.4.894': attribute type 4 has an invalid length.
[  168.656713][ T9029] netlink: 12 bytes leftover after parsing attributes in process `syz.4.894'.
[  168.797336][ T9033] netlink: 'syz.0.895': attribute type 10 has an invalid length.
[  168.829951][ T9033] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  168.922544][ T9035] netlink: 'syz.2.896': attribute type 3 has an invalid length.
[  169.020549][ T9043] netlink: 16 bytes leftover after parsing attributes in process `syz.3.899'.
[  169.636028][ T9075] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.909'.
[  169.754666][ T9083] netlink: 84 bytes leftover after parsing attributes in process `syz.2.911'.
[  169.924317][ T9088] netlink: 'syz.3.913': attribute type 58 has an invalid length.
[  169.959962][ T9088] netlink: 20 bytes leftover after parsing attributes in process `syz.3.913'.
[  170.035070][ T9095] netlink: 'syz.2.915': attribute type 10 has an invalid length.
[  170.115728][ T9095] mac80211_hwsim hwsim9 wlan1: left allmulticast mode
[  170.638398][ T9123] openvswitch: netlink: Missing valid actions attribute.
[  170.676273][ T9123] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  171.038370][ T9147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.415055][ T9167] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  171.629243][ T9172] bond0: (slave wlan1): Releasing backup interface
[  171.965052][ T9192] tipc: Enabling of bearer <u拴:s> rejected, media not registered
[  172.610559][ T9219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.858928][ T9235] __nla_validate_parse: 10 callbacks suppressed
[  172.858947][ T9235] netlink: 144 bytes leftover after parsing attributes in process `syz.4.951'.
[  173.062566][ T9248] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.955'.
[  173.071088][ T9247] geneve3: entered promiscuous mode
[  173.089859][ T9247] geneve3: entered allmulticast mode
[  173.104258][   T64] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 19999 - 0
[  173.127811][   T64] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 19999 - 0
[  173.166898][   T64] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 19999 - 0
[  173.199112][   T64] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 19999 - 0
[  173.215643][ T9249] netlink: 'syz.1.953': attribute type 10 has an invalid length.
[  173.305252][ T9249] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  173.377650][ T9249] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  173.667015][ T9269] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  173.760919][ T9273] netlink: 16 bytes leftover after parsing attributes in process `syz.2.963'.
[  173.836398][ T9278] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.916397][ T9284] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'.
[  173.926361][ T9283] netlink: 84 bytes leftover after parsing attributes in process `syz.0.966'.
[  173.945489][ T9278] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.048841][ T9278] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.201548][ T9278] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.361896][ T3576] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.402912][ T3576] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.450754][ T3576] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.499834][ T3576] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.754129][ T9318] netlink: 'syz.1.973': attribute type 29 has an invalid length.
[  174.784061][ T9318] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'.
[  174.827997][ T9320] netlink: 'syz.1.973': attribute type 29 has an invalid length.
[  174.842347][ T9320] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'.
[  175.134064][ T9337] netlink: 132 bytes leftover after parsing attributes in process `syz.0.979'.
[  175.658310][ T9368] netlink: 'syz.3.987': attribute type 7 has an invalid length.
[  175.911265][ T9378] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.989'.
[  176.136997][ T9385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.993'.
[  176.438971][ T9403] netlink: 'syz.4.998': attribute type 7 has an invalid length.
[  176.446821][ T9411] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  176.589092][ T9417] netlink: 'syz.3.1003': attribute type 13 has an invalid length.
[  176.621765][ T9417] netlink: 'syz.3.1003': attribute type 58 has an invalid length.
[  176.733335][ T9425] netlink: 'syz.0.1005': attribute type 1 has an invalid length.
[  176.804588][ T9425] 8021q: adding VLAN 0 to HW filter on device bond4
[  176.901667][ T9431] veth5: entered promiscuous mode
[  176.939963][ T9438] netlink: 'syz.0.1005': attribute type 1 has an invalid length.
[  176.970558][ T9431] bond4: (slave veth5): Enslaving as an active interface with an up link
[  177.036748][ T9442] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.121772][ T9442] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.249227][ T9442] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.339707][ T9442] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.540627][ T9464] macvlan2: entered promiscuous mode
[  177.551051][ T9464] macvlan2: entered allmulticast mode
[  177.557927][ T9464] bond0: entered promiscuous mode
[  177.564423][ T9464] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  177.598600][ T9464] bond0: left promiscuous mode
[  177.817133][ T9477] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  177.898885][ T9484] syzkaller0: entered promiscuous mode
[  177.957128][ T9484] syzkaller0: entered allmulticast mode
[  177.998608][   T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.019746][ T9477] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  178.082853][ T9477] tipc: Resetting bearer <eth:syzkaller0>
[  178.180454][ T9476] tipc: Resetting bearer <eth:syzkaller0>
[  178.227922][ T9476] tipc: Disabling bearer <eth:syzkaller0>
[  178.315630][ T1003] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.367394][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.463433][   T13] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.798124][ T9526] netlink: 'syz.2.1034': attribute type 29 has an invalid length.
[  178.814937][ T9525] netlink: 'syz.4.1035': attribute type 1 has an invalid length.
[  178.847840][ T9526] __nla_validate_parse: 11 callbacks suppressed
[  178.847856][ T9526] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1034'.
[  178.879956][ T9526] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1034'.
[  179.224713][ T9544] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.272835][ T9550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1042'.
[  179.446720][ T9555] netlink: zone id is out of range
[  179.454054][ T9555] netlink: zone id is out of range
[  179.459450][ T9555] netlink: zone id is out of range
[  179.466789][ T9555] netlink: zone id is out of range
[  179.472067][ T9555] netlink: zone id is out of range
[  179.478064][ T9555] netlink: zone id is out of range
[  179.484899][ T9555] netlink: zone id is out of range
[  179.494172][ T9555] netlink: zone id is out of range
[  179.501870][ T9555] netlink: zone id is out of range
[  179.512995][ T9559] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1045'.
[  179.535557][ T9555] netlink: zone id is out of range
[  179.621865][ T9564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1048'.
[  179.656126][ T9564] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1048'.
[  179.703855][ T9568] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1050'.
[  179.717586][ T9569] netlink: 332 bytes leftover after parsing attributes in process `syz.4.1049'.
[  179.780894][ T9571] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1050'.
[  179.808114][ T9571] validate_nla: 2 callbacks suppressed
[  179.808130][ T9571] netlink: 'syz.0.1050': attribute type 10 has an invalid length.
[  180.040119][ T9586] netlink: 'syz.0.1055': attribute type 9 has an invalid length.
[  180.068403][ T9586] netlink: 'syz.0.1055': attribute type 2 has an invalid length.
[  180.079069][ T9586] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1055'.
[  180.110352][ T9589] netlink: 'syz.4.1056': attribute type 1 has an invalid length.
