last executing test programs:

2.255232581s ago: executing program 1 (id=1784):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000001cc0)=[{&(0x7f0000001d80)=""/4106, 0x100a}, {&(0x7f0000001280)=""/209, 0xd1}, {&(0x7f00000003c0)=""/41, 0x29}, {&(0x7f0000000700)=""/186, 0xba}, {&(0x7f0000001a00)=""/96, 0x60}, {&(0x7f0000000400)=""/43, 0x2b}], 0x6}, 0x3}], 0x1, 0x0, 0x0)

2.004014826s ago: executing program 2 (id=1787):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_IE={0x4}]}, 0x2c}}, 0x0)

2.003629156s ago: executing program 1 (id=1788):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000300)={0x18, 0x30, 0x93b0c46b16d49b1b, 0x0, 0x0, "", [@nested={0x6, 0x0, 0x0, 0x1, [@generic="3004"]}]}, 0x18}], 0x1}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_newroute={0x44, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x0, @LWTUNNEL_IP6_DST={0x14, 0x2, @private1}}, @RTA_OIF={0x8, 0x4, r1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

1.763943119s ago: executing program 2 (id=1792):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xe, &(0x7f0000000340)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffded, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xfffff000}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket(0x11, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x6, 0x5452, 0x0, 0x18fa, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3, 0xa}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000", @ANYRES32=r3], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r4 = socket$packet(0x11, 0x0, 0x300)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x14, 0x4, 0x4, 0x448, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r5, 0x0, &(0x7f00000000c0)=""/193}, 0x20)
setsockopt$packet_int(r4, 0x107, 0x0, &(0x7f0000000040)=0x200, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r0)

1.754968573s ago: executing program 1 (id=1794):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000100)="90", 0x1, 0x0, 0x0, 0x0)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r2, 0x89f5, &(0x7f00000013c0)={'sit0\x00', &(0x7f0000001380)={@private=0xa010101, 0x0, 0x0, 0x10, 0x0, [{}]}})
sendmsg$nl_route(r5, &(0x7f0000000540)={0x0, 0x7, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001300a7cc5a8100ae541d002007000000", @ANYRES32=r4, @ANYBLOB="00000a00100000801c001a80080002802d03fa0408000200f47b0c0d"], 0x44}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbfa, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x48445)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000cc0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='jbd2_handle_stats\x00', r8}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x26e1, 0x0)
ioctl$TUNSETIFINDEX(r7, 0x400454da, &(0x7f0000000640)=r6)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000080)={{0xeb9f, 0x2, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000300)=""/4096, 0x1a, 0x1000, 0x1}, 0x20)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000680)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b800294429118927"], 0xfdef)
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000001340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001300)={&(0x7f0000000280)={0x20, 0x1, 0x9, 0x101, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x5}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4004001}, 0x4004000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000060000000600000000200000009000032290279b55b0005000002000000000a00000002000000e5c9ffff0e0000000400000008ba902a0300000001000000010001000c00000004000000ad3e00000600000002000000170d00000000000000000003000000000300000003000000ae0000000000"], 0x0, 0x7a}, 0x20)

1.664208442s ago: executing program 0 (id=1795):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x2, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x1100}, [@call={0x85, 0x0, 0x0, 0xa9}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.536203273s ago: executing program 0 (id=1798):
socket$igmp6(0xa, 0x3, 0x2)
socket$alg(0x26, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r0}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x54, 0x2, 0x6, 0x801, 0x7000000, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x15}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000058000000030a01080000000000000000010000000900030073797a32000000002c0004800800024017bef2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c00028008000240000000030800034000000001080001400000000f08000240000000030800014000000009000000400000000f080001400000000214000000110001"], 0x128}}, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r4=>0x0})
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x100010, 0xffffffffffffffff, 0x0)
bind$can_j1939(r3, &(0x7f0000001200)={0x1d, r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00'}, 0x48)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3a, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000800002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0312da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d4270640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca6bbfe4ba8c215129a7bccb223222ff1a43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b463890ace6cb23d4f82f398ba2944ddaba606cd163246c455d642ffb22a4b9055c4dd3d16f69587e6083df4bc6dec75713b5465c4aad1e18cc443e300"/4521], &(0x7f0000000100)='GPL\x00', 0x800}, 0x90)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r6, r6, 0x2f, 0x0, 0x0, @prog_fd}, 0x20)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000440), 0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
unshare(0x24020400)
socket$inet6_tcp(0xa, 0x1, 0x0)

1.533088016s ago: executing program 2 (id=1799):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'veth0_to_team\x00', &(0x7f0000000040)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0xffffffffffffff40}, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x3a, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000008000014001280090001007665746800000000040002800800200001"], 0x3c}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800500010004002000080020"], 0x4c}}, 0x0)

1.349665835s ago: executing program 1 (id=1803):
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYRESDEC=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x26e1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='jbd2_update_log_tail\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x787}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='jbd2_update_log_tail\x00', r5}, 0x10)
ioctl$TUNSETOFFLOAD(r3, 0x4004662b, 0x20001412)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x14}}, 0x0)
r6 = socket$inet6(0xa, 0x4, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'veth0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000080)={@loopback={0x2, 0x3fc}, 0x0, r7})
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r8, 0x800452d2, &(0x7f0000000100))
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000016c0)={0x6, 0x9, &(0x7f00000014c0)=@raw=[@printk={@llu, {}, {}, {0x7, 0x0, 0x5}}, @exit], &(0x7f0000001540)='GPL\x00', 0x8}, 0x90)
r9 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_opts(r9, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
sendmsg$inet(r9, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @private}, 0x10, &(0x7f0000000280)=[{&(0x7f00000001c0)="08001efbb07d586e", 0x8}], 0x1, 0x0, 0x0, 0x60000000}, 0x0)
setsockopt$ax25_int(r0, 0x101, 0x6, &(0x7f0000000800)=0x40, 0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x22)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000002c0)={0x7ff, 0x21a3db0ca81acf1c, 0x1, 0x3f, <r11=>0x0}, &(0x7f0000000300)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r10, 0x84, 0x66, &(0x7f0000000340)={r11, 0x5}, &(0x7f0000000380)=0x8)
syz_emit_ethernet(0x5a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004500004c006a16081ab234be1d745fe60000000021907800000000ffffffff05009078ac1414bb4c0000000000000000000000ac1414bbac141400441c00"/86], 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

1.132076933s ago: executing program 0 (id=1805):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYRES16=r0], 0x0, 0x24bb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x3, 0x3fe, 0x4786, 0x0, r0, 0x1f, '\x00', 0x0, r0, 0x0, 0x1, 0x0, 0xe}, 0x29)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
syz_emit_ethernet(0x76, &(0x7f00000002c0)=ANY=[@ANYRES32=r0, @ANYRES16=r4, @ANYRES64=r2], 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = socket$packet(0x11, 0x0, 0x300)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000700), 0xffffffffffffffff)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xa, 0x4, 0x4, 0x8, 0x10}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000280)='%ps    \x00'}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x2, r8}, 0x38)
recvmmsg(r6, &(0x7f0000000340)=[{{&(0x7f0000000540)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000040), 0x2}, 0x3}], 0x1, 0x12060, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYRESHEX=r0, @ANYRES32=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r5}, &(0x7f0000000280), &(0x7f0000000380)=r9}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000540)=ANY=[], 0x0, 0x80, 0x0, 0x0, 0x41000, 0x0, '\x00', r4}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
socketpair(0x0, 0x1, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r10}, 0x10)
r11 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r11, 0x10f, 0x87, &(0x7f0000000200)={0x41}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r11, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x2, 0x3}, 0x10)

933.439933ms ago: executing program 3 (id=1809):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xe, &(0x7f0000000340)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffded, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xfffff000}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket(0x11, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x6, 0x5452, 0x0, 0x18fa, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x3, 0xa}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000", @ANYRES32=r3], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r4 = socket$packet(0x11, 0x0, 0x300)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x14, 0x4, 0x4, 0x448, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r5, 0x0, &(0x7f00000000c0)=""/193}, 0x20)
setsockopt$packet_int(r4, 0x107, 0x0, &(0x7f0000000040)=0x200, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r0)

932.923384ms ago: executing program 0 (id=1810):
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@remote, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x22, &(0x7f0000000080)={@mcast2, 0x800, 0x0, 0x3, 0x0, 0x0, 0x80}, 0x20)

896.231522ms ago: executing program 1 (id=1811):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r1, &(0x7f000000a040), 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
getsockopt$bt_sco_SCO_CONNINFO(r3, 0x11, 0x2, &(0x7f0000000100)=""/152, &(0x7f0000000040)=0x98)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000540)={0x0, 0x7, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001300a7cc5a8100ae541d0020070088a8", @ANYRES32=r2, @ANYBLOB="00000a00100000801c001a80080002802d03fa0408000200f47b0c0d"], 0x44}}, 0x0)

848.579208ms ago: executing program 4 (id=1812):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="0400000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000120080850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000007000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

810.606597ms ago: executing program 0 (id=1813):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r1, 0x200, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_ENABLED={0x5, 0x29, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x400c0d0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'macvlan0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r3)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x13, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_idx={0x18, 0x7, 0x5, 0x0, 0x2}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000002c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00, 0x48, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x5, 0xb, 0x7, 0x77e}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000340)=[0x1, 0x1, 0x1, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x1f}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000001c0)='f2fs_write_checkpoint\x00', r4}, 0x10)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f0000000480)={0x0, 0x36, 0x8001, 0x4}, 0x8)
r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_WANTLQI(r7, 0x0, 0x3, &(0x7f00000004c0)=0x1, 0x4)
ioctl$AUTOFS_IOC_PROTOVER(r5, 0x80049363, &(0x7f0000000500))
ioctl$sock_inet_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000540)={'pim6reg1\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1c}}})
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000580), &(0x7f00000005c0)=0x4)
r9 = accept(r3, 0x0, &(0x7f0000000600))
accept$ax25(r9, 0x0, &(0x7f0000000640))
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r10, 0x89f1, &(0x7f0000000700)={'ip6_vti0\x00', &(0x7f0000000680)={'ip6gre0\x00', r2, 0x2f, 0x7f, 0x3d, 0x1, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, @private0, 0x80, 0x80, 0x4}})
setsockopt$inet6_dccp_buf(r9, 0x21, 0xe, &(0x7f0000000740)="291c60ebd5a446243d4581d0f967fe559e1dc7da68171bee478811e42746fa4e90582073d720a4bca64cdbbbf745e111877d24e4a0c4521bbf214ab06ffa49b95c8131c0935bbcabcb2a7446919b205420ccc44f66e08fcb4f0ea058c9983dc386820961658aeb0476f7fdede0c70692ef091b4f4ea4dcad0b91bc0213743992629423ad1ebdb64b82f7ee3e7341d39081918c4cfd", 0x95)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='qrtr_ns_service_announce_del\x00', r4}, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f00000008c0), r9)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000900)={'batadv_slave_0\x00', <r12=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000009c0)={0x1, 0x58, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r13=>0x0}}, 0x10)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000a00)={0x11, 0x0, <r14=>0x0}, &(0x7f0000000a40)=0x14)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r9, 0x89f2, &(0x7f0000000b00)={'syztnl0\x00', &(0x7f0000000a80)={'gre0\x00', <r15=>r2, 0x1, 0x80, 0x1ff, 0x10000, {{0x17, 0x4, 0x3, 0x5, 0x5c, 0x68, 0x0, 0x40, 0x2f, 0x0, @remote, @broadcast, {[@end, @rr={0x7, 0x13, 0x67, [@multicast1, @private=0xa010102, @private=0xa010102, @private=0xa010102]}, @generic={0x86, 0x7, "9b335b80ef"}, @timestamp_addr={0x44, 0x2c, 0x9c, 0x1, 0x6, [{@broadcast, 0xfcbe}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7fffffff}, {@loopback, 0x3}, {@dev={0xac, 0x14, 0x14, 0x1a}, 0x3}, {@dev={0xac, 0x14, 0x14, 0x36}, 0x3b}]}]}}}}})
sendmsg$ETHTOOL_MSG_WOL_GET(r3, &(0x7f0000000c40)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b40)={0xa0, r11, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x20000800}, 0x4c000)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r0, &(0x7f0000000d40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x14, r1, 0x2, 0x70bd2d, 0x25dfdbff, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x8000)
connect$inet(r8, &(0x7f0000000d80)={0x2, 0x4e21, @remote}, 0x10)

809.413078ms ago: executing program 3 (id=1814):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@bloom_filter={0x1e, 0x7fffffff, 0x200, 0x0, 0x210, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1, 0xb}, 0x48)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
socket$igmp6(0xa, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x17, 0x8, &(0x7f0000000200)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYBLOB="0000000000000000b70300000000000085007d00000000004000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@map=r1, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x44}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000880)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0000000055f51ae0d61fe4c534184a2d3de4a4001000008dae5709dfd26f51681c281c68f0dba1cd6fad706cff3b27fbfc2a4123989cd0acce0ab55a42994930c73c931c23f8c0cecaa8d3df87e43985acc8fc2ad05e1a14229e93f4284c21a51b41ddf35b4015106138277e8f612639e36dd59b9809fd4dd403dbb39b32da4a84f48701d4c174715afd9bef4a22495a8e64dacf95d6ac9ba3703de2e582db8595a7d7d0cf67f8ba496ddfe59a72fb4c172697b03669dc22bc4a823f710c572f2affa957674c909089cf9a6a54259f4b33d0c13b3e0249ae9255bb5cc7b18f7a20dfa36e7cc87ec1929765790624bb5168dd810b6ba86b7a465dab672d7d844a2f706ffa"], 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10}}}]}, 0x44}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

719.9573ms ago: executing program 1 (id=1815):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x7, &(0x7f0000000400)=[{0x30, 0xfc, 0x0, 0x8}, {0x7, 0x4, 0xff}, {0x8, 0x0, 0x8, 0xb6}, {0x9, 0x1, 0x48, 0x9}, {0x6, 0x0, 0x3f, 0x80000001}, {0x1ff, 0x3f, 0x9, 0x7}, {0x4, 0x7f, 0xe8, 0x3}]}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)=@newlink={0x50, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6}, @IFLA_GRE_ENCAP_SPORT={0x6}]}}}]}, 0x50}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r7=>0x0})
ioctl$BTRFS_IOC_SCRUB(r6, 0xc400941b, &(0x7f0000000640)={0x0, 0x81, 0x1f, 0x1})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)={0x654, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}], @NL80211_ATTR_CSA_IES={0x628, 0xb9, 0x0, 0x1, [@beacon_params=[@NL80211_ATTR_PROBE_RESP={0x1ca, 0x91, "35e4ef3bba110dd2e44ccd18c78e02743c08bad53c58d5584448f8ab08e22f6d4109e60f1063332ca5af8b90c21571bacffb5a4557ea46c2a0c184a6f2c0dfbe44b6d8579958c95a4be8b1d831fa10e19a4dde6b703da971319426a507f526248d77b4f991f401befce553bb2148175d6b01a5988373ffe6ecd2121e59a3c09a2114922e333b39bd26fcb49297118882aeb2a8bcb027d4ca24bf3dda6e2fd614afcc60992b3488a58b945f6839f6b918eceb4083f75aef715692d9b23313c8adb0cfd91fe34782a9e3302b7fa2dd53dfb50d911d04df226ac253965bc074e0065702d47b746c737c656c064f1e492771b781b0dbdaa462e6f71ac3563ee140916599789abce69259ca62ea21deb71659b57eb98db8a8b1304b308f2af09dbbae86176ecb75127f540c272b70b406be84eac0bd0c04e0b88b3a4fa79e87b4aa21cf4b073aab8a86a3b5cbc85e3e7ee1259cf487594863abb124a67bc1522c9b6b6d22762bbe82e7231c2d4db20cb12e0923522cb59c4cc3e25e0abecfed3c6736d13f6c56f3db2bc1ff442f2576eb1f794e68ca42218bfc08e6770e715b0c9e07aed3857396f054af0b7eb339f2d21e3e2c330dde0ba87833e200abe567dffd57c4ca468c832e"}, @NL80211_ATTR_BEACON_HEAD={0x435, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x10}, @device_a, @broadcast, @initial, {0x0, 0x1}, @value=@ver_80211n={0x0, 0x1, 0x1, 0x2, 0x0, 0x1}}, 0x5, @random=0x7, 0x5, @val={0x0, 0x1c, @random="fef0cc42366a1393c0f6a965f0180b117b2d48ba88e5ed446fdc960c"}, @val={0x1, 0x7, [{0x1, 0x1}, {0x16}, {0x18, 0x1}, {0x24, 0x1}, {0xb}, {0x5, 0x1}, {0x60, 0x1}]}, @void, @val={0x4, 0x6, {0x4, 0x3f, 0x0, 0x1}}, @val={0x6, 0x2, 0x3}, @val={0x5, 0x10, {0x5, 0x58, 0x6, "9850406c6cee38558d3ff6b040"}}, @void, @val={0x2a, 0x1, {0x0, 0x0, 0x1}}, @val={0x3c, 0x4, {0x1, 0x96, 0xa9, 0x4}}, @val={0x2d, 0x1a, {0x2000, 0x1, 0x7, 0x0, {0x6, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}, 0x400, 0x7fffffff, 0x80}}, @void, @val={0x71, 0x7, {0x1, 0xffffffffffffffff, 0x1, 0x0, 0x1, 0x9, 0x40}}, @val={0x76, 0x6, {0x1, 0xff, 0x21, 0x7f}}, [{0xdd, 0x8e, "1156c04cf6f54991916792a88778ea7712d5e17cc8f9a5eca12fee0138b5cdbb84692db53eb68ea222793db959b8fad0528beb14018e31c1400b69bfc3ec94f375cd1f3427fecfd535f454ee8f264d04935028e7bb21b0c71c9c19bc075b073e8cb3c3dcba766fcab90c9caaf8e3b2a9a9a80b6e8b0ec9fe3368cc692ab41ecb2068b24c6b45abe8f6390a88ff4e"}, {0xdd, 0xd9, "c319e7e91b8681c18c1cafe00b0327efe2f36cc403e9e75498858d5c54c00931d016661cd15bb2b8398722358f7fc6823966304ec7de54964be329a0c67b4658b77f08c7469c09ee6d5aa36d07d85c5acbb9fe7898647eb391e5306b5e231afee397c9ea96efc57fd705a90995b50fa8c4c056a62b4415c0e9447d71b0755e67fd94e2a86b194bcf645b374db77a39369afac819ed054af8c611568302e18068f7492acc98c3471d3839e3ab2a273ce0fefc3d5c8002bd123354d304ab79728efa3337cd921c86f037447ea882810161f11732392b20693aaf"}, {0xdd, 0xeb, "2746cb65e0acc6a3db037f268793c97b9e0a360523fa8d61de3f9e3b1cfc735d24d65a72044d8b9dbaa8a1a6658275caae5596f955b9c34cd93391923cba646a68f0f06b5fbf8a79728c3f4a50c39c2472bf748f78367e927b78db3cd230dcc401b73a79bc481d6715cc85db3f0cb75251de85d387f8e95ffed799fbaeb0a9f80edf4c84527e3d9352c4d1938ce77a6d89cf36246020b09963ff81af1a57ea0700cce63b2c88019045f7c799ab0b2ad41b14a58427612fcd8eb30ae31fa5c8a33cf0cfc67590ab097b734a7c1c8140707bad986295951c37330ddb7eda056762e8937fa743c9fcc071fcbc"}, {0xdd, 0x36, "e5ce13aaacc44f17a24731e97270cb785df132e69788931aaf8878a533409e603adbce5c2f368504cc5608f890d3a253c098f2b4c1a6"}, {0xdd, 0xfc, "a812084803d4abcace0f20e659d22bae4ded6237de3a065094eb9acd3caa1a8e901c8b9f33ff795d8d2c48d8b22b4309940386829bfd6b38da2b41add8f19a4049a4d1391e1d2b0872f832796dc5b33d66f8a7331784c784a1d4b77348ed6fe105e57f9826185e90b5fb35cf2e77be42407c391869181a43ce2e9300073ac63c82f415b8bb373c8d7a87c64e20a25cd7c86e998d137cd4acf14f626d5c043028766a97a2783dc212d07b984a9b7f7409436df927db624dec9f9395ab7bf95f80b227f98db384830efc17f73c4468996f270487bca622972996437211a95832c00e617cb8d7cb02c5156b6b1c32835c349d8ec29dfa51f4e43cbd4ec5"}]}}], @NL80211_ATTR_CSA_C_OFF_PRESP={0xc, 0xbb, [0xe83, 0x1ff, 0x200, 0x8001]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xc, 0xba, [0x1, 0x7, 0x9, 0x0]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0x8, 0xba, [0xc7, 0x7]}]}]}, 0x654}}, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r8, 0x400448ca, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r10=>0x0})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r11 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r11, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8)
r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r13 = openat$cgroup_ro(r12, &(0x7f0000000180)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r13, &(0x7f0000000000), 0x208e24b)
accept4$bt_l2cap(0xffffffffffffffff, 0x0, 0x0, 0x0)
preadv(r13, &(0x7f0000001380)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x4, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x60, r5, 0x800, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x7b}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x80000001, 0x6a}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r10}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xffff9b85, 0x28}}, @NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x1f}, @NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0xb6}, @NL80211_MESHCONF_ELEMENT_TTL={0x5, 0xf, 0xf6}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x24000000)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000025000a50010000000a01030000000000000000010000000900010073797a300000000008000240000000000c0004400000000000000001080002400000000008000240000000010c00044000000000000000020900010073797a3000000000f4000600cc47d0de9bb857c4fac4db836ef7b7b541cec6827b5cc1a2af3416eb2492ae14515943977ff4e662910e5b93446580ced364ce1d62c41a989a7635702cd42b2c625f4c9d8ca6f0fa3dfc4d07f2d4626aefaa2ac28d17e87eb9a52749975c0697c2cccab87e5404e196cf98d4c79baaacfa5abad452834c781677a247f0bf5fe381286dea3560e28d8fa8fc8e7b8267c3669e265a4d0b9c67c6a5978e4969979cf9ad898be1f53e187dd249baa24be662ec4c2f6b010858b1259c7a5dd9abd0c5062c15a1ed37bf7744d3c8a68b2574efb4ebbb5861d5c1e3aa01a74e4a7bb5d1aca4d26f7ee0647078ae5e5fcd4540343c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000003801a00000c0a01020000000000000000010000000900020073797a32000000003400038030000080080006400000000024000b8020000180070001006374000014000280080001400000000008000240000000000900010073797a30000000000900010073797a31000000000900010073797a3000000000e8190380cc1300800800034000000001"], 0x1c34}}, 0x0)
r15 = socket(0x2, 0x3, 0x6)
bind$inet(r15, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)

718.987995ms ago: executing program 4 (id=1816):
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000780)=ANY=[@ANYBLOB="18020000", @ANYRES16, @ANYBLOB="100000000000ffdbdf2501000000fc0108801c00078008000500cbdfbd260800050053edb75008000600be0000004c00078008000600b0000000080006006d00000008000500e70d6000080005008fd4c55b000005007fa1a01008000600da0000000800050087ee824808000600a4000000080005008836575634000780080006004b000000080006001d0000000800060034000000080005005c00010008000600e800000008000600070000003400078008000600f5000000080006003500000008000500a3c7fb1508000600b300000008000600c000000008000600b000000024000780080005000c3cc93f0800060006000000080006000000000008000600880000004c000780080006004e000000080006004400000008000500c1c2c35c080006006d00000008000600800000000800060008000000080006006000000008000600fb00000008000600bc00000024000780080006004e00000008000600b4000000080006007000000008000500c9ca07462400078008000600af00000008000600e30000000800060019000000080005006545587b440007800800060085000000080005002728282208000500808c975f08000500fa82e63008000500aa1cd90c0800050092c5c44f0800050003fc890208000500e24067582c000780080005002e704772080006000c00000008000600d5000000080005004f253f7608000500489af432080001"], 0xfda6}}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6f94f90224fc600e0005000a000209053582c137153e3704000b80fc0809000300", 0x33fe0}], 0x1}, 0x0)

