last executing test programs:

1m6.097274458s ago: executing program 1 (id=2187):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f00000052c0)={'filter\x00', 0x11e, 0x0, 0x0, [0x9573, 0x1, 0x3, 0x4, 0x200004054a, 0x1], 0x1, 0x0, 0x0, [{}]}, 0x88)

1m3.881756702s ago: executing program 4 (id=2197):
r0 = socket$inet6(0xa, 0x3, 0x8)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000000)=0x2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000003100)=[{{0x0, 0x0, 0x0}, 0x26}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}, 0x3}], 0x2, 0x10060, 0x0)

1m3.643412659s ago: executing program 4 (id=2198):
r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x20008040}, 0x24000084)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x52, r2, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, r0, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x18, 0x17, {0x5, 0x100, @l2={'eth', 0x3a, 'geneve1\x00'}}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4044041}, 0x4000000)

1m2.13193591s ago: executing program 0 (id=2199):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x3c1, 0x3, 0x368, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private1, @remote, [], [], 'tunl0\x00', 'macsec0\x00', {}, {}, 0xd801}, 0x0, 0x168, 0x1b0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x7, 0x2}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x16, 0xe, {0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c8)

1m2.088311239s ago: executing program 4 (id=2201):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00', <r2=>0x0})
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000240)='pmap_register\x00', r4, 0x0, 0xf69}, 0x18)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={r2, 0x1, 0x6, @multicast}, 0xe)
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000100)={r2, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}}, 0x10)

1m1.9366752s ago: executing program 2 (id=2202):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000300)=@ethtool_rxnfc={0x2e, 0x2, 0x6, {0xe, @usr_ip6_spec={@empty, @dev={0xfe, 0x80, '\x00', 0x24}, 0xfffffff8, 0x3d, 0xe}, {0x0, @remote, 0xe, 0x4, [0x7, 0x6]}, @ah_ip4_spec={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x5}, {0x0, @broadcast, 0x8, 0x5, [0xf, 0x9]}, 0xff, 0x3}}})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)
r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(0xffffffffffffffff)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0xd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000040)=ANY=[], 0x18)
recvmsg(r4, &(0x7f0000000740)={&(0x7f0000000400)=@tipc=@name, 0x80, &(0x7f0000000600)=[{&(0x7f0000000240)=""/19, 0x13}, {&(0x7f00000004c0)=""/204, 0xcc}, {&(0x7f00000005c0)=""/35, 0x23}], 0x3, &(0x7f0000000640)=""/240, 0xf0}, 0x10120)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="cc0000001000010402400000000000000000ff", @ANYRES32=0x0, @ANYBLOB="88d10100000000009800128009000100766c616e00000000880002800c0002000e0000000c0000000600050088a80000400003800c0001007b4b0000000000000c0001e004000000090000000c000100bf000000000400000c00010002000000ff0100000c0001000e000000000001000400048004000480280004800c00010007000000040000000c00010008000000040000000c00010006000000008000"], 0xcc}}, 0x0)

1m1.59818641s ago: executing program 2 (id=2204):
syz_emit_ethernet(0x56, &(0x7f0000000000)={@random="676b7759828b", @link_local, @void, {@canfd={0xd, {{0x4, 0x1, 0x0, 0x1}, 0x3c, 0x2, 0x0, 0x0, "e6e7bcc161be2a421fe9581bdfd879d34f3fd4c5a7bc4d913fcf9c3b39047b359d277fb6179bcab74a9d2b041ac783615bb990fb04f9344d259606d8c40935a6"}}}}, &(0x7f0000000080)={0x1, 0x4, [0x4ae, 0xe6a, 0x3, 0x1fa]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
r1 = socket(0xf, 0x6, 0x5)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x18, 0x1411, 0x400, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}]}, 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x200000c8)
getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000240)={@broadcast, @multicast2, <r2=>0x0}, &(0x7f0000000280)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@getqdisc={0x3c, 0x26, 0x2, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xffe0, 0x9}, {0x4, 0x3}, {0xffe0, 0xb}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x810)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'netdevsim0\x00', <r3=>0x0})
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x5, [@volatile={0xe, 0x0, 0x0, 0x9, 0x5}, @float={0x4, 0x0, 0x0, 0x10, 0xc}]}, {0x0, [0x72bb820242128350, 0x30, 0x30]}}, &(0x7f00000004c0)=""/41, 0x35, 0x29, 0x1, 0xb12, 0x10000, @value}, 0x28)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000005c0)={0x1, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x7, &(0x7f0000000380)=@raw=[@exit, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x1, 0xe, 0x7, 0x50, 0xfffffffffffffffc}], &(0x7f00000003c0)='syzkaller\x00', 0x2, 0xb, &(0x7f0000000400)=""/11, 0x40f00, 0x20, '\x00', r3, @fallback=0x1e, r4, 0x8, &(0x7f0000000540)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x5, 0xa, 0x6, 0xb52}, 0x10, r5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bind$netlink(r0, &(0x7f00000006c0)={0x10, 0x0, 0x25dfdbfc, 0x80}, 0xc)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000700)={<r6=>0x0, 0x5272}, &(0x7f0000000740)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000780)={<r7=>r6, 0x2}, &(0x7f00000007c0)=0x8)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)={0xb8, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7ff}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@private1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x9}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@loopback}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x20000080}, 0x200008d1)
r8 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r8, &(0x7f0000000980)={0x18, 0x0, {0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'syzkaller0\x00'}}, 0x1e)
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x800800}, 0xc, &(0x7f0000000b40)={&(0x7f0000000a40)={0xf8, r10, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x74, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xd5a517e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xaf50}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5ef}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf55f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xbb7f768}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3a46ba5f}]}, {0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4e01c109}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3c7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7614}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x77a9}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x70a3}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1dbf0521}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x70, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x44d60012}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xa}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x33}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x48c81dde}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xa5f9b7a}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5f59faca}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1659875e}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3ca46e47}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x38816c05}]}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x45}, 0x4000000)
sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={0xd0, 0x0, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0xa4, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_MEDIA={0x18, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x20008000}, 0x800)
ioctl$SIOCX25GFACILITIES(r1, 0x89e2, &(0x7f0000000d80))
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000dc0)={r7, @in6={{0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, '\x00', 0xe}, 0xb}}, 0x6, 0x58cc}, &(0x7f0000000e80)=0x90)
bind$alg(r1, &(0x7f0000000ec0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$tipc(r1, &(0x7f0000000f40)=@nameseq={0x1e, 0x1, 0x2, {0x3}}, 0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000f80)={r6, 0x61, "f0f2e5499b667b0b4de0ade897a350d7e1c5c191a615fa65d2a45a0f9f9c4ff5facf0fca5603874c6fe7efec14b61d1a8cec614d0f810fa9d9dc9bdc7536c8e3940ee472b75bac14e06851328a79ac088c09bcecfc98acbc8b47c47851a9856ad1"}, &(0x7f0000001000)=0x69)
socket$nl_xfrm(0x10, 0x3, 0x6)

1m1.529058513s ago: executing program 4 (id=2205):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff})
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1, 0x0, 0x0, 0x8100}}], 0x1, 0x0)

1m1.414002807s ago: executing program 0 (id=2206):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000080)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000280)=@kern={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)=[{&(0x7f0000000c00)={0x718, 0x31, 0x2, 0x70bd2b, 0x25dfdbff, "", [@nested={0x7b, 0xfe, 0x0, 0x1, [@generic="ab778254c34848e4173cf96852305ee6189755faa507a734f55f2fac8874ccf9e3010066dbdf3fce4993f2a0fbbcf85aab2d5cf1c31c20fd4bc90c3f3d6f8471d16fa2f8d11f66a1b91abcdd3f59376e3d944399eb6e0f7a534336b58ad80b38e372a372ab87066d2ad0bd1ccdd223", @nested={0x4, 0x130}, @nested={0x4, 0x1}]}, @nested={0x571, 0x14c, 0x0, 0x1, [@typed={0x14, 0xf7, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x107, 0xbc, 0x0, 0x1, [@generic="47f56bc4d95fd96e63eaf70788e2744eb3c249a544b733f9c7", @nested={0x4}, @typed={0x6b, 0xd9, 0x0, 0x0, @binary="6bb1058b1832f34f6144e47d862a92493b2164f745894f63401744e1a5bd5731c6fb4ba2b51552505eb1f9624246e4d446920c44afe26a979f3d19a66163e73002b9085f6769c489b76d8e2daec6a7a028b9b73d4d7c40d70a6e4951fac00aa544ce79d0e59145"}, @generic="c91ed3bc9d8314697e8212979dc57b7221b74829ac4148e44f36aba3db152741f6268d82087f0877f80a559b17de5e5ff6049e55f72afd1dda8adad471ca92cc9910c5ba971aa58d8c920b0f5d873787183b57391743533b440d3943244fa0f58db55de0f6916d128768", @typed={0x8, 0x14b, 0x0, 0x0, @uid}, @typed={0x8, 0xee, 0x0, 0x0, @u32=0x10000}]}, @typed={0x4, 0x13f}, @typed={0x8, 0x6b, 0x0, 0x0, @ipv4=@local}, @generic="b91deec9e8f3c0665a21e24bee6bd348471f8d124d164692b164be81450515eb4f647d1ac4db1e4a1e2d9c9d2d42c5a6dfe2cf4f88d226a55204358faba147cbcbcbf6e0426986d016ad488a2668602bda313a6d2f234d9b3638ea272f38db2f2b74ffd8d98576a0c8db0a7a6984c88e5a0523d45cb4850683f75329015e67309ce56df5a533d79b9056ccde4faf9a4058d3ea625d24116717ab8f5f629ce5d63112d51f55e9cb885f83b911f4fcbe57b34d07c5c1f502d1bbbb54bb4766868c2025aebc6c9fd575390c036c3a9e569b513b90cace", @nested={0x1de, 0xe7, 0x0, 0x1, [@typed={0x8, 0xac, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x8, 0x9a, 0x0, 0x0, @fd}, @generic="16e27b675005803a695620a243e7e8b655b77243218e11406b227ae11ae60fc79f055fd119fd1c8369838458d766aad2c8a9a026035d47b24baf20cfd92e6ea8cf27ffdf73279aed71ef13fe6a3cbd458f1edcf10f8977cd84d45647ac2e0f88843c7638ed0f005393e877bbac6424a5a5823c21f0428073faedcfbe6acb220661506d0c503e599f3e6fd57a7965268ba758f84ab22c0a705b6ef95966aff6d919010c9c811a645f2b9088e5728d8fe929432c25de0e078e793b81619ece1b", @generic="95271c3eb47d40d01044ca6cfbdc10566b99a5c57c91bf7aa5e76abdafff14e07437cd6af0ab16", @generic="7490b963bdeaacacaee96d2ef5549cbe91429fdc4053ef1ce48ee3f9464605735185f072fc18e336158ad41f4aaab6b23ca8e28386691dc1715228783412ead52f24588e08ce6e9ebf9dd1ac92e2b17f4e70128aa805ba14f69e0f924b88ddd0a59f7dcad526e035b486ad8d293699a009823adc3c14914178e54394bb4dbc49071289316acf2be10c35561fe0a6368e023e15896426c74237dc92e5f014b1abdcb4e94fa2ff7db0d1f71e3b6e8ef8a8a01eb82bc037039a917df8d6673bb163df36c5a421a32874fcacf4959999bfac330dc4c8d3517265010d3a7b8d511407d73e97f6"]}, @typed={0x8, 0xfd, 0x0, 0x0, @pid}, @nested={0x17e, 0x127, 0x0, 0x1, [@nested={0x4, 0x11e}, @nested={0x4, 0xbe}, @typed={0x4, 0x14f}, @nested={0x4, 0xc3}, @generic="ce07175587b1e2ef86f2a4bb180ca36409ffe0ed02ffd633dc2d45d0f3b23cec310d1fb8d91d7821557549536a3a8875a12d6c5038ae5f93ac518e313b34c017e44ad8dc87f1398f94ae57b2cf8925aeb7362fd63017da2836caa144df29b8c0a365ff0df5ad11dd32044dcb9f7e8ede9410e48ad94a5db976a1def1d86be58f2b828c63e55e6348499c291323094a7daabd825e91efbe4ae097dc1584fcff877e11556c1057b2694a107363a8828035685d107fd2fa45f9473692e1594849d829768fa52af05c974a28850af60b47bdd0f80e8688b5de6707d890b13e366eef531e5ec5da86c5d1a81f432b57991394bc85774855a6d8ad49", @nested={0x4, 0x135}, @generic="50060e39336a7474ee811237b1f7d0fb2a712608b8ba5a31e4547dbc63941d89daf3b961e03240cecbb1fa78fab87444922e", @generic="cfbba6a1bdd628205bac8f87a3bc0f540bc19afc15846a74bff9b170c904f8025ac0a10c5ffb88a6e2f6a56861e2b0d64ba254", @typed={0x8, 0x5a, 0x0, 0x0, @u32=0x800}]}, @typed={0x8, 0xce, 0x0, 0x0, @u32=0xffffffff}, @generic]}, @typed={0x8, 0x65, 0x0, 0x0, @ipv4=@private=0xa010101}, @typed={0x8, 0xe8, 0x0, 0x0, @ipv4=@multicast1}, @generic="e38bd4cec5a9b366190ffc46d9ac05fd0cfe49d4654689d23def6857503cad9e737b42047b3ecfae8c39da9da28cf7c1891ffc54533e5e9fa9f999c81cd28834243eacd8b0d86eb7bec05267e0fe7163a833eb7e4465ca", @nested={0xaf, 0xc2, 0x0, 0x1, [@generic="8269c40f2577536b63f9df189f08525ff764", @nested={0x4, 0x37}, @nested={0x4, 0x14c}, @nested={0x4, 0xde}, @generic="05a1866cba8643c44a17179bb6f6f519ea0ae8bcdfa846b0e767a7d30022ab4b7efd2e494f21b309b90d83a18ee9e4286f8f9015268856e16d760eb5e98fc22110ddaaca5bb65f43049b8717625b4c4b88186e809a230c6f3f719f152ffdb9b52bf9704683c2e672dc86c08878a1712834c3189e2f13792c12c70187652f3c7769876fcfc2b517287887a6ac67"]}]}, 0x718}], 0x1, &(0x7f0000000b00)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @rights={{0x20, 0x1, 0x1, [r1, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r0, r1]}}], 0x90, 0x4000000}, 0x0)
socket(0x8, 0x6, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000400)={0x3}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00'}, 0x10)
pipe(&(0x7f0000000540))
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000005c0)={0xffffffffffffffff, 0x6, 0x8}, 0xc)