[  180.235614][ T9589] bond2: entered promiscuous mode
[  180.277636][ T9589] 8021q: adding VLAN 0 to HW filter on device bond2
[  180.332552][ T9600] team0: Cannot enslave team device to itself
[  180.348699][ T9596] netlink: 'syz.3.1058': attribute type 4 has an invalid length.
[  180.494780][ T9594] bond3 (unregistering): Released all slaves
[  180.542968][ T9607] smc: net device erspan0 applied user defined pnetid SYZ0
[  180.573070][ T9609] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  181.727192][ T9655] bond0: (slave team0): Releasing backup interface
[  181.769292][ T9655] team0 (unregistering): Port device team_slave_0 removed
[  181.800205][ T9655] team0 (unregistering): Port device team_slave_1 removed
[  182.059580][ T9684] netlink: 'syz.2.1084': attribute type 10 has an invalid length.
[  182.118483][ T9682] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  182.120023][ T9689] netlink: 'syz.1.1086': attribute type 10 has an invalid length.
[  182.252661][ T9694] netlink: 'syz.2.1087': attribute type 5 has an invalid length.
[  182.338420][ T9701] netlink: 'syz.4.1088': attribute type 4 has an invalid length.
[  182.395372][ T9701] netlink: 'syz.4.1088': attribute type 4 has an invalid length.
[  182.558853][ T9713] netlink: 'syz.2.1096': attribute type 11 has an invalid length.
[  182.792236][ T9720] bridge_slave_0: invalid flags given to default FDB implementation
[  184.174272][ T9793] __nla_validate_parse: 13 callbacks suppressed
[  184.174291][ T9793] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1115'.
[  184.205244][ T9795] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  184.212544][ T9795] IPv6: NLM_F_CREATE should be set when creating new route
[  184.256161][ T9796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1116'.
[  184.278882][ T9796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1116'.
[  184.302060][ T9796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1116'.
[  184.327414][ T9800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1118'.
[  184.790478][ T9829] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1128'.
[  184.826534][ T9825] syzkaller1: entered promiscuous mode
[  184.846772][ T9825] syzkaller1: entered allmulticast mode
[  184.852539][ T9829] syz.1.1128 (9829) used greatest stack depth: 18200 bytes left
[  185.161441][ T9843] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1131'.
[  185.171341][ T9847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1134'.
[  185.198387][ T9847] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1134'.
[  185.212895][ T9847] validate_nla: 5 callbacks suppressed
[  185.212909][ T9847] netlink: 'syz.2.1134': attribute type 5 has an invalid length.
[  185.247416][ T9849] tipc: Started in network mode
[  185.252322][ T9849] tipc: Node identity b6a8e4e32a6e, cluster identity 4711
[  185.286574][ T9849] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  185.295122][ T9849] syzkaller0: entered promiscuous mode
[  185.312594][ T9849] syzkaller0: entered allmulticast mode
[  185.424535][ T9849] tipc: Resetting bearer <eth:syzkaller0>
[  185.475642][ T9848] tipc: Resetting bearer <eth:syzkaller0>
[  185.519289][ T9848] tipc: Disabling bearer <eth:syzkaller0>
[  185.566175][ T9867] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1141'.
[  185.698978][ T9867] bond2: entered allmulticast mode
[  185.708961][ T9867] 8021q: adding VLAN 0 to HW filter on device bond2
[  185.716845][ T9867] bridge0: port 3(bond2) entered blocking state
[  185.727531][ T9867] bridge0: port 3(bond2) entered disabled state
[  185.736767][ T9867] bond2: entered promiscuous mode
[  185.786962][ T9871] tipc: Started in network mode
[  185.800016][ T9871] tipc: Node identity , cluster identity 4711
[  185.834006][ T9871] tipc: Failed to obtain node identity
[  185.844795][ T9871] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  185.902915][ T9876] syzkaller0: entered promiscuous mode
[  185.908658][ T9876] syzkaller0: entered allmulticast mode
[  185.930062][ T9884] gre1: entered promiscuous mode
[  185.935630][ T9884] gre1: entered allmulticast mode
[  187.448112][ T9916] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6)
[  187.755396][ T9922] net_ratelimit: 5 callbacks suppressed
[  187.755416][ T9922] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  187.760088][ T9930] sock: sock_set_timeout: `syz.4.1160' (pid 9930) tries to set negative timeout
[  188.577570][ T9964] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  188.621356][ T9967] netlink: 'syz.2.1171': attribute type 3 has an invalid length.
[  188.643638][ T9967] netlink: 'syz.2.1171': attribute type 2 has an invalid length.
[  188.667979][ T9967] netlink: 'syz.2.1171': attribute type 8 has an invalid length.
[  188.883644][ T9980] sctp: [Deprecated]: syz.2.1171 (pid 9980) Use of int in max_burst socket option.
[  188.883644][ T9980] Use struct sctp_assoc_value instead
[  189.073696][ T9987] netlink: 'syz.4.1174': attribute type 1 has an invalid length.
[  189.482848][T10006] __nla_validate_parse: 13 callbacks suppressed
[  189.482868][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.530212][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.540167][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.549567][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.573734][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.644189][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.710245][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.751758][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.784252][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  189.827086][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1179'.
[  190.058814][T10037] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  190.194616][T10043] xt_HMARK: spi-set and port-set can't be combined
[  190.197933][T10044] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  190.288885][T10044] syzkaller0: entered promiscuous mode
[  190.307160][T10045] netlink: 'syz.1.1187': attribute type 4 has an invalid length.
[  190.330534][T10044] syzkaller0: entered allmulticast mode
[  190.877066][T10073] syz.4.1192 (10073) used greatest stack depth: 17864 bytes left
[  190.906674][T10036] tipc: Resetting bearer <eth:syzkaller0>
[  190.960694][T10036] tipc: Disabling bearer <eth:syzkaller0>
[  191.140665][T10086] tipc: Started in network mode
[  191.149302][T10086] tipc: Node identity 7274a3e9bfdd, cluster identity 4711
[  191.189060][T10086] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  191.305895][T10086] netlink: 'syz.4.1195': attribute type 3 has an invalid length.
[  191.484924][T10084] tipc: Disabling bearer <eth:syzkaller0>
[  191.666926][T10110] netlink: 'syz.0.1203': attribute type 22 has an invalid length.
[  191.732420][T10110] netlink: 'syz.0.1203': attribute type 22 has an invalid length.
[  191.740384][   T12] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  191.760427][   T12] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  191.818823][T10114] vlan1: entered promiscuous mode
[  191.840527][   T12] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  191.876190][ T1003] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  192.237200][T10137] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  193.240501][T10177] openvswitch: netlink: Actions may not be safe on all matching packets
[  193.472662][T10178] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.679597][T10178] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.714209][T10178] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.919972][T10178] bridge2: left promiscuous mode
[  193.928581][T10178] bridge2: left allmulticast mode
[  193.938140][T10178] bond3: left promiscuous mode
[  193.943822][T10178] bond3: left allmulticast mode
[  193.982183][T10192] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  194.002457][T10192] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  194.084660][ T3596] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.113814][ T3596] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.122203][ T3596] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.168906][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  194.193564][ T3596] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.572741][T10235] netlink: 'syz.4.1247': attribute type 22 has an invalid length.