717.933959ms ago: executing program 0 (id=1817):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @loopback}, 0x1, 0x0, 0x0, 0x6}, 0x20)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="a0000000ed03000423bd7000fbdbdf25c1b2a3b39162d6ecb411f40a007e6c6734e1fd0e7871aad2d94155788743b58f70e4f690a50f25adbee65d84e8e31b1070039e3fb3a4e71be2c977bf9957591560f2defc0ce9d6f34e6c7ddb79055cedfb3c5775f3bf9c84e1ddabc671e5eb0e0894d04e9df6a68a0a3974a6b667229208950986a382cb0739c1840737beec992e6fb04b831cde3df604a4d22d32b600"], 0xa0}, 0x1, 0x0, 0x0, 0x2010}, 0x4004800)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r5, 0x300, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x8}}}}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x28}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = socket$inet(0x2, 0x1, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
ioctl$BTRFS_IOC_ADD_DEV(r2, 0x5000940a, &(0x7f0000000740)={{r6}, "ec537eac992c13e26d1654960775ea14289909454140e1317611d91e244fd6034306fb32d3101c34523ad180bce8e42d73be21517ab803cd3c716fa721a0a934cde6a4877f4a0fab9eeee5c92354be70664c97abc794d858d70c3a0b4e3132600d18a7a15837ca3f0976c712822b4e810cd301bd69c8fb2a4c57e36567a06fd4e932bdc988ca9f005c56b416205758e23f433d6c74f6c38ae6f1b0ff29d631b29a2f96274bb640412ebe3c26f49a0f32c190cb951a145440cf1bdaa02d33936bb83f645fb51ff2a69914b190c9bbc468d8a4fbb915e156e8ad6e523146d78f54d80569bf2a30acdfb1cefe29a5728a44bffc0fc5f75efcd631614b8314e044d4a6cc06d01769de930b6c64266235a0c09e62f51a974cbbfc962da9fbd358752a204431c6df512441b1515cc2cbe7a53d4364cdee548ef0655b7fe43e52a9124e5d9ff591cc42670a38ccf07fe7ed67e00078d820f1c5def5b411a0006033d23101cdc384b809e67258da6d57fee9680f2db102c7d971c1497ebec7a11c966ebaede7b857e279d7d4c070b63aa9a68daa1d244e6db94f7a6f7734b706fe75371a343d6bcd0a709bdf91f57f274bd6ec86c271e649a4c5eb5ae44d01d9f46fc43aa8c461c2c8c8f3fa8456d3a24ebc6695a5ec0721b44d51b5950774690c739338adf3f4da9d0a266766b5f209e5837ac7530216e93bc0781bfbecf3eb52613e1c47b62e2fe2c7eb624a49e328fc39ac7eac929ceee97b05ebd037a6442d1912f56116fdab0c6e7ee15e49426f4b7ef47bea39ede6e3f2a5a71c1a27cc863732bcf19bc124d5f49bc1167a72ffa973bc33ca854ab9fca2b2631884aff0d9300753347e25714c04a84c0b08a8a8754b47facb0a1304c5993b5d8431f892a6d4edab1629e4d6d8f6a61484503f838a01c3e1790e383310e64713453017d7db52da5b91c1abcdb8c9fa185e5dfedb5bbde59e66cbe83261e3c873ebcb00cd597d36f99f69123f816f04f4d0ac5f840443f1d10ea982cb8bc4f23f5167bb3a43be9050c863b68fec534dae0c491e95c16555d37cea5f68d061940d5917b51cdf163514f6ea29619f7b01a6da3813e886629400ad124c49443708bb7d25ea115b8fa465be11f2510edc219eff81c870fff282eb995cd0128c63572b4fb07b8946dad2cc8054f9171790d157761a44cd3f107bf1b90161b883d2cbcd2261fe86dfee4762ffd1556122da36bdcf7caa12257af1a5b62999bcbe08003e7ab5037c00eb75673ffdd1f355e9dbedafe1f4c3794c12300fe3173865c85b0293698f912d9c4f21806e9f057678f07fdf36b0ffc44233dbd369e19c9397beae29fe5d5e0e2deee76b2950a03c4855214d5923ffb6c18d64aba231ecb042b983b3984e7c1a72fddfb9c60165456299b3af08a265e1d069ae7517d070de66c3c4e3c3501d0af97f8a10e7b86ad96c402603d83e01f2cb9df885dc33ce278bd6e6f3db1207584b9d3cc40ed5151237318c1150c839cdc2254951c533a69f6091b6a674ebd5e3932a2fdf8e376e1cb3cbbee142b9600cc1a226cf973e34d78fabcc436906972e7e2dc3a8e731437f6f3415160589fabf8c6cf3f49bbf3fdd28c606f576c0d82c386f52bcb3d4a62b3ce95f88bc244ffaf46760a12ce3b5e5fb91f707d6ae7bfaac0904ccd008ed2d0089717c05683804ead019a7cb279ca728db09048f26892fcb966759f9db2ea13be3cab7d2a7d3aa5627baf27f2e153a78a6da5346ecc9d4a36ca38d8f7909e256573dd3f21cd87dde5477eef2fa114b8c76dfe3c7df7db8bb2bfa7020e5893ad87f2121e19eabdaf097e556f81a194da2df2cf104a5977e28c53d62971bb43d2b7fa792535f164a491dabe547da61da047783f4cc8b0bf75e13eead07541ffaec0e9d00c50aad3a3966a61a3ef707cfb1c024d5975e987742d59810f9f9ddb0d935850556528cf9c27edad6f531757b872ab23b0016e58a64f12b05e7edcd1bfec6c688bee6c0caaf2408af8cc561098268380f04466b2acdc0e7b49a44fb45b65208114ba4ed8c769ec2062d888bbff8cdabd37a8c47264b4ccfebfd2c4a77dde6ab85afa24c0321714c91f2b69937a17a5d7fba4ea7bf1fbe67b7c37283ff166555bc470a6516e7d47b87a5c7ded23e58eaa662834a75cd00d5e58ef7708a3c0c561594c6a4bfeb96ff6452bd7820f887a8207f40add8c9d8030fa6995762a3c32c8514035c590c8c70df9483ccf7f7ae323fe1d07a894828d672e7ac1fc373b8268b96326cdb600c88057d783385bdb1f16150e215a6bac3768ed2a9d0740fd7c4fc14985164143b5a7543c7206886bf2960175eaad896fe43e9ab0a43adac143b03033ae4a8b0ae43f0388e8d2eadb56d3b7493c953f4de0397e6fbe214d540497bc964532dccf3907ff2ce1c8af083967118e2d26cb93a46aa377108faf40ee4b15d754bd4933f416baa3c09723de4dc214687cf8472732eff6599e1d62000031aa40a489b267f5f949b79587f910e6d2c6bc305121feca14c8f92f5df5cb0d4f00f9a883445e7a7a00d2a9f99654510e53c1df6705552f0f940805eb404c33e7ac753ea030084ca833dbcd4cf087e177271ded800c5b019ff589d66224e3482255cb94d58debf17c96cf8f7ac3a529ced6b14ea27075b7ca9eb07b20b04ded3d300fbbd063da01a6fa9ecf673533cc9c8a2ab167929529df290f8054be82d527cc02ea9f4f542e48ac30de447242f09088e0e3142bb9f5b4a455788793c4bb6324521ce02b99bf9428eeeca93d5f915e0da62dc960264038978d07ff5c07688edc4a4dc95ea94103bdbadec9024a749e5c84200b0c5be45295978580839046c9a0806517ea87b22bbc5c7a2643e591007611035155c0e34f9d896be0ed29920b8d0584f7cb0e2f2ced51b52edad08834f7d57c1d48115d2a4cd58a17d8011cabf88882017e2a1e3e3afd9b8002f6242f9c96e130ac2673b8ef6c1bcea355d3a5f7cd7f5bfd54137bfc73770a47a39dbe4a8a62e1b58b4a5a5c1dd8334b8906830b30fd3d5be07c0ce666328ab93adfe5313add387de41b0c008004e99377fc1decbff0423069a3231765ceffcfa1b6d334c3ab7f21dccb4cb37e3d158004bbba03afaea924f44a4d9c278dd452b2dac06145bc788c62f2acbeb5f62da6b99f62a792bc6f1d15dda4751983905b5e9d79f4c6e7c72942d7dbc461e5b99a460ab4d1fadeab05e08ae7db7e6a606bea63fe02dd259465dac1209b6a7db78a588d4d96cb43d0208ec8d27c8f420af91690b389ba3c509b6f78c2a40dd1647fc91b9e0c5c92b5413c2817ce1d7cbdf615c331147570d928a10a1497c91afd800327de7031109398921fbd6074e414ef8a28aa52282ea15ab768dc751bc16cc544f2aea7f31db74020054b3cf6077e979c976a44daa7f2928af00004fc4182d6ed128c5a6feb1d30ba9c4ed7ddcd057174ef233bda300cad320998bcfdc7f3d317c40c9ed9a9396b2349620c42f8f0bab9c3926b42522f2eecced90e07584e223ff00ad01d1610529e09fd3b7e1d3b516346199d590a5f0436f4f6a3f57e42233086597cdf66372b478b841c92b667fc8ae68395b51efa64fb953f4d53f60e25174d88502fcd412e156eea1f7803bb172bb69ae3b484b3f670c7605f747eae0251957cfdc7739af9ec73367d82c6d3bef45778223c679f01359ebdbf539e004e4cef63b1798d6b60eadcc67101ff6ed311139def739266648bd1bd46dc65c13e7185b5afe72fe9bf89e4562e2a4aac3d5d89fa74141055c8ad4a5220c71ddf7fa4489fe2c6ec162ca0b92b0d908c4478fb1caf133b908733b4638baaf3ac705b552ad6f0bb263d50b0bdf61c24080fa770c61e9701cb5eb4a57d957fe4763489b13cded3587fae1f9ae9b53f40820178f2252145ad5594046d9a1a8d4067b0a35d8132d99dab3ac8a75a1c5c72f54df3ea03cb2d285e8803f6844ef249a8366cb834ea33446e43feaf493166cb3848c10fe7bede1c9849b420c21d901595aa64a69e5e2da02391c9c4154c79e314da0c9fcb9a33e59eacddd1b837a8533c6129b9a92972f0e76d7f9c2d7a2c19b409fab23af240d70de336221b7820eec979b7605eaa693343b2f53d5e5e3c88d75ee7cf350f7fec37cb49384c88540f8eba6558fb965706c96191e0b5186fad7513f542e55d05639014b726c540e4189e0c57a0d98ce023df39295361d3f09f188bfa83ff8d0f1f6c80e4c99d2311ed80dd549a1f7e11b4b90b8ec9f0ba9b77530dc1212b81b97b5b02290faaeeb170c358ee8b8e7f9120ca964ea0bc71e84a45e9358280cd0d099a586cc240071a1466d855b7f6a294d651c9bb4d589081eb4a62f0304aa02c85738d20bd784738bf095a88b11ab7cbf43cfae7be1dfd9bbd40f71dbab02bb727ff27c8cecab941f825480a92f94879aa2cc9f46955d4da5ecb28fc003d4eee91fb5c6914cb6ade2227e911383a9b120e283c08950c2ae034a9d0956dfb426eede74a23cc9dbdc2bb36e9a08d3c32d6e37731a7bc7eca0b2ad33dbeccc11dd2be95da9720ae746c0dadc350d4a696c692cf00ff93ed3652d377711d6b4ec8f0729a43b4fb00a8a05660470d7049af642ef91c0ac91fbb5d6c99ce2aee948392220a71a8c91c1171b956c2a209b11e58958177b2e22aa88f3dc54c53fb2a91bb31b80e4ab22c677594baa13e606981783336fb092ac85c3b12240e492bd68da45035166f28d2c875081fc4143d1f1df8ac2393180a62b787cab0725cade250652188316871d89b3e037de4549eed89b95252b7cf22eb173c373619221e5e2660d82220b078a8582e829527e120fa70934cd5e9fbb2462226066af8f908f718a7ba57dc5ccab29c4085ef0e7723bc18e2827fb10e39091790e78543896c277028759045036ff4172d378bfcf757f6441eca2c1566c49ada9e200798759bd6f77dd47605230b0c1e251c4d3ed17c15a7fc34259f7113594d3187a54816328fb98babea4244575163baec26ff171684fb9a5b939c626dd17bbef6cd5c058766c671f8aa48ae88230ec11d3a2cfd3d881ac59a7ad151bc861cf68e10b5353ded6890d4b42bb4964dea49cbef88a858a9e8426d5bb3d05fe37e4fd805e0e54fbec88953be5c92b2f914385b23af0deb2d83813fb7c6d214e3c0e583eca376d55bea9353bacf8a0f39f53ba30f8bd118c0e2fcb291dd6e09193a4368e595682bd126f606c9f69774098ee13f60e3aa03b0c30cd4a53f9a7ab85e59918cfcb9375f6330e1aa487fd8f24b0fb62f9fd682a4911a453f84be6934ce75e860780d3496d4d60a16852a222f78fcb60928d0b026e8f5a6007e9a2f35fc42ceece29cccce7495e37e495c1ec11bf8787155d5526556acf2dd81feb3116c8e9e29d5cbe82457aa20362acd10d24d796cba2e30bc2e2d5940f9a9dc9bbe85e2489e57883bf6788d6fde3fdc6255367356c51e258eed418799f0cef4c4519b46d38a0a774cec3c1a4cef047cec716527a6aab7faa65e175e1adb714ecd6b7841fda777aa387cd8c5493e02790e7c5955a0252b13d056d41dda4eb3ea526b65176fb148b7a7a6754321d8f10640c19e32633d09c27749c9d329a9e2010a2b814991b1cd919c6425e485160da16315f651c785d19b96c118c583a9797b5af02e8235df41be34a915794c65fffd66b163511b0041a907a52a21abe412377054557f67aef221c7c8cea34d826d395ccb867231cd541648d5b10705948c82652652038dcbfab1fcd29"})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a000000000000d74619edc70000", @ANYRESOCT], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0)
sendmmsg(r7, &(0x7f0000000180), 0x3ef, 0x0)
setsockopt$inet_int(r6, 0x0, 0x2, &(0x7f0000000700)=0x91, 0x4)
setsockopt$inet_opts(r6, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f00000000c0)='bridge_slave_1\x00', 0x10)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
getsockopt$MRT(r6, 0x0, 0xd0, &(0x7f0000000140), &(0x7f0000000200)=0x4)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000280), 0x9)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

580.851372ms ago: executing program 3 (id=1818):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x1600, &(0x7f0000000000)={&(0x7f0000001a40)=ANY=[@ANYBLOB="140000001000090000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000058000000160a0101000b000000000000010000000900020073797a32000000000900010073797a30000000002c000380180003801400010076657468305f746f5f687372000000000800024000440000080001"], 0xf8}}, 0x0)

576.234444ms ago: executing program 2 (id=1819):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$inet(0x2, 0x4000000805, 0x0)
listen(r0, 0x7)
sendmmsg(r0, &(0x7f0000000e40)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)="ae", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[], 0x10}}], 0x2, 0x0)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r1, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000280)='freezer.parent_freezing\x00', 0x0, 0x0)
preadv(r3, &(0x7f00000000c0)=[{&(0x7f00000004c0)=""/127, 0x7f}], 0x1, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020100000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_NUM={0x6}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "dc"}]}], {0x14}}, 0x7c}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40088a01, &(0x7f0000000000))
socket$phonet(0x23, 0x2, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x29d5, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)

527.9556ms ago: executing program 4 (id=1820):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c0800000000002020207b0af8ff00000000bda100000000000026010000f8ffffffb702000008000000b703000000000000850000004b0000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000440)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @dev}}}}}}, 0x0)
unshare(0x22020400)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_MIGRATE(r3, 0xc028660f)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x4c, r0, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r4}, @val={0xc}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x1374}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x1}, @NL80211_ATTR_VENDOR_DATA={0xffffffab, 0xc5, "73ae5ff175cb456389acc30bde91"}, @NL80211_ATTR_VENDOR_SUBCMD]}, 0x4c}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000240020000000040000e7ffffff0000000600030030000000"], 0x1c}}, 0x0)
syz_emit_ethernet(0xc8, &(0x7f0000000380)={@empty, @empty, @void, {@ipv4={0x800, @udp={{0x1f, 0x4, 0x0, 0x0, 0xba, 0x0, 0x0, 0x0, 0x73, 0x0, @empty, @multicast1, {[@timestamp_prespec={0x44, 0x14, 0x4e, 0x3, 0x0, [{@multicast1, 0x4}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x3}]}, @end, @timestamp_prespec={0x44, 0x14, 0x18, 0x3, 0x7, [{@private=0xa010102, 0x9}, {@multicast2, 0x7}]}, @ssrr={0x89, 0x1f, 0x98, [@private=0xa010102, @empty, @initdev={0xac, 0x1e, 0xfd, 0x0}, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @loopback]}, @ra={0x94, 0x4}, @lsrr={0x83, 0xb, 0x10, [@empty, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @end, @timestamp={0x44, 0x10, 0x86, 0x0, 0x6, [0xfffffffe, 0x98fc, 0x55]}]}}, {0x0, 0x3, 0x3e, 0x0, @gue={{0x2}, "10aa75c5ff2166fc181a86b5a4d790896fbfa84373077237161dca5c5ea5bfa569f68d5491a9ea5dced750745281"}}}}}}, 0x0)

466.482029ms ago: executing program 4 (id=1821):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'veth0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newlink={0x4c, 0x10, 0x401, 0x4, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}}, 0x0)

449.686938ms ago: executing program 3 (id=1822):
r0 = socket(0x18, 0x0, 0x2)
getsockname$packet(r0, 0x0, &(0x7f0000000300))
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a090400000000000000000200000040000480100001800c0001006e6f747261636b002c0001800e000100696d6d656469617465000000180002800c00028005000100c400000008000140000000090900010073797a30000000000900020073797a32"], 0xb4}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x34, r5, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x1}]}, 0x34}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @broadcast}, @redirect={0x5, 0x0, 0x0, @remote, {0xc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="01000000000000000000f409cd554300000008000300894d64a5777618e63fc87b69a303e4a9433b40686c56c872d037ea73e7c2477f36245328abc7740800000026e02f4b2674c3589178f0af1239742af07ae3e57a10764ac78cb395e21701bed9e15348bc869e406f000001007bccfa4dca1fa365c8f53829e3b9f574ea0f355bd25213cdf58949aa09003a483f823220c16e3dfa06d9fe1f61c30e2f74d4a6eefba151ed5a3d77083414c1b1c0d80b22fcb35f02355f26d0622378c0d6a209e9cfe315299b339077c7b40c257d9cf141", @ANYBLOB="8e46a9eaafe2b3eba5329c082f876737168b32d84c3b82d845500c30842bc81014f697a7b3c0d3dc9f1357abcd02a4343dc850b3bcab71fda9097b147d7b070cc9ca16ebf1a6f51dcf296b64cc036f44277647b4eec9b23cea0686191c7f308fda7cf14103e1114157927c31472143da629c8522ffcf7d760ea1adc7b213ea48d68950b1b2b824a45ed6a1552ef0330043a6300f2dc56acdfd33766fd542133227aae7257b7fbc521c7a7fd981", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4c851}, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000100000044000180060001000a00000008000500000000000c00070000000000000000000800090000000000090006006e6f6e6500000000080008"], 0x58}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="980000000000000000000000749214274f35f8a16d00b500000095e0ffffff000000387448aab943820a62ea1db21ff3cf5b3cc7a9ef498b838d873866e95697d3f6c7ee4337ad3bc43975cf681513c6e6d8f507ab166320d92eec26b8b7ca0fcc59b2ccb5498e871bb4b25b799c4363396448e8cc66b5e49545d5616a510b2d5e220debd81b0d6c8728218d3549cac828f01eadd80f783525b71ef777b026a90c2b90cf735818c580600d293de58fa773e12666a1778043f6fcdf8e9060be8dd90cda458fd75a"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)

380.803005ms ago: executing program 2 (id=1823):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)={0x38, r1, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14}, @L2TP_ATTR_L2SPEC_LEN={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @local}]}, 0x38}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x180, 0x111, 0x4b4, 0x8, 0xd4feffff, 0x290, 0x20a, 0x278, 0x290, 0x278, 0x3, 0x0, {[{{@ipv6={@loopback, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@ipv6={@mcast1, @empty, [], [], 'xfrm0\x00', 'pim6reg1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xcb, &(0x7f00000005c0)={0x1, 0x1, 0xa2, 0x0, 0x6}, 0xc)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000700)={'#! ', '', [{0x20, '/($'}, {0x20, 'syz1\x00'}]}, 0xe)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000), 0x4)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x198, [], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000000000000000000004ff8d978fa7ef9850000000000e5ffffffffffffff000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000040000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000000000799e3b3c00000001000000000000000000ffffffff01000000110000000000000000000300736630b08d4a395bd1d6febe0dc24d5fe679000011000000000008000064756d6d793000000000000000000000010000000000000000000000000000006c6f00000000200000000000f8ffffffffffff000000000000000070000000a8000000d8000000646e6174000000000000200000000000000000000002000000000000000000586a2fb10000000000aaaaaaaaaaaa000001"]}, 0x1d9)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.numa_stat\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f00000001c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x800001, 0x28011, r6, 0x0)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r7, 0x0, 0x81, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [], 0x1, 0x0, 0x0, [{}]}, 0x88)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r10, r9, 0x2f, 0x0, 0x0, @prog_fd}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup=r9, r10, 0x2f, 0x2000, 0x4, @prog_id}, 0x20)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="f800000016000100000000000000000000000000000000000000000000000000ff01000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES8=r8, @ANYBLOB="fe880000000000000000000000000001000000003300000000000000000000000000ffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffdd00000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000a00"/176], 0xf8}}, 0x0)
socket(0x0, 0x0, 0x0)
syz_emit_ethernet(0x62, &(0x7f00000001c0)={@dev, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x2c, 0x2f, 0x0, @dev, @private1, {[@routing={0x2e, 0x2, 0x0, 0x0, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0)