1m1.304314629s ago: executing program 1 (id=2207):
r0 = socket(0x200000000000011, 0x2, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x27, 0x0, &(0x7f0000000040)) (fail_nth: 2)

1m1.251859599s ago: executing program 2 (id=2208):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x4c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xb101}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6324}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40801}, 0x8000004)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1, 0x0, 0x5}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6(0xa, 0x3, 0x8)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000005940))
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x4, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000002000080000000000000000061105e000000000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r3 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000140)={r3})
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)=ANY=[@ANYRES32=r4, @ANYRES32, @ANYRES64=r4], 0x10)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r5, 0x29, 0xd4, &(0x7f0000000500)=0xc, 0x4)
syz_emit_ethernet(0x1377, &(0x7f0000000540)={@local, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x3, 0x6, "c547b9", 0x1341, 0x2f, 0xff, @mcast2, @dev={0xfe, 0x80, '\x00', 0x25}, {[@dstopts={0x33, 0x3, '\x00', [@pad1, @ra={0x5, 0x2, 0x6}, @jumbo={0xc2, 0x4, 0xf}, @ra={0x5, 0x2, 0x3}, @ra, @jumbo={0xc2, 0x4, 0xa1a}, @enc_lim={0x4, 0x1, 0xff}]}, @hopopts={0x2f, 0x4, '\x00', [@hao={0xc9, 0x10, @mcast2}, @hao={0xc9, 0x10, @local}]}, @dstopts={0x0, 0x1a, '\x00', [@padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0x4}, @generic={0x8, 0xac, "e188675e9087cc4154c8152a27ffd30fa0cbd10e48d9c056db7c937610a360e25cfa9666412a7b3057a09498da3e788488292766df5e6aef6280afab1399b9ea57afdab6c83f4f8ff54ff75abad019d2c41241b5eaca3f5128ed507237946abf70be79d2a7bffef726d11d18f5852d0bed21e15c64ee03b31917466537407724dc630f2f1caf565a162739558c4f9e6a699d6cc83b331c5a04a42eb9e01077d416a844493a76847b6b03087a"}, @hao={0xc9, 0x10, @mcast2}, @ra={0x5, 0x2, 0x6}, @padn={0x1, 0x2, [0x0, 0x0]}]}, @srh={0x5c, 0x4, 0x4, 0x2, 0x6, 0x28, 0x7, [@dev={0xfe, 0x80, '\x00', 0x11}, @mcast1]}, @hopopts={0x84, 0x2, '\x00', [@ra={0x5, 0x2, 0x2}, @ra={0x5, 0x2, 0xa38d}, @enc_lim={0x4, 0x1, 0xb}, @pad1, @jumbo={0xc2, 0x4, 0x8}]}, @routing={0x0, 0x6, 0x1, 0x9, 0x0, [@local, @dev={0xfe, 0x80, '\x00', 0x44}, @mcast2]}, @hopopts={0x67, 0x2, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0xe694}, @jumbo={0xc2, 0x4, 0x80000001}]}], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x35, 0x3, [0x6, 0x2], "a5b480c7b32ce822b7e4a360041ceb436d4e2a270cfd32350ed5de59ebe69b964e597bddb2982b15862a414a49123f77ac572dfbb4"}, {0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [], "c77f0b67c5e146c5bf490d9d024b8493bc124a1813feb1b47797d9eee46634490865c52d0df0525349eb605f66b693e0"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0xfff8, 0x4, 0x0], "39f8f917adfa784f67694aa2dc94207f30a9912a7dbac54a6866603be0a0c6281ee4113f50977e1f45ccbd67eeba434963352d50582d951043745b1cc5ed29089d876a3b94a36d229f18e44265c112319df98be3f1827b041f9c741a72192b497b132361ceac5c34979facb4aac632688435b73da06ce43824742ede94fb81a3f101cf986d0abf95a3b784c217405234fd0644afa1af6733c05cec2ad60f53c33b8cf8e224d7b18b3cbaa803f8c1948ff6b29b0ec18a1d86b142da595968615032eab2d6bb417caa86154e3f5c955d0655ad8ed65d5ac9e97cf4c8c0c63f569ec9b4c7d583a6e09812524012317c7fab190d79707f092faeeddb8ed79d4347199e3e0925db1fbc2f3992a3ad0b427b798dd76262b419c3b48284c34f470b4d0090a87ea8d2c104ffc1ede2cc3ee91b0daec3b79ce8e453b29ecfe4402d2fe06269387e8173c8de9a30b0fef2347cbca140c6b920aff9e364b0cf0bc83a12a9465968b456df918e46602eab3ad6d1edb50b8db263002a6dd3b1715c30196e0ba946b49f300744bb0d0ebcf55a392390036d4f29c338f37a8276586acf152b1a5db89c4c785b7e7dd5a6544c04e3b7ae81ac68e8de7dbd375b294bf349a4bc8eb9c0b8b065ec4db17cbb56f65a210d944972e9cf5637c05d67edf364796769928f3b64826d2f4840647fca4d449d78d781b350de0920ccb8200fbea96e0de533b9c29ea5dc27265c0798e4b4478ddadc77e11e4a70ebbd6582ee839f41af57c70f359f227b76b3cb782c1a5db233ae409709f56dabb6c2145749ac4d4132f57dfb7a3121e06f32e22b8d5d56e0210f8da847b2b08e0e86521ae3c795081821baf69a39dd661b28494bcdfb72e85d5a92daf0eb923110a4dbf7acc0698cda9df90c991ccc02fa7f4ab2a06ed84aeb5cb76edf7404f85d9d55fe8169d8bb48632c2d8ad88abe66a616199b5b9acf90285db856437f3efad7839d711b6fbf1d0e002994d0cab68bd9f1cffbd5ff9d0fd62512ef78f651d1d186d6f0ea348a56a3b0854a42823c60f655011e72b57bb9b99d90967f13231d977c01c06bf42453f13c130eab3303e0d157f5dbb8c2a230a1752a6c5dac666745ac0d49723e0eafee2a0e6194f505b26867eb973cc3fbd60c5d1cbcc4757fd63f9c476cf5da24f1894c094bd0cbf052965b27a98abe7fbeb1a09609f4a2a0e99fe0d0071b35f42469292ce650d88badcab68cac8774a14b939a48cdfc9c9280deddccd0904ab9f3ab5b22836e9465f314a49de58f8ca875f6aaa8d050b9b5e74e31e98284ae067acbbf21a75df578c13c3785af7f5c0d3704046cf343f839b84a0ac7e9a624d4e23a6fb6210b9a5fcf891de3cb1d5645900bc30cb64733cae1f8ada2405706180c1b806cc78fa8fd958cde9492e6446eaee6a61dd47305ba30da79cc598841cba7d317562ce3f76ea29a6c22550d70d8db0172e87bf689b0c0182d8040ce01665ebe5b36e21cc399b418c2686340cd601b44389df830ea2cc510cf54dffcb62a65699c98803e31a5c817a41c12ba39789dc90b005a29d9ebbc0bb76ae653f8cc65f26b6334aed1c9c646a678b4bb63c2ce00e10a4a31c1c448134ca40f4bc823f812a2d0e7f07813454b5709e72d437e6734436417f01a4a28086ced4933d0bf9df2f125daf13029e7ca7abe46d865d015087306d357ec04ff13571b4c4487742ef2fa9ea6d1aa13610196d7c25b8e822f74155fa2b33dab04ab80caa335a930e38a175c2883492e4a2cab4e1119a1f175c48a5fe0cc88069bea8b5ffe6ba28cd2da1431f55f326c6146f41427f458d1f3048c6d9aac21f2462537dd3ec4cc8de6dc2a07b845ad1589b2e82856406b113c84d14aaed86d946a3aefb35298cb2303cbc982e07a6d4b231b11edc795776fe402f9331894614e3c4418648807de8c69d9dd1aab8d2cbabd14019223a8f5296eda1cd7c1e115380f7353f0ebf2ca13b1f90e439f3f36732cb0ffe4e1d2479e30552f5e945d704e52e292c4fec1523508b43d8e35e3e06ce18330167708b28f703e89fa197c921ac8c79a81da7bcc89393e345a56ace299ceb59f03a2c1e5d208c93ac89b42632af23fce66680d15822d8b9698ce361931bfa848665930dd1f268d32e7ade139307d7b152dd3c01f1cbd34e531bdd6454942d2703ade5a78da91d6460875ee99eab66b0eddbb4bc93a0c62bbad79340bf17b640803fb940a5d99aae8e14eec108f0d3755287f5c59772cbdf099d956d6032148cf829a97077a0aaae99ef6e6359d269ce76b7608601e42fb592516100203e9a9676e72f8dfba8edcc25810353dedd3eb944160240f54e8c910fff4847bc951d1dcb631b952e657e99706738a6cfc83fb05dfe097fdac07cdeeb09dc6033865f6fea57e383aeffe13b497b80fcf9d7898ee176a70d51881dba1bea8eb4659606f404e3d3e3e9b891b497f8c18702bad1b5aaf4f6ae5dde5aa9922b91455a9754948b593ab8b7db671f0ae88e88141392c9592992aef7b1218b20dd9de0b20fbf7395c0538903524313bb988a9da455c99edbd7f66cfa7cc8b75edd91f01faec4c42d03949cdf9af21c15d61b6df109dfc2eac38a4c5eee7b0071164981a5abbb9856641214ecf3cb61cd166625d71eeaca8cded3c24d9551edbdffd285296e41ab10f5fcfda5423ce69f3d2380248292187a5333e86c697b8e37b9ebe4ac79fbb14ea82cb364bd9b914bfd76219e50340842f4ffcdd56b2216c7881e1d58f1895e9cc745806e1af00000644fe153f7c7e5b86ac5dc5a3c8db2d6025e5ca8db1792b11c05f9943f29eb3639fbe2355cdb35f2c410851f095985ee8bec38b9cdbacff3c829608153314092d7f2963a88b080d4777e6e09431f4002691695563c46a430d9b4cb960b99b12cc896cf9d3e8957914d7d2c2ca74598c91656b43a9fbfc9d8f7e6438d7700654112f3c49f33abab2abde4fccfb8545b990947ae89fb8e66288dc16c4ec7b1a98b4f39dc998d5d0e65827613e0b0321e7daa8ababa0445ee786286616b5b09c2650cd96130801f2f86c5b290ae6b6de7ce228de297dad3124823a3d9c1f70809a3167ae4d58fef4e39446dc436208ca53ed16ae653a2ed2c31ec75676e7009bbf635eb67efc2b000060d4d57649dc082616164702fee9e3eccd7f8b17537f8b343e9562d39d7845bb8b36cfb4810d039da7e71b877527a96a90e593eea9d92c9fd2722abf0f98e08be0d37f4310e221c5a6f48361c99f8aad8c7fb1d5dfa7e68cb8366106cdfcb281ad7d70643b3c5b59bbb7cfc55a4229e3b752166d4ce5bdd818aad696f0c455acecf963421e8209280d2585e5bf3d827046566acc826c76f4427816bb21cc4e79fbb3cc91d6042e277293febec4900f2cec91b796623d3fdb708482f10839311c66edf70de24026890070cf91ff5544c332b62923b907783cdd9907eec679dcdd5d26ff2c84d07891feca82090811845b25b694ab8019259bb94f731f54e7d6a0b05beb30cb05db7bbd8bb04c6217dd0f602fae29991846fcf84e19902b2070891f0c0552af0c6306d2fde02a72588c303d576c1b8d3b21c3750a01008bb6acd9ba8dc2e9a0ca46a420b348bad8a481ac0038da60f311e22809a509c3dd47fa115aea44559ebbd546b19e00eeb74627c3410d17b457daefbef979db25920ea25524bfa30602e443a696db3572729cc4922e83027976328b37a836882e71c74bc9e82c37fefd766c9c86abce7a7f8c0f5c14476d2d4b7217fbb1de8cd2a759092304be53820abbc9d140dbc72cec04d7c19bcb25cf7ee99537b83cb9c3cbba07f0a1818224a8ffc008d15781a7a7acdb64ba74ebeca79e682c859c931adfd9f8dd8287f4a0afa101004465fb1364b3ce5dc81771a0e1672c2c48549fb94e550f496a893994df78942824d677963d5d45f2c35da924c32fa6946e814a3828673c20771a9ace24588e0ed923703c2f5e79caa01104aaea3b8aa903d73144e6d8a4e281d5af243dfc37f93f50a707acc034c890e60197d529f014db13719d66fd01b2f911c298c15b7797a61401514c3c78323bb8ad4de02e841619c19b450b5328a465adc7125c98f7312b2c9751cdfb75d849990217a6e40325d2e7b19c76320dbdd985aba969a6cbd3b380a3e614d03dc1751a2b9f68c894e27b1672b8f042b0c3bbff0d43518712a25c3e2278004e2a4e470c4e05911ef30281e712a373f625d7188705c1f1d6c6dac0845b57aaee06e56e3a1d57deee7d7184c757034d95cf344ac02454e107f02c9d18e69e0e931842ff93acf39b58b471c22cc53e10193ba219c3892df43bc1a55ff08b534aadc262d60cc51ae849f4485e4c43c42305fe2a268b41cfafc6b74835b424945bc3e705112fff493c83f8304758e0d3281c4953d59638b1a43830c311bb3de4f6f32e3f09662c50d4e21eeda2a7158c07f81532c0fea14d1826d3a5c9627c74e98d0028dc400eba233fc001d634ef7598c80dcfc28eefa0d37b2ab4c3d2d569e29ef54fcbf03a02835964c54c8fa536f4b626618019202e84ac6f2abeb089e555b5d4df47bd788476ddbfbbd9e46c93404c18127a7e0a4c7cfebb79ae4f61922f83523a1e85b4503408d177b94c5602b1b4120ba4c2bc2813a8bfbe4d4cf3430824576a007090a23e763ea96956dbb2581683bac482b855f25c6085c943d36cebec7ef51704af31cc5d684641f20b6a2d428a44e9cbad75bce94a38ae5a5fa777f263c641982c2337dcf2009dd46e72e96b0c528f4bc4dec1d1ac1d07bfef1e316d0e0db17ebafbe04acd9e445cf4664b3214a559a43450a863f1f71112e344ea81c3b644c4a88b89a2cfd77cfaa6624c8e6f81fe8c644cb65b3800527e3c9b35cc919db5c425c4cac39005c835703c67e451ef608d89fb5efbf00ada4ee0f1726de962192e66005d09c288ec5af595387d593a8c0ed0d51c6e0eebe771363a8fb52461ac7c96b0307f238d615febd8c43d402cc0ca2e1df700db85f85d326ad3ee768825d06225f0a78a3ad5bf05e486b9e812690eb4e22a50199ae88ccfdc008364cac612874973e65fe16ddbe6476311c3967d1cc5a107923828ca9c4ab6593328f97e06228b64395acfff055eac3d4727ad8766ec0d2a28098f1883727d0602ae0ce63b3e603676436e49ccfeff376c1027d03aacaf37a1ef2c8fcfaf3e140d95ebb11fbf1d9a9cab504455d7074ae9abe9428694585140eb058ba08f0225349380b1fdd5a1d0af8b8058335265b77f206633ed75c9fcfa86a2c10619663095245b558ddd5ede7ce893b1efdbe8ea88a0aa60bb7b7e2730ae8bea68cedf2238a6367a9ac9f414dd6fe520d6e6cf029c84e6ef9c1d692c5a34e76037c9ce76ba8d0b1dfacdb2765bc528149d932721fa4ff6a146fee7d25fd249eb5ea45a995b982fd0e2922bbfea0bf27f551f0f281996df49d05e03482f600d30cf6e16cab64ce11c316df9a9d90af175209ffb6b6b3eccbb3b2f353323f7a71bf24966d194b2271e17092a8369d273e6f336cb938abc728f9e9131bc97fc0cb21d39eaecb562272b806b780c9fe8311f9b3adc819e527eb65f957c06e5d45aaaa3fc4ff9adb0ed816ea9cc34444088d9f913796e318622cc76dc97737ccc9240485183d2c68dd1e5eee95514c999cbfeb66d6499443a7eff8ade86c1cf74faa59534c669ad3fe46e08470521f7082b8691ca1b6e92baa4c2dfe780504dddc1635d711c9c933a3aaa1560e72cbd60fc1dd07330b2c7aaed98a6f62bad67669f77"}, {0x8, 0x88be, 0x3, {{0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3}}}, {0x8, 0x22eb, 0x4, {{0x3, 0x2, 0x9, 0x0, 0x1, 0x2, 0x4, 0x1}, 0x2, {0x4, 0x0, 0x2, 0x14, 0x0, 0x0, 0x0, 0x0, 0x1}}}, {0x8, 0x6558, 0x1, "60b4d45f08503a96205b37546e7bd4f43ed4580c4c771a7b1c3e6d5e0bd6130db6eb165f3f4788efe3ed5d0c919d20f703f6299aadf481722f30ec9dbfa778226d20b84f7d9c7eaf1597816a026199450dfc94cc1693f04f01136ba19780b72fdbce36f4b5c2299bbcfa6e281fdf5de2b25f21023637a4c5d722007b7604d4a796fb188f52dd7a8f34b5bd25a0866e8c9e20d22773c016157f2911c00896cc8c09b3f5c84a85914b4a326bdf7a48ade8b7531df836ea"}}}}}}}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000040)={<r6=>r5})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r6)