[  194.597805][T10235] __nla_validate_parse: 39 callbacks suppressed
[  194.597821][T10235] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1247'.
[  194.626552][T10239] netlink: 'syz.1.1248': attribute type 10 has an invalid length.
[  194.682071][T10240] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1247'.
[  194.765636][   T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  194.928690][   T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  195.008705][ T1003] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  195.017990][ T1003] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  195.220086][T10270] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1257'.
[  195.386856][T10285] netlink: 'syz.2.1262': attribute type 10 has an invalid length.
[  195.454197][T10287] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1264'.
[  195.738916][T10302] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.1268'.
[  196.510626][T10344] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1283'.
[  196.559837][T10347] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1284'.
[  196.621853][T10347] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  196.667126][T10347] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  196.676513][T10347] gretap1: entered promiscuous mode
[  196.681797][T10347] gretap1: entered allmulticast mode
[  196.985985][T10368] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  197.137461][T10374] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1296'.
[  197.258120][T10381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1298'.
[  197.268612][T10381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1298'.
[  197.722577][T10409] netlink: 'syz.3.1304': attribute type 1 has an invalid length.
[  197.794906][T10409] 8021q: adding VLAN 0 to HW filter on device bond4
[  198.313853][T10433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.375035][T10435] ieee802154 phy1 wpan1: encryption failed: -22
[  198.549269][T10439] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.568457][T10439] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  198.919987][T10444] netlink: 'syz.2.1320': attribute type 4 has an invalid length.
[  198.984249][T10446] gretap0: entered promiscuous mode
[  198.989510][T10446] gretap0: left allmulticast mode
[  198.998826][T10446] 0{X功: renamed from gretap0
[  199.006201][T10446] 0{X功: left promiscuous mode
[  199.011234][T10446] 0{X功: entered allmulticast mode
[  199.018539][T10446] A link change request failed with some changes committed already. Interface 
30{X功 may have been left with an inconsistent configuration, please check.
[  199.594226][T10475] netlink: 'syz.3.1331': attribute type 9 has an invalid length.
[  199.631298][T10478] __nla_validate_parse: 7 callbacks suppressed
[  199.631314][T10478] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1332'.
[  199.792586][T10489] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1336'.
[  199.792590][T10486] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1335'.
[  199.812165][T10486] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[  199.818249][T10487] netlink: 596 bytes leftover after parsing attributes in process `syz.3.1334'.
[  199.820554][T10486] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  200.500371][T10525] tipc: New replicast peer: 0.0.0.0
[  200.524220][T10525] tipc: Enabled bearer <udp:syz2>, priority 10
[  200.531193][T10525] tipc: New replicast peer: 255.255.255.255
[  200.600288][T10527] pim6reg1: entered promiscuous mode
[  200.620686][T10527] pim6reg1: entered allmulticast mode
[  200.731873][T10534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  200.885829][T10544] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1351'.
[  201.048893][T10548] netlink: 340 bytes leftover after parsing attributes in process `syz.2.1353'.
[  201.115038][T10554] netdevsim netdevsim3: Direct firmware load for /.� failed with error -2
[  201.125248][T10554] netdevsim netdevsim3: Falling back to sysfs fallback for: /.�
[  201.137221][T10556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1355'.
[  201.600413][T10574] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1360'.
[  201.645361][ T6361] tipc: Node number set to 3170477188
[  201.791027][T10578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1362'.
[  201.801675][T10578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1362'.
[  201.918180][T10582] netlink: zone id is out of range
[  201.923926][T10582] netlink: zone id is out of range
[  201.929741][T10582] netlink: del zone limit has 4 unknown bytes
[  202.136368][T10588] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  203.188011][T10633] xfrm1: entered promiscuous mode
[  203.195878][T10633] xfrm1: entered allmulticast mode
[  203.862843][T10668] FAULT_INJECTION: forcing a failure.
[  203.862843][T10668] name failslab, interval 1, probability 0, space 0, times 0
[  203.895207][T10668] CPU: 0 UID: 0 PID: 10668 Comm: syz.0.1399 Not tainted syzkaller #0 PREEMPT(full) 
[  203.895233][T10668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  203.895245][T10668] Call Trace:
[  203.895253][T10668]  <TASK>
[  203.895261][T10668]  dump_stack_lvl+0x189/0x250
[  203.895290][T10668]  ? __pfx____ratelimit+0x10/0x10
[  203.895311][T10668]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.895334][T10668]  ? __pfx__printk+0x10/0x10
[  203.895358][T10668]  ? trace_contention_end+0x39/0x120
[  203.895393][T10668]  should_fail_ex+0x414/0x560
[  203.895426][T10668]  should_failslab+0xa8/0x100
[  203.895457][T10668]  kmem_cache_alloc_noprof+0x73/0x3c0
[  203.895482][T10668]  ? skb_clone+0x212/0x3a0
[  203.895519][T10668]  skb_clone+0x212/0x3a0
[  203.895565][T10668]  __netlink_deliver_tap+0x404/0x850
[  203.895600][T10668]  ? netlink_deliver_tap+0x2e/0x1b0
[  203.895623][T10668]  netlink_deliver_tap+0x19c/0x1b0
[  203.895647][T10668]  netlink_dump+0x92b/0xe90
[  203.895679][T10668]  ? __pfx_netlink_dump+0x10/0x10
[  203.895719][T10668]  ? kmem_cache_free+0x18f/0x400
[  203.895752][T10668]  netlink_recvmsg+0x676/0xa30
[  203.895784][T10668]  ? __pfx_netlink_recvmsg+0x10/0x10
[  203.895811][T10668]  ? __lock_acquire+0xab9/0xd20
[  203.895838][T10668]  ? aa_sock_msg_perm+0xf1/0x1d0
[  203.895878][T10668]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  203.895903][T10668]  ? __pfx_netlink_recvmsg+0x10/0x10
[  203.895929][T10668]  sock_recvmsg_nosec+0x186/0x1c0
[  203.895968][T10668]  ____sys_recvmsg+0x3aa/0x460
[  203.896006][T10668]  ? __pfx_____sys_recvmsg+0x10/0x10
[  203.896052][T10668]  ? import_iovec+0x74/0xa0
[  203.896085][T10668]  ___sys_recvmsg+0x1b5/0x510
[  203.896120][T10668]  ? __pfx____sys_recvmsg+0x10/0x10
[  203.896184][T10668]  ? __might_fault+0xb0/0x130
[  203.896218][T10668]  do_recvmmsg+0x307/0x770
[  203.896257][T10668]  ? __pfx_do_recvmmsg+0x10/0x10
[  203.896300][T10668]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  203.896356][T10668]  __x64_sys_recvmmsg+0x190/0x240
[  203.896386][T10668]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  203.896412][T10668]  ? rcu_is_watching+0x15/0xb0
[  203.896438][T10668]  ? do_syscall_64+0xbe/0x3b0
[  203.896465][T10668]  do_syscall_64+0xfa/0x3b0
[  203.896486][T10668]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.896513][T10668]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.896533][T10668]  ? clear_bhb_loop+0x60/0xb0
[  203.896557][T10668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.896577][T10668] RIP: 0033:0x7f569618eec9
[  203.896595][T10668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.896613][T10668] RSP: 002b:00007f5696fe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  203.896634][T10668] RAX: ffffffffffffffda RBX: 00007f56963e5fa0 RCX: 00007f569618eec9
[  203.896649][T10668] RDX: 0000000000000004 RSI: 00002000000003c0 RDI: 0000000000000003
[  203.896662][T10668] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  203.896674][T10668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.896686][T10668] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  203.896719][T10668]  </TASK>
[  204.284626][T10677] netlink: 'syz.1.1402': attribute type 10 has an invalid length.