203.92011ms ago: executing program 3 (id=1824):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSGL2CALL(r0, 0x89e5, &(0x7f00000043c0))
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
r2 = accept4$ax25(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x0)
sendto$ax25(r2, &(0x7f0000000600)="3671c0309c76e644a553650a3aeb3bc526a0ca392b73a9b5ef39e2a850da7df87a86598522c13fe6e4446331f3c8babf09896ad2713e2268b4eeba2ca7a4a8cb4a5f90dd70b0efd60e3ed65e790f65233c7cdf1208a9c26a042783afc3113e3a6d6fc740e09b7bd5a274154829d5ae1d46b861151101c0b1ec507ff159c674880f88d4bb1670fac79b4afab55cd8e6c1a95497fcce7aac69d9ab3b031d06c175b483807810bfd28797336ed90778a95cef78a32aacdb0232472d9862d8ca42f740eb66f25bcd13d2c70650d8121fa4736b0d82d80676d3b973bdbf04246e2b8d2025fd01c8ac155a65b6d49efb9f29934c55d3de60bec9b857affd14a15a4e3eac929270c1b61d1138a9245df7d3d02dca884a64fe0ea7ca598daecc8a5ae1c2bbda103cdc5e9b852b45838e26f0d678edd37d37543e86a96c2831cd709fcbc34a79bdaedc7b7bf912cc056c983c27ac58b41e034dd092316f214c50bc1894abf259076f911dbc3d6da8f73646f8bbd95b94fc534b77e30615958215b142c90dbadcc2e04ab949a8c82210923d351959469d98957f3a4d5aaef9a0b62084907fbda6971da7b04efade298d4dffbfc1b2eb04365ad99f117a11db32bd7fca56e7e1ccb086c08f53c0e88f06b734d33b9630a30c3d01d19c81025bf1c594e229ae420488d97d351a40df7a7fb927b2d92f7d9cf57cdcc04e39558a5b796a8b2b40c179565797525446f098c085e30e2e092953a918aa510f1a6fef770716fe93289d7a55781dca1c82fb7a60941f6f4d2f6b99b08a1465a460f69d4c7f2c39a5fec7c7c92efb61009a5ade0a8a6bd76972b4210c03035a8d322d5258e261861f5d1e19e4ba7934153885d52b873cf7deba4bbd9332e23ad3ab774f514811c3f0365fb51a1e148a5dc74a79c676de6b01d39725af331e6c21fe96824fb836e50064b9d67b09456e115c98855819c585a7ccfb9db89fc76a1a532161d9515f3ef92e21b34417f55575b4ee27235b922ee79d9f43e2c18881403f1168815f7ea85b4b1f045f22adfc9837ccfd114e9d7ba4d202da0156532a9ef3eb1b7d9cbfe9288db2fe15053bae47e66cc46462f114e81ab965a302329a859c7489fb985025056ff4904505e5bd24d720bfc88a27ba71ff361f525ceef184903fba7f84034afd6d55699a783629c00917cb3b481f55cdf1539ba629edc419574a58f2ace4b91516054792ceb9216bc6db52b050b531b4e9e5697de3c920ff6fc533a2b6e21dba9a945bfa70907ebffef1fbde7838e73cde09ddec6e5d9b34caf07c473716a92f4b4d54d48baf9a6634cb9befe7f45e925919d7d9c8d9d8a0807de5d514315a309926030c49bc83a788fc1898204a1a1754c31e06908ed95b8a4a713cd59e5c3ba27962242c7bd229096221fbbf949802a2e8b89ade5dfb5646306cb331d22dfa617999f7a906a2257c1d79687d5b819b1391e958eea54d2959c19f82e42c48fbc9e669eb6392865a6e2c7a412f6c8bbc351200ce47d6813f273212855c6c5068b304bef8d0910931640abe73a737dc7a7b094be57738856315937244a6d34a968f6ba9f23d7c420b0af00addd5ba13c33f69af5f3c1fc93bdbb65359c74f495a51633be19bade5a3faea25c7c1262f4d253344e50ed635dfb69b3e7b0ab1dee503a5d20ce8cf5d368ea8fb06b30e801ce46d5a58d8e63ccc9387237e506e14bbb173fe9253fdef102556a96d110c0f147c57b935ef84902f1fd84d60a9e43a507709dd3c1b1beba1a60410e81b40a030d3c8289642999dd0c08cb1da31a595fdbb7863c1e04d6e57efcc898579b679f9f6ff3238be1321f546def7cac8bc55afbdc6d6004e431a021780e5fa151214e59b0dc82a73e4d2c56bd6addac0d8c8d6dc3a72237b436eb80c24436022d810236b8d05154cfb30fd1c7f885b3390606a2c791e502026806bcfdaf7d436babc644ff40eac25d701df7f94eba32efbc082b7cfaeb444fa44a05c9a7edd8081c0489070b698d08c3276e3b569aaca0c249da38ecebd1c38963ef681d7869a607fd0389e4bfcfaace9b580e69ba8eb6d2496222b002811f95103a8e53774348222fda11af1e15b74fc5ed558f9604f2fc6a9a8d85129c66d438f201ab6c5999020195a55f64b99b74fb692224c47ffc570ec7d279cb445ddffd19b5c7b98cf9038ef1692522b9bb8edefd5d5a19eb7d3e7131ff90b7bf542bbaaf15f771714e2d4a972dbcd668f279fa54c89bcba99714eb75ffd32f4a6450edc278dd16d6e58da6abe94d45180779ab5e978d874334fd2729d0585af1cee20ad1b95e706b6b52c73fc16d10df56d4fd92d6e5ddc017eb6864bb9e0723eab326f0bfad51b0fb9b8f595b89df68ac6396bd26f20db4ad1ea744c4f69872adabd9681a22911e2a7869fa7ee7345f5a19bacd268c67d5ae5f70f3be29189783cb8f4a58bc47063fe3063ffd18a3c47db352cb9fc3fffc37ddc7361dcfc8c8e4117f648fb20bb867f7debddedbe6000fb4cf92a5e95c077777623bf2c61de1af7eddd5e8e29ff567fe2545ad780749a81aa9359bfdbcb07e34ce9621424a5288ac912467e42b3aac7e8636bd92efb008671da823fc020fc4f334bb34f18e8817ac945aa5c71d8fb39a1217f8793758e4316cf68d9680312045696e22155b49eefce8a8173fe522aac49c871cf3e44c23ee4678b1360b0c20b64ea3ad2161f51106f6759126972ee1664529313e4545711719e46b9d495f4d790942f08db1939f97f459015d042b35af556025265b5835ad8da150afd5da24211b318c63e946b750d6b86ca3cfc38164a4604498eb6617a1b3888902ef26c2381e733ae86ce368c7b91c737dac08084c56de41874cc19c1b7faacb2a6eac7ab1c217aabaadb99963a437b02e43021f647aec20a285b8b04ac6ec4fa37146c7b15047f5aff916dec85527990340f4e29e1ed0354f57f1925e99f6b3fde91e37071913cbc03f469431591f5380459b11c698da1aa9bb29fd0315c68f6a4709d6b251e491c3cd8528d15b22be37237934af36d28354df06d8cdfa35f2311b62611c069c27d4b34867de8d6c7032b759296b5d7c50738a547f0b5bcf016cc02e33ccdc34fc5088a9a66ed982c172643eecf414e2904595c90d4af68be688a039285cd925c870181a4a307f370fd11b412ceb60dc9ead33401bb4f3adae4a63e7bee9c95ffe4bccd6294ea27335dac3dac241917a0d1a4109570f74d01e71224926bf812bc4d9f9fa7d758399cd5c388924e4ac30fedf1a07c35420cab41803e16180683915394a19844f851f9896a9a139cdf15d60a96476da3183e4fb990f88d2a9d42c9ffe084c1311c319a8bfa6511615c4e7ffa1d03f0b53d3ff08bf97cd1274028ba0289b6a98dae90ea91f6faf07fc080f6c990d65afc216e7107af791adf3356824ddb767b379f2522a2d7bb7d0e752b42f0784bbaf7586b15872327c5c6e26927ddf0ba2011365f1862eec73c855e4d4be33b96ceb0355671941b3847456524707fb9f84c5f5e31dbbdbab4b0db4e3e619acbc3c0880b9307d0add3c076b8f1dfe00a24457122a84c43569454e0402fa9e43913ded33331e007f2a0153cb9491f7beade0a14b68763d12ac57f87c2fa64220222f97fb16d439a3265caa30263894e815d168aa0c9d7e83eb854615f0acc200af51cb47c80e2277bd7be958412c35cd9cdd3e835e0762979107c5397825a3ecbfa46782cc8e34176c2102d82d6f92ad6b6992af9b842d4bc1a7319d60232e35e14ba56fb728a21a56275058340daf55bfec3e04f9affa516fda2fbcc36aa78cdf59b64d60a650133bb2cef9fb2e846e5e18ecf894ea31ae0d5432e548314c28f908a516d9e56bcd38b3262a4a76987bc8d24e362613ae4cbae833bb28e59be7027842b02bd55ed73e0c6704510bbadcf5241a95fd2963246406a764e7ef918855215fa2d13be184639d121a390f5b26ed379cc6c5f48074ae170568be34d79d87bb2ba7d75f0edd4bc4b4c1a1e8266a3a7c60073216b554e443481b1cc4e5d83831865c57aad7d26b9a7f0f65fef88ed6c8a06dbafdd8f6528fbd7ac24e3686d6e3ecb3536c7884d0b7c746554cffade73d19eb2c99da7c908115bf191c4eaca53ebdc37a4f9c213d333799c6756c785f658b2a8f4fbf5bcb9ff541a5a4a713dc8a1db1e9e538f9da328403d96358bfd8e26b79671966066451c883d1fad054ad697cc0f79da9d96b2fc83560f869d78391d39e2582f4cb7c30bf3e29a71fa5e178a4552d468ea5de68eb69234db3534eb5e2351255f2ca8f1ef3c9c880134f889499a147559ba590b074de0755be9d2a6634b5a4675ade082bf2f6fef7430483c83ae22def463409226d57afc62077124da11eb5932aaa284989a8a7cb84e296430d2947af219280fbbec7291ac5882c8f53a0d11be03127a99e720a043289ccc3fbd37bcb7d0307a64b520cba0ce477782f4539907f24ecc933e6fca76d21cd7f2820cf663cf0c94ac13bf7be04647e1dd8ba50e8d377b67349383698760bca1aad5328a1c77cc7b4e8367deb6233e11b0d6bc95c8cda01af6c0c298d501854307527f7ab20c2277729f5f374983bbe4009084524e96b709cbd38689f2e4b2328f19ac6c7ad5ae2cc98f33bc90ccf821f7d9e0517a7ee8ffe15bed3dada92ad050352eb62693e7d4e08fee84cee7168659d2e8b78f3a8f9d3a5bd1f437eb7a5df8d1e9b003493813e463d7d87631be6d20e60f5cc2c012c3cdd864d4bad22ef650ddcf4046a68b68f5ddab462988a06b0d8fa42aad385a9385096b6ba932ab97c3234dcc2a043de39c3d781652b2fb1598ac1d80c302b1a0d1f0986e44784af931006a4486dcae9a18ae5cf1301a79e3d866a3784bb21440155de00dd963ca6046a206528cb3f122582af272f175cd47a88685101a829fc852fba74b4723927ddde60d841e16d91c8e5c149192b37556e2b91b1d217b1533d36431242213d6a6c038357e156169eb82673add5078db0ae4370da761378fad81e3e97e2dcd959afd167834e11722103f1ff223c8aa375188e6a6c4168dd9045d1eae9b8a19bdad53694cc35426ec8c21916a5892b0259897da2a19fcba0c4406c7fd48d2d54848b272ba77461fa6a1795f0d400aefbd8d1aa1032f6dee977aa49165ac7a2112ea052104fee5064461e1657ec7557cd90fe31d6ac3790a87fc130b2ced479aee7fc4bb8a11e40394d7754becfb75b69d250b1d599cee28604735a32a153f5a7ea9b56ce1969174c1cf2d88ef8d665b2cc09b54b4c4559e2e8b0a79ca369a8d420d04e0423ce04afd047d73c6471a8e9b1572318014766ce26c5bfd268b64af8b68d9eeaf7fec2d10c24792e0116b6af5b4326547c2b590c99e7e06d0c23e0d1985e017c22a1f2db2dd31e8c29fa26cdf4670baab4101813219d001b7c8244eed3fa4086059d139054ba3bd55f71f46fdbe3ed7bb9a590c30b85fa81b5d3c44e2b4b14346a4eeabe7d5d33a848d15cbf7402293c434f62e1f87fc679cbae935c00ec248582ac255c378099316349390a86bbdeed9943975a37ebdb25ab6b2cfdad1e0ccce6d0cb21e6c5feae4a31e05070e66d3184cd1f7c762b0da20a7cda4acee03da5d9f427a915625e0e9549de0c58c395a978eceec0747d898f498c011f3efe4e821dfc89282cac8838f1de896a3dbb92161063f91eacef516e20bc06488cd15dc7506f12507fb1ab7ef57a6de9263ce7d66fb31006e2620289fb97436ca3c5639b7d375a7b221c87179c238", 0x1000, 0x80, &(0x7f0000000300)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x2}, [@default, @bcast, @default, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null]}, 0x48)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r1, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x0, 0x9}, 0x8)
sendto$inet6(r1, &(0x7f00000005c0)="9d", 0x1, 0x0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @private0}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000240), 0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000000)={<r3=>0x0, 0x1}, &(0x7f0000000040)=0x8)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x1, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {}, {}, {0xffff}, {}, {}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, 0x0, &(0x7f00000005c0)='GPL\x00'}, 0x90)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r5, &(0x7f0000000980)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r5, 0x1)
syz_genetlink_get_family_id$fou(&(0x7f0000000280), r4)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(r5, 0x84, 0xd, &(0x7f00000004c0), 0x8)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0x400454d0, 0xf)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000140)={r3, @in={{0x2, 0x4e24, @loopback}}, 0xc5, 0x4, 0x20, 0xffff}, &(0x7f0000000080)=0x98)
syz_emit_ethernet(0xcc, &(0x7f0000000380)=ANY=[@ANYBLOB="0180c20000030000000000000011d4018185d5d02c07a91ba95c1f2d8aed7126bc69752d7477486a812b2c8bbe5ac4078ee55c28873f055aee5296819400657aef78f88df2d72aafde32175cb39b6b4456fdd0129c08acf1bf2a1a0fb1479fc09787c36c854d95eb2b0142258ce88bf121d71695ecbca4a228941e76ea525450f6c8d5cef91718cb4bd983c54c329bc05c578db85e2ca36363c0a301fdd576f11743e3117d37e195053f0000000000000013ad0da755fa4bb60bd4bbc299d77ebc5f8af9a4cbade9c991a372"], 0x0)

198.736403ms ago: executing program 4 (id=1825):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='ext4_writepages\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0xb, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r4}, &(0x7f0000000440), &(0x7f0000000480)=r3}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r4, &(0x7f00000000c0)="fe8573ea06", &(0x7f0000000240)=""/135}, 0x20)
setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000380)={"cecf324b9d6934ed32500e6505484194", <r6=>0x0, 0x0, {0x83a, 0xffff6abe}, {0x4a0fd8ca, 0x1000}, 0x6, [0x85c8, 0xfffffffffffffffc, 0x10000000003, 0x0, 0x9, 0x1, 0x800, 0x4, 0x5, 0x0, 0x7f, 0x200, 0x1, 0x45, 0x696, 0x1f]})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000b00)={{r5}, r6, 0x18, @inherit={0x58, &(0x7f0000000200)={0x0, 0x2, 0x401, 0x82, {0x4, 0x3f, 0x401, 0x8, 0x3}, [0x969b, 0x0]}}, @subvolid=0x8})
sendto$inet6(r2, &(0x7f0000000000)="80", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
vmsplice(r0, &(0x7f0000000080)=[{&(0x7f0000000180)="ef5e2c244951ef5c199f502a03c084f24902f5974f09bac4113273ebd39ef8e0b9d17ca3b51905c31750e083f927cfbd815e6e811c758284c008a16d9111fc58e32d42b7f8029c1d163fb80b9c3cc057", 0x50}], 0x1, 0xa)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r0}, 0x38)
ioctl$SIOCSIFHWADDR(r7, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

165.980822ms ago: executing program 2 (id=1826):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001340)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int]}}, 0x0, 0x2a}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xa, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001840000004000000000000000000000095000000000000009500000000000000950000000000000018400000feffffff3a0000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x9, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x90)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
mmap$xdp(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000005, 0x101810, r2, 0x100000000)
connect$pppl2tp(r4, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x1, 0x3}}, 0x26)
getsockopt$bt_BT_SECURITY(r4, 0x111, 0x4, 0x0, 0x20001f00)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000f80)={@void, @void, @eth={@broadcast, @remote, @val, {@mpls_uc={0x8847, {[], @ipv6=@generic={0x0, 0x6, "58a676", 0x0, 0x0, 0x0, @private0, @empty}}}}}}, 0x3e)

61.057484ms ago: executing program 4 (id=1827):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000001b40)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f00000000c0)=@ipv6_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10012}, [@FIB_RULE_POLICY=@FRA_FWMARK={0x8, 0xa, 0x40}]}, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c00000010003904000000000000004888000000", @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b000100697036746e6c00002c0002801400030020fd000000000000000000000000000114000200fc"], 0x5c}}, 0x0)

0s ago: executing program 3 (id=1828):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@bloom_filter={0x1e, 0x7fffffff, 0x200, 0x0, 0x210, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1, 0xb}, 0x48)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
socket$igmp6(0xa, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x17, 0x8, &(0x7f0000000200)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYBLOB="0000000000000000b70300000000000085007d00000000004000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@map=r1, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x44}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000880)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0000000055f51ae0d61fe4c534184a2d3de4a4001000008dae5709dfd26f51681c281c68f0dba1cd6fad706cff3b27fbfc2a4123989cd0acce0ab55a42994930c73c931c23f8c0cecaa8d3df87e43985acc8fc2ad05e1a14229e93f4284c21a51b41ddf35b4015106138277e8f612639e36dd59b9809fd4dd403dbb39b32da4a84f48701d4c174715afd9bef4a22495a8e64dacf95d6ac9ba3703de2e582db8595a7d7d0cf67f8ba496ddfe59a72fb4c172697b03669dc22bc4a823f710c572f2affa957674c909089cf9a6a54259f4b33d0c13b3e0249ae9255bb5cc7b18f7a20dfa36e7cc87ec1929765790624bb5168dd810b6ba86b7a465dab672d7d844a2f706ffa"], 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10}}}]}, 0x44}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

kernel console output (not intermixed with test programs):