1m1.084335106s ago: executing program 3 (id=2209):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000640)="d800000018007b2fe00212ba0d8105040a601800fe0f040b067c55a1bc000900b80006990600000015000500fe800000000000000300014002000c0901ac04000bd6a109ef7ae22459179ebb07013d25c2bc7f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000080000084975e85504000000002f3d40fad9ffd5e1cace81ccd40dd601edef3d93452a92307ff0ff0e97031e9f05e9f10400"/220, 0xdc}], 0x1, 0x0, 0x0, 0x2663}, 0x0)
unshare(0x22020600)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_NON_HH_WEIGHT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80884}, 0x20000000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x48}, 0x1, 0x0, 0x0, 0x44080}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000d010}, 0x40884)
r4 = socket(0x21, 0x3, 0x0)
r5 = socket(0xf, 0x3, 0x3)
write(r4, 0x0, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, 0x0)
sendmsg$can_bcm(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x48}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB, @ANYBLOB="01000080000000190000"], 0x50)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1m1.070593345s ago: executing program 0 (id=2210):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x4000000)
r1 = socket$kcm(0x10, 0x2, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x304}, "bd88818314ff7d84", "0b3ea924c47b25d7624cd362581725c7", '\x00,\x00', "d5a1d50399459b68"}, 0x28)
listen(r2, 0xfff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x8001)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)="89000500120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000504c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010005080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1}, 0x400dc)

1m0.898589751s ago: executing program 2 (id=2211):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x14, 0x3a, 0x229, 0x3, 0xfffffffd, {0xa}}, 0x14}}, 0xc00e)

1m0.619522681s ago: executing program 0 (id=2212):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x6c, 0x30, 0xb, 0xfffffffd, 0x2, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e22}, @TCA_CT_ACTION={0x6, 0x3, 0x2a}, @TCA_CT_PARMS={0x18, 0x1, {0x3, 0x4, 0x4, 0x0, 0x1}}]}, {0x4}, {0xc, 0x7, {0x300}}, {0xc}}}]}]}, 0x6c}}, 0x10000080)

1m0.541004972s ago: executing program 1 (id=2213):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r1)
sendmsg$TIPC_NL_NODE_GET(r2, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r3, 0x300, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x4040)
setsockopt$inet6_int(r2, 0x29, 0x1f, 0x0, 0x2d)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r5, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r9)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x2, 0x0, {0x0, 0x0, 0x0, r10, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r11 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000140)=[@in6={0xa, 0x4e22, 0x6, @loopback, 0x6e}], 0x1c)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000040)=0x1c)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r12, 0x29, 0x40, 0x0, 0x0)

1m0.417315785s ago: executing program 0 (id=2214):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000300)=@ethtool_rxnfc={0x2e, 0x2, 0x6, {0xe, @usr_ip6_spec={@empty, @dev={0xfe, 0x80, '\x00', 0x24}, 0xfffffff8, 0x3d, 0xe}, {0x0, @remote, 0xe, 0x4, [0x7, 0x6]}, @ah_ip4_spec={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x5}, {0x0, @broadcast, 0x8, 0x5, [0xf, 0x9]}, 0xff, 0x3}}})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)
r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(0xffffffffffffffff)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0xd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000040)=ANY=[], 0x18)
recvmsg(r4, &(0x7f0000000740)={&(0x7f0000000400)=@tipc=@name, 0x80, &(0x7f0000000600)=[{&(0x7f0000000240)=""/19, 0x13}, {&(0x7f00000004c0)=""/204, 0xcc}, {&(0x7f00000005c0)=""/35, 0x23}], 0x3, &(0x7f0000000640)=""/240, 0xf0}, 0x10120)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="cc0000001000010402400000000000000000ff", @ANYRES32=0x0, @ANYBLOB="88d10100000000009800128009000100766c616e00000000880002800c0002000e0000000c0000000600050088a80000400003800c0001007b4b0000000000000c0001e004000000090000000c000100bf000000000400000c00010002000000ff0100000c0001000e000000000001000400048004000480280004800c00010007000000040000000c00010008000000040000000c00010006000000008000"], 0xcc}}, 0x0)

1m0.365770288s ago: executing program 3 (id=2215):
r0 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r0, &(0x7f00000019c0)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x123, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000680)={0x4c, 0x0, 0x1, 0x201, 0x0, 0x0, {0x2}, [@CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0xfffffffa}, @CTA_TUPLE_REPLY={0x4}, @CTA_SYNPROXY={0x24, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x40}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x8f}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4010}, 0x0) (async, rerun: 32)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84) (async, rerun: 32)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0xfffffffc}, 0x1c)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r3, 0x84, 0x74, &(0x7f0000000880)=""/4096, &(0x7f0000000080)=0x1000) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x4, 0x6) (async)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c000180060006006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r6=>0x0}) (async, rerun: 64)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async, rerun: 64)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0}) (async, rerun: 64)
r10 = socket(0xa, 0x800, 0x3) (rerun: 64)
sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000000a2c0)=@newqdisc={0x148, 0x24, 0x2, 0x200000, 0x0, {0x60, 0x0, 0x0, r9, {}, {0xffff, 0x8}, {0xe, 0xb}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x118, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x0, 0x2, 0x1, 0x8}}, @TCA_GRED_STAB={0x104, 0x2, "06000020000000000796319b841e3a2d996f8fc3041f2d64825aedad508b0432450008000000000000b9abb81bb685c8e885a0ebd2d468f48da58054610749c902a48bdf30d8036683dfd821890cb15a9aa05b98e79fa74f8d1952da56649ed405b841e456f231a814c552ac1c20beaad5cea5f40000250fe970cd2dfe06c1be3ddb1b88911630d825bf2c1f1989b51043a35628ed765e6ace60a050ee619603fe8ca4940af98571970d3949d0955e500722b76fae8fa2e899dc8a8f66d2a60434bfa5b71ea1077322b552220283fa9f8bb9244bd21e8db193ec9ba368c6c30654c577ff90ee6ec4d7fb7a48aaf23927bdd20d7807dc2f4fa2eec50200"}]}}]}, 0x148}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r7, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
r11 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r11, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x80, &(0x7f0000000b40), 0x63, &(0x7f0000000dc0)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x4004000) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r12=>0x0})
r13 = socket$netlink(0x10, 0x3, 0xf)
writev(r13, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000001000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000000800010002081000418e00000004fcff", 0x58}], 0x1) (async)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)={0x28, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0)

1m0.044395666s ago: executing program 0 (id=2216):
socket$kcm(0x2, 0x1000000000000005, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = gettid()
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r2, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r4], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

1m0.027833719s ago: executing program 2 (id=2217):
r0 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x4, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0xf000000, @private2}, 0x1c)

59.945091317s ago: executing program 3 (id=2218):
r0 = epoll_create(0x20000000)
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002)
write$bt_hci(r1, &(0x7f0000000080)={0x1, @disconn_logical_link={{0x43a, 0x2}, {0x7f}}}, 0x6)
accept4$packet(r1, 0x0, 0x0, 0x80000)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(rfc7539(ctr(serpent),hmac(sha1-avx2)),rmd160)\x00'}, 0x58)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
recvmmsg(r2, &(0x7f0000004400)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001d00)=[{0xfffffffffffffffd}], 0x1}}], 0x2, 0x0, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000002c0)=0x2110, 0x4)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000ac0)="68377862ebcae81666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249299dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec42234c4ff967a186f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746ccb499476249232f3de5f56d1482d7bab9f33f68c81514f33d3221beb6b43d9df67f51e074ca10d9098480d122fa9ecd129e742345ba1d270aaebb4ffc6a5a8e2b75164bca73279aeab172a28c2db9cd08546c686b1074a7f9084a5a6b1452a150a1ca556e5a37f98be0337277d698269edb11194b5a84130bdcdfc876210907acae04dd8f287a73d3cd3de3d2c000000", 0x172}, {&(0x7f0000000740)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60", 0xb0}], 0x2}}], 0x1, 0xc0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f00000008c0)={0x30000000})

59.664242402s ago: executing program 2 (id=2219):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c)
sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, 0x0, 0x8000)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, &(0x7f00000000c0))
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000009c0), r2)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r2, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000300)={0x28, r3, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x80000001, 0x41}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x24040000}, 0x8000)
r4 = epoll_create1(0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000035000b63d25a80643d66b7d80df2e2ff", 0x14}], 0x1}, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
ppoll(&(0x7f0000000500)=[{r6}], 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f000006a000/0x2000)=nil, 0x2000, 0xd, 0x4000010, 0xffffffffffffffff, 0x2000)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000100), r0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
getsockname(r8, &(0x7f0000000200)=@vsock={0x28, 0x0, 0x0, @local}, &(0x7f0000000180)=0x80)
socket(0x2, 0x6, 0x0)
setsockopt$sock_int(r8, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r8, &(0x7f0000000080)={0xa002a008})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
close(0x4)