[  204.670650][T10694] __nla_validate_parse: 8 callbacks suppressed
[  204.670671][T10694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1408'.
[  204.730273][T10694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1408'.
[  204.939592][T10701] veth0: entered promiscuous mode
[  204.949539][T10701] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1411'.
[  205.017412][T10700] veth0: left promiscuous mode
[  205.196108][T10721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1417'.
[  205.307573][T10733] FAULT_INJECTION: forcing a failure.
[  205.307573][T10733] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.374776][T10733] CPU: 1 UID: 0 PID: 10733 Comm: syz.0.1420 Not tainted syzkaller #0 PREEMPT(full) 
[  205.374802][T10733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  205.374814][T10733] Call Trace:
[  205.374822][T10733]  <TASK>
[  205.374831][T10733]  dump_stack_lvl+0x189/0x250
[  205.374859][T10733]  ? __pfx____ratelimit+0x10/0x10
[  205.374880][T10733]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.374902][T10733]  ? __pfx__printk+0x10/0x10
[  205.374929][T10733]  ? __might_fault+0xb0/0x130
[  205.374966][T10733]  should_fail_ex+0x414/0x560
[  205.375000][T10733]  _copy_from_user+0x2d/0xb0
[  205.375026][T10733]  ___sys_sendmsg+0x158/0x2a0
[  205.375053][T10733]  ? __pfx____sys_sendmsg+0x10/0x10
[  205.375113][T10733]  ? __fget_files+0x2a/0x420
[  205.375129][T10733]  ? __fget_files+0x3a0/0x420
[  205.375156][T10733]  __x64_sys_sendmsg+0x19b/0x260
[  205.375183][T10733]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  205.375217][T10733]  ? __pfx_ksys_write+0x10/0x10
[  205.375240][T10733]  ? rcu_is_watching+0x15/0xb0
[  205.375264][T10733]  ? do_syscall_64+0xbe/0x3b0
[  205.375289][T10733]  do_syscall_64+0xfa/0x3b0
[  205.375308][T10733]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.375328][T10733]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.375346][T10733]  ? clear_bhb_loop+0x60/0xb0
[  205.375369][T10733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.375388][T10733] RIP: 0033:0x7f569618eec9
[  205.375403][T10733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.375437][T10733] RSP: 002b:00007f5696fe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.375458][T10733] RAX: ffffffffffffffda RBX: 00007f56963e5fa0 RCX: 00007f569618eec9
[  205.375472][T10733] RDX: 0000000020000040 RSI: 0000200000000080 RDI: 0000000000000003
[  205.375485][T10733] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  205.375497][T10733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.375508][T10733] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  205.375539][T10733]  </TASK>
[  205.758640][T10745] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  206.342262][T10778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1438'.
[  206.367120][T10780] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  206.370730][T10778] netlink: 'syz.1.1438': attribute type 13 has an invalid length.
[  206.458936][T10778] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.473310][T10778] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  206.536097][ T6361] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  206.554869][T10789] FAULT_INJECTION: forcing a failure.
[  206.554869][T10789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.579550][T10789] CPU: 1 UID: 0 PID: 10789 Comm: syz.3.1440 Not tainted syzkaller #0 PREEMPT(full) 
[  206.579576][T10789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  206.579589][T10789] Call Trace:
[  206.579597][T10789]  <TASK>
[  206.579606][T10789]  dump_stack_lvl+0x189/0x250
[  206.579634][T10789]  ? __pfx____ratelimit+0x10/0x10
[  206.579657][T10789]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.579683][T10789]  ? __pfx__printk+0x10/0x10
[  206.579711][T10789]  ? __might_fault+0xb0/0x130
[  206.579751][T10789]  should_fail_ex+0x414/0x560
[  206.579787][T10789]  _copy_from_user+0x2d/0xb0
[  206.579815][T10789]  ____sys_sendmsg+0x2fe/0x830
[  206.579848][T10789]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.579884][T10789]  ? import_iovec+0x74/0xa0
[  206.579926][T10789]  ___sys_sendmsg+0x21f/0x2a0
[  206.579952][T10789]  ? __pfx____sys_sendmsg+0x10/0x10
[  206.580033][T10789]  ? __fget_files+0x2a/0x420
[  206.580051][T10789]  ? __fget_files+0x3a0/0x420
[  206.580092][T10789]  __x64_sys_sendmsg+0x19b/0x260
[  206.580119][T10789]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  206.580153][T10789]  ? __pfx_ksys_write+0x10/0x10
[  206.580176][T10789]  ? rcu_is_watching+0x15/0xb0
[  206.580201][T10789]  ? do_syscall_64+0xbe/0x3b0
[  206.580227][T10789]  do_syscall_64+0xfa/0x3b0
[  206.580247][T10789]  ? lockdep_hardirqs_on+0x9c/0x150
[  206.580267][T10789]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.580285][T10789]  ? clear_bhb_loop+0x60/0xb0
[  206.580308][T10789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.580327][T10789] RIP: 0033:0x7f6d5598eec9
[  206.580343][T10789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.580359][T10789] RSP: 002b:00007f6d56770038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.580380][T10789] RAX: ffffffffffffffda RBX: 00007f6d55be5fa0 RCX: 00007f6d5598eec9
[  206.580393][T10789] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  206.580406][T10789] RBP: 00007f6d56770090 R08: 0000000000000000 R09: 0000000000000000
[  206.580418][T10789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.580430][T10789] R13: 00007f6d55be6038 R14: 00007f6d55be5fa0 R15: 00007ffd4817c2b8
[  206.580460][T10789]  </TASK>
[  206.804527][ T1140] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  206.935122][T10796] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  206.973726][T10796] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  207.063495][T10803] dvmrp1: entered allmulticast mode
[  207.106046][T10806] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1448'.