28'.
[   91.895040][ T6099] netlink: 12 bytes leftover after parsing attributes in process `syz.4.330'.
[   91.905841][ T6097] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   91.915843][ T6099] vcan0: entered allmulticast mode
[   92.073014][   T25] tipc: Node number set to 10922666
[   92.167653][ T6117] netlink: 4 bytes leftover after parsing attributes in process `syz.4.335'.
[   92.187317][ T6118] netlink: 'syz.4.335': attribute type 1 has an invalid length.
[   92.268041][ T6117] netlink: 'syz.4.335': attribute type 1 has an invalid length.
[   92.320445][ T6117] bond1: (slave gretap1): making interface the new active one
[   92.329170][ T6117] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   92.330637][ T6131] netlink: 'syz.2.340': attribute type 1 has an invalid length.
[   92.369968][ T6131] netlink: 9344 bytes leftover after parsing attributes in process `syz.2.340'.
[   92.380223][ T6131] netlink: 'syz.2.340': attribute type 1 has an invalid length.
[   92.388126][ T6131] netlink: 20 bytes leftover after parsing attributes in process `syz.2.340'.
[   92.425988][ T6131] dvmrp0: entered allmulticast mode
[   92.479843][ T6134] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   92.562726][ T6138] netlink: 'syz.1.341': attribute type 11 has an invalid length.
[   92.895723][ T6151] netlink: 'syz.0.350': attribute type 2 has an invalid length.
[   92.914099][ T6152] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[   93.118348][ T6137] infiniband syz2: set active
[   93.128422][ T6159] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   93.138661][ T6137] infiniband syz2: added bond_slave_1
[   93.195720][ T6163] netlink: 68 bytes leftover after parsing attributes in process `syz.2.354'.
[   93.218957][ T6163] nbd: must specify at least one socket
[   93.277235][ T6137] RDS/IB: syz2: added
[   93.298324][ T6137] smc: adding ib device syz2 with port count 1
[   93.325517][ T6137] smc:    ib device syz2 port 1 has pnetid 
[   93.379909][ T6165] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   94.123303][ T6181] netlink: 'syz.2.363': attribute type 1 has an invalid length.
[   94.246305][ T6186] netlink: 68 bytes leftover after parsing attributes in process `syz.1.365'.
[   94.302882][ T6186] nbd: must specify at least one socket
[   94.331727][ T6191] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[   94.351101][ T6190] bond1: (slave gretap1): making interface the new active one
[   94.390360][ T6190] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   95.457393][ T6219] nbd: must specify at least one socket
[   95.688750][ T6223] Driver unsupported XDP return value 0 on prog  (id 97) dev N/A, expect packet loss!
[   95.707384][ T6225] ÿÿÿ: renamed from vlan1 (while UP)
[   95.895887][ T6232] hsr0: entered promiscuous mode
[   96.336668][ T6253] __nla_validate_parse: 2 callbacks suppressed
[   96.336688][ T6253] netlink: 56 bytes leftover after parsing attributes in process `syz.4.389'.
[   96.400080][ T6253] nbd: must specify at least one socket
[   96.585221][ T6262] netlink: 'syz.0.393': attribute type 1 has an invalid length.
[   96.601524][ T6262] netlink: 9344 bytes leftover after parsing attributes in process `syz.0.393'.
[   96.610631][ T6262] netlink: 'syz.0.393': attribute type 1 has an invalid length.
[   97.010249][ T6285] netlink: 56 bytes leftover after parsing attributes in process `syz.0.401'.
[   97.036351][ T6285] nbd: must specify at least one socket
[   97.324996][ T6289] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.502394][ T6289] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.636188][ T6289] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.791537][ T6289] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.068332][ T6289] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.137508][ T6289] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.183059][ T6289] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.209879][ T6289] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.240358][ T6319] netlink: 56 bytes leftover after parsing attributes in process `syz.2.414'.
[   98.277537][ T6319] nbd: must specify at least one socket
[   98.353341][ T6323] netlink: 24 bytes leftover after parsing attributes in process `syz.1.416'.
[   99.033984][ T6354] netlink: 44 bytes leftover after parsing attributes in process `syz.2.427'.
[   99.055489][ T6354] nbd: must specify at least one socket
[   99.135585][ T6359] netlink: 12 bytes leftover after parsing attributes in process `syz.1.425'.
[   99.147622][ T6359] netlink: 8 bytes leftover after parsing attributes in process `syz.1.425'.
[   99.512981][ T6387] netlink: 28 bytes leftover after parsing attributes in process `syz.4.437'.
[   99.539789][ T6387] netlink: 4 bytes leftover after parsing attributes in process `syz.4.437'.
[   99.580124][ T6387] veth1_macvtap: left promiscuous mode
[   99.623285][ T6393] nbd: must specify at least one socket
[   99.636677][ T6389] vlan2: entered promiscuous mode
[   99.669515][ T6390] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  100.258364][ T6425] nbd: must specify at least one socket
[  100.763447][ T6462] netlink: zone id is out of range
[  100.767475][ T6464] nbd: must specify at least one socket
[  100.809614][ T6462] netlink: zone id is out of range
[  100.849765][ T6469] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  100.859853][ T6462] netlink: zone id is out of range
[  100.866055][ T6462] netlink: zone id is out of range
[  100.873897][ T6469] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  100.891538][ T6462] netlink: zone id is out of range
[  100.917905][ T6462] netlink: zone id is out of range
[  100.938187][ T6462] netlink: zone id is out of range
[  101.453234][ T6505] __nla_validate_parse: 9 callbacks suppressed
[  101.453277][ T6505] netlink: 44 bytes leftover after parsing attributes in process `syz.3.474'.
[  101.505032][ T6505] nbd: must specify at least one socket
[  101.629996][ T6510] netlink: 210576 bytes leftover after parsing attributes in process `syz.2.477'.
[  101.702520][ T6513] netlink: 24 bytes leftover after parsing attributes in process `syz.4.478'.
[  101.831703][ T6516] netlink: 'syz.3.479': attribute type 4 has an invalid length.
[  101.836159][ T6525] netlink: 'syz.2.482': attribute type 1 has an invalid length.
[  101.855507][ T6526] syz.0.481 uses old SIOCAX25GETINFO
[  102.071861][ T6532] netlink: 12 bytes leftover after parsing attributes in process `syz.4.485'.
[  102.115758][ T6532] netlink: 8 bytes leftover after parsing attributes in process `syz.4.485'.
[  102.161413][ T6538] netlink: 44 bytes leftover after parsing attributes in process `syz.3.489'.
[  102.197884][ T6538] nbd: must specify at least one socket
[  102.257022][ T6544] FAULT_INJECTION: forcing a failure.
[  102.257022][ T6544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.289398][ T6544] CPU: 0 PID: 6544 Comm: syz.1.490 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  102.299628][ T6544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  102.309800][ T6544] Call Trace:
[  102.313107][ T6544]  <TASK>
[  102.316055][ T6544]  dump_stack_lvl+0x241/0x360
[  102.320767][ T6544]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.326001][ T6544]  ? __pfx__printk+0x10/0x10
[  102.330727][ T6544]  ? __pfx_lock_release+0x10/0x10
[  102.331873][ T6549] netlink: 'syz.0.494': attribute type 1 has an invalid length.
[  102.335772][ T6544]  ? vfs_write+0x7c4/0xc90
[  102.347846][ T6544]  should_fail_ex+0x3b0/0x4e0
[  102.352573][ T6544]  _copy_from_user+0x2f/0xe0
[  102.357191][ T6544]  __sys_bpf+0x1a4/0x810
[  102.359942][ T6549] netlink: 4 bytes leftover after parsing attributes in process `syz.0.494'.
[  102.361470][ T6544]  ? __pfx___sys_bpf+0x10/0x10
[  102.361519][ T6544]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  102.361544][ T6544]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  102.387486][ T6544]  ? do_syscall_64+0x100/0x230
[  102.392266][ T6544]  __x64_sys_bpf+0x7c/0x90
[  102.396719][ T6544]  do_syscall_64+0xf3/0x230
[  102.401271][ T6544]  ? clear_bhb_loop+0x35/0x90
[  102.405981][ T6544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.411987][ T6544] RIP: 0033:0x7f318af75b99
[  102.416420][ T6544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.436052][ T6544] RSP: 002b:00007f318bc9f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  102.444495][ T6544] RAX: ffffffffffffffda RBX: 00007f318b103fa0 RCX: 00007f318af75b99
[  102.452499][ T6544] RDX: 000000000000004c RSI: 0000000020000240 RDI: 000000000000000a
[  102.460499][ T6544] RBP: 00007f318bc9f0a0 R08: 0000000000000000 R09: 0000000000000000
[  102.468506][ T6544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.476502][ T6544] R13: 000000000000000b R14: 00007f318b103fa0 R15: 00007fffa97542f8
[  102.484516][ T6544]  </TASK>
[  102.528329][ T6554] netlink: 44 bytes leftover after parsing attributes in process `syz.4.492'.
[  102.561672][ T6556] netlink: 'syz.0.496': attribute type 1 has an invalid length.
[  102.574562][ T6556] netlink: 'syz.0.496': attribute type 1 has an invalid length.
[  102.589731][ T6556] netlink: 9332 bytes leftover after parsing attributes in process `syz.0.496'.
[  102.604580][ T6556] netlink: 'syz.0.496': attribute type 1 has an invalid length.
[  102.633104][ T6556] netlink: 20 bytes leftover after parsing attributes in process `syz.0.496'.
[  102.743035][ T6563] IPv6: Can't replace route, no match found
[  103.369512][ T6597] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  103.738106][ T6605] bond3: (slave bridge3): Enslaving as an active interface with an up link
[  103.791550][ T6610] bridge0: port 3(bond3) entered blocking state
[  103.808596][ T6610] bridge0: port 3(bond3) entered disabled state
[  103.828225][ T6610] bond3: entered allmulticast mode
[  103.834760][ T6610] bridge3: entered allmulticast mode
[  103.843768][ T6610] bond3: entered promiscuous mode
[  103.849079][ T6610] bridge3: entered promiscuous mode
[  104.158471][ T6642] pim6reg: entered allmulticast mode
[  104.185147][ T6651] pim6reg: left allmulticast mode
[  104.579346][   T30] audit: type=1804 audit(1719728998.489:4): pid=6675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.534" name="/root/syzkaller.T2d71c/105/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0
[  105.030093][ T6703] netlink: 'syz.4.548': attribute type 9 has an invalid length.
[  105.342930][ T6728] sctp: [Deprecated]: syz.0.557 (pid 6728) Use of int in max_burst socket option deprecated.
[  105.342930][ T6728] Use struct sctp_assoc_value instead
[  105.540152][ T6739] FAULT_INJECTION: forcing a failure.
[  105.540152][ T6739] name failslab, interval 1, probability 0, space 0, times 0
[  105.561786][ T6739] CPU: 1 PID: 6739 Comm: syz.2.563 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  105.571885][ T6739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  105.582138][ T6739] Call Trace:
[  105.585693][ T6739]  <TASK>
[  105.589210][ T6739]  dump_stack_lvl+0x241/0x360
[  105.594106][ T6739]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.599359][ T6739]  ? __pfx__printk+0x10/0x10
[  105.603981][ T6739]  ? __pfx___might_resched+0x10/0x10
[  105.609287][ T6739]  ? vsnprintf+0x1cfc/0x1da0
[  105.613886][ T6739]  should_fail_ex+0x3b0/0x4e0
[  105.618580][ T6739]  should_failslab+0x9/0x20
[  105.623103][ T6739]  kmalloc_node_track_caller_noprof+0xda/0x440
[  105.629341][ T6739]  ? kasprintf+0xd5/0x120
[  105.633780][ T6739]  kvasprintf+0xdf/0x190
[  105.638020][ T6739]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  105.644378][ T6739]  ? __pfx_kvasprintf+0x10/0x10
[  105.649359][ T6739]  kasprintf+0xd5/0x120
[  105.653573][ T6739]  ? lockdep_init_map_type+0xa1/0x910
[  105.659037][ T6739]  ? kvasprintf+0x106/0x190
[  105.663565][ T6739]  ? __pfx_kasprintf+0x10/0x10
[  105.668417][ T6739]  ? __pfx_ieee80211_dynamic_ps_timer+0x10/0x10
[  105.674814][ T6739]  ieee80211_alloc_led_names+0x1df/0x2b0
[  105.680481][ T6739]  ieee80211_alloc_hw_nm+0x182d/0x1ea0
[  105.685959][ T6739]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  105.692950][ T6739]  mac80211_hwsim_new_radio+0x1f1/0x44d0
[  105.698661][ T6739]  ? ___ratelimit+0x4c4/0x670
[  105.703450][ T6739]  ? __pfx____ratelimit+0x10/0x10
[  105.708512][ T6739]  ? stack_depot_save_flags+0x29/0x830
[  105.714187][ T6739]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  105.720370][ T6739]  ? rcu_is_watching+0x15/0xb0
[  105.725321][ T6739]  ? do_trace_netlink_extack+0x8b/0x1f0
[  105.730915][ T6739]  hwsim_new_radio_nl+0xe4c/0x21d0
[  105.736128][ T6739]  ? __pfx___nla_validate_parse+0x10/0x10
[  105.741854][ T6739]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  105.747426][ T6739]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  105.753766][ T6739]  genl_rcv_msg+0xb14/0xec0
[  105.758298][ T6739]  ? mark_lock+0x9a/0x350
[  105.762649][ T6739]  ? __pfx_genl_rcv_msg+0x10/0x10
[  105.767694][ T6739]  ? __pfx_lock_acquire+0x10/0x10
[  105.772718][ T6739]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  105.778263][ T6739]  ? __pfx___might_resched+0x10/0x10
[  105.783572][ T6739]  netlink_rcv_skb+0x1e3/0x430
[  105.788332][ T6739]  ? __pfx_genl_rcv_msg+0x10/0x10
[  105.793355][ T6739]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  105.798659][ T6739]  ? __netlink_deliver_tap+0x77e/0x7c0
[  105.804148][ T6739]  genl_rcv+0x28/0x40
[  105.808343][ T6739]  netlink_unicast+0x7f0/0x990
[  105.813144][ T6739]  ? __pfx_netlink_unicast+0x10/0x10
[  105.818529][ T6739]  ? __virt_addr_valid+0x183/0x520
[  105.823669][ T6739]  ? __check_object_size+0x49c/0x900
[  105.829402][ T6739]  ? bpf_lsm_netlink_send+0x9/0x10
[  105.834551][ T6739]  netlink_sendmsg+0x8e4/0xcb0
[  105.839340][ T6739]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.844668][ T6739]  ? __import_iovec+0x536/0x820
[  105.850058][ T6739]  ? aa_sock_msg_perm+0x91/0x160
[  105.855009][ T6739]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  105.860304][ T6739]  ? security_socket_sendmsg+0x87/0xb0
[  105.865858][ T6739]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.871179][ T6739]  __sock_sendmsg+0x221/0x270
[  105.875888][ T6739]  ____sys_sendmsg+0x525/0x7d0
[  105.880775][ T6739]  ? __pfx_____sys_sendmsg+0x10/0x10
[  105.886095][ T6739]  __sys_sendmsg+0x2b0/0x3a0
[  105.890684][ T6739]  ? __pfx___sys_sendmsg+0x10/0x10
[  105.895795][ T6739]  ? vfs_write+0x7c4/0xc90
[  105.900252][ T6739]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  105.906588][ T6739]  ? do_syscall_64+0x100/0x230
[  105.911372][ T6739]  ? do_syscall_64+0xb6/0x230
[  105.916066][ T6739]  do_syscall_64+0xf3/0x230
[  105.920595][ T6739]  ? clear_bhb_loop+0x35/0x90
[  105.925298][ T6739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.931193][ T6739] RIP: 0033:0x7f396df75b99
[  105.935619][ T6739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.955222][ T6739] RSP: 002b:00007f396ed01048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.963721][ T6739] RAX: ffffffffffffffda RBX: 00007f396e103fa0 RCX: 00007f396df75b99
[  105.971687][ T6739] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  105.979662][ T6739] RBP: 00007f396ed010a0 R08: 0000000000000000 R09: 0000000000000000
[  105.987651][ T6739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  105.995655][ T6739] R13: 000000000000000b R14: 00007f396e103fa0 R15: 00007fff84936838
[  106.003637][ T6739]  </TASK>
[  106.486696][ T6767] __nla_validate_parse: 9 callbacks suppressed
[  106.486717][ T6767] netlink: 60 bytes leftover after parsing attributes in process `syz.0.573'.
[  106.775644][ T6788] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.582'.
[  107.024114][   T29] tipc: Subscription rejected, illegal request
[  107.054928][ T6796] team0: Port device team_slave_0 removed
[  107.282611][ T6814] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  107.694314][ T6829] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  107.754800][ T6834] netlink: 'syz.1.599': attribute type 1 has an invalid length.
[  107.781740][ T6834] netlink: 9344 bytes leftover after parsing attributes in process `syz.1.599'.
[  107.791150][ T6834] netlink: 'syz.1.599': attribute type 1 has an invalid length.
[  108.960329][ T6871] netlink: 210576 bytes leftover after parsing attributes in process `syz.3.610'.
[  108.970960][ T6871] net_ratelimit: 128 callbacks suppressed
[  108.970993][ T6871] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  108.997117][ T6872] netlink: 16 bytes leftover after parsing attributes in process `syz.1.611'.
[  108.997956][ T6871] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  109.229226][ T6885] netlink: 12 bytes leftover after parsing attributes in process `syz.3.616'.
[  109.416028][ T6895] tipc: Started in network mode
[  109.430794][ T6895] tipc: Node identity 080211, cluster identity 4711
[  109.447328][ T6895] tipc: Enabled bearer <eth:wlan0>, priority 0
[  109.632049][ T6906] netlink: 'syz.3.624': attribute type 3 has an invalid length.
[  109.640008][ T6906] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.624'.
[  110.212571][ T6946] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  110.219736][ T6946] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  110.227405][ T6946] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  110.234170][ T6946] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  110.240745][ T6946] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  110.247459][ T6946] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  110.255129][ T6946] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  110.261719][ T6946] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  110.324692][ T6945] IPVS: Scheduler module ip_vs_sip not found
[  110.352006][   T30] audit: type=1800 audit(1719729004.259:5): pid=6959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.645" name="memory.events" dev="sda1" ino=1960 res=0 errno=0
[  110.440857][   T30] audit: type=1804 audit(1719729004.299:6): pid=6959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.645" name="/root/syzkaller.T2d71c/128/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  110.499374][ T6966] gre1: entered allmulticast mode
[  110.561657][    T8] tipc: Node number set to 134353152
[  110.609779][ T6973] FAULT_INJECTION: forcing a failure.
[  110.609779][ T6973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.674805][ T6973] CPU: 1 PID: 6973 Comm: syz.0.650 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  110.684964][ T6973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  110.695026][ T6973] Call Trace:
[  110.698306][ T6973]  <TASK>
[  110.701269][ T6973]  dump_stack_lvl+0x241/0x360
[  110.705955][ T6973]  ? __pfx_dump_stack_lvl+0x10/0x10
[  110.711252][ T6973]  ? __pfx__printk+0x10/0x10
[  110.715852][ T6973]  ? __pfx_lock_release+0x10/0x10
[  110.720878][ T6973]  should_fail_ex+0x3b0/0x4e0
[  110.725561][ T6973]  _copy_from_user+0x2f/0xe0
[  110.730251][ T6973]  copy_msghdr_from_user+0xae/0x680
[  110.735499][ T6973]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  110.741352][ T6973]  __sys_sendmsg+0x23d/0x3a0
[  110.745957][ T6973]  ? __pfx___sys_sendmsg+0x10/0x10
[  110.751097][ T6973]  ? vfs_write+0x7c4/0xc90
[  110.755695][ T6973]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  110.762050][ T6973]  ? do_syscall_64+0x100/0x230
[  110.766916][ T6973]  ? do_syscall_64+0xb6/0x230
[  110.771700][ T6973]  do_syscall_64+0xf3/0x230
[  110.776440][ T6973]  ? clear_bhb_loop+0x35/0x90
[  110.781241][ T6973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.787199][ T6973] RIP: 0033:0x7feab9d75b99
[  110.791794][ T6973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.811712][ T6973] RSP: 002b:00007feabaaf3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.820146][ T6973] RAX: ffffffffffffffda RBX: 00007feab9f03fa0 RCX: 00007feab9d75b99
[  110.828236][ T6973] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  110.836412][ T6973] RBP: 00007feabaaf30a0 R08: 0000000000000000 R09: 0000000000000000
[  110.844478][ T6973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.852449][ T6973] R13: 000000000000000b R14: 00007feab9f03fa0 R15: 00007ffea8052d38
[  110.860428][ T6973]  </TASK>
[  110.988401][ T6988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.655'.
[  111.134162][ T6996] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  111.245373][ T7001] netlink: 104 bytes leftover after parsing attributes in process `syz.0.661'.
[  111.366090][ T7006] netlink: 2272 bytes leftover after parsing attributes in process `syz.2.662'.
[  111.394988][ T7009] xt_CT: You must specify a L4 protocol and not use inversions on it
[  111.421616][ T7004] can: request_module (can-proto-0) failed.
[  111.473436][ T7011] FAULT_INJECTION: forcing a failure.
[  111.473436][ T7011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.519378][ T7011] CPU: 1 PID: 7011 Comm: syz.0.664 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  111.529426][ T7011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  111.539508][ T7011] Call Trace:
[  111.542805][ T7011]  <TASK>
[  111.545753][ T7011]  dump_stack_lvl+0x241/0x360
[  111.550464][ T7011]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.555692][ T7011]  ? __pfx__printk+0x10/0x10
[  111.560328][ T7011]  ? snprintf+0xda/0x120
[  111.564748][ T7011]  should_fail_ex+0x3b0/0x4e0
[  111.569477][ T7011]  _copy_to_user+0x2f/0xb0
[  111.573960][ T7011]  simple_read_from_buffer+0xca/0x150
[  111.579387][ T7011]  proc_fail_nth_read+0x1e9/0x250
[  111.584546][ T7011]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  111.590124][ T7011]  ? rw_verify_area+0x514/0x6b0
[  111.595002][ T7011]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  111.600591][ T7011]  vfs_read+0x204/0xbd0
[  111.604774][ T7011]  ? __pfx_lock_release+0x10/0x10
[  111.609826][ T7011]  ? __pfx_vfs_read+0x10/0x10
[  111.614539][ T7011]  ? __fget_files+0x29/0x470
[  111.619180][ T7011]  ? __fget_files+0x3f6/0x470
[  111.623907][ T7011]  ksys_read+0x1a0/0x2c0
[  111.628185][ T7011]  ? __pfx_ksys_read+0x10/0x10
[  111.632992][ T7011]  ? do_syscall_64+0x100/0x230
[  111.637806][ T7011]  ? do_syscall_64+0xb6/0x230
[  111.638601][ T5100] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  111.642507][ T7011]  do_syscall_64+0xf3/0x230
[  111.642563][ T7011]  ? clear_bhb_loop+0x35/0x90
[  111.642584][ T7011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.642613][ T7011] RIP: 0033:0x7feab9d7467c
[  111.642634][ T7011] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  111.656653][ T5100] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  111.659198][ T7011] RSP: 002b:00007feabaaf3040 EFLAGS: 00000246
[  111.668473][ T5100] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  111.669636][ T7011]  ORIG_RAX: 0000000000000000
[  111.691944][ T5100] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  111.696529][ T7011] RAX: ffffffffffffffda RBX: 00007feab9f03fa0 RCX: 00007feab9d7467c
[  111.704100][ T5100] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  111.709505][ T7011] RDX: 000000000000000f RSI: 00007feabaaf30b0 RDI: 0000000000000006
[  111.714858][ T5100] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  111.721086][ T7011] RBP: 00007feabaaf30a0 R08: 0000000000000000 R09: 0000000000000000
[  111.721110][ T7011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  111.721129][ T7011] R13: 000000000000000b R14: 00007feab9f03fa0 R15: 00007ffea8052d38
[  111.721157][ T7011]  </TASK>
[  111.807997][ T7015] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:0
[  112.166503][ T7031] netlink: 224 bytes leftover after parsing attributes in process `syz.3.670'.
[  112.178228][ T7035] netlink: 'syz.0.671': attribute type 1 has an invalid length.
[  112.264193][   T81] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.313957][ T7039] Cannot find add_set index 0 as target
[  112.415092][   T81] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.467942][ T7051] netlink: 20 bytes leftover after parsing attributes in process `syz.2.676'.
[  112.567145][ T7054] netlink: 17 bytes leftover after parsing attributes in process `syz.2.676'.
[  112.603555][ T7054] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.634947][ T7054] netlink: 17 bytes leftover after parsing attributes in process `syz.2.676'.
[  112.670390][   T81] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.760719][   T81] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.974080][ T7074] netlink: 210620 bytes leftover after parsing attributes in process `syz.2.686'.
[  113.129177][ T7078] netlink: 'syz.2.689': attribute type 1 has an invalid length.
[  113.152742][ T7078] netlink: 'syz.2.689': attribute type 2 has an invalid length.
[  113.171675][ T7016] chnl_net:caif_netlink_parms(): no params data found
[  113.217821][   T81] bridge_slave_1: left allmulticast mode
[  113.237588][   T81] bridge_slave_1: left promiscuous mode
[  113.253100][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.305151][   T81] bridge_slave_0: left allmulticast mode
[  113.310857][   T81] bridge_slave_0: left promiscuous mode
[  113.328308][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.907096][ T5097] Bluetooth: hci5: command tx timeout
[  114.417853][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  114.430050][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  114.440931][   T81] bond0 (unregistering): Released all slaves