59.630433122s ago: executing program 3 (id=2220):
socket$can_bcm(0x1d, 0x2, 0x2) (async)
socket$can_bcm(0x1d, 0x2, 0x2)
socket(0x10, 0x3, 0x0) (async)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x4eca8ddb7a5568b5}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5}]}}]}, 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x4eca8ddb7a5568b5}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5}]}}]}, 0x48}}, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84) (async)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'veth1_virt_wifi\x00'})
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)) (async)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r5, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
epoll_pwait(r5, &(0x7f0000000400)=[{}, {}, {}], 0x3, 0x8, &(0x7f0000000440)={[0x401]}, 0x8)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r1, 0x8983, &(0x7f0000000280)={0x7, 'veth1_macvtap\x00', {0x4}, 0x9})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00V\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00V\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = socket$key(0xf, 0x3, 0x2)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x30, 0x9, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route_sched(r9, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x30, 0x9, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
sendmsg$key(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020297a513690000000000000000000005000600000000000a000000000000002001000000000000000000000000000100000000000000000200010000000000000000800000000005000500000000000a00000000000000200100000000000000000000000000010000000000000000dc74abaad95671b0ecc7b27fa3ed443ee3298dad44f621f9ddcc0483e1af435b799f148b7e3083a4175639c4cd9e77a80ea42544689b1734fbaea6d0a61c57ab1755c99ff3bb98368a708da4fcc67949ed04ef255c170511e13fd8eecd3f251f8daa0533cf54710bca0ff652b62c189e1428b6e1a3df8ca797dab9bf89594e82248ff4b3ac59f7ce695f9822340addba33e7e618c49d6d5f477a18cd5c2813ff87e99a8bb3be1b9e26d4f12d2c85f01eab1d3191141523c09eb25b79f7d07d0b8136d60eed7109a8de6e724f802a45d283eb181418e1676d3437f9cb4d83ec263096fec491aab80eb731d7f5456f7e8441a7187987d5d7f597c6fe6f93"], 0x70}}, 0x400c004)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r10, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
recvfrom$inet6(r10, 0x0, 0x0, 0x60, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r7}, &(0x7f00000002c0), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
r11 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r11, 0x117, 0x1, &(0x7f0000000940)="ced5d63dbc1feac6aa875461b6557f369181aedad46a808953030b7329ecc84633302bba6e27633ef3f123a54ea3f96f261cb58a66fd472eddf2086322921b4f8c6bde25b286b96e0bbc2db41f7aaf39212dc1fa57133193785d552287e364150f22368f15868d40c3be4341b82ff423e05c3eb49967159588e037e55001dce75219609f80b16d96ea251b69c0810e17dd26b42bf7c760d8afabb2065c6da2a08e5b61d20d4182c5f3938f653d1d5b2f1cf76525ff5f85171622640ce43a56185d0678294e040e142d31d948e827f3a6e8f967a01c031ffb12bf32926fff648fd0b204a1e7efdd3385", 0xe9)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000040)={<r12=>0x0, 0xddd, 0x20}, &(0x7f00000001c0)=0xc)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000640)={r12, @in={{0x2, 0x4e24, @empty}}, 0x6, 0x7}, 0x90) (async)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000640)={r12, @in={{0x2, 0x4e24, @empty}}, 0x6, 0x7}, 0x90)
getsockopt$sock_buf(r6, 0x1, 0x1f, &(0x7f0000000a40)=""/234, &(0x7f0000000700)=0xea)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7, <r13=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000d49d80007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r13, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000d49d80007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r13, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r14}, 0xc)

59.508424738s ago: executing program 1 (id=2221):
socket$inet(0x2, 0x4000000000000001, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
accept(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newtaction={0x98, 0x30, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x40000000, 0x0, 0x2, 0x0, 0xfffffffe}, 0x2, r3}}]}, {0x4, 0xa}, {0xc}, {0xc}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)

59.239295049s ago: executing program 3 (id=2222):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000000)={{0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast]}, 0x48)
connect$netrom(r0, &(0x7f0000000080)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x2}}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x8, 0x0}, @default, @bcast]}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
syz_genetlink_get_family_id$smc(&(0x7f00000003c0), 0xffffffffffffffff)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000001c0), 0x4)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$llc_int(r3, 0x10c, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a300000000040000380080001400000000008000240000000002c0003801400010063616966300000000000000000000000140001006d6163766c616e3100000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001007465616d30000000000000000000"], 0x110}}, 0x800)
connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r2, r2, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
shutdown(r2, 0x1)
ioctl$sock_bt_hidp_HIDPCONNDEL(r5, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

58.972125828s ago: executing program 4 (id=2223):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xffffffffffffffc8)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0xe0b, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0x4}, {0xfff1}}}, 0x24}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x1, 0x8}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_PLIMIT={0x8, 0x2, 0x8001}, @TCA_FQ_INITIAL_QUANTUM={0x8, 0x4, 0x5}, @TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x12}]}}]}, 0x48}}, 0x0)
sendto$packet(r0, &(0x7f00000002c0)="44c33b69ebc9e05e9bdec0c25843", 0xe, 0x830, &(0x7f0000000440)={0x11, 0x0, r3, 0x1, 0x2, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x14)

58.260480515s ago: executing program 1 (id=2224):
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @none, 0xe34}, 0xe)
socket$kcm(0x29, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$packet(0x11, 0x3, 0x300)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000100)={0x0, @in6={{0xa, 0x0, 0x0, @dev}}}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000002380)=""/4107, &(0x7f00000000c0)=0x1012)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x1000d, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r1, 0x8b2a, &(0x7f0000000040))

46.134222413s ago: executing program 4 (id=2225):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000000)
r2 = socket$packet(0x11, 0x3, 0x300)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001400)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x53}]}, &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
sendmmsg(r2, &(0x7f0000000240)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x4888, r5, 0x36}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000340)="f2", 0x1}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

44.220826588s ago: executing program 1 (id=2226):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f0000000280), 0x9)
r3 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(0xffffffffffffffff)
write$cgroup_pid(r3, &(0x7f0000000c40), 0x12)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r4)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0xd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000040)=ANY=[], 0x18)
recvmsg(r5, &(0x7f0000000740)={&(0x7f0000000400)=@tipc=@name, 0x80, &(0x7f0000000600)=[{&(0x7f0000000240)=""/19, 0x13}, {&(0x7f00000004c0)=""/204, 0xcc}, {&(0x7f00000005c0)=""/35, 0x23}], 0x3, &(0x7f0000000640)=""/240, 0xf0}, 0x10120)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="cc0000001000010402400000000000000000ff", @ANYRES32=0x0, @ANYBLOB="88d10100000000009800128009000100766c616e00000000880002800c0002000e0000000c0000000600050088a80000400003800c0001007b4b0000000000000c0001e004000000090000000c000100bf000000000400000c00010002000000ff0100000c0001000e000000000001000400048004000480280004800c00010007000000040000000c00010008000000040000000c00010006000000008000"], 0xcc}}, 0x0)

41.609025083s ago: executing program 3 (id=2227):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x4, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000064cf0000006a0a00ff000000002600000000000000950000000000000018100000", @ANYRES32, @ANYRES8], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x5, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)

38.70131252s ago: executing program 32 (id=2216):
socket$kcm(0x2, 0x1000000000000005, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = gettid()
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r2, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r4], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

29.4629031s ago: executing program 33 (id=2219):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c)
sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, 0x0, 0x8000)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, &(0x7f00000000c0))
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000009c0), r2)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r2, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000300)={0x28, r3, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x80000001, 0x41}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x24040000}, 0x8000)
r4 = epoll_create1(0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000035000b63d25a80643d66b7d80df2e2ff", 0x14}], 0x1}, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
ppoll(&(0x7f0000000500)=[{r6}], 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f000006a000/0x2000)=nil, 0x2000, 0xd, 0x4000010, 0xffffffffffffffff, 0x2000)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000100), r0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
getsockname(r8, &(0x7f0000000200)=@vsock={0x28, 0x0, 0x0, @local}, &(0x7f0000000180)=0x80)
socket(0x2, 0x6, 0x0)
setsockopt$sock_int(r8, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r8, &(0x7f0000000080)={0xa002a008})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
close(0x4)

19.960161229s ago: executing program 34 (id=2225):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000000)
r2 = socket$packet(0x11, 0x3, 0x300)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001400)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x53}]}, &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x6}, 0x4)
sendmmsg(r2, &(0x7f0000000240)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x4888, r5, 0x36}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000340)="f2", 0x1}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

12.003854918s ago: executing program 35 (id=2226):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f0000000280), 0x9)
r3 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(0xffffffffffffffff)
write$cgroup_pid(r3, &(0x7f0000000c40), 0x12)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r4)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0xd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000040)=ANY=[], 0x18)
recvmsg(r5, &(0x7f0000000740)={&(0x7f0000000400)=@tipc=@name, 0x80, &(0x7f0000000600)=[{&(0x7f0000000240)=""/19, 0x13}, {&(0x7f00000004c0)=""/204, 0xcc}, {&(0x7f00000005c0)=""/35, 0x23}], 0x3, &(0x7f0000000640)=""/240, 0xf0}, 0x10120)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="cc0000001000010402400000000000000000ff", @ANYRES32=0x0, @ANYBLOB="88d10100000000009800128009000100766c616e00000000880002800c0002000e0000000c0000000600050088a80000400003800c0001007b4b0000000000000c0001e004000000090000000c000100bf000000000400000c00010002000000ff0100000c0001000e000000000001000400048004000480280004800c00010007000000040000000c00010008000000040000000c00010006000000008000"], 0xcc}}, 0x0)

0s ago: executing program 36 (id=2227):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x4, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000064cf0000006a0a00ff000000002600000000000000950000000000000018100000", @ANYRES32, @ANYRES8], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x5, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)

kernel console output (not intermixed with test programs):