[  207.443953][ T5930] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  207.482020][T10824] tipc: Started in network mode
[  207.487059][T10824] tipc: Node identity ce2a83a0b61f, cluster identity 4711
[  207.494878][T10824] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  207.547570][T10824] syzkaller0: entered promiscuous mode
[  207.553386][T10824] syzkaller0: entered allmulticast mode
[  207.564287][T10824] tipc: Resetting bearer <eth:syzkaller0>
[  207.590114][T10824] tipc: Resetting bearer <eth:syzkaller0>
[  208.594318][  T979] tipc: Node number set to 2016773024
[  208.772009][T10824] tipc: Disabling bearer <eth:syzkaller0>
[  208.782349][   T49] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  208.790865][   T49] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  208.884523][ T5930] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  208.957282][T10852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.019766][T10859] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.1465'.
[  209.188980][T10866] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1466'.
[  209.199053][T10866] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1466'.
[  209.401357][T10870] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551614)
[  209.411869][T10870] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647
[  209.689612][T10881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1474'.
[  209.892465][T10890] netlink: 'syz.2.1476': attribute type 27 has an invalid length.
[  209.927865][T10890] netlink: 'syz.2.1476': attribute type 4 has an invalid length.
[  209.947797][T10890] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1476'.
[  209.973873][T10892] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1478'.
[  210.097320][T10892] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1478'.
[  210.297621][T10896] IPVS: set_ctl: invalid protocol: 58 172.30.1.2:20000
[  210.415728][T10902] FAULT_INJECTION: forcing a failure.
[  210.415728][T10902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.467016][T10902] CPU: 1 UID: 0 PID: 10902 Comm: syz.0.1482 Not tainted syzkaller #0 PREEMPT(full) 
[  210.467045][T10902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  210.467059][T10902] Call Trace:
[  210.467067][T10902]  <TASK>
[  210.467076][T10902]  dump_stack_lvl+0x189/0x250
[  210.467118][T10902]  ? __pfx____ratelimit+0x10/0x10
[  210.467141][T10902]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.467166][T10902]  ? __pfx__printk+0x10/0x10
[  210.467213][T10902]  ? __might_fault+0xb0/0x130
[  210.467257][T10902]  should_fail_ex+0x414/0x560
[  210.467308][T10902]  _copy_from_user+0x2d/0xb0
[  210.467337][T10902]  kstrtouint_from_user+0xc4/0x170
[  210.467362][T10902]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  210.467402][T10902]  proc_fail_nth_write+0x88/0x200
[  210.467426][T10902]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  210.467456][T10902]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  210.467481][T10902]  vfs_write+0x27e/0xb30
[  210.467519][T10902]  ? __pfx_vfs_write+0x10/0x10
[  210.467548][T10902]  ? __fget_files+0x2a/0x420
[  210.467571][T10902]  ? __fget_files+0x3a0/0x420
[  210.467588][T10902]  ? __fget_files+0x2a/0x420
[  210.467616][T10902]  ksys_write+0x145/0x250
[  210.467646][T10902]  ? __pfx_ksys_write+0x10/0x10
[  210.467670][T10902]  ? rcu_is_watching+0x15/0xb0
[  210.467697][T10902]  ? do_syscall_64+0xbe/0x3b0
[  210.467725][T10902]  do_syscall_64+0xfa/0x3b0
[  210.467746][T10902]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.467767][T10902]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.467787][T10902]  ? clear_bhb_loop+0x60/0xb0
[  210.467812][T10902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.467832][T10902] RIP: 0033:0x7f569618d97f
[  210.467849][T10902] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  210.467866][T10902] RSP: 002b:00007f5696fe3030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  210.467888][T10902] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f569618d97f
[  210.467902][T10902] RDX: 0000000000000001 RSI: 00007f5696fe30a0 RDI: 0000000000000004
[  210.467915][T10902] RBP: 00007f5696fe3090 R08: 0000000000000000 R09: 0000000000000000
[  210.467927][T10902] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  210.467945][T10902] R13: 00007f56963e6038 R14: 00007f56963e5fa0 R15: 00007ffefe730038
[  210.467982][T10902]  </TASK>
[  211.042820][T10915] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1485'.
[  211.084160][T10915] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1485'.
[  211.123838][T10915] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1485'.
[  211.189289][T10915] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3952. macoff=96
[  211.220708][T10924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1486'.
[  211.263938][T10924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1486'.
[  211.284073][T10924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1486'.
[  212.483327][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  212.691378][T10995] pim6reg1: entered promiscuous mode
[  212.707627][T10995] pim6reg1: entered allmulticast mode
[  213.635554][T11028] sch_tbf: burst 1023 is lower than device lo mtu (65550) !
[  213.693110][T11028] team0: Device gtp0 is of different type
[  214.162112][T11058] FAULT_INJECTION: forcing a failure.
[  214.162112][T11058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.184546][T11058] CPU: 0 UID: 0 PID: 11058 Comm: syz.2.1535 Not tainted syzkaller #0 PREEMPT(full) 
[  214.184577][T11058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  214.184591][T11058] Call Trace:
[  214.184599][T11058]  <TASK>
[  214.184609][T11058]  dump_stack_lvl+0x189/0x250
[  214.184647][T11058]  ? __pfx____ratelimit+0x10/0x10
[  214.184671][T11058]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.184710][T11058]  ? __pfx__printk+0x10/0x10
[  214.184741][T11058]  ? __might_fault+0xb0/0x130
[  214.184784][T11058]  should_fail_ex+0x414/0x560
[  214.184823][T11058]  _copy_from_user+0x2d/0xb0
[  214.184853][T11058]  kstrtouint_from_user+0xc4/0x170
[  214.184881][T11058]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  214.184925][T11058]  proc_fail_nth_write+0x88/0x200
[  214.184969][T11058]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.185002][T11058]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.185030][T11058]  vfs_write+0x27e/0xb30
[  214.185076][T11058]  ? __pfx_vfs_write+0x10/0x10
[  214.185108][T11058]  ? __fget_files+0x2a/0x420
[  214.185134][T11058]  ? __fget_files+0x3a0/0x420
[  214.185153][T11058]  ? __fget_files+0x2a/0x420
[  214.185184][T11058]  ksys_write+0x145/0x250
[  214.185231][T11058]  ? __pfx_ksys_write+0x10/0x10
[  214.185256][T11058]  ? rcu_is_watching+0x15/0xb0
[  214.185285][T11058]  ? do_syscall_64+0xbe/0x3b0
[  214.185314][T11058]  do_syscall_64+0xfa/0x3b0
[  214.185337][T11058]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.185359][T11058]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.185381][T11058]  ? clear_bhb_loop+0x60/0xb0
[  214.185408][T11058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.185428][T11058] RIP: 0033:0x7f563c98d97f
[  214.185447][T11058] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  214.185466][T11058] RSP: 002b:00007f563d7ba030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  214.185489][T11058] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f563c98d97f
[  214.185504][T11058] RDX: 0000000000000001 RSI: 00007f563d7ba0a0 RDI: 0000000000000004
[  214.185518][T11058] RBP: 00007f563d7ba090 R08: 0000000000000000 R09: 0000000000000000
[  214.185532][T11058] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  214.185545][T11058] R13: 00007f563cbe6038 R14: 00007f563cbe5fa0 R15: 00007fffc3e85be8
[  214.185580][T11058]  </TASK>
[  215.142757][T11088] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  215.312148][T11096] __nla_validate_parse: 265 callbacks suppressed
[  215.312168][T11096] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1551'.