[  114.453683][   T81] bond1 (unregistering): Released all slaves
[  114.468464][   T81] bond2 (unregistering): Released all slaves
[  114.479596][ T7084] netlink: 112 bytes leftover after parsing attributes in process `syz.2.689'.
[  114.489800][ T7084] tipc: Enabled bearer <eth:bridge0>, priority 16
[  114.704408][ T7108] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.696'.
[  115.028986][   T30] audit: type=1800 audit(1719729008.939:7): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.703" name="memory.events" dev="sda1" ino=1962 res=0 errno=0
[  115.101283][   T30] audit: type=1804 audit(1719729009.009:8): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.703" name="/root/syzkaller.XbXMRs/146/memory.events" dev="sda1" ino=1962 res=1 errno=0
[  115.125080][   T30] audit: type=1804 audit(1719729009.019:9): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.703" name="/root/syzkaller.XbXMRs/146/memory.events" dev="sda1" ino=1962 res=1 errno=0
[  115.488134][ T7016] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.514485][ T7016] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.548391][ T7016] bridge_slave_0: entered allmulticast mode
[  115.601072][ T7016] bridge_slave_0: entered promiscuous mode
[  115.620559][ T7136] netlink: 'syz.0.703': attribute type 4 has an invalid length.
[  115.753184][   T81] hsr_slave_0: left promiscuous mode
[  115.773542][   T81] hsr_slave_1: left promiscuous mode
[  115.776351][ T7155] netlink: 'syz.2.708': attribute type 9 has an invalid length.
[  115.787384][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.797743][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.802705][ T7155] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.708'.
[  115.817642][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.846678][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.876223][   T81] veth1_macvtap: left promiscuous mode
[  115.883455][   T81] veth0_macvtap: left promiscuous mode
[  115.889269][   T81] veth1_vlan: left promiscuous mode
[  115.895844][   T81] veth0_vlan: left promiscuous mode
[  115.975191][ T5097] Bluetooth: hci5: command 0x041b tx timeout
[  116.447363][   T81] team0 (unregistering): Port device team_slave_1 removed
[  116.489664][   T81] team0 (unregistering): Port device team_slave_0 removed
[  116.910040][ T7016] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.917619][ T7016] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.925661][ T7016] bridge_slave_1: entered allmulticast mode
[  116.933157][ T7016] bridge_slave_1: entered promiscuous mode
[  116.939667][ T7146] netlink: 12 bytes leftover after parsing attributes in process `syz.4.705'.
[  116.964415][ T7145] netlink: 12 bytes leftover after parsing attributes in process `syz.4.705'.
[  117.099047][ T7164] ɶƣ0GC¦: entered promiscuous mode
[  117.129609][ T7016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.152717][ T7016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.174694][ T7166] team0: entered promiscuous mode
[  117.184450][ T7156] netlink: 'syz.2.708': attribute type 9 has an invalid length.
[  117.192466][ T7166] team_slave_0: entered promiscuous mode
[  117.198433][ T7166] team_slave_1: entered promiscuous mode
[  117.205974][ T7156] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.708'.
[  117.220635][ T7165] team0: left promiscuous mode
[  117.225988][ T7165] team_slave_0: left promiscuous mode
[  117.231971][ T7165] team_slave_1: left promiscuous mode
[  117.292972][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.713'.
[  117.340153][ T7170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.713'.
[  117.353893][ T7016] team0: Port device team_slave_0 added
[  117.374136][ T7016] team0: Port device team_slave_1 added
[  117.444472][ T7172] net_ratelimit: 49 callbacks suppressed
[  117.444496][ T7172] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  117.506484][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_0
[  117.523559][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.558426][ T7016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  117.615026][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.637996][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.687396][ T7186] netlink: 24 bytes leftover after parsing attributes in process `syz.3.719'.
[  117.701304][ T7016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  117.768157][ T7188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.720'.
[  117.922437][ T7188] netlink: 20 bytes leftover after parsing attributes in process `syz.0.720'.
[  118.051654][ T5100] Bluetooth: hci5: command 0x041b tx timeout
[  118.130693][ T7016] hsr_slave_0: entered promiscuous mode
[  118.144987][ T7016] hsr_slave_1: entered promiscuous mode
[  118.168043][ T7213] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  118.441491][ T7225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.732'.
[  118.603835][ T7232] netdevsim netdevsim0 netdevsim0: Unsupported IPsec algorithm
[  119.033640][ T7016] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  119.051715][ T7255] netlink: 'syz.3.744': attribute type 4 has an invalid length.
[  119.110292][ T7016] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  119.143989][ T7016] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  119.169296][ T7261] netlink: 'syz.3.744': attribute type 4 has an invalid length.
[  119.198232][ T7016] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  119.357970][   T30] audit: type=1804 audit(1719729013.269:10): pid=7272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.752" name="/root/syzkaller.Wv2PI8/167/cgroup.controllers" dev="sda1" ino=1955 res=1 errno=0
[  119.544830][ T7016] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.612855][ T7016] 8021q: adding VLAN 0 to HW filter on device team0
[  119.659619][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.666888][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.716618][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.723852][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.753776][ T7289] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  120.093479][ T7306] netlink: 112 bytes leftover after parsing attributes in process `syz.4.765'.
[  120.114755][ T7306] tipc: Enabling of bearer <eth:bridge0> rejected, already enabled
[  120.133100][ T5100] Bluetooth: hci5: command 0x041b tx timeout
[  120.413356][ T7317] FAULT_INJECTION: forcing a failure.
[  120.413356][ T7317] name failslab, interval 1, probability 0, space 0, times 0
[  120.420068][ T7016] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.426568][ T7317] CPU: 0 PID: 7317 Comm: syz.2.770 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  120.426626][ T7317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  120.426639][ T7317] Call Trace:
[  120.426648][ T7317]  <TASK>
[  120.426657][ T7317]  dump_stack_lvl+0x241/0x360
[  120.426688][ T7317]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.426707][ T7317]  ? __pfx__printk+0x10/0x10
[  120.426738][ T7317]  ? do_raw_spin_lock+0x14f/0x370
[  120.467678][ T7319] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  120.469591][ T7317]  should_fail_ex+0x3b0/0x4e0
[  120.491370][ T7317]  ? __inet_hash_connect+0xa2e/0x2170
[  120.496807][ T7317]  should_failslab+0x9/0x20
[  120.501361][ T7317]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  120.506782][ T7317]  __inet_hash_connect+0xa2e/0x2170
[  120.512022][ T7317]  ? __pfx___inet_check_established+0x10/0x10
[  120.518230][ T7317]  ? __pfx___inet_hash_connect+0x10/0x10
[  120.523910][ T7317]  ? inet_hash_connect+0xac/0x140
[  120.529086][ T7317]  tcp_v4_connect+0xd04/0x1ba0
[  120.533945][ T7317]  ? __pfx_tcp_v4_connect+0x10/0x10
[  120.539179][ T7317]  ? mark_lock+0x9a/0x350
[  120.543544][ T7317]  __inet_stream_connect+0x262/0xf30
[  120.548898][ T7317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  120.555282][ T7317]  ? __local_bh_enable_ip+0x168/0x200
[  120.560699][ T7317]  ? lockdep_hardirqs_on+0x99/0x150
[  120.566045][ T7317]  ? __pfx___inet_stream_connect+0x10/0x10
[  120.570398][ T7016] veth0_vlan: entered promiscuous mode
[  120.571873][ T7317]  ? __local_bh_enable_ip+0x168/0x200
[  120.571902][ T7317]  ? inet_stream_connect+0x50/0xa0
[  120.571927][ T7317]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  120.571954][ T7317]  inet_stream_connect+0x65/0xa0
[  120.598551][ T7317]  kernel_connect+0x10b/0x160
[  120.603270][ T7317]  ? __pfx_kernel_connect+0x10/0x10
[  120.608548][ T7317]  ? do_raw_spin_unlock+0x13c/0x8b0
[  120.611548][ T7016] veth1_vlan: entered promiscuous mode
[  120.614290][ T7317]  smc_connect+0x72c/0xde0
[  120.624370][ T7317]  __sys_connect+0x2df/0x310
[  120.629033][ T7317]  ? __pfx___sys_connect+0x10/0x10
[  120.634220][ T7317]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  120.640576][ T7317]  ? do_syscall_64+0x100/0x230
[  120.645373][ T7317]  __x64_sys_connect+0x7a/0x90
[  120.650178][ T7317]  do_syscall_64+0xf3/0x230
[  120.654716][ T7317]  ? clear_bhb_loop+0x35/0x90
[  120.659466][ T7317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.665393][ T7317] RIP: 0033:0x7f396df75b99
[  120.669877][ T7317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.670953][ T7016] veth0_macvtap: entered promiscuous mode
[  120.689664][ T7317] RSP: 002b:00007f396ed01048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  120.689698][ T7317] RAX: ffffffffffffffda RBX: 00007f396e103fa0 RCX: 00007f396df75b99
[  120.689710][ T7317] RDX: 0000000000000010 RSI: 00000000200000c0 RDI: 0000000000000003
[  120.689721][ T7317] RBP: 00007f396ed010a0 R08: 0000000000000000 R09: 0000000000000000
[  120.689732][ T7317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.689742][ T7317] R13: 000000000000000b R14: 00007f396e103fa0 R15: 00007fff84936838
[  120.689770][ T7317]  </TASK>
[  120.725542][ T7322] netlink: 296 bytes leftover after parsing attributes in process `syz.3.773'.
[  120.879080][ T7016] veth1_macvtap: entered promiscuous mode
[  120.904951][ T7325] netlink: 277 bytes leftover after parsing attributes in process `syz.4.774'.
[  120.940164][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.951621][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.963260][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.976105][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.986233][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.997207][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.007256][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.019304][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.038434][ T7016] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.073032][ T7331] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[  121.128126][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.162209][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.181014][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.202821][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.231282][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.247703][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.276522][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.294938][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.315068][ T7016] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.211593][ T5100] Bluetooth: hci5: command 0x041b tx timeout
[  122.526731][ T7356] team0: entered promiscuous mode
[  122.536894][ T7356] team_slave_0: entered promiscuous mode
[  122.548883][ T7356] team_slave_1: entered promiscuous mode
[  122.555329][ T7360] team0: left promiscuous mode
[  122.560248][ T7360] team_slave_0: left promiscuous mode
[  122.567354][ T7360] team_slave_1: left promiscuous mode
[  122.576857][ T7362] netlink: 'syz.3.788': attribute type 2 has an invalid length.
[  122.601554][ T7362] netlink: 'syz.3.788': attribute type 8 has an invalid length.
[  122.621384][ T7362] netlink: 'syz.3.788': attribute type 1 has an invalid length.
[  122.629247][ T7362] netlink: 80 bytes leftover after parsing attributes in process `syz.3.788'.
[  122.650628][ T7362] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.702467][ T7016] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.723820][ T7016] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.748562][ T7016] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.761854][ T7016] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.797200][ T7369] netlink: 4 bytes leftover after parsing attributes in process `syz.4.791'.
[  123.031607][ T7387] netlink: 20 bytes leftover after parsing attributes in process `syz.2.798'.
[  123.094282][ T7389] team0: entered promiscuous mode
[  123.099527][ T7389] team_slave_0: entered promiscuous mode
[  123.115430][ T7389] team_slave_1: entered promiscuous mode
[  123.168582][ T7388] team0: left promiscuous mode
[  123.180080][ T7388] team_slave_0: left promiscuous mode
[  123.187324][ T7388] team_slave_1: left promiscuous mode
[  123.201145][ T7395] netlink: 12 bytes leftover after parsing attributes in process `syz.4.801'.
[  123.204730][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.287413][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.369730][ T7402] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.804'.
[  123.382161][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.401869][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.586111][ T7420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.809'.
[  123.985096][    T9] tipc: Resetting bearer <eth:wlan0>
[  124.107026][   T30] audit: type=1800 audit(1719729018.009:11): pid=7439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.816" name="memory.events" dev="sda1" ino=1970 res=0 errno=0
[  124.167466][   T30] audit: type=1804 audit(1719729018.009:12): pid=7439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.816" name="/root/syzkaller.T2d71c/173/memory.events" dev="sda1" ino=1970 res=1 errno=0
[  124.305667][ T7446] netlink: 'syz.3.818': attribute type 21 has an invalid length.
[  124.338993][ T7446] netlink: 'syz.3.818': attribute type 20 has an invalid length.
[  124.848766][ T7483] netlink: 'syz.0.833': attribute type 13 has an invalid length.
[  125.191698][ T7498] IPv6: NLM_F_CREATE should be specified when creating new route
[  125.221420][ T7498] netlink: 'syz.2.838': attribute type 1 has an invalid length.
[  125.450781][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  125.571746][ T5097] Bluetooth: hci5: command 0x041b tx timeout
[  125.589938][ T7522] netlink: 24 bytes leftover after parsing attributes in process `syz.4.847'.
[  125.628811][ T7519] can: request_module (can-proto-0) failed.
[  125.631725][ T7522] nbd: socks must be embedded in a SOCK_ITEM attr
[  125.731627][ T7519] netlink: 100 bytes leftover after parsing attributes in process `syz.3.844'.
[  125.956368][ T7536] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  125.963906][ T7536] IPv6: NLM_F_CREATE should be set when creating new route
[  126.178872][ T7541] netlink: 244 bytes leftover after parsing attributes in process `syz.3.853'.
[  126.254121][ T7545] netlink: 'syz.4.855': attribute type 12 has an invalid length.
[  126.302329][ T7545] netlink: 197276 bytes leftover after parsing attributes in process `syz.4.855'.
[  126.397823][ T7547] syzkaller0: entered promiscuous mode
[  126.414961][ T7547] syzkaller0: entered allmulticast mode
[  128.094389][ T7558] netlink: 'syz.1.859': attribute type 1 has an invalid length.
[  128.345945][ T7575] __nla_validate_parse: 1 callbacks suppressed
[  128.345964][ T7575] netlink: 72 bytes leftover after parsing attributes in process `syz.4.864'.
[  128.363142][ T7575] netlink: 72 bytes leftover after parsing attributes in process `syz.4.864'.
[  128.729485][ T7603] netlink: 4 bytes leftover after parsing attributes in process `syz.3.869'.
[  128.760932][ T7599] netlink: 20 bytes leftover after parsing attributes in process `syz.2.870'.
[  128.790728][ T7599] netlink: 12 bytes leftover after parsing attributes in process `syz.2.870'.
[  128.817499][ T7605] netlink: 16 bytes leftover after parsing attributes in process `syz.2.870'.
[  129.293290][ T7627] geneve2: entered promiscuous mode
[  129.323150][ T7627] geneve2: entered allmulticast mode
[  129.421571][ T7629] netlink: 16 bytes leftover after parsing attributes in process `syz.1.879'.
[  129.646038][ T7652] netlink: 12 bytes leftover after parsing attributes in process `syz.1.879'.
[  129.651550][ T7651] netlink: 24 bytes leftover after parsing attributes in process `syz.0.884'.
[  129.672894][ T7652] netlink: 'syz.1.879': attribute type 20 has an invalid length.
[  129.712703][ T7659] ip6t_srh: unknown srh match flags  4001
[  129.761340][ T7659] netlink: 'syz.3.886': attribute type 11 has an invalid length.
[  129.775507][ T7662] Bluetooth: MGMT ver 1.22
[  129.793265][ T7662] netlink: zone id is out of range
[  129.799759][ T7662] netlink: zone id is out of range
[  129.824012][ T7662] netlink: zone id is out of range
[  129.830794][ T7662] netlink: zone id is out of range
[  129.866971][ T7662] netlink: zone id is out of range
[  129.897261][ T7662] netlink: set zone limit has 4 unknown bytes
[  130.467180][ T7707] veth1_macvtap: left promiscuous mode
[  130.542278][ T7704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.901'.
[  130.890033][ T7730] xt_NFQUEUE: number of queues (65530) out of range (got 66566)
[  130.918260][ T7732] FAULT_INJECTION: forcing a failure.
[  130.918260][ T7732] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.937262][ T7732] CPU: 0 PID: 7732 Comm: syz.3.911 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  130.947566][ T7732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  130.957652][ T7732] Call Trace:
[  130.960966][ T7732]  <TASK>
[  130.963940][ T7732]  dump_stack_lvl+0x241/0x360
[  130.968805][ T7732]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.974544][ T7732]  ? __pfx__printk+0x10/0x10
[  130.979363][ T7732]  ? __pfx_lock_release+0x10/0x10
[  130.984780][ T7732]  should_fail_ex+0x3b0/0x4e0
[  130.985031][ T7734] syz_tun: entered promiscuous mode
[  130.989482][ T7732]  _copy_from_user+0x2f/0xe0
[  130.989516][ T7732]  copy_msghdr_from_user+0xae/0x680
[  130.989542][ T7732]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  130.989575][ T7732]  __sys_sendmsg+0x23d/0x3a0
[  130.989597][ T7732]  ? __pfx___sys_sendmsg+0x10/0x10
[  130.989615][ T7732]  ? vfs_write+0x7c4/0xc90
[  131.025987][ T7732]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  131.032356][ T7732]  ? do_syscall_64+0x100/0x230
[  131.037161][ T7732]  ? do_syscall_64+0xb6/0x230
[  131.041876][ T7732]  do_syscall_64+0xf3/0x230
[  131.046408][ T7732]  ? clear_bhb_loop+0x35/0x90
[  131.051130][ T7732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.057061][ T7732] RIP: 0033:0x7ff72bb75b99
[  131.061508][ T7732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.081580][ T7732] RSP: 002b:00007ff72c956048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.090030][ T7732] RAX: ffffffffffffffda RBX: 00007ff72bd03fa0 RCX: 00007ff72bb75b99
[  131.098299][ T7732] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 0000000000000003
[  131.106310][ T7732] RBP: 00007ff72c9560a0 R08: 0000000000000000 R09: 0000000000000000
[  131.114312][ T7732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.122522][ T7732] R13: 000000000000000b R14: 00007ff72bd03fa0 R15: 00007ffdfeb1ad78
[  131.130636][ T7732]  </TASK>
[  131.136945][ T7734] syz_tun: left promiscuous mode
[  131.494463][ T7760] erspan0: entered promiscuous mode
[  131.533604][ T7760] vlan3: entered promiscuous mode
[  131.557437][ T7760] erspan0: left promiscuous mode
[  132.021427][ T7793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  132.163792][ T7799] veth1_macvtap: left promiscuous mode
[  132.244326][ T7801] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.271955][ T7801] team0: Port device bond0 added
[  133.156853][ T7834] FAULT_INJECTION: forcing a failure.
[  133.156853][ T7834] name failslab, interval 1, probability 0, space 0, times 0
[  133.170862][ T7834] CPU: 1 PID: 7834 Comm: syz.0.953 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  133.180892][ T7834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  133.190951][ T7834] Call Trace:
[  133.194245][ T7834]  <TASK>
[  133.197183][ T7834]  dump_stack_lvl+0x241/0x360
[  133.201868][ T7834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  133.207071][ T7834]  ? __pfx__printk+0x10/0x10
[  133.211666][ T7834]  should_fail_ex+0x3b0/0x4e0
[  133.216357][ T7834]  ? ip6_setup_cork+0x1c3/0xfb0
[  133.221217][ T7834]  should_failslab+0x9/0x20
[  133.225735][ T7834]  kmalloc_trace_noprof+0x6c/0x2c0
[  133.230865][ T7834]  ip6_setup_cork+0x1c3/0xfb0
[  133.235556][ T7834]  ip6_make_skb+0x1fb/0x530
[  133.240251][ T7834]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  133.245810][ T7834]  ? __pfx_ip6_make_skb+0x10/0x10
[  133.250826][ T7834]  ? __pfx_lock_release+0x10/0x10
[  133.255860][ T7834]  ? ip6_sk_dst_lookup_flow+0x87c/0xa30
[  133.261468][ T7834]  udpv6_sendmsg+0x237f/0x3270
[  133.266282][ T7834]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  133.271855][ T7834]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  133.277005][ T7834]  ? inet_send_prepare+0x21/0x260
[  133.282060][ T7834]  ? inet_send_prepare+0x5a/0x260
[  133.287092][ T7834]  __sock_sendmsg+0xef/0x270
[  133.291718][ T7834]  sock_sendmsg+0x134/0x200
[  133.296267][ T7834]  ? __pfx_sock_sendmsg+0x10/0x10
[  133.301333][ T7834]  ? iov_iter_bvec+0x4e/0x180
[  133.306007][ T7834]  splice_to_socket+0xa13/0x10b0
[  133.311076][ T7834]  ? __pfx_lock_release+0x10/0x10
[  133.316165][ T7834]  ? __pfx_splice_to_socket+0x10/0x10
[  133.321566][ T7834]  ? __lock_acquire+0x1346/0x1fd0
[  133.326602][ T7834]  ? bpf_lsm_file_permission+0x9/0x10
[  133.331987][ T7834]  ? security_file_permission+0x7f/0xa0
[  133.337560][ T7834]  ? rw_verify_area+0x1d2/0x6b0
[  133.342430][ T7834]  ? __pfx_splice_to_socket+0x10/0x10
[  133.347816][ T7834]  do_splice+0xd77/0x1900
[  133.352203][ T7834]  ? __pfx_lock_release+0x10/0x10
[  133.357239][ T7834]  ? vfs_write+0x7c4/0xc90
[  133.361681][ T7834]  ? __mutex_unlock_slowpath+0x21d/0x750
[  133.367331][ T7834]  ? pipe_clear_nowait+0x196/0x220
[  133.372458][ T7834]  ? __pfx_do_splice+0x10/0x10
[  133.377237][ T7834]  __se_sys_splice+0x331/0x4a0
[  133.382033][ T7834]  ? __pfx___se_sys_splice+0x10/0x10
[  133.387327][ T7834]  ? do_syscall_64+0x100/0x230
[  133.392086][ T7834]  ? __x64_sys_splice+0x21/0xf0
[  133.396938][ T7834]  do_syscall_64+0xf3/0x230
[  133.401431][ T7834]  ? clear_bhb_loop+0x35/0x90
[  133.406121][ T7834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.412098][ T7834] RIP: 0033:0x7feab9d75b99
[  133.416507][ T7834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.436108][ T7834] RSP: 002b:00007feabaaf3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  133.444515][ T7834] RAX: ffffffffffffffda RBX: 00007feab9f03fa0 RCX: 00007feab9d75b99
[  133.452477][ T7834] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  133.460440][ T7834] RBP: 00007feabaaf30a0 R08: 0000000000000cc0 R09: 0000000000000000
[  133.468433][ T7834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.476414][ T7834] R13: 000000000000000b R14: 00007feab9f03fa0 R15: 00007ffea8052d38
[  133.484397][ T7834]  </TASK>
[  133.512754][ T7832] __nla_validate_parse: 7 callbacks suppressed
[  133.512776][ T7832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.952'.
[  133.695137][ T7840] netlink: 208828 bytes leftover after parsing attributes in process `syz.3.954'.
[  133.711840][ T7840] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  133.744583][ T7840] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  133.925679][ T7850] netlink: 'syz.0.958': attribute type 5 has an invalid length.
[  133.959101][ T7850] netlink: 40 bytes leftover after parsing attributes in process `syz.0.958'.
[  134.017032][ T7850] netlink: 4 bytes leftover after parsing attributes in process `syz.0.958'.
[  134.028996][ T7854] netlink: 8 bytes leftover after parsing attributes in process `syz.3.961'.
[  134.227735][ T7858] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  134.362077][ T5097] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  134.371693][ T5097] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  134.381737][ T5097] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  134.391133][ T5097] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  134.402043][ T5097] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  134.409683][ T5097] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  134.485958][ T3731] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.565784][ T7874] netlink: 208828 bytes leftover after parsing attributes in process `syz.4.968'.
[  134.575247][ T7874] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  134.586431][ T7874] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  134.625250][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  134.633527][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  134.693199][ T3731] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.834447][ T3731] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.092918][ T3731] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.141815][ T7887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.973'.