bability 0, space 0, times 0
[  210.909957][T10220] CPU: 0 UID: 0 PID: 10220 Comm: syz.3.1317 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  210.909984][T10220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  210.909996][T10220] Call Trace:
[  210.910004][T10220]  <TASK>
[  210.910011][T10220]  dump_stack_lvl+0x189/0x250
[  210.910045][T10220]  ? __pfx____ratelimit+0x10/0x10
[  210.910064][T10220]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.910093][T10220]  ? __pfx__printk+0x10/0x10
[  210.910120][T10220]  ? __pfx___might_resched+0x10/0x10
[  210.910146][T10220]  ? fs_reclaim_acquire+0x7d/0x100
[  210.910174][T10220]  should_fail_ex+0x414/0x560
[  210.910202][T10220]  should_failslab+0xa8/0x100
[  210.910224][T10220]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  210.910243][T10220]  ? __alloc_skb+0x112/0x2d0
[  210.910274][T10220]  __alloc_skb+0x112/0x2d0
[  210.910302][T10220]  netlink_ack+0x146/0xa50
[  210.910324][T10220]  ? __pfx_genl_rcv_msg+0x10/0x10
[  210.910339][T10220]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  210.910367][T10220]  ? __pfx_nl80211_post_doit+0x10/0x10
[  210.910417][T10220]  netlink_rcv_skb+0x28c/0x470
[  210.910442][T10220]  ? __pfx_genl_rcv_msg+0x10/0x10
[  210.910461][T10220]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  210.910503][T10220]  ? down_read+0x1ad/0x2e0
[  210.910527][T10220]  genl_rcv+0x28/0x40
[  210.910553][T10220]  netlink_unicast+0x75b/0x8d0
[  210.910586][T10220]  netlink_sendmsg+0x805/0xb30
[  210.910621][T10220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.910648][T10220]  ? aa_sock_msg_perm+0x94/0x160
[  210.910675][T10220]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  210.910698][T10220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.910724][T10220]  __sock_sendmsg+0x219/0x270
[  210.910748][T10220]  ____sys_sendmsg+0x505/0x830
[  210.910783][T10220]  ? __pfx_____sys_sendmsg+0x10/0x10
[  210.910821][T10220]  ? import_iovec+0x74/0xa0
[  210.910843][T10220]  ___sys_sendmsg+0x21f/0x2a0
[  210.910873][T10220]  ? __pfx____sys_sendmsg+0x10/0x10
[  210.910940][T10220]  ? __fget_files+0x2a/0x420
[  210.910962][T10220]  ? __fget_files+0x3a0/0x420
[  210.910994][T10220]  __x64_sys_sendmsg+0x19b/0x260
[  210.911025][T10220]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  210.911063][T10220]  ? __pfx_ksys_write+0x10/0x10
[  210.911078][T10220]  ? rcu_is_watching+0x15/0xb0
[  210.911111][T10220]  ? do_syscall_64+0xbe/0x3b0
[  210.911135][T10220]  do_syscall_64+0xfa/0x3b0
[  210.911154][T10220]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.911171][T10220]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.911190][T10220]  ? clear_bhb_loop+0x60/0xb0
[  210.911213][T10220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.911230][T10220] RIP: 0033:0x7f383f98e929
[  210.911247][T10220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.911262][T10220] RSP: 002b:00007f38407f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.911282][T10220] RAX: ffffffffffffffda RBX: 00007f383fbb5fa0 RCX: 00007f383f98e929
[  210.911295][T10220] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  210.911306][T10220] RBP: 00007f38407f9090 R08: 0000000000000000 R09: 0000000000000000
[  210.911317][T10220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.911328][T10220] R13: 0000000000000000 R14: 00007f383fbb5fa0 R15: 00007fffa1d93408
[  210.911359][T10220]  </TASK>
[  211.791191][T10234] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  212.859416][T10264] macvlan0: entered allmulticast mode
[  212.873245][T10264] __nla_validate_parse: 3 callbacks suppressed
[  212.873258][T10264] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1327'.
[  213.053614][T10267] netlink: 'syz.1.1329': attribute type 7 has an invalid length.
[  213.114095][T10269] netlink: 'syz.1.1329': attribute type 7 has an invalid length.
[  213.209060][T10267] : entered promiscuous mode
[  213.266464][T10276] mac80211_hwsim hwsim9 syzkaller0: entered promiscuous mode
[  213.389236][T10283] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1331'.
[  215.146806][T10326] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  215.185561][T10327] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1345'.
[  216.152964][T10360] FAULT_INJECTION: forcing a failure.
[  216.152964][T10360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.207224][T10360] CPU: 0 UID: 0 PID: 10360 Comm: syz.3.1356 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  216.207251][T10360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  216.207261][T10360] Call Trace:
[  216.207269][T10360]  <TASK>
[  216.207276][T10360]  dump_stack_lvl+0x189/0x250
[  216.207308][T10360]  ? __pfx____ratelimit+0x10/0x10
[  216.207327][T10360]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.207353][T10360]  ? __pfx__printk+0x10/0x10
[  216.207374][T10360]  ? __asan_memcpy+0x40/0x70
[  216.207406][T10360]  should_fail_ex+0x414/0x560
[  216.207434][T10360]  _copy_to_user+0x31/0xb0
[  216.207453][T10360]  bpf_verifier_vlog+0x3ba/0x900
[  216.207485][T10360]  __btf_verifier_log+0xd4/0x120
[  216.207515][T10360]  ? __pfx___btf_verifier_log+0x10/0x10
[  216.207537][T10360]  ? __might_fault+0xb0/0x130
[  216.207558][T10360]  ? btf_parse_hdr+0x1e2/0x6d0
[  216.207580][T10360]  btf_parse_hdr+0x2ad/0x6d0
[  216.207603][T10360]  btf_new_fd+0x36d/0xc90
[  216.207621][T10360]  ? apparmor_capable+0x137/0x1b0
[  216.207664][T10360]  ? __pfx_btf_new_fd+0x10/0x10
[  216.207686][T10360]  ? bpf_token_put+0x143/0x160
[  216.207708][T10360]  ? bpf_btf_load+0x126/0x190
[  216.207735][T10360]  __sys_bpf+0x635/0x860
[  216.207760][T10360]  ? __pfx___sys_bpf+0x10/0x10
[  216.207796][T10360]  ? ksys_write+0x22a/0x250
[  216.207815][T10360]  ? __pfx_ksys_write+0x10/0x10
[  216.207828][T10360]  ? rcu_is_watching+0x15/0xb0
[  216.207863][T10360]  __x64_sys_bpf+0x7c/0x90
[  216.207884][T10360]  do_syscall_64+0xfa/0x3b0
[  216.207903][T10360]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.207919][T10360]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.207936][T10360]  ? clear_bhb_loop+0x60/0xb0
[  216.207958][T10360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.207974][T10360] RIP: 0033:0x7f383f98e929
[  216.207990][T10360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.208005][T10360] RSP: 002b:00007f38407f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  216.208024][T10360] RAX: ffffffffffffffda RBX: 00007f383fbb5fa0 RCX: 00007f383f98e929
[  216.208036][T10360] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 0000000000000012
[  216.208047][T10360] RBP: 00007f38407f9090 R08: 0000000000000000 R09: 0000000000000000
[  216.208058][T10360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.208068][T10360] R13: 0000000000000000 R14: 00007f383fbb5fa0 R15: 00007fffa1d93408
[  216.208096][T10360]  </TASK>
[  216.506517][T10364] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1358'.
[  216.914656][T10381] geneve2: entered promiscuous mode
[  217.092738][T10391] siw: device registration error -23
[  217.173070][T10401] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1366'.
[  217.551275][T10398] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1364'.
[  217.668622][T10416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1370'.
[  217.865992][T10420] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  218.229560][T10434] FAULT_INJECTION: forcing a failure.
[  218.229560][T10434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.303829][T10434] CPU: 0 UID: 0 PID: 10434 Comm: syz.2.1375 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  218.303860][T10434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.303872][T10434] Call Trace:
[  218.303880][T10434]  <TASK>
[  218.303889][T10434]  dump_stack_lvl+0x189/0x250
[  218.303925][T10434]  ? __pfx____ratelimit+0x10/0x10
[  218.303945][T10434]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.303977][T10434]  ? __pfx__printk+0x10/0x10
[  218.304012][T10434]  should_fail_ex+0x414/0x560
[  218.304042][T10434]  _copy_to_user+0x31/0xb0
[  218.304065][T10434]  simple_read_from_buffer+0xe1/0x170
[  218.304091][T10434]  proc_fail_nth_read+0x1df/0x250
[  218.304119][T10434]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  218.304147][T10434]  ? rw_verify_area+0x258/0x650
[  218.304175][T10434]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  218.304201][T10434]  vfs_read+0x1fd/0x980
[  218.304236][T10434]  ? __pfx___mutex_lock+0x10/0x10
[  218.304259][T10434]  ? __pfx_vfs_read+0x10/0x10
[  218.304291][T10434]  ? __fget_files+0x2a/0x420
[  218.304318][T10434]  ? __fget_files+0x3a0/0x420
[  218.304338][T10434]  ? __fget_files+0x2a/0x420
[  218.304370][T10434]  ksys_read+0x145/0x250
[  218.304391][T10434]  ? __pfx_ksys_read+0x10/0x10
[  218.304420][T10434]  ? rcu_is_watching+0x15/0xb0
[  218.304456][T10434]  ? do_syscall_64+0xbe/0x3b0
[  218.304482][T10434]  do_syscall_64+0xfa/0x3b0
[  218.304501][T10434]  ? lockdep_hardirqs_on+0x9c/0x150
[  218.304521][T10434]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.304541][T10434]  ? clear_bhb_loop+0x60/0xb0
[  218.304566][T10434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.304584][T10434] RIP: 0033:0x7fb55cf8d33c
[  218.304602][T10434] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  218.304619][T10434] RSP: 002b:00007fb55dd3b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  218.304639][T10434] RAX: ffffffffffffffda RBX: 00007fb55d1b5fa0 RCX: 00007fb55cf8d33c
[  218.304654][T10434] RDX: 000000000000000f RSI: 00007fb55dd3b0a0 RDI: 0000000000000004
[  218.304666][T10434] RBP: 00007fb55dd3b090 R08: 0000000000000000 R09: 0000000000000000
[  218.304678][T10434] R10: 0000000000000890 R11: 0000000000000246 R12: 0000000000000001
[  218.304690][T10434] R13: 0000000000000000 R14: 00007fb55d1b5fa0 R15: 00007fff03fc05b8
[  218.304729][T10434]  </TASK>
[  218.648323][T10443] netlink: 'syz.1.1377': attribute type 10 has an invalid length.
[  218.688862][T10443] bridge0: port 1(team0) entered blocking state
[  218.699288][T10443] bridge0: port 1(team0) entered disabled state
[  218.706032][T10443] team0: entered allmulticast mode
[  218.713579][T10443] team0: entered promiscuous mode
[  218.824711][T10440] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1376'.
[  218.993603][T10451] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  219.294981][T10470] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1384'.
[  220.048968][T10500] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  220.078553][T10506] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1390'.
[  220.366178][T10519] netlink: 'syz.4.1392': attribute type 9 has an invalid length.
[  220.419927][T10519] netlink: 'syz.4.1392': attribute type 6 has an invalid length.
[  220.441774][T10519] netlink: 'syz.4.1392': attribute type 7 has an invalid length.
[  220.453739][T10519] netlink: 'syz.4.1392': attribute type 8 has an invalid length.
[  220.550019][T10521] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  220.737919][T10533] FAULT_INJECTION: forcing a failure.
[  220.737919][T10533] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  220.826393][T10533] CPU: 1 UID: 0 PID: 10533 Comm: syz.0.1395 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  220.826419][T10533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.826431][T10533] Call Trace:
[  220.826438][T10533]  <TASK>
[  220.826445][T10533]  dump_stack_lvl+0x189/0x250
[  220.826483][T10533]  ? __pfx____ratelimit+0x10/0x10
[  220.826502][T10533]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.826529][T10533]  ? __pfx__printk+0x10/0x10
[  220.826549][T10533]  ? fs_reclaim_acquire+0x7d/0x100
[  220.826579][T10533]  should_fail_ex+0x414/0x560
[  220.826606][T10533]  prepare_alloc_pages+0x213/0x610
[  220.826634][T10533]  __alloc_frozen_pages_noprof+0x123/0x370
[  220.826661][T10533]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  220.826691][T10533]  ? policy_nodemask+0x27c/0x720
[  220.826709][T10533]  ? __pfx__copy_from_iter+0x10/0x10
[  220.826738][T10533]  alloc_pages_mpol+0x232/0x4a0
[  220.826761][T10533]  alloc_pages_noprof+0xa9/0x190
[  220.826781][T10533]  af_alg_sendmsg+0x133a/0x22e0
[  220.826802][T10533]  ? __pfx___might_resched+0x10/0x10
[  220.826852][T10533]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  220.826870][T10533]  ? __lock_acquire+0xab9/0xd20
[  220.826894][T10533]  ? __pfx_aa_sk_perm+0x10/0x10
[  220.826912][T10533]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  220.826962][T10533]  ? aa_sock_msg_perm+0x94/0x160
[  220.826988][T10533]  ? skcipher_sendmsg+0x26/0xf0
[  220.827011][T10533]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  220.827037][T10533]  __sock_sendmsg+0x219/0x270
[  220.827063][T10533]  ____sys_sendmsg+0x52d/0x830
[  220.827097][T10533]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.827135][T10533]  ? import_iovec+0x74/0xa0
[  220.827157][T10533]  ___sys_sendmsg+0x21f/0x2a0
[  220.827188][T10533]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.827259][T10533]  ? vfs_write+0x8d8/0xa90
[  220.827296][T10533]  __sys_sendmmsg+0x227/0x430
[  220.827330][T10533]  ? __pfx___sys_sendmmsg+0x10/0x10
[  220.827367][T10533]  ? kmem_cache_free+0x18f/0x400
[  220.827400][T10533]  ? ksys_write+0x1e1/0x250
[  220.827419][T10533]  ? __pfx_ksys_write+0x10/0x10
[  220.827437][T10533]  ? rcu_is_watching+0x15/0xb0
[  220.827477][T10533]  __x64_sys_sendmmsg+0xa0/0xc0
[  220.827508][T10533]  do_syscall_64+0xfa/0x3b0
[  220.827543][T10533]  ? lockdep_hardirqs_on+0x9c/0x150
[  220.827562][T10533]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.827581][T10533]  ? clear_bhb_loop+0x60/0xb0
[  220.827605][T10533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.827624][T10533] RIP: 0033:0x7f8d2578e929
[  220.827641][T10533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.827657][T10533] RSP: 002b:00007f8d266d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  220.827689][T10533] RAX: ffffffffffffffda RBX: 00007f8d259b5fa0 RCX: 00007f8d2578e929
[  220.827703][T10533] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  220.827715][T10533] RBP: 00007f8d266d6090 R08: 0000000000000000 R09: 0000000000000000
[  220.827726][T10533] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000002
[  220.827736][T10533] R13: 0000000000000000 R14: 00007f8d259b5fa0 R15: 00007ffcd8510bb8
[  220.827766][T10533]  </TASK>
[  222.052124][T10581] xt_TCPMSS: Only works on TCP SYN packets
[  222.344131][T10587] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1406'.
[  222.520081][T10591] siw: device registration error -23
[  223.372455][T10620] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  223.417087][T10624] vlan2: entered promiscuous mode
[  223.422333][T10624] vlan2: entered allmulticast mode
[  223.430979][T10624] hsr_slave_1: entered allmulticast mode
[  223.480758][T10627] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1414'.
[  223.537954][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1415'.
[  224.056491][T10649] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.111959][T10650] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  224.230642][T10650] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.306554][T10649] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.355233][T10650] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  224.428921][T10650] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.454364][T10666] FAULT_INJECTION: forcing a failure.
[  224.454364][T10666] name failslab, interval 1, probability 0, space 0, times 0
[  224.486664][T10666] CPU: 1 UID: 0 PID: 10666 Comm: syz.0.1428 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  224.486690][T10666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.486702][T10666] Call Trace:
[  224.486709][T10666]  <TASK>
[  224.486717][T10666]  dump_stack_lvl+0x189/0x250