[  215.499923][T11108] netlink: 'syz.1.1556': attribute type 10 has an invalid length.
[  215.515452][T11108] bond0: (slave wlan1): Releasing backup interface
[  215.616550][T11114] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1559'.
[  215.959328][T11129] ieee802154 phy1 wpan1: encryption failed: -22
[  216.133082][T11145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1568'.
[  216.143933][T11145] netlink: 'syz.0.1568': attribute type 5 has an invalid length.
[  216.151749][T11145] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1568'.
[  216.184123][T11145] geneve4: entered promiscuous mode
[  216.193275][T11145] geneve4: entered allmulticast mode
[  216.217455][   T13] netdevsim netdevsim0 eth0: set [1, 2] type 2 family 0 port 256 - 0
[  216.233379][   T13] netdevsim netdevsim0 eth1: set [1, 2] type 2 family 0 port 256 - 0
[  216.251091][   T13] netdevsim netdevsim0 eth2: set [1, 2] type 2 family 0 port 256 - 0
[  216.279526][   T13] netdevsim netdevsim0 eth3: set [1, 2] type 2 family 0 port 256 - 0
[  216.308014][T11151] IPv6: NLM_F_CREATE should be specified when creating new route
[  216.322777][T11150] IPv6: NLM_F_CREATE should be specified when creating new route
[  216.587442][T11173] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1574'.
[  216.618809][T11173] 0{X功: entered promiscuous mode
[  216.632227][T11173] 0{X功: left allmulticast mode
[  217.204345][ T5873] Bluetooth: hci0: command tx timeout
[  220.403624][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  234.483375][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  255.607614][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  263.283570][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  317.047188][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  322.163293][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  349.043768][   T31] INFO: task kworker/1:8:6374 blocked for more than 143 seconds.
[  349.051538][   T31]       Not tainted syzkaller #0
[  349.056566][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.065310][   T31] task:kworker/1:8     state:D stack:27016 pid:6374  tgid:6374  ppid:2      task_flags:0x4208060 flags:0x00004000
[  349.077647][   T31] Workqueue: events rfkill_sync_work
[  349.082949][   T31] Call Trace:
[  349.086309][   T31]  <TASK>
[  349.089259][   T31]  __schedule+0x1798/0x4cc0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  349.093865][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  349.099436][   T31]  ? __pfx___schedule+0x10/0x10
[  349.105101][   T31]  ? schedule+0x91/0x360
[  349.109669][   T31]  schedule+0x165/0x360
[  349.113878][   T31]  schedule_preempt_disabled+0x13/0x30
[  349.119366][   T31]  __mutex_lock+0x7e6/0x1350
[  349.124260][   T31]  ? __mutex_lock+0x5bb/0x1350
[  349.129154][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[  349.135188][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  349.153196][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.158438][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  349.193790][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  349.200216][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  349.213303][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[  349.218477][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  349.233181][   T31]  rfkill_set_block+0x1d2/0x440
[  349.238181][   T31]  rfkill_sync_work+0x114/0x200
[  349.243608][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  349.249381][   T31]  process_scheduled_works+0xae1/0x17b0
[  349.255309][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  349.261315][   T31]  worker_thread+0x8a0/0xda0
[  349.266055][   T31]  ? __kthread_parkme+0x7b/0x200
[  349.271037][   T31]  kthread+0x70e/0x8a0
[  349.275189][   T31]  ? __pfx_worker_thread+0x10/0x10
[  349.280312][   T31]  ? __pfx_kthread+0x10/0x10
[  349.285402][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  349.290613][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.295893][   T31]  ? __pfx_kthread+0x10/0x10
[  349.300498][   T31]  ret_from_fork+0x439/0x7d0
[  349.305180][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  349.310312][   T31]  ? __switch_to_asm+0x39/0x70
[  349.315427][   T31]  ? __switch_to_asm+0x33/0x70
[  349.320225][   T31]  ? __pfx_kthread+0x10/0x10
[  349.324950][   T31]  ret_from_fork_asm+0x1a/0x30
[  349.329765][   T31]  </TASK>
[  349.332792][   T31] INFO: task kworker/1:14:6380 blocked for more than 143 seconds.
[  349.340642][   T31]       Not tainted syzkaller #0
[  349.345949][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.354701][   T31] task:kworker/1:14    state:D stack:25320 pid:6380  tgid:6380  ppid:2      task_flags:0x4208060 flags:0x00004000
[  349.366747][   T31] Workqueue: events rfkill_global_led_trigger_worker
[  349.373806][   T31] Call Trace:
[  349.377098][   T31]  <TASK>
[  349.380125][   T31]  __schedule+0x1798/0x4cc0
[  349.384729][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  349.390139][   T31]  ? __pfx___schedule+0x10/0x10
[  349.395055][   T31]  ? schedule+0x91/0x360
[  349.399317][   T31]  schedule+0x165/0x360
[  349.403884][   T31]  schedule_preempt_disabled+0x13/0x30
[  349.409362][   T31]  __mutex_lock+0x7e6/0x1350
[  349.414096][   T31]  ? __mutex_lock+0x5bb/0x1350
[  349.418881][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  349.425221][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  349.430264][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  349.436335][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  349.442070][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[  349.448173][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  349.453932][   T31]  process_scheduled_works+0xae1/0x17b0
[  349.459510][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  349.465915][   T31]  worker_thread+0x8a0/0xda0
[  349.470529][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  349.476889][   T31]  ? __kthread_parkme+0x7b/0x200
[  349.481945][   T31]  kthread+0x70e/0x8a0
[  349.486063][   T31]  ? __pfx_worker_thread+0x10/0x10
[  349.491186][   T31]  ? __pfx_kthread+0x10/0x10
[  349.496151][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  349.501365][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.506676][   T31]  ? __pfx_kthread+0x10/0x10
[  349.511327][   T31]  ret_from_fork+0x439/0x7d0
[  349.516008][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  349.521164][   T31]  ? __switch_to_asm+0x39/0x70
[  349.526309][   T31]  ? __switch_to_asm+0x33/0x70
[  349.531113][   T31]  ? __pfx_kthread+0x10/0x10
[  349.535735][   T31]  ret_from_fork_asm+0x1a/0x30
[  349.540542][   T31]  </TASK>
[  349.543712][   T31] INFO: task syz.4.1257:10268 blocked for more than 143 seconds.