[  135.171106][ T7898] netlink: 'syz.3.977': attribute type 9 has an invalid length.
[  135.181627][ T7898] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.977'.
[  135.325260][ T7904] netlink: 208828 bytes leftover after parsing attributes in process `syz.1.979'.
[  135.337281][ T7904] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  135.344579][ T7902] netlink: 12 bytes leftover after parsing attributes in process `syz.4.978'.
[  135.351286][ T7904] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  135.799005][ T3731] bridge_slave_1: left allmulticast mode
[  135.821984][ T3731] bridge_slave_1: left promiscuous mode
[  135.827951][ T3731] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.872431][ T3731] bridge_slave_0: left allmulticast mode
[  135.878143][ T3731] bridge_slave_0: left promiscuous mode
[  135.901497][ T3731] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.928565][ T3731] tipc: Resetting bearer <eth:bridge0>
[  136.205336][ T3731] bond1 (unregistering): (slave gretap1): Releasing backup interface
[  136.256515][ T3731] dvmrp0 (unregistering): left allmulticast mode
[  136.296783][ T3731] tipc: Disabling bearer <eth:bridge0>
[  136.429946][ T3731] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.441920][ T3731] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.451413][ T5100] Bluetooth: hci3: command tx timeout
[  136.460778][ T3731] bond0 (unregistering): Released all slaves
[  136.474119][ T3731] bond1 (unregistering): Released all slaves
[  136.501427][ T7949] netlink: 'syz.3.994': attribute type 12 has an invalid length.
[  136.516517][ T7951] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  136.552012][ T7951] macvlan2: entered allmulticast mode
[  136.561964][ T7951] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  136.613157][ T7951] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  136.630543][ T7951] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  136.714101][ T3731] tipc: Disabling bearer <eth:wlan0>
[  136.741822][ T3731] tipc: Left network mode
[  136.752269][ T7866] chnl_net:caif_netlink_parms(): no params data found
[  136.916431][ T7970] FAULT_INJECTION: forcing a failure.
[  136.916431][ T7970] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.952890][ T7970] CPU: 0 PID: 7970 Comm: syz.4.1000 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  136.963025][ T7970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  136.973108][ T7970] Call Trace:
[  136.976413][ T7970]  <TASK>
[  136.979371][ T7970]  dump_stack_lvl+0x241/0x360
[  136.984121][ T7970]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.989325][ T7970]  ? __pfx__printk+0x10/0x10
[  136.993926][ T7970]  ? __pfx_lock_release+0x10/0x10
[  136.998968][ T7970]  should_fail_ex+0x3b0/0x4e0
[  137.003650][ T7970]  _copy_from_user+0x2f/0xe0
[  137.008238][ T7970]  copy_msghdr_from_user+0xae/0x680
[  137.013455][ T7970]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  137.019291][ T7970]  __sys_sendmsg+0x23d/0x3a0
[  137.023888][ T7970]  ? __pfx___sys_sendmsg+0x10/0x10
[  137.028999][ T7970]  ? vfs_write+0x7c4/0xc90
[  137.033541][ T7970]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  137.039870][ T7970]  ? do_syscall_64+0x100/0x230
[  137.044649][ T7970]  ? do_syscall_64+0xb6/0x230
[  137.049331][ T7970]  do_syscall_64+0xf3/0x230
[  137.053922][ T7970]  ? clear_bhb_loop+0x35/0x90
[  137.058633][ T7970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.064557][ T7970] RIP: 0033:0x7f57a5375b99
[  137.068973][ T7970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.088614][ T7970] RSP: 002b:00007f57a607f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  137.097050][ T7970] RAX: ffffffffffffffda RBX: 00007f57a5503fa0 RCX: 00007f57a5375b99
[  137.105055][ T7970] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  137.113036][ T7970] RBP: 00007f57a607f0a0 R08: 0000000000000000 R09: 0000000000000000
[  137.121003][ T7970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.128967][ T7970] R13: 000000000000000b R14: 00007f57a5503fa0 R15: 00007fff3afd7628
[  137.136949][ T7970]  </TASK>
[  137.147261][ T7975] netlink: zone id is out of range
[  137.169649][ T7975] netlink: zone id is out of range
[  137.203029][ T7975] netlink: zone id is out of range
[  137.413379][ T7866] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.420795][ T7866] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.430525][ T7866] bridge_slave_0: entered allmulticast mode
[  137.454537][   T30] audit: type=1800 audit(1719729031.369:13): pid=7992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1008" name="memory.events" dev="sda1" ino=1960 res=0 errno=0
[  137.456409][ T7866] bridge_slave_0: entered promiscuous mode
[  137.519353][ T7866] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.532554][   T30] audit: type=1804 audit(1719729031.439:14): pid=7992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1008" name="/root/syzkaller.4gI1XM/38/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  137.561548][ T7866] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.579341][ T7866] bridge_slave_1: entered allmulticast mode
[  137.595541][ T7866] bridge_slave_1: entered promiscuous mode
[  138.023052][ T7866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  138.043132][ T8015] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0)
[  138.056684][ T8015] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[  138.090690][ T7866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  138.498856][ T7866] team0: Port device team_slave_0 added
[  138.542418][ T5100] Bluetooth: hci3: command tx timeout
[  138.558446][ T7866] team0: Port device team_slave_1 added
[  138.585138][ T3731] hsr_slave_0: left promiscuous mode
[  138.623764][ T3731] hsr_slave_1: left promiscuous mode
[  138.637093][ T3731] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.647286][ T3731] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.656903][ T3731] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.669568][ T3731] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.716954][ T3731] veth1_macvtap: left promiscuous mode
[  138.723148][ T3731] veth0_macvtap: left promiscuous mode
[  138.728860][ T3731] veth1_vlan: left promiscuous mode
[  138.734841][ T3731] veth0_vlan: left promiscuous mode
[  139.410941][ T3731] team0 (unregistering): Port device team_slave_1 removed
[  139.455072][ T3731] team0 (unregistering): Port device team_slave_0 removed
[  139.999114][ T8057] __nla_validate_parse: 5 callbacks suppressed
[  139.999137][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1030'.
[  140.065844][ T8074] netlink: 134312 bytes leftover after parsing attributes in process `syz.3.1036'.
[  140.083213][ T8064] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1034'.
[  140.112226][ T7866] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.130484][ T7866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.161487][ T7866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  140.201836][ T8074] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  140.211696][ T7866] batman_adv: batadv0: Adding interface: batadv_slave_1
[  140.225183][ T7866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.242135][ T8074] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  140.262207][ T7866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.282674][ T8079] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1038'.
[  140.295666][ T8079] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1038'.
[  140.489208][ T7866] hsr_slave_0: entered promiscuous mode
[  140.524552][ T7866] hsr_slave_1: entered promiscuous mode
[  140.596426][ T7866] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  140.615183][ T7866] Cannot create hsr debugfs directory
[  140.636754][ T8092] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1041'.
[  140.646893][ T5100] Bluetooth: hci3: command tx timeout
[  140.752282][ T8097] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1046'.
[  141.440534][ T8121] Cannot find add_set index 0 as target
[  141.455999][ T8121] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  141.544686][ T7866] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  141.563803][ T7866] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  141.605890][ T7866] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  141.628156][ T7866] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  142.189924][ T8133] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1059'.
[  142.693364][ T5100] Bluetooth: hci3: command tx timeout
[  142.762018][ T8138] net_ratelimit: 339 callbacks suppressed
[  142.762039][ T8138] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  142.880458][ T7866] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.002973][ T7866] 8021q: adding VLAN 0 to HW filter on device team0
[  143.051055][ T5241] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.058293][ T5241] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.119296][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.126567][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.537924][ T8165] nlmon0: entered promiscuous mode
[  143.545463][ T8165] vlan3: entered promiscuous mode
[  143.576605][ T8165] vlan3: entered allmulticast mode
[  143.598785][ T8165] nlmon0: entered allmulticast mode
[  143.653988][ T8165] nlmon0: left allmulticast mode
[  143.659293][ T8165] nlmon0: left promiscuous mode
[  143.754647][ T8175] geneve2: entered promiscuous mode
[  143.772109][ T8175] geneve2: entered allmulticast mode
[  143.947287][ T7866] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.034963][ T7866] veth0_vlan: entered promiscuous mode
[  144.078079][ T8189] netlink: 320 bytes leftover after parsing attributes in process `syz.3.1075'.
[  144.089585][ T7866] veth1_vlan: entered promiscuous mode
[  144.114725][ T8190] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1076'.
[  144.386106][ T7866] veth0_macvtap: entered promiscuous mode
[  144.604660][ T7866] veth1_macvtap: entered promiscuous mode
[  144.703862][ T8213] syzkaller0: mtu less than device minimum
[  144.723247][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.741465][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.753398][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.765432][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.775887][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.786850][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.797145][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.808183][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.830425][ T7866] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.848661][ T8217] geneve2: entered promiscuous mode
[  144.854892][ T8217] geneve2: entered allmulticast mode
[  144.969913][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.000389][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.027079][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.051594][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.072095][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.095881][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.114288][ T7866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.134417][ T7866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.165761][ T7866] batman_adv: batadv0: Interface activated: batadv_slave_1
[  145.225322][ T7866] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.261357][ T7866] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.270152][ T7866] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.289136][ T7866] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.351863][ T8226] __nla_validate_parse: 4 callbacks suppressed
[  145.351892][ T8226] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1090'.
[  145.619855][ T7582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.647238][ T7582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.673406][ T8236] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1095'.
[  145.739837][ T8239] netlink: 284 bytes leftover after parsing attributes in process `syz.1.1097'.
[  145.754404][ T7582] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.788704][ T7582] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.842701][ T8240] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1095'.
[  146.178642][ T8252] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1102'.
[  146.222794][ T8260] FAULT_INJECTION: forcing a failure.
[  146.222794][ T8260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.260234][ T8260] CPU: 0 PID: 8260 Comm: syz.2.1104 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  146.270367][ T8260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  146.280457][ T8260] Call Trace:
[  146.283764][ T8260]  <TASK>
[  146.286818][ T8260]  dump_stack_lvl+0x241/0x360
[  146.292362][ T8260]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.297584][ T8260]  ? __pfx__printk+0x10/0x10
[  146.302188][ T8260]  ? snprintf+0xda/0x120
[  146.306444][ T8260]  should_fail_ex+0x3b0/0x4e0
[  146.311135][ T8260]  _copy_to_user+0x2f/0xb0
[  146.315562][ T8260]  simple_read_from_buffer+0xca/0x150
[  146.320953][ T8260]  proc_fail_nth_read+0x1e9/0x250
[  146.325981][ T8260]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.331525][ T8260]  ? rw_verify_area+0x514/0x6b0
[  146.336384][ T8260]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.341931][ T8260]  vfs_read+0x204/0xbd0
[  146.346083][ T8260]  ? __pfx_lock_release+0x10/0x10
[  146.351142][ T8260]  ? __pfx_vfs_read+0x10/0x10
[  146.355836][ T8260]  ? __fget_files+0x29/0x470
[  146.360425][ T8260]  ? __fget_files+0x3f6/0x470
[  146.365118][ T8260]  ksys_read+0x1a0/0x2c0
[  146.369379][ T8260]  ? __pfx_ksys_read+0x10/0x10
[  146.374141][ T8260]  ? do_syscall_64+0x100/0x230
[  146.378967][ T8260]  ? do_syscall_64+0xb6/0x230
[  146.383641][ T8260]  do_syscall_64+0xf3/0x230
[  146.388150][ T8260]  ? clear_bhb_loop+0x35/0x90
[  146.392825][ T8260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.398726][ T8260] RIP: 0033:0x7ff08ad7467c
[  146.403136][ T8260] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  146.422770][ T8260] RSP: 002b:00007ff08bbbb040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  146.431194][ T8260] RAX: ffffffffffffffda RBX: 00007ff08af03fa0 RCX: 00007ff08ad7467c
[  146.439185][ T8260] RDX: 000000000000000f RSI: 00007ff08bbbb0b0 RDI: 0000000000000004
[  146.447153][ T8260] RBP: 00007ff08bbbb0a0 R08: 0000000000000000 R09: 0000000000000000
[  146.455207][ T8260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.463353][ T8260] R13: 000000000000000b R14: 00007ff08af03fa0 R15: 00007ffed48eda28
[  146.471420][ T8260]  </TASK>
[  146.666903][ T8275] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1110'.
[  146.791672][ T8283] netlink: 'syz.1.1114': attribute type 4 has an invalid length.
[  146.811334][ T8283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1114'.
[  146.866959][ T8285] syz.2.1110[8285] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.867235][ T8285] syz.2.1110[8285] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.041116][ T8297] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1119'.
[  147.088263][ T8302] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1121'.
[  147.121507][ T8302] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1121'.
[  147.123529][ T8300] netlink: 'syz.1.1118': attribute type 1 has an invalid length.
[  147.174889][ T8300] netlink: 'syz.1.1118': attribute type 1 has an invalid length.
[  147.226368][ T8300] netlink: 'syz.1.1118': attribute type 1 has an invalid length.
[  147.381877][ T8313] nlmon0: entered promiscuous mode
[  147.408222][ T8313] vlan1: entered promiscuous mode
[  147.425991][ T8313] vlan1: entered allmulticast mode
[  147.433568][ T8313] nlmon0: entered allmulticast mode
[  147.440575][ T8313] nlmon0: left allmulticast mode
[  147.450610][ T8313] nlmon0: left promiscuous mode
[  147.815653][ T8350] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  147.868135][ T8341] syz.1.1130[8341] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.868390][ T8341] syz.1.1130[8341] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.797787][ T8374] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  149.154257][ T8402] FAULT_INJECTION: forcing a failure.
[  149.154257][ T8402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.180653][ T8402] CPU: 0 PID: 8402 Comm: syz.4.1151 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  149.190786][ T8402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  149.193502][ T8398] macvlan2: entered allmulticast mode
[  149.200845][ T8402] Call Trace:
[  149.200864][ T8402]  <TASK>
[  149.200874][ T8402]  dump_stack_lvl+0x241/0x360
[  149.200903][ T8402]  ? __pfx_dump_stack_lvl+0x10/0x10
[  149.200921][ T8402]  ? __pfx__printk+0x10/0x10
[  149.200947][ T8402]  ? __pfx_lock_release+0x10/0x10
[  149.232250][ T8402]  should_fail_ex+0x3b0/0x4e0
[  149.237010][ T8402]  _copy_from_user+0x2f/0xe0
[  149.241638][ T8402]  copy_msghdr_from_user+0xae/0x680
[  149.243317][ T8398] team_slave_0: entered promiscuous mode
[  149.246989][ T8402]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  149.247054][ T8402]  __sys_sendmsg+0x23d/0x3a0
[  149.247080][ T8402]  ? __pfx___sys_sendmsg+0x10/0x10
[  149.247099][ T8402]  ? vfs_write+0x7c4/0xc90
[  149.253410][ T8398] team_slave_1: entered promiscuous mode
[  149.259144][ T8402]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  149.273453][ T8398] team0: entered allmulticast mode
[  149.278806][ T8402]  ? do_syscall_64+0x100/0x230
[  149.278835][ T8402]  ? do_syscall_64+0xb6/0x230
[  149.278855][ T8402]  do_syscall_64+0xf3/0x230
[  149.278873][ T8402]  ? clear_bhb_loop+0x35/0x90
[  149.295941][ T8398] team_slave_0: entered allmulticast mode
[  149.299744][ T8402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.299775][ T8402] RIP: 0033:0x7f57a5375b99
[  149.309919][ T8398] team_slave_1: entered allmulticast mode
[  149.314682][ T8402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.314709][ T8402] RSP: 002b:00007f57a607f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.314733][ T8402] RAX: ffffffffffffffda RBX: 00007f57a5503fa0 RCX: 00007f57a5375b99
[  149.314745][ T8402] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 0000000000000003
[  149.314755][ T8402] RBP: 00007f57a607f0a0 R08: 0000000000000000 R09: 0000000000000000
[  149.314766][ T8402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.314775][ T8402] R13: 000000000000000b R14: 00007f57a5503fa0 R15: 00007fff3afd7628
[  149.314802][ T8402]  </TASK>
[  149.417666][ T8398] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  149.429142][ T8398] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  150.009374][ T8445] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  150.027971][ T8446] FAULT_INJECTION: forcing a failure.
[  150.027971][ T8446] name failslab, interval 1, probability 0, space 0, times 0
[  150.060214][ T8446] CPU: 0 PID: 8446 Comm: syz.2.1167 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  150.070347][ T8446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  150.080442][ T8446] Call Trace:
[  150.083751][ T8446]  <TASK>
[  150.086818][ T8446]  dump_stack_lvl+0x241/0x360
[  150.091726][ T8446]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.096999][ T8446]  ? __pfx__printk+0x10/0x10
[  150.101648][ T8446]  should_fail_ex+0x3b0/0x4e0
[  150.106373][ T8446]  ? sctp_add_bind_addr+0x89/0x3a0
[  150.111542][ T8446]  should_failslab+0x9/0x20
[  150.116149][ T8446]  kmalloc_trace_noprof+0x6c/0x2c0
[  150.121303][ T8446]  sctp_add_bind_addr+0x89/0x3a0
[  150.126382][ T8446]  sctp_copy_local_addr_list+0x311/0x500
[  150.132097][ T8446]  ? sctp_copy_local_addr_list+0xab/0x500
[  150.137863][ T8446]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  150.144064][ T8446]  ? sctp_v6_is_any+0x60/0x70
[  150.148807][ T8446]  sctp_bind_addr_copy+0xad/0x3b0
[  150.153898][ T8446]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  150.160268][ T8446]  sctp_connect_new_asoc+0x2f3/0x6c0
[  150.165601][ T8446]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  150.171533][ T8446]  ? __ipv6_addr_type+0x23c/0x2f0
[  150.176623][ T8446]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  150.182502][ T8446]  __sctp_connect+0x66d/0xe30
[  150.187228][ T8446]  ? __pfx___sctp_connect+0x10/0x10
[  150.192560][ T8446]  ? __might_fault+0xc6/0x120
[  150.197294][ T8446]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  150.202995][ T8446]  ? security_sctp_bind_connect+0x90/0xb0
[  150.208765][ T8446]  sctp_getsockopt_connectx3+0x46f/0x730
[  150.214533][ T8446]  ? __local_bh_enable_ip+0x168/0x200
[  150.219951][ T8446]  ? __pfx_sctp_getsockopt_connectx3+0x10/0x10
[  150.226314][ T8446]  ? __local_bh_enable_ip+0x168/0x200
[  150.231822][ T8446]  ? sctp_getsockopt+0x13a/0xbb0
[  150.237058][ T8446]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  150.242921][ T8446]  sctp_getsockopt+0x8de/0xbb0
[  150.247985][ T8446]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  150.253932][ T8446]  do_sock_getsockopt+0x373/0x850
[  150.259088][ T8446]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  150.264760][ T8446]  ? __fget_files+0x3f6/0x470
[  150.269851][ T8446]  __sys_getsockopt+0x271/0x330
[  150.274748][ T8446]  ? __pfx___sys_getsockopt+0x10/0x10
[  150.280163][ T8446]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  150.286531][ T8446]  ? do_syscall_64+0x100/0x230
[  150.291430][ T8446]  __x64_sys_getsockopt+0xb5/0xd0
[  150.296488][ T8446]  do_syscall_64+0xf3/0x230
[  150.301018][ T8446]  ? clear_bhb_loop+0x35/0x90
[  150.305813][ T8446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.311731][ T8446] RIP: 0033:0x7ff08ad75b99
[  150.316162][ T8446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.336151][ T8446] RSP: 002b:00007ff08bbbb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  150.344577][ T8446] RAX: ffffffffffffffda RBX: 00007ff08af03fa0 RCX: 00007ff08ad75b99
[  150.352582][ T8446] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  150.360569][ T8446] RBP: 00007ff08bbbb0a0 R08: 0000000020000240 R09: 0000000000000000
[  150.368584][ T8446] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002
[  150.376574][ T8446] R13: 000000000000000b R14: 00007ff08af03fa0 R15: 00007ffed48eda28
[  150.384676][ T8446]  </TASK>
[  150.520785][ T8465] xt_hashlimit: max too large, truncated to 1048576
[  150.592037][ T8464] vlan3: entered promiscuous mode
[  150.676243][ T8473] __nla_validate_parse: 9 callbacks suppressed
[  150.676265][ T8473] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1178'.
[  150.920388][ T8490] netlink: 'syz.3.1186': attribute type 1 has an invalid length.
[  151.167301][ T8504] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  151.450371][ T8521] netlink: 'syz.4.1195': attribute type 1 has an invalid length.
[  151.516251][ T8521] 8021q: adding VLAN 0 to HW filter on device bond3
[  151.563714][ T8525] bond3: (slave bridge2): Enslaving as a backup interface with an up link
[  151.581117][ T8523] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1196'.
[  151.622940][ T2394] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  151.782714][ T3731] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  151.984491][ T8549] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1201'.
[  152.084884][ T8553] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1205'.
[  152.186953][ T8553] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1205'.
[  152.208187][ T8554] bridge: RTM_NEWNEIGH with invalid state 0x0
[  152.371745][ T8563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1209'.
[  152.646241][ T8579] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1215'.
[  152.675499][ T8582] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  153.009391][ T8596] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1223'.
[  153.139051][ T8604] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  153.145698][ T8604] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  153.158036][ T8604] hsr_slave_0: left promiscuous mode
[  153.181317][ T8604] hsr_slave_1: left promiscuous mode
[  153.341299][   T30] audit: type=1800 audit(1719729047.239:15): pid=8612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1227" name=A3 dev="sda1" ino=1965 res=0 errno=0
[  153.541436][ T8623] netlink: 'syz.3.1230': attribute type 1 has an invalid length.
[  153.568468][ T8623] netlink: 101600 bytes leftover after parsing attributes in process `syz.3.1230'.
[  153.599624][ T8624] netlink: 'syz.3.1230': attribute type 1 has an invalid length.
[  153.624516][ T8624] netlink: 101600 bytes leftover after parsing attributes in process `syz.3.1230'.
[  154.249685][ T8644] bridge_slave_1: left allmulticast mode
[  154.279478][ T8644] bridge_slave_1: left promiscuous mode
[  154.311822][ T8644] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.492882][ T8644] bridge_slave_0: left allmulticast mode
[  154.498611][ T8644] bridge_slave_0: left promiscuous mode
[  154.578536][ T8644] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.951459][ T8676] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.616743][ T8710] macvlan2: entered allmulticast mode