[  224.486750][T10666]  ? __pfx____ratelimit+0x10/0x10
[  224.486771][T10666]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.486799][T10666]  ? __pfx__printk+0x10/0x10
[  224.486825][T10666]  ? __pfx___might_resched+0x10/0x10
[  224.486854][T10666]  ? fs_reclaim_acquire+0x7d/0x100
[  224.486893][T10666]  should_fail_ex+0x414/0x560
[  224.486921][T10666]  ? page_pool_create_percpu+0x32a/0xbe0
[  224.486938][T10666]  should_failslab+0xa8/0x100
[  224.486960][T10666]  __kvmalloc_node_noprof+0x161/0x5f0
[  224.486980][T10666]  ? page_pool_create_percpu+0x32a/0xbe0
[  224.487003][T10666]  page_pool_create_percpu+0x32a/0xbe0
[  224.487023][T10666]  ? bpf_test_run_xdp_live+0x1b5/0x1b10
[  224.487053][T10666]  bpf_test_run_xdp_live+0x1ca/0x1b10
[  224.487082][T10666]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  224.487109][T10666]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  224.487140][T10666]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  224.487164][T10666]  ? bpf_dispatcher_xdp+0x800/0x1000
[  224.487182][T10666]  ? bpf_dispatcher_xdp+0x800/0x1000
[  224.487247][T10666]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  224.487290][T10666]  ? _copy_from_user+0x94/0xb0
[  224.487308][T10666]  ? bpf_test_init+0x133/0x170
[  224.487344][T10666]  ? xdp_convert_md_to_buff+0x5b/0x330
[  224.487370][T10666]  bpf_prog_test_run_xdp+0x713/0x1000
[  224.487411][T10666]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  224.487439][T10666]  ? __fget_files+0x2a/0x420
[  224.487466][T10666]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  224.487492][T10666]  bpf_prog_test_run+0x2c4/0x340
[  224.487523][T10666]  __sys_bpf+0x4a4/0x860
[  224.487549][T10666]  ? __pfx___sys_bpf+0x10/0x10
[  224.487588][T10666]  ? ksys_write+0x22a/0x250
[  224.487608][T10666]  ? __pfx_ksys_write+0x10/0x10
[  224.487622][T10666]  ? rcu_is_watching+0x15/0xb0
[  224.487657][T10666]  __x64_sys_bpf+0x7c/0x90
[  224.487680][T10666]  do_syscall_64+0xfa/0x3b0
[  224.487699][T10666]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.487716][T10666]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.487735][T10666]  ? clear_bhb_loop+0x60/0xb0
[  224.487757][T10666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.487775][T10666] RIP: 0033:0x7f8d2578e929
[  224.487790][T10666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.487806][T10666] RSP: 002b:00007f8d266d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.487826][T10666] RAX: ffffffffffffffda RBX: 00007f8d259b5fa0 RCX: 00007f8d2578e929
[  224.487840][T10666] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  224.487851][T10666] RBP: 00007f8d266d6090 R08: 0000000000000000 R09: 0000000000000000
[  224.487876][T10666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.487888][T10666] R13: 0000000000000000 R14: 00007f8d259b5fa0 R15: 00007ffcd8510bb8
[  224.487917][T10666]  </TASK>
[  224.487925][T10666] page_pool_create_percpu() gave up with errno -12
[  224.920286][T10649] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.124205][T10650] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.198689][T10650] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.332378][T10649] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.383603][T10650] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.401868][T10650] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.452458][T10690] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1434'.
[  225.515001][   T49] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  225.523387][   T49] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.559390][   T49] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.579215][   T49] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  225.590466][   T49] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.630353][   T49] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.651688][   T49] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  225.670526][   T49] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.714313][   T64] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.736849][   T64] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  225.737312][T10700] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1437'.
[  225.767593][   T64] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.776742][   T64] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.080873][T10714] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  226.238287][T10724] netlink: 'syz.3.1445': attribute type 3 has an invalid length.
[  226.258987][T10724] netlink: 'syz.3.1445': attribute type 3 has an invalid length.
[  226.370435][T10728] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1446'.
[  226.560916][T10732] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  226.640370][T10738] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1451'.
[  226.768123][T10743] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1453'.
[  226.777482][T10743] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1453'.
[  226.799767][T10743] netlink: 'syz.4.1453': attribute type 7 has an invalid length.
[  226.946648][T10753] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  227.020345][T10751] netpci
: tun_chr_ioctl cmd 1074025681
[  227.048038][T10751] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1454'.
[  227.167517][T10763] netlink: 'syz.4.1457': attribute type 1 has an invalid length.
[  227.179056][T10763] netlink: 'syz.4.1457': attribute type 4 has an invalid length.
[  227.189939][T10763] netlink: 188 bytes leftover after parsing attributes in process `syz.4.1457'.
[  227.220256][T10763] NCSI netlink: No device for ifindex 458760
[  228.144384][   T30] audit: type=1800 audit(1750669815.345:3): pid=10794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1472" name="memory.events" dev="tmpfs" ino=1453 res=0 errno=0
[  228.166726][T10794] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1472'.
[  228.309706][T10797] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1473'.
[  228.581268][T10818] x_tables: ip_tables: udp match: only valid for protocol 17
[  229.366758][T10838] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  229.598978][T10850] pimreg: entered allmulticast mode
[  229.661578][T10850] veth0_macvtap: left promiscuous mode
[  229.668059][T10850] veth0_macvtap: entered promiscuous mode
[  229.675785][T10850] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  229.992139][T10866] netlink: 'syz.1.1499': attribute type 1 has an invalid length.
[  230.328483][T10880] vlan0: entered promiscuous mode
[  230.592964][T10889] __nla_validate_parse: 6 callbacks suppressed
[  230.592983][T10889] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1505'.
[  230.631300][T10891] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1508'.
[  230.686737][T10891] FAULT_INJECTION: forcing a failure.
[  230.686737][T10891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.702146][T10891] CPU: 0 UID: 0 PID: 10891 Comm: syz.2.1508 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  230.702171][T10891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  230.702181][T10891] Call Trace:
[  230.702188][T10891]  <TASK>
[  230.702196][T10891]  dump_stack_lvl+0x189/0x250
[  230.702227][T10891]  ? __pfx____ratelimit+0x10/0x10
[  230.702246][T10891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.702272][T10891]  ? __pfx__printk+0x10/0x10
[  230.702300][T10891]  should_fail_ex+0x414/0x560
[  230.702327][T10891]  _copy_to_user+0x31/0xb0
[  230.702364][T10891]  simple_read_from_buffer+0xe1/0x170
[  230.702389][T10891]  proc_fail_nth_read+0x1df/0x250
[  230.702416][T10891]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  230.702441][T10891]  ? rw_verify_area+0x258/0x650
[  230.702468][T10891]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  230.702492][T10891]  vfs_read+0x1fd/0x980
[  230.702545][T10891]  ? __pfx___mutex_lock+0x10/0x10
[  230.702565][T10891]  ? __pfx_vfs_read+0x10/0x10
[  230.702592][T10891]  ? __fget_files+0x2a/0x420
[  230.702615][T10891]  ? __fget_files+0x3a0/0x420
[  230.702633][T10891]  ? __fget_files+0x2a/0x420
[  230.702659][T10891]  ksys_read+0x145/0x250
[  230.702675][T10891]  ? __pfx_ksys_read+0x10/0x10
[  230.702695][T10891]  ? rcu_is_watching+0x15/0xb0
[  230.702723][T10891]  ? do_syscall_64+0xbe/0x3b0
[  230.702742][T10891]  do_syscall_64+0xfa/0x3b0
[  230.702758][T10891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.702772][T10891]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  230.702786][T10891]  ? clear_bhb_loop+0x60/0xb0
[  230.702806][T10891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.702821][T10891] RIP: 0033:0x7fb55cf8d33c
[  230.702837][T10891] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  230.702850][T10891] RSP: 002b:00007fb55dd3b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  230.702867][T10891] RAX: ffffffffffffffda RBX: 00007fb55d1b5fa0 RCX: 00007fb55cf8d33c
[  230.702879][T10891] RDX: 000000000000000f RSI: 00007fb55dd3b0a0 RDI: 0000000000000006
[  230.702889][T10891] RBP: 00007fb55dd3b090 R08: 0000000000000000 R09: 0000000000000014
[  230.702899][T10891] R10: 0000000000000830 R11: 0000000000000246 R12: 0000000000000001
[  230.702909][T10891] R13: 0000000000000000 R14: 00007fb55d1b5fa0 R15: 00007fff03fc05b8
[  230.702936][T10891]  </TASK>
[  231.095331][T10899] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1512'.
[  231.188420][T10904] netlink: 136 bytes leftover after parsing attributes in process `syz.4.1513'.
[  231.214585][T10904] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  231.520123][ T5884] IPVS: starting estimator thread 0...
[  231.527115][T10919] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1517'.
[  231.544776][T10919] nla_validate_range_unsigned: 11 callbacks suppressed
[  231.544792][T10919] netlink: 'syz.3.1517': attribute type 11 has an invalid length.
[  231.574385][T10919] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1517'.
[  231.623735][T10920] IPVS: using max 29 ests per chain, 69600 per kthread
[  232.051443][T10918] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1516'.
[  232.400111][T10942] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  232.433414][T10942] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.505037][T10948] netlink: 'syz.4.1526': attribute type 2 has an invalid length.
[  232.515494][T10948] netlink: 'syz.4.1526': attribute type 8 has an invalid length.
[  232.530761][T10948] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1526'.
[  232.580787][T10942] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  232.613997][T10942] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.683366][T10942] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  232.698595][T10942] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.751384][T10942] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  232.774556][T10942] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.803627][T10955] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1527'.
[  232.849827][ T1159] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  232.858347][ T1159] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.894953][   T36] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  232.916309][   T36] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.938826][ T1159] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  232.947677][ T1159] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.964386][   T36] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  232.972973][   T36] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  233.417305][T10981] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  233.517199][T10984] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1540'.
[  233.650274][T10956] delete_channel: no stack
[  233.653605][T10991] ip6gretap0: entered promiscuous mode
[  233.661137][T10991] macsec1: entered promiscuous mode
[  233.673121][T10991] ip6gretap0: left promiscuous mode
[  233.816180][T10995] FAULT_INJECTION: forcing a failure.
[  233.816180][T10995] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.863017][T10995] CPU: 0 UID: 0 PID: 10995 Comm: syz.0.1544 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  233.863043][T10995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  233.863064][T10995] Call Trace:
[  233.863071][T10995]  <TASK>
[  233.863078][T10995]  dump_stack_lvl+0x189/0x250
[  233.863110][T10995]  ? __pfx____ratelimit+0x10/0x10
[  233.863128][T10995]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.863155][T10995]  ? __pfx__printk+0x10/0x10
[  233.863174][T10995]  ? __might_fault+0xb0/0x130
[  233.863202][T10995]  should_fail_ex+0x414/0x560
[  233.863246][T10995]  _copy_from_iter+0x1db/0x16f0
[  233.863278][T10995]  ? rcu_is_watching+0x15/0xb0
[  233.863308][T10995]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  233.863329][T10995]  ? __pfx__copy_from_iter+0x10/0x10
[  233.863359][T10995]  ? __build_skb_around+0x257/0x3e0
[  233.863389][T10995]  ? netlink_sendmsg+0x642/0xb30
[  233.863411][T10995]  ? skb_put+0x11b/0x210
[  233.863453][T10995]  netlink_sendmsg+0x6b2/0xb30
[  233.863484][T10995]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.863510][T10995]  ? aa_sock_msg_perm+0x94/0x160
[  233.863535][T10995]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  233.863558][T10995]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.863581][T10995]  __sock_sendmsg+0x219/0x270
[  233.863604][T10995]  ____sys_sendmsg+0x505/0x830
[  233.863636][T10995]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.863694][T10995]  ? import_iovec+0x74/0xa0
[  233.863715][T10995]  ___sys_sendmsg+0x21f/0x2a0
[  233.863746][T10995]  ? __pfx____sys_sendmsg+0x10/0x10
[  233.863810][T10995]  ? __fget_files+0x2a/0x420
[  233.863829][T10995]  ? __fget_files+0x3a0/0x420
[  233.863860][T10995]  __x64_sys_sendmsg+0x19b/0x260
[  233.863890][T10995]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  233.863928][T10995]  ? __pfx_ksys_write+0x10/0x10
[  233.863943][T10995]  ? rcu_is_watching+0x15/0xb0
[  233.863975][T10995]  ? do_syscall_64+0xbe/0x3b0
[  233.863999][T10995]  do_syscall_64+0xfa/0x3b0
[  233.864017][T10995]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.864034][T10995]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.864062][T10995]  ? clear_bhb_loop+0x60/0xb0
[  233.864085][T10995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.864103][T10995] RIP: 0033:0x7f8d2578e929
[  233.864120][T10995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.864136][T10995] RSP: 002b:00007f8d266d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.864155][T10995] RAX: ffffffffffffffda RBX: 00007f8d259b5fa0 RCX: 00007f8d2578e929
[  233.864169][T10995] RDX: 0000000044040090 RSI: 00002000000000c0 RDI: 0000000000000003
[  233.864181][T10995] RBP: 00007f8d266d6090 R08: 0000000000000000 R09: 0000000000000000
[  233.864192][T10995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.864203][T10995] R13: 0000000000000000 R14: 00007f8d259b5fa0 R15: 00007ffcd8510bb8
[  233.864232][T10995]  </TASK>
[  234.615275][T11023] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  234.733758][T11030] netlink: 'syz.0.1554': attribute type 23 has an invalid length.
[  235.190955][T11039] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.210957][T11039] 8021q: adding VLAN 0 to HW filter on device team0
[  235.273894][T11039] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  235.630954][T11057] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.659614][T11059] netlink: 'syz.3.1561': attribute type 21 has an invalid length.
[  235.734228][T11063] siw: device registration error -23
[  235.777178][T11059] __nla_validate_parse: 8 callbacks suppressed
[  235.777195][T11059] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1561'.