[  349.551446][   T31]       Not tainted syzkaller #0
[  349.556732][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  349.565448][   T31] task:syz.4.1257      state:D stack:25096 pid:10268 tgid:10268 ppid:5882   task_flags:0x400040 flags:0x00004004
[  349.577427][   T31] Call Trace:
[  349.580716][   T31]  <TASK>
[  349.584068][   T31]  __schedule+0x1798/0x4cc0
[  349.588602][   T31]  ? validate_chain+0x897/0x2140
[  349.593636][   T31]  ? __lock_acquire+0xab9/0xd20
[  349.598538][   T31]  ? __pfx___schedule+0x10/0x10
[  349.603746][   T31]  ? schedule+0x91/0x360
[  349.608015][   T31]  schedule+0x165/0x360
[  349.612188][   T31]  schedule_timeout+0x9a/0x270
[  349.617409][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  349.622839][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  349.628157][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.633408][   T31]  ? wait_for_completion+0x267/0x5d0
[  349.638721][   T31]  wait_for_completion+0x2bf/0x5d0
[  349.644197][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  349.649864][   T31]  ? __flush_work+0xd2/0xbc0
[  349.654505][   T31]  ? __flush_work+0xd2/0xbc0
[  349.659104][   T31]  __flush_work+0x9b9/0xbc0
[  349.663716][   T31]  ? __flush_work+0xd2/0xbc0
[  349.668327][   T31]  ? __pfx___flush_work+0x10/0x10
[  349.673817][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  349.679143][   T31]  ? __pfx___cancel_work+0x10/0x10
[  349.684402][   T31]  ? nfc_genl_device_removed+0x23c/0x330
[  349.690076][   T31]  __cancel_work_sync+0xbe/0x110
[  349.695077][   T31]  rfkill_unregister+0x92/0x220
[  349.699959][   T31]  nfc_unregister_device+0x96/0x2a0
[  349.705582][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  349.711326][   T31]  virtual_ncidev_close+0x56/0x90
[  349.716392][   T31]  __fput+0x44c/0xa70
[  349.720399][   T31]  task_work_run+0x1d1/0x260
[  349.725054][   T31]  ? __pfx_task_work_run+0x10/0x10
[  349.730184][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  349.735931][   T31]  exit_to_user_mode_loop+0xec/0x110
[  349.741222][   T31]  do_syscall_64+0x2bd/0x3b0
[  349.745895][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.751970][   T31]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  349.758185][   T31]  ? clear_bhb_loop+0x60/0xb0
[  349.762903][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.769400][   T31] RIP: 0033:0x7ff8f918eec9
[  349.773956][   T31] RSP: 002b:00007ffcdd0b8958 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  349.782397][   T31] RAX: 0000000000000000 RBX: 00007ff8f93e7da0 RCX: 00007ff8f918eec9
[  349.790458][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  349.798661][   T31] RBP: 00007ff8f93e7da0 R08: 00000000000001d8 R09: 0000001add0b8c4f
[  349.806710][   T31] R10: 00007ff8f93e7cb0 R11: 0000000000000246 R12: 000000000002fd78
[  349.814737][   T31] R13: 00007ff8f93e6090 R14: ffffffffffffffff R15: 00007ffcdd0b8a70
[  349.822752][   T31]  </TASK>
[  349.826257][   T31] 
[  349.826257][   T31] Showing all locks held in the system:
[  349.837183][   T31] 1 lock held by ksoftirqd/1/23:
[  349.842160][   T31]  #0: ffff8880b8739f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  349.852666][   T31] 1 lock held by khungtaskd/31:
[  349.858196][   T31]  #0: ffffffff8e13a0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  349.868139][   T31] 2 locks held by getty/5626:
[  349.872828][   T31]  #0: ffff8880300d60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  349.882878][   T31]  #1: ffffc900036c32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  349.894381][   T31] 4 locks held by kworker/1:8/6374:
[  349.899593][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  349.910657][   T31]  #1: ffffc9000b097bc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  349.923668][   T31]  #2: ffffffff8f813fe8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[  349.933844][   T31]  #3: ffff888029024100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[  349.943605][   T31] 3 locks held by kworker/1:14/6380:
[  349.948895][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  349.960215][   T31]  #1: ffffc9000b0f7bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  349.974068][   T31]  #2: ffffffff8f813fe8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  349.985979][   T31] 1 lock held by syz.4.1257/10268:
[  349.991108][   T31]  #0: ffff888029024100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  350.001005][   T31] 2 locks held by syz-executor/10918:
[  350.006561][   T31]  #0: ffff888029b24918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x650
[  350.017030][   T31]  #1: ffffffff8f813fe8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  350.027192][   T31] 3 locks held by syz.1.1565/11134:
[  350.032401][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.041101][   T31]  #1: ffff888032d91100 (&dev->mutex){....}-{4:4}, at: nfc_register_device+0xa1/0x320
[  350.050960][   T31]  #2: ffffffff8f813fe8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  350.060929][   T31] 1 lock held by syz.0.1570/11153:
[  350.066078][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.074931][   T31] 1 lock held by syz.2.1574/11162:
[  350.080058][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.088562][   T31] 1 lock held by syz.3.1580/11189:
[  350.093720][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.102209][   T31] 1 lock held by syz-executor/11195:
[  350.107833][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.116352][   T31] 1 lock held by syz-executor/11196:
[  350.121657][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.130140][   T31] 1 lock held by syz-executor/11199:
[  350.135769][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.144312][   T31] 1 lock held by syz-executor/11200:
[  350.149603][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.158129][   T31] 1 lock held by syz-executor/11207:
[  350.163802][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.172374][   T31] 1 lock held by syz-executor/11211:
[  350.177681][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.186214][   T31] 1 lock held by syz-executor/11212:
[  350.191516][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.200320][   T31] 1 lock held by syz-executor/11215:
[  350.205642][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.214156][   T31] 1 lock held by syz-executor/11216:
[  350.219439][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.228319][   T31] 1 lock held by syz-executor/11223:
[  350.233656][   T31]  #0: ffffffff8e9c2708 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  350.242157][   T31] 
[  350.244680][   T31] =============================================
[  350.244680][   T31] 
[  350.253583][   T31] NMI backtrace for cpu 1