[  155.625233][ T8710] mac80211_hwsim hwsim20 wlan0: entered promiscuous mode
[  155.641135][ T8710] mac80211_hwsim hwsim20 wlan0: entered allmulticast mode
[  155.670253][ T8710] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  155.735643][ T8713] bond0: entered promiscuous mode
[  155.749688][ T8713] bond_slave_0: entered promiscuous mode
[  155.760855][ T8713] bond_slave_1: entered promiscuous mode
[  155.777914][ T8713] macvlan2: entered promiscuous mode
[  155.971072][ T8727] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  155.999479][ T8727] batman_adv: batadv0: Adding interface: gretap1
[  156.008550][ T8727] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.054465][ T8727] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  156.236747][ T8739] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.473794][ T8747] netdevsim netdevsim2 : renamed from netdevsim0 (while UP)
[  156.521091][ T8753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.539174][ T8754] __nla_validate_parse: 6 callbacks suppressed
[  156.539193][ T8754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1277'.
[  156.780551][ T8767] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1282'.
[  157.310827][ T8788] bridge6: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  158.557400][ T8844] geneve2: entered promiscuous mode
[  158.571913][ T8844] geneve2: entered allmulticast mode
[  158.702256][ T8855] FAULT_INJECTION: forcing a failure.
[  158.702256][ T8855] name failslab, interval 1, probability 0, space 0, times 0
[  158.768058][ T8855] CPU: 0 PID: 8855 Comm: syz.4.1314 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  158.778189][ T8855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  158.788365][ T8855] Call Trace:
[  158.791783][ T8855]  <TASK>
[  158.794752][ T8855]  dump_stack_lvl+0x241/0x360
[  158.799495][ T8855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.805008][ T8855]  ? __pfx__printk+0x10/0x10
[  158.809744][ T8855]  ? ref_tracker_alloc+0x332/0x490
[  158.814919][ T8855]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  158.820479][ T8855]  should_fail_ex+0x3b0/0x4e0
[  158.825242][ T8855]  ? skb_clone+0x20c/0x390
[  158.829800][ T8855]  should_failslab+0x9/0x20
[  158.834349][ T8855]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  158.839951][ T8855]  skb_clone+0x20c/0x390
[  158.844800][ T8855]  __netlink_deliver_tap+0x3cc/0x7c0
[  158.850230][ T8855]  ? netlink_deliver_tap+0x2e/0x1b0
[  158.855670][ T8855]  netlink_deliver_tap+0x19d/0x1b0
[  158.861007][ T8855]  netlink_sendskb+0x68/0x140
[  158.865739][ T8855]  netlink_unicast+0x39d/0x990
[  158.870852][ T8855]  ? __asan_memcpy+0x40/0x70
[  158.875511][ T8855]  ? __pfx_netlink_unicast+0x10/0x10
[  158.880838][ T8855]  netlink_rcv_skb+0x262/0x430
[  158.885650][ T8855]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  158.891209][ T8855]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  158.896619][ T8855]  ? netlink_deliver_tap+0x2e/0x1b0
[  158.901964][ T8855]  netlink_unicast+0x7f0/0x990
[  158.906776][ T8855]  ? __pfx_netlink_unicast+0x10/0x10
[  158.912391][ T8855]  ? __virt_addr_valid+0x183/0x520
[  158.917551][ T8855]  ? __check_object_size+0x49c/0x900
[  158.922883][ T8855]  ? bpf_lsm_netlink_send+0x9/0x10
[  158.928060][ T8855]  netlink_sendmsg+0x8e4/0xcb0
[  158.932979][ T8855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.938566][ T8855]  ? __import_iovec+0x536/0x820
[  158.943551][ T8855]  ? aa_sock_msg_perm+0x91/0x160
[  158.948535][ T8855]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  158.953860][ T8855]  ? security_socket_sendmsg+0x87/0xb0
[  158.959466][ T8855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.964965][ T8855]  __sock_sendmsg+0x221/0x270
[  158.969712][ T8855]  ____sys_sendmsg+0x525/0x7d0
[  158.973724][ T8862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1317'.
[  158.974521][ T8855]  ? __pfx_____sys_sendmsg+0x10/0x10
[  158.974568][ T8855]  __sys_sendmsg+0x2b0/0x3a0
[  158.974593][ T8855]  ? __pfx___sys_sendmsg+0x10/0x10
[  158.974614][ T8855]  ? vfs_write+0x7c4/0xc90
[  158.974768][ T8855]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  158.989681][ T8862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1317'.
[  158.993525][ T8855]  ? do_syscall_64+0x100/0x230
[  158.993557][ T8855]  ? do_syscall_64+0xb6/0x230
[  158.993576][ T8855]  do_syscall_64+0xf3/0x230
[  158.993592][ T8855]  ? clear_bhb_loop+0x35/0x90
[  158.993614][ T8855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.993630][ T8855] RIP: 0033:0x7f57a5375b99
[  158.993648][ T8855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.993662][ T8855] RSP: 002b:00007f57a605e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.993687][ T8855] RAX: ffffffffffffffda RBX: 00007f57a5504078 RCX: 00007f57a5375b99
[  158.993700][ T8855] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000007
[  158.993711][ T8855] RBP: 00007f57a605e0a0 R08: 0000000000000000 R09: 0000000000000000
[  158.993723][ T8855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.006345][ T8862] Bluetooth: MGMT ver 1.22
[  159.009544][ T8855] R13: 000000000000006e R14: 00007f57a5504078 R15: 00007fff3afd7628
[  159.009583][ T8855]  </TASK>
[  159.140038][ T8862] Bluetooth: hci3: service_discovery: expected 1988 bytes, got 7 bytes
[  159.382661][ T8885] netlink: 'syz.2.1322': attribute type 1 has an invalid length.
[  159.449934][ T8887] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1322'.
[  159.465027][ T8887] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1322'.
[  159.632456][ T8899] geneve2: entered promiscuous mode
[  159.637890][ T8899] geneve2: entered allmulticast mode
[  159.737432][ T8909] sctp: [Deprecated]: syz.3.1329 (pid 8909) Use of int in max_burst socket option.
[  159.737432][ T8909] Use struct sctp_assoc_value instead
[  159.770949][ T8909] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1329'.
[  159.864439][ T8912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1332'.
[  159.906754][ T8916] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1333'.
[  160.195957][ T8935] netlink: 468 bytes leftover after parsing attributes in process `syz.4.1341'.
[  160.205790][ T8935] netlink: 'syz.4.1341': attribute type 5 has an invalid length.
[  160.335767][ T8942] geneve2: entered promiscuous mode
[  160.350522][ T8942] geneve2: entered allmulticast mode
[  161.059885][ T8972] sock: sock_timestamping_bind_phc: sock not bind to device
[  161.098475][ T8982] geneve2: entered promiscuous mode
[  161.114274][ T8982] geneve2: entered allmulticast mode
[  161.203066][ T8986] sctp: [Deprecated]: syz.2.1362 (pid 8986) Use of int in max_burst socket option.
[  161.203066][ T8986] Use struct sctp_assoc_value instead
[  161.562000][ T9006] netlink: 'syz.3.1370': attribute type 1 has an invalid length.
[  161.577880][ T9006] __nla_validate_parse: 3 callbacks suppressed
[  161.577899][ T9006] netlink: 9344 bytes leftover after parsing attributes in process `syz.3.1370'.
[  161.596994][ T9006] netlink: 'syz.3.1370': attribute type 1 has an invalid length.
[  161.642156][ T9006] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1370'.
[  161.757236][ T9013] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1373'.
[  161.944917][ T9020] geneve2: entered promiscuous mode
[  161.961382][ T9020] geneve2: entered allmulticast mode
[  162.048716][ T9025] sctp: [Deprecated]: syz.1.1378 (pid 9025) Use of int in max_burst socket option.
[  162.048716][ T9025] Use struct sctp_assoc_value instead
[  162.102530][ T9025] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1378'.
[  162.115449][ T9033] netlink: 'syz.4.1382': attribute type 21 has an invalid length.
[  162.134521][ T9033] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1382'.
[  162.343662][ T9043] netlink: 'syz.3.1387': attribute type 29 has an invalid length.
[  162.422703][ T9043] netlink: 'syz.3.1387': attribute type 29 has an invalid length.
[  162.462310][ T9048] netlink: 'syz.3.1387': attribute type 29 has an invalid length.
[  162.524906][ T9051] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1389'.
[  162.552263][ T9048] netlink: 'syz.3.1387': attribute type 29 has an invalid length.
[  162.684861][ T9063] openvswitch: netlink: Flow actions attr not present in new flow.
[  162.810522][ T9064] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[  162.825627][ T9064] File: /root/syzkaller.5TrmUZ/69/memory.events PID: 9064 Comm: syz.2.1389
[  164.416568][ T9054] netlink: 'syz.2.1389': attribute type 1 has an invalid length.
[  164.434166][ T9054] netlink: 'syz.2.1389': attribute type 2 has an invalid length.
[  164.459386][ T9054] netlink: 16074 bytes leftover after parsing attributes in process `syz.2.1389'.
[  164.789131][ T9089] sctp: [Deprecated]: syz.3.1396 (pid 9089) Use of int in max_burst socket option.
[  164.789131][ T9089] Use struct sctp_assoc_value instead
[  164.872075][ T9089] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1396'.
[  164.892055][ T9095] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  165.627165][ T9130] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1415'.
[  165.659441][ T9130] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1415'.
[  166.092564][ T9166] vcan0: entered allmulticast mode
[  166.197671][ T9177] syz.0.1431[9177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.197838][ T9177] syz.0.1431[9177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.794155][ T9212] __nla_validate_parse: 3 callbacks suppressed
[  166.794179][ T9212] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1442'.
[  166.940249][ T9223] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1446'.
[  167.011831][ T9223] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  167.242444][   T30] audit: type=1800 audit(1719729061.159:16): pid=9237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1450" name="memory.events" dev="sda1" ino=1951 res=0 errno=0
[  167.308622][   T30] audit: type=1804 audit(1719729061.189:17): pid=9237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1450" name="/root/syzkaller.4gI1XM/147/memory.events" dev="sda1" ino=1951 res=1 errno=0
[  167.346895][ T9244] syz.0.1454: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  167.413927][ T9244] CPU: 1 PID: 9244 Comm: syz.0.1454 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  167.424068][ T9244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  167.434150][ T9244] Call Trace:
[  167.437473][ T9244]  <TASK>
[  167.440434][ T9244]  dump_stack_lvl+0x241/0x360
[  167.445260][ T9244]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.450503][ T9244]  ? __pfx__printk+0x10/0x10
[  167.455148][ T9244]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  167.461622][ T9244]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  167.468179][ T9244]  warn_alloc+0x278/0x410
[  167.472665][ T9244]  ? stack_depot_save_flags+0x29/0x830
[  167.478159][ T9244]  ? __vmalloc_node_range_noprof+0x10b/0x1460
[  167.484299][ T9244]  ? __pfx_warn_alloc+0x10/0x10
[  167.489904][ T9244]  ? kasan_save_track+0x3f/0x80
[  167.494820][ T9244]  ? __kasan_kmalloc+0x98/0xb0
[  167.499645][ T9244]  ? xsk_setsockopt+0x598/0x950
[  167.504742][ T9244]  ? do_sock_setsockopt+0x3af/0x720
[  167.510160][ T9244]  ? __sys_setsockopt+0x1ae/0x250
[  167.515222][ T9244]  ? __x64_sys_setsockopt+0xb5/0xd0
[  167.520458][ T9244]  ? do_syscall_64+0xf3/0x230
[  167.525168][ T9244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.531249][ T9244]  __vmalloc_node_range_noprof+0x130/0x1460
[  167.537164][ T9244]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  167.543488][ T9244]  ? __kasan_kmalloc+0x98/0xb0
[  167.548247][ T9244]  ? xskq_create+0x54/0x170
[  167.552753][ T9244]  vmalloc_user_noprof+0x74/0x80
[  167.557698][ T9244]  ? xskq_create+0xb6/0x170
[  167.562221][ T9244]  xskq_create+0xb6/0x170
[  167.566558][ T9244]  xsk_init_queue+0xa1/0x100
[  167.571155][ T9244]  xsk_setsockopt+0x598/0x950
[  167.575843][ T9244]  ? __pfx_xsk_setsockopt+0x10/0x10
[  167.581071][ T9244]  ? __pfx_lock_acquire+0x10/0x10
[  167.586265][ T9244]  ? aa_sock_opt_perm+0x79/0x120
[  167.591204][ T9244]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  167.596744][ T9244]  ? security_socket_setsockopt+0x87/0xb0
[  167.602461][ T9244]  ? __pfx_xsk_setsockopt+0x10/0x10
[  167.607655][ T9244]  do_sock_setsockopt+0x3af/0x720
[  167.612686][ T9244]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  167.618316][ T9244]  ? __fget_files+0x29/0x470
[  167.623128][ T9244]  ? __fget_files+0x3f6/0x470
[  167.627862][ T9244]  __sys_setsockopt+0x1ae/0x250
[  167.632824][ T9244]  __x64_sys_setsockopt+0xb5/0xd0
[  167.637873][ T9244]  do_syscall_64+0xf3/0x230
[  167.642826][ T9244]  ? clear_bhb_loop+0x35/0x90
[  167.647502][ T9244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.653402][ T9244] RIP: 0033:0x7feab9d75b99
[  167.657813][ T9244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.677598][ T9244] RSP: 002b:00007feabaaf3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  167.686128][ T9244] RAX: ffffffffffffffda RBX: 00007feab9f03fa0 RCX: 00007feab9d75b99
[  167.694121][ T9244] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  167.702194][ T9244] RBP: 00007feab9df677e R08: 000000000000001c R09: 0000000000000000
[  167.710158][ T9244] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  167.718130][ T9244] R13: 000000000000000b R14: 00007feab9f03fa0 R15: 00007ffea8052d38
[  167.726120][ T9244]  </TASK>
[  167.864507][ T9244] Mem-Info:
[  167.881393][ T9244] active_anon:2980 inactive_anon:0 isolated_anon:0
[  167.881393][ T9244]  active_file:1638 inactive_file:39642 isolated_file:0
[  167.881393][ T9244]  unevictable:768 dirty:1478 writeback:0
[  167.881393][ T9244]  slab_reclaimable:10667 slab_unreclaimable:109136
[  167.881393][ T9244]  mapped:14322 shmem:1243 pagetables:619
[  167.881393][ T9244]  sec_pagetables:0 bounce:0
[  167.881393][ T9244]  kernel_misc_reclaimable:0
[  167.881393][ T9244]  free:1395124 free_pcp:401 free_cma:0
[  167.993556][ T9264] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1460'.
[  168.011425][ T9244] Node 0 active_anon:12020kB inactive_anon:0kB active_file:6552kB inactive_file:159792kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:57288kB dirty:7108kB writeback:0kB shmem:3436kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10372kB pagetables:2576kB sec_pagetables:0kB all_unreclaimable? no
[  168.075459][ T9268] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1462'.
[  168.112161][ T9244] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  168.173971][ T9244] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  168.213525][ T9244] lowmem_reserve[]: 0 2571 2571 0 0
[  168.219017][ T9244] Node 0 DMA32 free:1613864kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:12180kB inactive_anon:0kB active_file:6552kB inactive_file:160672kB unevictable:1536kB writepending:8400kB present:3129332kB managed:2659864kB mlocked:0kB bounce:0kB free_pcp:1152kB local_pcp:796kB free_cma:0kB
[  168.308585][ T9244] lowmem_reserve[]: 0 0 0 0 0
[  168.320951][ T9244] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:320kB unevictable:0kB writepending:8kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  168.323695][ T9273] netlink: 'syz.3.1463': attribute type 23 has an invalid length.
[  168.369661][ T9244] lowmem_reserve[]: 0 0 0 0 0
[  168.395815][ T9244] Node 1 Normal free:3946036kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  168.451551][ T9244] lowmem_reserve[]: 0 0 0 0 0
[  168.456570][ T9244] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  168.489178][ T9244] Node 0 DMA32: 77*4kB (U) 289*8kB (UM) 138*16kB (UE) 196*32kB (U) 75*64kB (UME) 39*128kB (UME) 21*256kB (UME) 6*512kB (UM) 12*1024kB (UME) 10*2048kB (UM) 378*4096kB (UME) = 1610396kB
[  168.508367][ T9244] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  168.584393][ T9244] Node 1 Normal: 3*4kB (U) 5*8kB (U) 6*16kB (U) 9*32kB (U) 6*64kB (UM) 6*128kB (U) 4*256kB (UM) 2*512kB (UM) 4*1024kB (U) 3*2048kB (U) 960*4096kB (M) = 3946036kB
[  168.638385][ T9244] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  168.701707][ T9244] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  168.735969][ T9244] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  168.762786][ T9244] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  168.781107][ T9290] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1469'.
[  168.799255][ T9244] 41824 total pagecache pages
[  168.818356][ T9244] 0 pages in swap cache
[  168.835834][ T9244] Free swap  = 124996kB
[  168.853748][ T9244] Total swap = 124996kB
[  168.873794][ T9244] 2097051 pages RAM
[  168.884770][ T9244] 0 pages HighMem/MovableOnly
[  168.903124][ T9244] 400875 pages reserved
[  168.931451][ T9244] 0 pages cma reserved
[  168.947836][   T30] audit: type=1800 audit(1719729062.859:18): pid=9299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1466" name="memory.events" dev="sda1" ino=1973 res=0 errno=0
[  169.022867][   T30] audit: type=1804 audit(1719729062.889:19): pid=9299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1466" name="/root/syzkaller.5TrmUZ/86/memory.events" dev="sda1" ino=1973 res=1 errno=0
[  169.129969][ T9307] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1474'.
[  169.497226][ T9326] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1479'.
[  169.649076][ T9332] bridge0: entered promiscuous mode
[  169.671454][ T9332] macsec1: entered promiscuous mode
[  169.684329][ T9332] macsec1: entered allmulticast mode
[  169.721502][ T9332] bridge0: entered allmulticast mode
[  169.742428][ T9332] bridge0: left allmulticast mode
[  169.747895][ T9332] bridge0: left promiscuous mode
[  170.236107][ T9365] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  170.359713][ T9374] Cannot find add_set index 0 as target
[  170.392247][ T9381] netlink: 'syz.4.1502': attribute type 1 has an invalid length.
[  170.447205][ T9383] bridge_slave_0: entered promiscuous mode
[  170.658781][ T9395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1507'.
[  170.774333][ T9399] FAULT_INJECTION: forcing a failure.
[  170.774333][ T9399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.791565][ T9399] CPU: 0 PID: 9399 Comm: syz.4.1510 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  170.801775][ T9399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  170.811833][ T9399] Call Trace:
[  170.815111][ T9399]  <TASK>
[  170.818071][ T9399]  dump_stack_lvl+0x241/0x360
[  170.822771][ T9399]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.827974][ T9399]  ? __pfx__printk+0x10/0x10
[  170.832598][ T9399]  ? __pfx_lock_release+0x10/0x10
[  170.837632][ T9399]  should_fail_ex+0x3b0/0x4e0
[  170.842325][ T9399]  _copy_from_user+0x2f/0xe0
[  170.846913][ T9399]  copy_msghdr_from_user+0xae/0x680
[  170.852141][ T9399]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  170.858060][ T9399]  __sys_sendmsg+0x23d/0x3a0
[  170.862658][ T9399]  ? __pfx___sys_sendmsg+0x10/0x10
[  170.867766][ T9399]  ? vfs_write+0x7c4/0xc90
[  170.872245][ T9399]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  170.878613][ T9399]  ? do_syscall_64+0x100/0x230
[  170.883395][ T9399]  ? do_syscall_64+0xb6/0x230
[  170.888091][ T9399]  do_syscall_64+0xf3/0x230
[  170.892613][ T9399]  ? clear_bhb_loop+0x35/0x90
[  170.897298][ T9399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.903188][ T9399] RIP: 0033:0x7f57a5375b99
[  170.907602][ T9399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.927263][ T9399] RSP: 002b:00007f57a605e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.935682][ T9399] RAX: ffffffffffffffda RBX: 00007f57a5504078 RCX: 00007f57a5375b99
[  170.943678][ T9399] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  170.951659][ T9399] RBP: 00007f57a605e0a0 R08: 0000000000000000 R09: 0000000000000000
[  170.959624][ T9399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.967615][ T9399] R13: 000000000000006e R14: 00007f57a5504078 R15: 00007fff3afd7628
[  170.975623][ T9399]  </TASK>
[  171.164096][   T30] audit: type=1800 audit(1719729065.079:20): pid=9413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1515" name="memory.events" dev="sda1" ino=1973 res=0 errno=0
[  171.420784][   T30] audit: type=1804 audit(1719729065.329:21): pid=9419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1518" name="/root/syzkaller.4gI1XM/163/cgroup.controllers" dev="sda1" ino=1953 res=1 errno=0
[  171.500558][ T9430] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1521'.
[  171.629423][ T9430] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1521'.
[  171.940943][ T9452] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1529'.
[  172.356569][ T9480] geneve2: entered promiscuous mode
[  172.386961][ T9480] geneve2: entered allmulticast mode
[  172.500826][ T9488] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1539'.
[  172.544112][ T9493] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1542'.
[  172.620175][ T9496] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1541'.
[  172.666078][ T9488] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1539'.
[  172.974031][ T9509] FAULT_INJECTION: forcing a failure.
[  172.974031][ T9509] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  173.036589][ T9509] CPU: 1 PID: 9509 Comm: syz.1.1547 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  173.046819][ T9509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  173.056911][ T9509] Call Trace:
[  173.060227][ T9509]  <TASK>
[  173.063180][ T9509]  dump_stack_lvl+0x241/0x360
[  173.067907][ T9509]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.073164][ T9509]  ? __pfx__printk+0x10/0x10
[  173.077794][ T9509]  should_fail_ex+0x3b0/0x4e0
[  173.082475][ T9509]  prepare_alloc_pages+0x1da/0x5d0
[  173.087603][ T9509]  __alloc_pages_noprof+0x166/0x6c0
[  173.092821][ T9509]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  173.098546][ T9509]  ? validate_chain+0x11e/0x5900
[  173.103569][ T9509]  alloc_pages_mpol_noprof+0x3e8/0x680
[  173.109080][ T9509]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  173.115115][ T9509]  ? stack_depot_save_flags+0x29/0x830
[  173.120593][ T9509]  ? alloc_pages_noprof+0xef/0x170
[  173.125720][ T9509]  pte_alloc_one+0x88/0x5d0
[  173.130308][ T9509]  ? __pfx_pte_alloc_one+0x10/0x10
[  173.135528][ T9509]  ? __kasan_slab_alloc+0x66/0x80
[  173.140565][ T9509]  ? kmem_cache_alloc_noprof+0x135/0x2a0
[  173.146201][ T9509]  ? mempool_alloc_noprof+0x197/0x5a0
[  173.151612][ T9509]  ? __sg_alloc_table+0xcc/0x3c0
[  173.156670][ T9509]  ? sd_init_command+0x531/0x2100
[  173.161707][ T9509]  ? scsi_queue_rq+0x18cd/0x2f70
[  173.166677][ T9509]  ? blk_mq_dispatch_rq_list+0xb89/0x1b30
[  173.172401][ T9509]  ? blk_mq_sched_dispatch_requests+0xcb/0x140
[  173.178563][ T9509]  ? blk_mq_run_hw_queue+0x9a5/0xae0
[  173.183843][ T9509]  ? blk_mq_flush_plug_list+0x1115/0x1880
[  173.189559][ T9509]  ? blk_add_rq_to_plug+0x19c/0x480
[  173.194778][ T9509]  __pte_alloc+0x79/0x3a0
[  173.199152][ T9509]  ? do_iter_readv_writev+0x5a4/0x800
[  173.204519][ T9509]  ? vfs_writev+0x395/0xbe0
[  173.209056][ T9509]  ? __x64_sys_pwritev+0x1c7/0x2d0
[  173.214487][ T9509]  ? do_syscall_64+0xf3/0x230
[  173.219453][ T9509]  ? __pfx___pte_alloc+0x10/0x10
[  173.224464][ T9509]  ? mark_lock+0x9a/0x350
[  173.228892][ T9509]  handle_pte_fault+0x5531/0x7090
[  173.233969][ T9509]  ? validate_chain+0x11e/0x5900
[  173.238909][ T9509]  ? __pfx_handle_pte_fault+0x10/0x10
[  173.244293][ T9509]  ? mark_lock+0x9a/0x350
[  173.248630][ T9509]  ? __lock_acquire+0x1346/0x1fd0
[  173.253861][ T9509]  handle_mm_fault+0x10df/0x1ba0
[  173.258824][ T9509]  ? __pfx_handle_mm_fault+0x10/0x10
[  173.264119][ T9509]  ? __pfx_find_vma+0x10/0x10
[  173.268933][ T9509]  ? vma_is_secretmem+0xd/0x50
[  173.273785][ T9509]  ? check_vma_flags+0x500/0x5a0
[  173.278822][ T9509]  __get_user_pages+0x6ef/0x1590
[  173.283770][ T9509]  ? __gup_longterm_locked+0x1ec9/0x2a80
[  173.289402][ T9509]  ? __pfx___get_user_pages+0x10/0x10
[  173.294791][ T9509]  ? __lock_acquire+0x1346/0x1fd0
[  173.299865][ T9509]  __gup_longterm_locked+0x1ff6/0x2a80
[  173.306035][ T9509]  ? __pfx___gup_longterm_locked+0x10/0x10
[  173.312155][ T9509]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  173.318246][ T9509]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  173.324568][ T9509]  ? sanity_check_pinned_pages+0x12c2/0x13c0
[  173.330640][ T9509]  ? gup_fast_fallback+0x220d/0x2b40
[  173.335923][ T9509]  gup_fast_fallback+0x2732/0x2b40
[  173.341062][ T9509]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.347171][ T9509]  ? arch_stack_walk+0x16d/0x1b0
[  173.352249][ T9509]  ? __pfx_validate_chain+0x10/0x10
[  173.357449][ T9509]  ? __pfx_stack_trace_save+0x10/0x10
[  173.362846][ T9509]  ? __pfx_gup_fast_fallback+0x10/0x10
[  173.368341][ T9509]  ? __pfx_validate_chain+0x10/0x10
[  173.373568][ T9509]  ? stack_depot_save_flags+0x29/0x830
[  173.379180][ T9509]  ? kasan_save_track+0x51/0x80
[  173.384041][ T9509]  ? kasan_save_track+0x3f/0x80
[  173.388888][ T9509]  ? __kasan_slab_alloc+0x66/0x80
[  173.393910][ T9509]  ? mempool_alloc_noprof+0x197/0x5a0
[  173.399315][ T9509]  ? bio_alloc_bioset+0x3ef/0x1130
[  173.404451][ T9509]  ? do_syscall_64+0xf3/0x230
[  173.409127][ T9509]  ? __lock_acquire+0x1346/0x1fd0
[  173.414147][ T9509]  ? is_valid_gup_args+0x124/0x200
[  173.419254][ T9509]  pin_user_pages_fast+0xcc/0x160
[  173.424655][ T9509]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  173.430323][ T9509]  iov_iter_extract_pages+0x3db/0x720
[  173.435893][ T9509]  bio_iov_iter_get_pages+0x541/0x1930
[  173.441377][ T9509]  ? bio_associate_blkg+0x6c/0x230
[  173.446593][ T9509]  ? bio_associate_blkg_from_css+0xb0c/0xc70
[  173.452577][ T9509]  ? bio_associate_blkg_from_css+0xa4/0xc70
[  173.458501][ T9509]  ? __pfx_bio_iov_iter_get_pages+0x10/0x10
[  173.464411][ T9509]  ? bio_alloc_bioset+0x6d7/0x1130
[  173.469523][ T9509]  iomap_dio_bio_iter+0xc8e/0x1670
[  173.474703][ T9509]  __iomap_dio_rw+0x1295/0x2370
[  173.479694][ T9509]  ? __x64_sys_pwritev+0x1c7/0x2d0
[  173.484808][ T9509]  ? do_syscall_64+0xf3/0x230
[  173.489480][ T9509]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.495704][ T9509]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  173.501715][ T9509]  ? __pfx___iomap_dio_rw+0x10/0x10
[  173.507059][ T9509]  ? jbd2_journal_stop+0x902/0xd80
[  173.512299][ T9509]  ? __pfx_jbd2_journal_stop+0x10/0x10
[  173.517848][ T9509]  ? __pfx_ext4_orphan_add+0x10/0x10
[  173.523159][ T9509]  iomap_dio_rw+0x46/0xa0
[  173.527502][ T9509]  ext4_file_write_iter+0x15e5/0x1a10
[  173.532898][ T9509]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  173.538621][ T9509]  do_iter_readv_writev+0x5a4/0x800
[  173.544023][ T9509]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  173.549827][ T9509]  ? rcu_read_lock_any_held+0xb7/0x160
[  173.555419][ T9509]  vfs_writev+0x395/0xbe0
[  173.559757][ T9509]  ? __pfx_vfs_writev+0x10/0x10
[  173.564611][ T9509]  ? __fget_files+0x29/0x470
[  173.569209][ T9509]  __x64_sys_pwritev+0x1c7/0x2d0
[  173.574168][ T9509]  ? __pfx___x64_sys_pwritev+0x10/0x10
[  173.579848][ T9509]  ? do_syscall_64+0x100/0x230
[  173.584746][ T9509]  ? do_syscall_64+0xb6/0x230
[  173.589447][ T9509]  do_syscall_64+0xf3/0x230
[  173.593976][ T9509]  ? clear_bhb_loop+0x35/0x90
[  173.598692][ T9509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.604633][ T9509] RIP: 0033:0x7f063df75b99
[  173.609140][ T9509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.628948][ T9509] RSP: 002b:00007f063ed0f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  173.637459][ T9509] RAX: ffffffffffffffda RBX: 00007f063e103fa0 RCX: 00007f063df75b99
[  173.645447][ T9509] RDX: 0000000000000003 RSI: 00000000200004c0 RDI: 0000000000000004
[  173.653654][ T9509] RBP: 00007f063ed0f0a0 R08: 0000000000000000 R09: 0000000000000000
[  173.661801][ T9509] R10: 0000000008040000 R11: 0000000000000246 R12: 0000000000000002
[  173.670121][ T9509] R13: 000000000000000b R14: 00007f063e103fa0 R15: 00007ffcc5c82d38
[  173.678238][ T9509]  </TASK>
[  173.687442][ T9511] syzkaller1: entered promiscuous mode
[  173.693732][ T9511] syzkaller1: entered allmulticast mode
[  174.135652][ T9545] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1559'.
[  174.263133][ T9551] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1559'.
[  174.373974][ T9561] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1564'.
[  174.401607][ T9564] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1565'.
[  174.467530][ T9564] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  174.494048][ T9561] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1564'.
[  174.508696][ T9564] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  174.741644][ T9577] netlink: 'syz.0.1567': attribute type 2 has an invalid length.
[  174.764842][ T9583] hsr0: entered promiscuous mode
[  174.787584][ T9587] netlink: 'syz.4.1572': attribute type 1 has an invalid length.
[  174.796292][ T9583] hsr0: entered allmulticast mode
[  174.821926][ T9583] hsr_slave_0: entered allmulticast mode
[  174.844044][ T9588] Bluetooth: hci3: invalid len left 7, exp >= 50
[  174.864276][ T9583] hsr_slave_1: entered allmulticast mode
[  174.982167][ T9594] netlink: 'syz.2.1575': attribute type 2 has an invalid length.
[  175.080644][ T9599] netlink: 'syz.4.1576': attribute type 2 has an invalid length.
[  175.636796][ T9631] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  175.710896][ T9642] batadv_slave_1: entered promiscuous mode
[  175.797897][ T9633] batadv_slave_1: left promiscuous mode
[  176.668753][ T9663] netlink: 'syz.4.1596': attribute type 1 has an invalid length.
[  177.435091][ T9686] netlink: 'syz.4.1602': attribute type 5 has an invalid length.
[  177.478697][ T9690] __nla_validate_parse: 12 callbacks suppressed
[  177.478719][ T9690] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1603'.
[  177.546432][ T9687] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1601'.
[  177.689725][ T9704] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1609'.
[  177.958815][ T9720] netlink: 'syz.1.1612': attribute type 1 has an invalid length.
[  178.023246][ T9727] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1613'.
[  178.068649][ T9729] netlink: 'syz.2.1617': attribute type 10 has an invalid length.
[  178.083600][ T9727] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1613'.
[  178.095216][ T9727] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.106978][ T9727] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.117428][ T9727] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.125406][ T9733] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1615'.
[  178.128158][ T9727] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.172504][ T9733] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1615'.
[  178.214640][ T9733] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1615'.
[  178.236817][ T9738] netlink: 216 bytes leftover after parsing attributes in process `syz.2.1618'.
[  178.256672][ T9733] netlink: 'syz.0.1615': attribute type 3 has an invalid length.
[  178.269556][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1618'.
[  178.286801][ T9733] netlink: 'syz.0.1615': attribute type 2 has an invalid length.
[  178.890859][ T9767] geneve2: entered promiscuous mode
[  178.907117][ T9767] geneve2: entered allmulticast mode
[  179.235083][ T9782] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.289085][ T9790] netlink: 'syz.0.1636': attribute type 2 has an invalid length.
[  179.375828][ T9786] x_tables: duplicate underflow at hook 1
[  179.734696][ T9818] FAULT_INJECTION: forcing a failure.
[  179.734696][ T9818] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.788774][ T9818] CPU: 1 PID: 9818 Comm: syz.4.1646 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  179.798990][ T9818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  179.809088][ T9818] Call Trace:
[  179.812389][ T9818]  <TASK>
[  179.815340][ T9818]  dump_stack_lvl+0x241/0x360
[  179.820081][ T9818]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.825519][ T9818]  ? __pfx__printk+0x10/0x10
[  179.830160][ T9818]  ? __pfx_lock_release+0x10/0x10
[  179.835303][ T9818]  ? __local_bh_enable_ip+0x168/0x200
[  179.840891][ T9818]  ? copy_fpstate_to_sigframe+0x175/0xd90
[  179.846745][ T9818]  should_fail_ex+0x3b0/0x4e0
[  179.851452][ T9818]  copy_fpstate_to_sigframe+0xa87/0xd90
[  179.857096][ T9818]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  179.863173][ T9818]  ? fpu__alloc_mathframe+0xab/0x130
[  179.868458][ T9818]  get_sigframe+0x55d/0x700
[  179.872971][ T9818]  ? __pfx_get_sigframe+0x10/0x10
[  179.877990][ T9818]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  179.883966][ T9818]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  179.890316][ T9818]  x64_setup_rt_frame+0x180/0xcc0
[  179.895355][ T9818]  ? lockdep_hardirqs_on+0x99/0x150
[  179.900564][ T9818]  ? _raw_spin_unlock_irq+0x2e/0x50
[  179.905868][ T9818]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  179.911445][ T9818]  arch_do_signal_or_restart+0x458/0x860
[  179.917165][ T9818]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  179.923401][ T9818]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  179.929394][ T9818]  ? syscall_exit_to_user_mode+0xa3/0x370
[  179.935129][ T9818]  syscall_exit_to_user_mode+0xc9/0x370
[  179.940703][ T9818]  do_syscall_64+0x100/0x230
[  179.945314][ T9818]  ? clear_bhb_loop+0x35/0x90
[  179.950003][ T9818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.955925][ T9818] RIP: 0033:0x7f57a5375b97
[  179.960361][ T9818] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  179.980060][ T9818] RSP: 002b:00007f57a607f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.988566][ T9818] RAX: 000000000000002e RBX: 00007f57a5503fa0 RCX: 00007f57a5375b99
[  179.996540][ T9818] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
[  180.004526][ T9818] RBP: 00007f57a607f0a0 R08: 0000000000000000 R09: 0000000000000000
[  180.012511][ T9818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  180.020514][ T9818] R13: 000000000000000b R14: 00007f57a5503fa0 R15: 00007fff3afd7628
[  180.028521][ T9818]  </TASK>
[  180.324587][ T9849] netlink: 'syz.4.1652': attribute type 10 has an invalid length.
[  180.455112][ T9849] team0: Device veth1_vlan failed to register rx_handler
[  180.904737][ T9881] netlink: 'syz.1.1670': attribute type 16 has an invalid length.
[  180.929630][ T9881] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  181.325426][ T9909] geneve2: entered promiscuous mode
[  181.330932][ T9909] geneve2: entered allmulticast mode
[  182.454963][ T9967] xt_cgroup: invalid path, errno=-2
[  182.917869][ T9989] __nla_validate_parse: 16 callbacks suppressed
[  182.917895][ T9989] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1705'.
[  182.944787][ T9989] tipc: Started in network mode
[  182.950311][ T9989] tipc: Node identity aaaaaaaaaa0c, cluster identity 4711
[  182.966282][ T9989] tipc: Enabled bearer <eth:bridge0>, priority 10
[  183.052407][ T9992] 8021q: adding VLAN 0 to HW filter on device ipvlan3
[  183.078325][ T9992] team0: Device ipvlan3 is already an upper device of the team interface
[  183.195361][T10000] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1710'.
[  183.408132][T10006] netlink: 2272 bytes leftover after parsing attributes in process `syz.2.1713'.
[  183.418740][T10011] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1714'.
[  183.540451][T10017] netlink: 'syz.4.1718': attribute type 3 has an invalid length.
[  183.560889][T10017] netlink: 666 bytes leftover after parsing attributes in process `syz.4.1718'.
[  183.591015][T10022] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1719'.
[  183.764068][T10030] netlink: 'syz.1.1724': attribute type 10 has an invalid length.
[  183.784387][T10031] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1725'.
[  183.829987][T10030] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  183.861627][T10030] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  183.898309][T10030] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  183.912792][T10030] team0: Failed to send options change via netlink (err -105)
[  183.931669][T10030] team0: Port device netdevsim0 added
[  183.957392][ T5241] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  184.081543][ T5241] tipc: Node number set to 10922666
[  184.154181][T10051] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1731'.
[  184.337233][T10067] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1735'.
[  184.376993][T10064] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1736'.
[  184.392818][T10069] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  184.733370][T10083] netlink: 'syz.4.1743': attribute type 10 has an invalid length.
[  184.778384][T10083] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  184.787836][T10083] team0: Failed to send options change via netlink (err -105)
[  184.795721][T10083] team0: Port device netdevsim0 added
[  184.807651][T10084] netlink: 'syz.3.1742': attribute type 29 has an invalid length.
[  184.820934][T10084] netlink: 'syz.3.1742': attribute type 29 has an invalid length.
[  184.961364][T10097] netlink: 'syz.3.1747': attribute type 21 has an invalid length.
[  185.156865][T10109] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  185.432540][T10124] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x1
[  186.128084][T10142] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  186.162324][T10142] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  186.288684][T10153] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  186.321812][T10150] netlink: 'syz.4.1764': attribute type 2 has an invalid length.
[  186.496103][T10160] netlink: 'syz.0.1770': attribute type 1 has an invalid length.
[  186.638605][T10171] bond1: (slave gretap1): making interface the new active one
[  186.655635][T10171] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  186.704927][T10169] bridge_slave_1: left allmulticast mode
[  186.717702][T10169] bridge_slave_1: left promiscuous mode
[  186.724170][T10169] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.754300][T10169] bridge_slave_0: left allmulticast mode
[  186.769037][T10169] bridge_slave_0: left promiscuous mode
[  186.779405][T10169] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.799589][T10169] tipc: Resetting bearer <eth:bridge0>
[  186.865996][T10169] tipc: Disabling bearer <eth:bridge0>
[  187.354328][T10201] vlan1: entered promiscuous mode
[  187.453577][T10201] vlan1 (unregistering): left promiscuous mode
[  187.553761][T10204] netlink: 'syz.3.1783': attribute type 1 has an invalid length.
[  187.728003][T10222] openvswitch: netlink: Flow key attr not present in new flow.
[  187.779789][T10220] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  187.787187][T10220] IPv6: NLM_F_CREATE should be set when creating new route
[  187.880917][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  187.893373][ T5102] Bluetooth: hci2: command 0x0406 tx timeout
[  187.894229][ T4488] Bluetooth: hci0: command 0x0406 tx timeout
[  187.899499][ T5102] Bluetooth: hci1: command 0x0406 tx timeout
[  188.083398][T10242] netlink: 'syz.3.1797': attribute type 5 has an invalid length.
[  188.198587][T10247] __nla_validate_parse: 27 callbacks suppressed
[  188.198610][T10247] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1798'.
[  188.215222][T10249] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1800'.
[  188.224522][T10251] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1801'.
[  188.314480][T10257] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  188.412878][T10261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1799'.
[  188.429384][T10261] (unnamed net_device) (uninitialized): option coupled_control: invalid value (80)
[  188.707907][T10277] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1808'.
[  188.930163][T10289] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1814'.
[  188.967336][T10295] netlink: 210568 bytes leftover after parsing attributes in process `syz.4.1816'.
[  188.977406][T10295] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  188.987132][T10295] openvswitch: netlink: Message has 4 unknown bytes.
[  189.060475][T10298] netlink: 5056 bytes leftover after parsing attributes in process `syz.1.1815'.
[  189.117499][T10301] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1820'.
[  189.120845][T10298] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1815'.
[  189.282543][T10309] dccp_invalid_packet: P.Data Offset(172) too large
[  189.728355][ T7580] ==================================================================
[  189.736481][ T7580] BUG: KASAN: slab-use-after-free in l2tp_tunnel_del_work+0xe5/0x330
[  189.744552][ T7580] Read of size 8 at addr ffff888079dbd8b8 by task kworker/u8:12/7580
[  189.752866][ T7580] 
[  189.755173][ T7580] CPU: 0 PID: 7580 Comm: kworker/u8:12 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  189.765571][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  189.775977][ T7580] Workqueue: l2tp l2tp_tunnel_del_work
[  189.781705][ T7580] Call Trace:
[  189.784976][ T7580]  <TASK>
[  189.787899][ T7580]  dump_stack_lvl+0x241/0x360
[  189.792572][ T7580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.797858][ T7580]  ? __pfx__printk+0x10/0x10
[  189.802442][ T7580]  ? _printk+0xd5/0x120
[  189.806597][ T7580]  ? __virt_addr_valid+0x183/0x520
[  189.811697][ T7580]  ? __virt_addr_valid+0x183/0x520
[  189.816813][ T7580]  print_report+0x169/0x550
[  189.821319][ T7580]  ? __virt_addr_valid+0x183/0x520
[  189.826435][ T7580]  ? __virt_addr_valid+0x183/0x520
[  189.831641][ T7580]  ? __virt_addr_valid+0x44e/0x520
[  189.836790][ T7580]  ? __phys_addr+0xba/0x170
[  189.841297][ T7580]  ? l2tp_tunnel_del_work+0xe5/0x330
[  189.846598][ T7580]  kasan_report+0x143/0x180
[  189.851196][ T7580]  ? l2tp_tunnel_del_work+0xe5/0x330
[  189.856496][ T7580]  l2tp_tunnel_del_work+0xe5/0x330
[  189.861690][ T7580]  ? process_scheduled_works+0x945/0x1830
[  189.867467][ T7580]  process_scheduled_works+0xa2c/0x1830
[  189.873050][ T7580]  ? __pfx_process_scheduled_works+0x10/0x10
[  189.879092][ T7580]  ? assign_work+0x364/0x3d0
[  189.883694][ T7580]  worker_thread+0x86d/0xd50
[  189.888330][ T7580]  ? __kthread_parkme+0x169/0x1d0
[  189.893428][ T7580]  ? __pfx_worker_thread+0x10/0x10
[  189.898724][ T7580]  kthread+0x2f0/0x390
[  189.902821][ T7580]  ? __pfx_worker_thread+0x10/0x10
[  189.907961][ T7580]  ? __pfx_kthread+0x10/0x10
[  189.912634][ T7580]  ret_from_fork+0x4b/0x80
[  189.917073][ T7580]  ? __pfx_kthread+0x10/0x10
[  189.921710][ T7580]  ret_from_fork_asm+0x1a/0x30
[  189.926515][ T7580]  </TASK>
[  189.929532][ T7580] 
[  189.931864][ T7580] Allocated by task 10322:
[  189.936285][ T7580]  kasan_save_track+0x3f/0x80
[  189.940984][ T7580]  __kasan_kmalloc+0x98/0xb0
[  189.945601][ T7580]  __kmalloc_noprof+0x1f9/0x400
[  189.950444][ T7580]  l2tp_session_create+0x3b/0xc20
[  189.955463][ T7580]  pppol2tp_connect+0xca3/0x17a0
[  189.960392][ T7580]  __sys_connect+0x2df/0x310
[  189.964990][ T7580]  __x64_sys_connect+0x7a/0x90
[  189.969762][ T7580]  do_syscall_64+0xf3/0x230
[  189.974308][ T7580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.980212][ T7580] 
[  189.982522][ T7580] Freed by task 10318:
[  189.986574][ T7580]  kasan_save_track+0x3f/0x80
[  189.991259][ T7580]  kasan_save_free_info+0x40/0x50
[  189.996320][ T7580]  poison_slab_object+0xe0/0x150
[  190.001269][ T7580]  __kasan_slab_free+0x37/0x60
[  190.006021][ T7580]  kfree+0x149/0x360
[  190.009908][ T7580]  __sk_destruct+0x58/0x5f0
[  190.014405][ T7580]  rcu_core+0xafd/0x1830
[  190.018650][ T7580]  handle_softirqs+0x2c4/0x970
[  190.023477][ T7580]  __irq_exit_rcu+0xf4/0x1c0
[  190.028055][ T7580]  irq_exit_rcu+0x9/0x30
[  190.032284][ T7580]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  190.037909][ T7580]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  190.043884][ T7580] 
[  190.046215][ T7580] Last potentially related work creation:
[  190.051920][ T7580]  kasan_save_stack+0x3f/0x60
[  190.056621][ T7580]  __kasan_record_aux_stack+0xac/0xc0
[  190.061993][ T7580]  call_rcu+0x167/0xa70
[  190.066155][ T7580]  pppol2tp_release+0x24b/0x350
[  190.071034][ T7580]  sock_close+0xbc/0x240
[  190.075363][ T7580]  __fput+0x406/0x8b0
[  190.079428][ T7580]  task_work_run+0x24f/0x310
[  190.084036][ T7580]  syscall_exit_to_user_mode+0x168/0x370
[  190.089675][ T7580]  do_syscall_64+0x100/0x230
[  190.094270][ T7580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.100161][ T7580] 
[  190.102482][ T7580] The buggy address belongs to the object at ffff888079dbd800
[  190.102482][ T7580]  which belongs to the cache kmalloc-1k of size 1024
[  190.116537][ T7580] The buggy address is located 184 bytes inside of
[  190.116537][ T7580]  freed 1024-byte region [ffff888079dbd800, ffff888079dbdc00)
[  190.130422][ T7580] 
[  190.132754][ T7580] The buggy address belongs to the physical page:
[  190.139161][ T7580] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x79db8
[  190.147962][ T7580] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  190.156520][ T7580] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  190.164512][ T7580] page_type: 0xffffefff(slab)
[  190.169202][ T7580] raw: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001
[  190.177780][ T7580] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  190.186370][ T7580] head: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001
[  190.195032][ T7580] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  190.203700][ T7580] head: 00fff00000000003 ffffea0001e76e01 ffffffffffffffff 0000000000000000
[  190.212399][ T7580] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  190.221151][ T7580] page dumped because: kasan: bad access detected
[  190.227630][ T7580] page_owner tracks the page as allocated
[  190.233358][ T7580] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 11, tgid 11 (kworker/u8:0), ts 72078906061, free_ts 72065683641
[  190.253675][ T7580]  post_alloc_hook+0x1f3/0x230
[  190.258440][ T7580]  get_page_from_freelist+0x2e4c/0x2f10
[  190.264080][ T7580]  __alloc_pages_noprof+0x256/0x6c0
[  190.269300][ T7580]  alloc_slab_page+0x5f/0x120
[  190.273990][ T7580]  allocate_slab+0x5a/0x2f0
[  190.278506][ T7580]  ___slab_alloc+0xcd1/0x14b0
[  190.283184][ T7580]  __slab_alloc+0x58/0xa0
[  190.287578][ T7580]  __kmalloc_noprof+0x257/0x400
[  190.292429][ T7580]  ___neigh_create+0x691/0x2470
[  190.297297][ T7580]  ip6_finish_output2+0x1631/0x1680
[  190.302512][ T7580]  ip6_finish_output+0x41e/0x810
[  190.307580][ T7580]  ndisc_send_skb+0xab2/0x1380
[  190.312366][ T7580]  addrconf_dad_completed+0x76c/0xcd0
[  190.317767][ T7580]  addrconf_dad_work+0xdc2/0x16f0
[  190.322794][ T7580]  process_scheduled_works+0xa2c/0x1830
[  190.328331][ T7580]  worker_thread+0x86d/0xd50
[  190.332912][ T7580] page last free pid 5233 tgid 5233 stack trace:
[  190.339310][ T7580]  free_unref_page+0xd22/0xea0
[  190.344073][ T7580]  __slab_free+0x31b/0x3d0
[  190.348520][ T7580]  qlist_free_all+0x9e/0x140
[  190.353137][ T7580]  kasan_quarantine_reduce+0x14f/0x170
[  190.358614][ T7580]  __kasan_slab_alloc+0x23/0x80
[  190.363478][ T7580]  kmem_cache_alloc_noprof+0x135/0x2a0
[  190.369021][ T7580]  getname_flags+0xbd/0x4f0
[  190.373537][ T7580]  vfs_fstatat+0x11c/0x190
[  190.377966][ T7580]  __x64_sys_newfstatat+0x125/0x1b0
[  190.383185][ T7580]  do_syscall_64+0xf3/0x230
[  190.387768][ T7580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.393665][ T7580] 
[  190.395981][ T7580] Memory state around the buggy address:
[  190.401626][ T7580]  ffff888079dbd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  190.409675][ T7580]  ffff888079dbd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.418438][ T7580] >ffff888079dbd880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.426505][ T7580]                                         ^
[  190.432382][ T7580]  ffff888079dbd900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.440441][ T7580]  ffff888079dbd980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.448500][ T7580] ==================================================================
[  190.456660][ T7580] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  190.464300][ T7580] CPU: 0 PID: 7580 Comm: kworker/u8:12 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  190.474652][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  190.484704][ T7580] Workqueue: l2tp l2tp_tunnel_del_work
[  190.490166][ T7580] Call Trace:
[  190.493439][ T7580]  <TASK>
[  190.496404][ T7580]  dump_stack_lvl+0x241/0x360
[  190.501098][ T7580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.506441][ T7580]  ? __pfx__printk+0x10/0x10
[  190.511041][ T7580]  ? vscnprintf+0x5d/0x90
[  190.515367][ T7580]  panic+0x349/0x860
[  190.519277][ T7580]  ? check_panic_on_warn+0x21/0xb0
[  190.524416][ T7580]  ? __pfx_panic+0x10/0x10
[  190.528828][ T7580]  ? mark_lock+0x9a/0x350
[  190.533156][ T7580]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  190.539166][ T7580]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  190.545050][ T7580]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  190.551382][ T7580]  ? print_report+0x502/0x550
[  190.556064][ T7580]  check_panic_on_warn+0x86/0xb0
[  190.560999][ T7580]  ? l2tp_tunnel_del_work+0xe5/0x330
[  190.566284][ T7580]  end_report+0x77/0x160
[  190.570534][ T7580]  kasan_report+0x154/0x180
[  190.575044][ T7580]  ? l2tp_tunnel_del_work+0xe5/0x330
[  190.580345][ T7580]  l2tp_tunnel_del_work+0xe5/0x330
[  190.585490][ T7580]  ? process_scheduled_works+0x945/0x1830
[  190.591218][ T7580]  process_scheduled_works+0xa2c/0x1830
[  190.596810][ T7580]  ? __pfx_process_scheduled_works+0x10/0x10
[  190.602825][ T7580]  ? assign_work+0x364/0x3d0
[  190.607421][ T7580]  worker_thread+0x86d/0xd50
[  190.612046][ T7580]  ? __kthread_parkme+0x169/0x1d0
[  190.617091][ T7580]  ? __pfx_worker_thread+0x10/0x10
[  190.622293][ T7580]  kthread+0x2f0/0x390
[  190.626369][ T7580]  ? __pfx_worker_thread+0x10/0x10
[  190.631488][ T7580]  ? __pfx_kthread+0x10/0x10
[  190.636101][ T7580]  ret_from_fork+0x4b/0x80
[  190.640542][ T7580]  ? __pfx_kthread+0x10/0x10
[  190.645136][ T7580]  ret_from_fork_asm+0x1a/0x30
[  190.649904][ T7580]  </TASK>
[  190.653277][ T7580] Kernel Offset: disabled
[  190.657692][ T7580] Rebooting in 86400 seconds..