[  350.253601][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  350.253639][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  350.253651][   T31] Call Trace:
[  350.253659][   T31]  <TASK>
[  350.253668][   T31]  dump_stack_lvl+0x189/0x250
[  350.253701][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  350.253726][   T31]  ? __pfx__printk+0x10/0x10
[  350.253769][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  350.253803][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  350.253837][   T31]  ? __pfx__printk+0x10/0x10
[  350.253873][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  350.253911][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  350.253948][   T31]  watchdog+0xf93/0xfe0
[  350.253984][   T31]  ? watchdog+0x1de/0xfe0
[  350.254027][   T31]  kthread+0x70e/0x8a0
[  350.254056][   T31]  ? __pfx_watchdog+0x10/0x10
[  350.254085][   T31]  ? __pfx_kthread+0x10/0x10
[  350.254113][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  350.254133][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.254154][   T31]  ? __pfx_kthread+0x10/0x10
[  350.254182][   T31]  ret_from_fork+0x439/0x7d0
[  350.254207][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  350.254246][   T31]  ? __switch_to_asm+0x39/0x70
[  350.254272][   T31]  ? __switch_to_asm+0x33/0x70
[  350.254296][   T31]  ? __pfx_kthread+0x10/0x10
[  350.254322][   T31]  ret_from_fork_asm+0x1a/0x30
[  350.254364][   T31]  </TASK>
[  350.254372][   T31] Sending NMI from CPU 1 to CPUs 0:
[  350.400896][    C0] NMI backtrace for cpu 0
[  350.400912][    C0] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) 
[  350.400931][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  350.400942][    C0] Workqueue: events_unbound toggle_allocation_gate
[  350.400972][    C0] RIP: 0010:do_raw_spin_lock+0x121/0x290
[  350.401002][    C0] Code: 0f 84 f3 00 00 00 c7 44 24 40 00 00 00 00 48 89 df be 04 00 00 00 e8 1e 2b 85 00 48 8d 7c 24 40 be 04 00 00 00 e8 0f 2b 85 00 <8b> 44 24 40 b9 01 00 00 00 f0 0f b1 0b 0f 85 dd 00 00 00 65 8b 1d
[  350.401017][    C0] RSP: 0018:ffffc90000127580 EFLAGS: 00000297
[  350.401030][    C0] RAX: 00000000ffffff01 RBX: ffff88801a47b060 RCX: ffffffff819e03e1
[  350.401043][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc900001275c0
[  350.401054][    C0] RBP: ffffc90000127638 R08: 0000000000000003 R09: 0000000000000004
[  350.401064][    C0] R10: dffffc0000000000 R11: fffff52000024eb8 R12: ffff88801a47b070
[  350.401076][    C0] R13: ffff88801a47b068 R14: 1ffff1100348f60e R15: 1ffff1100348f60d
[  350.401090][    C0] FS:  0000000000000000(0000) GS:ffff888125c12000(0000) knlGS:0000000000000000
[  350.401114][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  350.401124][    C0] CR2: 00007f52a0d17d60 CR3: 000000000df36000 CR4: 00000000003526f0
[  350.401138][    C0] Call Trace:
[  350.401144][    C0]  <TASK>
[  350.401151][    C0]  ? __pte_offset_map_lock+0x13e/0x210
[  350.401173][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  350.401197][    C0]  __pte_offset_map_lock+0x13e/0x210
[  350.401220][    C0]  ? __kmalloc_cache_noprof+0x83/0x3d0
[  350.401242][    C0]  __text_poke+0x2e6/0xa10
[  350.401266][    C0]  ? __pfx_text_poke_memcpy+0x10/0x10
[  350.401286][    C0]  ? __kmalloc_cache_noprof+0x83/0x3d0
[  350.401308][    C0]  ? __pfx___text_poke+0x10/0x10
[  350.401326][    C0]  ? rcu_is_watching+0x15/0xb0
[  350.401342][    C0]  ? trace_contention_end+0x39/0x120
[  350.401364][    C0]  smp_text_poke_batch_finish+0xd0f/0x1130
[  350.401391][    C0]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  350.401415][    C0]  ? arch_jump_label_transform_queue+0x97/0x110
[  350.401465][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  350.401492][    C0]  static_key_enable_cpuslocked+0x128/0x250
[  350.401519][    C0]  static_key_enable+0x1a/0x20
[  350.401542][    C0]  toggle_allocation_gate+0xad/0x240
[  350.401566][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  350.401591][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  350.401611][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  350.401626][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  350.401643][    C0]  process_scheduled_works+0xae1/0x17b0
[  350.401672][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  350.401697][    C0]  worker_thread+0x8a0/0xda0
[  350.401726][    C0]  kthread+0x70e/0x8a0
[  350.401749][    C0]  ? __pfx_worker_thread+0x10/0x10
[  350.401765][    C0]  ? __pfx_kthread+0x10/0x10
[  350.401786][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  350.401802][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.401818][    C0]  ? __pfx_kthread+0x10/0x10
[  350.401849][    C0]  ret_from_fork+0x439/0x7d0
[  350.401866][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  350.401884][    C0]  ? __switch_to_asm+0x39/0x70
[  350.401905][    C0]  ? __switch_to_asm+0x33/0x70
[  350.401924][    C0]  ? __pfx_kthread+0x10/0x10
[  350.401944][    C0]  ret_from_fork_asm+0x1a/0x30
[  350.401972][    C0]  </TASK>
[  350.402908][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  350.402928][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  350.402957][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  350.402973][   T31] Call Trace:
[  350.402984][   T31]  <TASK>
[  350.402995][   T31]  dump_stack_lvl+0x99/0x250
[  350.403027][   T31]  ? __asan_memcpy+0x40/0x70
[  350.403057][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  350.403093][   T31]  ? __pfx__printk+0x10/0x10
[  350.403143][   T31]  vpanic+0x281/0x750
[  350.403176][   T31]  ? __pfx_vpanic+0x10/0x10
[  350.403205][   T31]  ? preempt_schedule+0xae/0xc0
[  350.403232][   T31]  ? preempt_schedule_common+0x83/0xd0
[  350.403267][   T31]  panic+0xb9/0xc0
[  350.403295][   T31]  ? __pfx_panic+0x10/0x10
[  350.403327][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  350.403373][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  350.403415][   T31]  watchdog+0xfd2/0xfe0
[  350.403456][   T31]  ? watchdog+0x1de/0xfe0
[  350.403507][   T31]  kthread+0x70e/0x8a0
[  350.403544][   T31]  ? __pfx_watchdog+0x10/0x10
[  350.403578][   T31]  ? __pfx_kthread+0x10/0x10
[  350.403612][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  350.403638][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  350.403662][   T31]  ? __pfx_kthread+0x10/0x10
[  350.403694][   T31]  ret_from_fork+0x439/0x7d0
[  350.403737][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  350.403780][   T31]  ? __switch_to_asm+0x39/0x70
[  350.403806][   T31]  ? __switch_to_asm+0x33/0x70
[  350.403832][   T31]  ? __pfx_kthread+0x10/0x10
[  350.403861][   T31]  ret_from_fork_asm+0x1a/0x30
[  350.403906][   T31]  </TASK>
[  350.881413][   T31] Kernel Offset: disabled
[  350.885733][   T31] Rebooting in 86400 seconds..