[  235.936366][T11057] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.057794][T11075] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1562'.
[  236.144665][T11068] siw: device registration error -23
[  236.275892][T11078] wg1 speed is unknown, defaulting to 1000
[  236.285269][T11078] wg1 speed is unknown, defaulting to 1000
[  236.321531][T11057] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.412519][T11078] wg1 speed is unknown, defaulting to 1000
[  236.449607][T11078] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  236.545960][T11057] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.637749][T11078] wg1 speed is unknown, defaulting to 1000
[  236.722347][T11078] wg1 speed is unknown, defaulting to 1000
[  236.742997][T11078] wg1 speed is unknown, defaulting to 1000
[  236.778567][T11078] wg1 speed is unknown, defaulting to 1000
[  236.792348][   T64] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.821587][T11078] wg1 speed is unknown, defaulting to 1000
[  236.842361][ T1159] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.877128][   T49] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.917186][   T49] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  237.449331][T11112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.508776][T11114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1571'.
[  237.555290][T11115] FAULT_INJECTION: forcing a failure.
[  237.555290][T11115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.590792][T11115] CPU: 0 UID: 0 PID: 11115 Comm: syz.2.1572 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  237.590816][T11115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  237.590825][T11115] Call Trace:
[  237.590832][T11115]  <TASK>
[  237.590840][T11115]  dump_stack_lvl+0x189/0x250
[  237.590872][T11115]  ? __pfx____ratelimit+0x10/0x10
[  237.590890][T11115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.590918][T11115]  ? __pfx__printk+0x10/0x10
[  237.590937][T11115]  ? __might_fault+0xb0/0x130
[  237.590966][T11115]  should_fail_ex+0x414/0x560
[  237.590993][T11115]  _copy_from_iter+0x3f5/0x16f0
[  237.591031][T11115]  ? __pfx__copy_from_iter+0x10/0x10
[  237.591062][T11115]  ? set_page_refcounted+0xa0/0x1e0
[  237.591087][T11115]  af_alg_sendmsg+0x1436/0x22e0
[  237.591109][T11115]  ? __pfx___might_resched+0x10/0x10
[  237.591158][T11115]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  237.591177][T11115]  ? __lock_acquire+0xab9/0xd20
[  237.591201][T11115]  ? __pfx_aa_sk_perm+0x10/0x10
[  237.591219][T11115]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  237.591250][T11115]  ? aa_sock_msg_perm+0x94/0x160
[  237.591274][T11115]  ? skcipher_sendmsg+0x26/0xf0
[  237.591296][T11115]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  237.591321][T11115]  __sock_sendmsg+0x219/0x270
[  237.591344][T11115]  ____sys_sendmsg+0x52d/0x830
[  237.591374][T11115]  ? __pfx_____sys_sendmsg+0x10/0x10
[  237.591408][T11115]  ? import_iovec+0x74/0xa0
[  237.591429][T11115]  ___sys_sendmsg+0x21f/0x2a0
[  237.591457][T11115]  ? __pfx____sys_sendmsg+0x10/0x10
[  237.591522][T11115]  ? vfs_write+0x8d8/0xa90
[  237.591565][T11115]  __sys_sendmmsg+0x227/0x430
[  237.591598][T11115]  ? __pfx___sys_sendmmsg+0x10/0x10
[  237.591632][T11115]  ? kmem_cache_free+0x18f/0x400
[  237.591670][T11115]  ? ksys_write+0x1e1/0x250
[  237.591688][T11115]  ? __pfx_ksys_write+0x10/0x10
[  237.591701][T11115]  ? rcu_is_watching+0x15/0xb0
[  237.591735][T11115]  __x64_sys_sendmmsg+0xa0/0xc0
[  237.591763][T11115]  do_syscall_64+0xfa/0x3b0
[  237.591781][T11115]  ? lockdep_hardirqs_on+0x9c/0x150
[  237.591798][T11115]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.591815][T11115]  ? clear_bhb_loop+0x60/0xb0
[  237.591836][T11115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.591853][T11115] RIP: 0033:0x7fb55cf8e929
[  237.591869][T11115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.591883][T11115] RSP: 002b:00007fb55dd3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  237.591902][T11115] RAX: ffffffffffffffda RBX: 00007fb55d1b5fa0 RCX: 00007fb55cf8e929
[  237.591915][T11115] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  237.591926][T11115] RBP: 00007fb55dd3b090 R08: 0000000000000000 R09: 0000000000000000
[  237.591937][T11115] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000002
[  237.591948][T11115] R13: 0000000000000000 R14: 00007fb55d1b5fa0 R15: 00007fff03fc05b8
[  237.591977][T11115]  </TASK>
[  238.147603][T11123] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1576'.
[  238.233957][T11123] 0ªX¹¦À: renamed from caif0
[  238.253799][T11123] 0ªX¹¦À: entered allmulticast mode
[  238.259102][T11123] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  238.668615][T11143] (unnamed net_device) (uninitialized): option ad_select: invalid value (34)
[  238.919642][T11151] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1585'.
[  238.948193][T11151] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1585'.
[  239.085540][T11159] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1588'.
[  239.358801][T11171] veth0: entered promiscuous mode
[  239.392578][T11171] vxcan3: entered allmulticast mode
[  239.418654][T11176] netlink: 'syz.4.1594': attribute type 1 has an invalid length.
[  239.427994][T11176] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.1594'.
[  239.457807][T11170] veth0: left promiscuous mode
[  239.585259][T11180] FAULT_INJECTION: forcing a failure.
[  239.585259][T11180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.616691][T11180] CPU: 1 UID: 0 PID: 11180 Comm: syz.3.1595 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  239.616759][T11180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.616778][T11180] Call Trace:
[  239.616789][T11180]  <TASK>
[  239.616800][T11180]  dump_stack_lvl+0x189/0x250
[  239.616834][T11180]  ? __pfx____ratelimit+0x10/0x10
[  239.616853][T11180]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.616883][T11180]  ? __pfx__printk+0x10/0x10
[  239.616904][T11180]  ? __might_fault+0xb0/0x130
[  239.616933][T11180]  should_fail_ex+0x414/0x560
[  239.616963][T11180]  _copy_from_user+0x2d/0xb0
[  239.616983][T11180]  ___sys_sendmsg+0x158/0x2a0
[  239.617015][T11180]  ? __pfx____sys_sendmsg+0x10/0x10
[  239.617089][T11180]  ? __might_fault+0xb0/0x130
[  239.617111][T11180]  __sys_sendmmsg+0x227/0x430
[  239.617146][T11180]  ? __pfx___sys_sendmmsg+0x10/0x10
[  239.617172][T11180]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  239.617220][T11180]  ? ksys_write+0x22a/0x250
[  239.617240][T11180]  ? __pfx_ksys_write+0x10/0x10
[  239.617255][T11180]  ? rcu_is_watching+0x15/0xb0
[  239.617292][T11180]  __x64_sys_sendmmsg+0xa0/0xc0
[  239.617324][T11180]  do_syscall_64+0xfa/0x3b0
[  239.617343][T11180]  ? lockdep_hardirqs_on+0x9c/0x150
[  239.617362][T11180]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.617381][T11180]  ? clear_bhb_loop+0x60/0xb0
[  239.617405][T11180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.617423][T11180] RIP: 0033:0x7f383f98e929
[  239.617441][T11180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.617458][T11180] RSP: 002b:00007f38407f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  239.617489][T11180] RAX: ffffffffffffffda RBX: 00007f383fbb5fa0 RCX: 00007f383f98e929
[  239.617504][T11180] RDX: 0400000000000159 RSI: 0000200000001c00 RDI: 0000000000000006
[  239.617517][T11180] RBP: 00007f38407f9090 R08: 0000000000000000 R09: 0000000000000000
[  239.617529][T11180] R10: 0000000000040840 R11: 0000000000000246 R12: 0000000000000002
[  239.617542][T11180] R13: 0000000000000000 R14: 00007f383fbb5fa0 R15: 00007fffa1d93408
[  239.617573][T11180]  </TASK>
[  240.071561][T11198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1601'.
[  240.147593][T11199] netpci0: tun_chr_ioctl cmd 1074025681
[  240.163930][T11199] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1602'.
[  240.229386][T11205] FAULT_INJECTION: forcing a failure.
[  240.229386][T11205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.259456][T11205] CPU: 0 UID: 0 PID: 11205 Comm: syz.1.1606 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  240.259482][T11205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.259493][T11205] Call Trace:
[  240.259501][T11205]  <TASK>
[  240.259508][T11205]  dump_stack_lvl+0x189/0x250
[  240.259542][T11205]  ? __pfx____ratelimit+0x10/0x10
[  240.259561][T11205]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.259590][T11205]  ? __pfx__printk+0x10/0x10
[  240.259610][T11205]  ? __might_fault+0xb0/0x130
[  240.259639][T11205]  should_fail_ex+0x414/0x560
[  240.259668][T11205]  _copy_from_user+0x2d/0xb0
[  240.259688][T11205]  ___sys_recvmsg+0x12e/0x510
[  240.259723][T11205]  ? __pfx____sys_recvmsg+0x10/0x10
[  240.259784][T11205]  ? __might_fault+0xb0/0x130
[  240.259806][T11205]  do_recvmmsg+0x307/0x770
[  240.259833][T11205]  ? __pfx_do_recvmmsg+0x10/0x10
[  240.259874][T11205]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  240.259914][T11205]  __x64_sys_recvmmsg+0x190/0x240
[  240.259935][T11205]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  240.259950][T11205]  ? rcu_is_watching+0x15/0xb0
[  240.259984][T11205]  ? do_syscall_64+0xbe/0x3b0
[  240.260008][T11205]  do_syscall_64+0xfa/0x3b0
[  240.260026][T11205]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.260044][T11205]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.260063][T11205]  ? clear_bhb_loop+0x60/0xb0
[  240.260085][T11205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.260103][T11205] RIP: 0033:0x7fbe7078e929
[  240.260119][T11205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.260135][T11205] RSP: 002b:00007fbe71575038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  240.260155][T11205] RAX: ffffffffffffffda RBX: 00007fbe709b5fa0 RCX: 00007fbe7078e929
[  240.260168][T11205] RDX: 0000000000000700 RSI: 0000200000001140 RDI: 0000000000000004
[  240.260180][T11205] RBP: 00007fbe71575090 R08: 0000000000000000 R09: 0000000000000000
[  240.260192][T11205] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  240.260202][T11205] R13: 0000000000000000 R14: 00007fbe709b5fa0 R15: 00007ffec8f63458
[  240.260232][T11205]  </TASK>
[  241.186432][T11249] FAULT_INJECTION: forcing a failure.
[  241.186432][T11249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.210646][T11252] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  241.259641][T11249] CPU: 1 UID: 0 PID: 11249 Comm: syz.3.1623 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  241.259668][T11249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.259679][T11249] Call Trace:
[  241.259687][T11249]  <TASK>
[  241.259695][T11249]  dump_stack_lvl+0x189/0x250
[  241.259729][T11249]  ? __pfx____ratelimit+0x10/0x10
[  241.259749][T11249]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.259777][T11249]  ? __pfx__printk+0x10/0x10
[  241.259811][T11249]  should_fail_ex+0x414/0x560
[  241.259839][T11249]  _copy_to_user+0x31/0xb0
[  241.259860][T11249]  simple_read_from_buffer+0xe1/0x170
[  241.259886][T11249]  proc_fail_nth_read+0x1df/0x250
[  241.259911][T11249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  241.259937][T11249]  ? rw_verify_area+0x258/0x650
[  241.259963][T11249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  241.259987][T11249]  vfs_read+0x1fd/0x980
[  241.260020][T11249]  ? __pfx___mutex_lock+0x10/0x10
[  241.260040][T11249]  ? __pfx_vfs_read+0x10/0x10
[  241.260069][T11249]  ? __fget_files+0x2a/0x420
[  241.260094][T11249]  ? __fget_files+0x3a0/0x420
[  241.260113][T11249]  ? __fget_files+0x2a/0x420
[  241.260142][T11249]  ksys_read+0x145/0x250
[  241.260161][T11249]  ? __pfx_ksys_read+0x10/0x10
[  241.260187][T11249]  ? rcu_is_watching+0x15/0xb0
[  241.260220][T11249]  ? do_syscall_64+0xbe/0x3b0
[  241.260244][T11249]  do_syscall_64+0xfa/0x3b0
[  241.260262][T11249]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.260279][T11249]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.260297][T11249]  ? clear_bhb_loop+0x60/0xb0
[  241.260328][T11249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.260346][T11249] RIP: 0033:0x7f383f98d33c
[  241.260361][T11249] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  241.260378][T11249] RSP: 002b:00007f38407f9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  241.260397][T11249] RAX: ffffffffffffffda RBX: 00007f383fbb5fa0 RCX: 00007f383f98d33c
[  241.260410][T11249] RDX: 000000000000000f RSI: 00007f38407f90a0 RDI: 0000000000000004
[  241.260421][T11249] RBP: 00007f38407f9090 R08: 0000000000000000 R09: 0000000000000000
[  241.260431][T11249] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  241.260442][T11249] R13: 0000000000000000 R14: 00007f383fbb5fa0 R15: 00007fffa1d93408
[  241.260472][T11249]  </TASK>
[  241.591541][T11256] netlink: 'syz.1.1626': attribute type 23 has an invalid length.
[  241.691078][T11260] __nla_validate_parse: 1 callbacks suppressed
[  241.691094][T11260] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1628'.
[  241.800710][T11265] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  241.970608][T11272] geneve1: entered promiscuous mode
[  241.976545][T11272] geneve1: entered allmulticast mode
[  242.009275][T11274] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1632'.
[  242.049371][T11246] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1618'.
[  242.213436][T11283] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1637'.
[  242.231094][T11283] netlink: 'syz.1.1637': attribute type 11 has an invalid length.
[  242.240608][T11286] bridge0: port 4(veth0_to_bridge) entered blocking state
[  242.249032][T11283] netlink: 'syz.1.1637': attribute type 4 has an invalid length.
[  242.256855][T11283] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1637'.
[  242.274106][T11286] bridge0: port 4(veth0_to_bridge) entered disabled state
[  242.291452][T11286] veth0_to_bridge: entered allmulticast mode
[  242.316393][T11286] veth0_to_bridge: entered promiscuous mode
[  242.319321][T11290] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1636'.
[  242.322443][T11286] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  242.322968][T11286] bridge0: port 4(veth0_to_bridge) entered blocking state
[  242.347782][T11290] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1636'.
[  242.351237][T11286] bridge0: port 4(veth0_to_bridge) entered forwarding state
[  242.567914][T11298] netlink: zone id is out of range
[  242.582735][T11298] netlink: zone id is out of range
[  242.595015][T11298] netlink: zone id is out of range
[  242.622100][T11298] netlink: zone id is out of range
[  242.634143][T11303] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1642'.
[  242.643414][T11298] netlink: zone id is out of range
[  242.649203][T11298] netlink: zone id is out of range
[  242.658801][T11298] netlink: zone id is out of range
[  242.670231][T11298] netlink: zone id is out of range
[  242.687072][T11298] netlink: zone id is out of range
[  242.852895][T11312] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1645'.
[  242.921211][T11314] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1646'.
[  243.105097][T11321] pim6reg: entered allmulticast mode
[  243.112265][T11321] pim6reg: left allmulticast mode
[  243.143558][T11325] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  243.256269][T11334] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  243.374643][T11338] x_tables: ip_tables: udp match: only valid for protocol 17
[  243.417401][T11340] netlink: 'syz.3.1655': attribute type 3 has an invalid length.
[  243.641798][T11357] FAULT_INJECTION: forcing a failure.
[  243.641798][T11357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.707578][T11357] CPU: 1 UID: 0 PID: 11357 Comm: syz.1.1657 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  243.707604][T11357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  243.707615][T11357] Call Trace:
[  243.707622][T11357]  <TASK>
[  243.707630][T11357]  dump_stack_lvl+0x189/0x250
[  243.707661][T11357]  ? __pfx____ratelimit+0x10/0x10
[  243.707680][T11357]  ? __pfx_dump_stack_lvl+0x10/0x10
[  243.707707][T11357]  ? __pfx__printk+0x10/0x10
[  243.707726][T11357]  ? __might_fault+0xb0/0x130
[  243.707754][T11357]  should_fail_ex+0x414/0x560
[  243.707782][T11357]  _copy_from_user+0x2d/0xb0
[  243.707801][T11357]  ___sys_sendmsg+0x158/0x2a0
[  243.707830][T11357]  ? __pfx____sys_sendmsg+0x10/0x10
[  243.707891][T11357]  ? __fget_files+0x2a/0x420
[  243.707909][T11357]  ? __fget_files+0x3a0/0x420
[  243.707939][T11357]  __sys_sendmmsg+0x227/0x430
[  243.707970][T11357]  ? __pfx___sys_sendmmsg+0x10/0x10
[  243.707994][T11357]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  243.708039][T11357]  ? ksys_write+0x22a/0x250
[  243.708057][T11357]  ? __pfx_ksys_write+0x10/0x10
[  243.708071][T11357]  ? rcu_is_watching+0x15/0xb0
[  243.708106][T11357]  __x64_sys_sendmmsg+0xa0/0xc0
[  243.708134][T11357]  do_syscall_64+0xfa/0x3b0
[  243.708151][T11357]  ? lockdep_hardirqs_on+0x9c/0x150
[  243.708168][T11357]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.708186][T11357]  ? clear_bhb_loop+0x60/0xb0
[  243.708207][T11357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.708224][T11357] RIP: 0033:0x7fbe7078e929
[  243.708240][T11357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.708254][T11357] RSP: 002b:00007fbe71554038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  243.708272][T11357] RAX: ffffffffffffffda RBX: 00007fbe709b6080 RCX: 00007fbe7078e929
[  243.708285][T11357] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 000000000000000a
[  243.708296][T11357] RBP: 00007fbe71554090 R08: 0000000000000000 R09: 0000000000000000
[  243.708306][T11357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.708316][T11357] R13: 0000000000000000 R14: 00007fbe709b6080 R15: 00007ffec8f63458
[  243.708351][T11357]  </TASK>
[  244.204603][T11366] netlink: 'syz.3.1661': attribute type 1 has an invalid length.
[  244.345697][T11366] 8021q: adding VLAN 0 to HW filter on device bond3
[  244.395425][T11367] 8021q: adding VLAN 0 to HW filter on device bond3
[  244.415924][T11367] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  244.432430][T11367] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  244.729627][T11395] ipt_ECN: cannot use operation on non-tcp rule
[  245.040189][T11411] macvlan0: entered allmulticast mode
[  245.536958][T11420] bridge0: port 3(syz_tun) entered disabled state
[  245.563704][T11420] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.571577][T11420] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.717341][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888079efac00: rx timeout, send abort
[  245.910955][T11420] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.121274][T11420] tipc: Resetting bearer <eth:geneve1>
[  246.144294][T11420] geneve1: left promiscuous mode
[  246.159557][T11420] geneve1: left allmulticast mode
[  246.223413][T11420] vlan0: left allmulticast mode
[  246.234299][T11420] veth0_vlan: left allmulticast mode
[  246.239626][T11420] vlan0: left promiscuous mode
[  246.255585][T11420] macvtap1: left promiscuous mode
[  246.260804][T11420] macvtap1: left allmulticast mode
[  246.275635][T11420] mac80211_hwsim hwsim9 syzkaller0: left promiscuous mode
[  246.282984][T11420] mac80211_hwsim hwsim9 syzkaller0: left allmulticast mode
[  246.311989][ T6272] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.350376][ T6272] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.385294][ T6272] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.425986][ T6272] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  246.782263][T11443] pimreg: entered allmulticast mode
[  246.836275][T11446] bridge0: port 2(vlan2) entered blocking state
[  246.878993][T11446] bridge0: port 2(vlan2) entered disabled state
[  246.897840][T11446] vlan2: entered allmulticast mode
[  246.903126][T11446] bond0: entered allmulticast mode
[  246.915115][T11446] vlan2: entered promiscuous mode
[  246.920230][T11446] bond0: entered promiscuous mode
[  246.930188][T11449] pimreg: left allmulticast mode
[  246.964293][T11453] veth0: entered promiscuous mode
[  246.970161][T11452] veth0: left promiscuous mode
[  247.204862][T11467] __nla_validate_parse: 9 callbacks suppressed
[  247.204900][T11467] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1690'.
[  247.530076][T11489] netlink: 'syz.3.1701': attribute type 5 has an invalid length.
[  247.556809][T11489] ip6erspan0: entered allmulticast mode
[  248.126189][T11521] netlink: 'syz.0.1713': attribute type 23 has an invalid length.
[  248.269982][T11526] netlink: 'syz.0.1716': attribute type 1 has an invalid length.
[  248.292745][T11528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1717'.
[  248.309012][T11526] netlink: 'syz.0.1716': attribute type 1 has an invalid length.
[  248.627016][T11542] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1721'.
[  248.838440][T11544] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1724'.
[  248.913216][T11548] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1726'.
[  249.310057][T11563] net_ratelimit: 5 callbacks suppressed
[  249.310076][T11563] openvswitch: netlink: Tunnel attr 16371 out of range max 16
[  249.510787][T11569] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1733'.
[  249.591822][T11572] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1733'.
[  250.135193][T11589] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1739'.
[  250.139449][T11590] FAULT_INJECTION: forcing a failure.
[  250.139449][T11590] name failslab, interval 1, probability 0, space 0, times 0
[  250.204287][T11590] CPU: 1 UID: 0 PID: 11590 Comm: syz.0.1740 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  250.204311][T11590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.204323][T11590] Call Trace:
[  250.204330][T11590]  <TASK>
[  250.204337][T11590]  dump_stack_lvl+0x189/0x250
[  250.204369][T11590]  ? __pfx____ratelimit+0x10/0x10
[  250.204388][T11590]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.204414][T11590]  ? __pfx__printk+0x10/0x10
[  250.204436][T11590]  ? __pfx___might_resched+0x10/0x10
[  250.204463][T11590]  ? fs_reclaim_acquire+0x7d/0x100
[  250.204488][T11590]  should_fail_ex+0x414/0x560
[  250.204516][T11590]  should_failslab+0xa8/0x100
[  250.204537][T11590]  __kmalloc_noprof+0xcb/0x4f0
[  250.204554][T11590]  ? tomoyo_encode+0x28b/0x550
[  250.204582][T11590]  tomoyo_encode+0x28b/0x550
[  250.204613][T11590]  tomoyo_realpath_from_path+0x58d/0x5d0
[  250.204640][T11590]  ? tomoyo_domain+0xd9/0x130
[  250.204670][T11590]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  250.204689][T11590]  tomoyo_path_number_perm+0x1e8/0x5a0
[  250.204711][T11590]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  250.204756][T11590]  ? __lock_acquire+0xab9/0xd20
[  250.204799][T11590]  ? __fget_files+0x2a/0x420
[  250.204821][T11590]  ? __fget_files+0x2a/0x420
[  250.204839][T11590]  ? __fget_files+0x3a0/0x420
[  250.204856][T11590]  ? __fget_files+0x2a/0x420
[  250.204879][T11590]  security_file_ioctl+0xcb/0x2d0
[  250.204900][T11590]  __se_sys_ioctl+0x47/0x170
[  250.204927][T11590]  do_syscall_64+0xfa/0x3b0
[  250.204944][T11590]  ? lockdep_hardirqs_on+0x9c/0x150
[  250.204961][T11590]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.204978][T11590]  ? clear_bhb_loop+0x60/0xb0
[  250.204998][T11590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.205015][T11590] RIP: 0033:0x7f8d2578e929
[  250.205030][T11590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.205044][T11590] RSP: 002b:00007f8d266d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  250.205063][T11590] RAX: ffffffffffffffda RBX: 00007f8d259b5fa0 RCX: 00007f8d2578e929
[  250.205075][T11590] RDX: 0000200000000040 RSI: 0000000000008b2a RDI: 0000000000000003
[  250.205086][T11590] RBP: 00007f8d266d6090 R08: 0000000000000000 R09: 0000000000000000
[  250.205096][T11590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.205106][T11590] R13: 0000000000000000 R14: 00007f8d259b5fa0 R15: 00007ffcd8510bb8
[  250.205135][T11590]  </TASK>
[  250.205154][T11590] ERROR: Out of memory at tomoyo_realpath_from_path.
[  250.479748][T11598] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1743'.
[  250.677220][T11612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1749'.
[  251.182177][T11625] wg1 speed is unknown, defaulting to 1000
[  251.264637][T11642] Cannot find del_set index 2 as target
[  251.821390][T11661] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  252.040633][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.052898][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.065188][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.077386][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.089696][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.101889][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.114194][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.126389][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  252.691441][T11688] __nla_validate_parse: 4 callbacks suppressed
[  252.691460][T11688] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1768'.
[  253.325630][T11698] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1773'.
[  253.471803][T11702] netlink: 'syz.4.1775': attribute type 21 has an invalid length.
[  253.544658][T11703] netlink: 'syz.4.1775': attribute type 21 has an invalid length.
[  253.822870][T11715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1777'.
[  253.973359][T11715] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1777'.
[  254.218853][T11722] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1783'.
[  254.313691][    C1] net_ratelimit: 9524 callbacks suppressed
[  254.313709][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.331692][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.344644][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.356747][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.368973][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.381098][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.393336][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.405451][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.417672][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.429840][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  254.609263][T11732] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1782'.
[  254.686451][T11736] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1785'.
[  254.736471][T11735] bridge6: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  254.808768][T11743] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  255.111368][T11749] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1790'.
[  255.447994][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  255.760601][T11740] wg1 speed is unknown, defaulting to 1000
[  255.953580][T11766] C: renamed from team_slave_0 (while UP)
[  256.042994][T11766] netlink: 'syz.3.1795': attribute type 4 has an invalid length.
[  256.084216][T11766] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1795'.
[  256.460496][T11778] netlink: 'syz.1.1796': attribute type 1 has an invalid length.
[  257.113755][T11778] 8021q: adding VLAN 0 to HW filter on device bond2
[  257.320868][T11782] bond2: (slave veth3): Enslaving as an active interface with a down link
[  257.347034][T11796] x_tables: ip_tables: udp match: only valid for protocol 17
[  257.360823][T11788] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  258.023658][    C1] sched: DL replenish lagged too much
[  258.281674][T11807] __nla_validate_parse: 2 callbacks suppressed
[  258.282587][T11807] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1805'.
[  258.382113][T11798] wg1 speed is unknown, defaulting to 1000
[  259.662431][T11843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1818'.
[  259.733148][T11843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1818'.
[  260.641714][T11864] delete_channel: no stack
[  260.826442][T11867] FAULT_INJECTION: forcing a failure.
[  260.826442][T11867] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  260.858124][T11867] CPU: 0 UID: 0 PID: 11867 Comm: syz.0.1827 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  260.858150][T11867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  260.858160][T11867] Call Trace:
[  260.858168][T11867]  <TASK>
[  260.858175][T11867]  dump_stack_lvl+0x189/0x250
[  260.858207][T11867]  ? __pfx____ratelimit+0x10/0x10
[  260.858227][T11867]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.858254][T11867]  ? __pfx__printk+0x10/0x10
[  260.858275][T11867]  ? fs_reclaim_acquire+0x7d/0x100
[  260.858305][T11867]  should_fail_ex+0x414/0x560
[  260.858333][T11867]  prepare_alloc_pages+0x213/0x610
[  260.858361][T11867]  __alloc_frozen_pages_noprof+0x123/0x370
[  260.858388][T11867]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  260.858428][T11867]  alloc_pages_bulk_noprof+0x560/0x710
[  260.858457][T11867]  ? alloc_pages_noprof+0xbe/0x190
[  260.858487][T11867]  kasan_populate_vmalloc+0xba/0x1a0
[  260.858519][T11867]  alloc_vmap_area+0xd51/0x1490
[  260.858553][T11867]  ? __pfx_alloc_vmap_area+0x10/0x10
[  260.858571][T11867]  ? __kasan_kmalloc+0x93/0xb0
[  260.858588][T11867]  ? __kmalloc_cache_node_noprof+0x234/0x3d0
[  260.858606][T11867]  ? __get_vm_area_node+0x13f/0x300
[  260.858623][T11867]  ? xdp_umem_create+0x708/0x8e0
[  260.858640][T11867]  __get_vm_area_node+0x1f8/0x300
[  260.858660][T11867]  ? xdp_umem_create+0x708/0x8e0
[  260.858678][T11867]  vmap+0x162/0x310
[  260.858695][T11867]  ? xdp_umem_create+0x708/0x8e0
[  260.858717][T11867]  xdp_umem_create+0x708/0x8e0
[  260.858744][T11867]  xsk_setsockopt+0x62a/0x710
[  260.858774][T11867]  ? __pfx_xsk_setsockopt+0x10/0x10
[  260.858798][T11867]  ? __lock_acquire+0xab9/0xd20
[  260.858828][T11867]  ? aa_sock_opt_perm+0x74/0x110
[  260.858853][T11867]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  260.858875][T11867]  ? __pfx_xsk_setsockopt+0x10/0x10
[  260.858902][T11867]  do_sock_setsockopt+0x25a/0x3e0
[  260.858930][T11867]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  260.858960][T11867]  ? __fget_files+0x2a/0x420
[  260.858988][T11867]  __x64_sys_setsockopt+0x18b/0x220
[  260.859019][T11867]  do_syscall_64+0xfa/0x3b0
[  260.859037][T11867]  ? lockdep_hardirqs_on+0x9c/0x150
[  260.859058][T11867]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.859075][T11867]  ? clear_bhb_loop+0x60/0xb0
[  260.859096][T11867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.859113][T11867] RIP: 0033:0x7f8d2578e929
[  260.859128][T11867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.859143][T11867] RSP: 002b:00007f8d266d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  260.859162][T11867] RAX: ffffffffffffffda RBX: 00007f8d259b5fa0 RCX: 00007f8d2578e929
[  260.859174][T11867] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003
[  260.859184][T11867] RBP: 00007f8d266d6090 R08: 0000000000000020 R09: 0000000000000000
[  260.859195][T11867] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000002
[  260.859206][T11867] R13: 0000000000000000 R14: 00007f8d259b5fa0 R15: 00007ffcd8510bb8
[  260.859235][T11867]  </TASK>
[  262.068789][T11884] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1830'.
[  262.269321][T11888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1832'.
[  262.290958][T11888] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1832'.
[  262.302010][T11888] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1832'.
[  262.432528][T11894] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1834'.
[  262.605307][T11894] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1834'.
[  262.733762][T11894] bridge0: port 3(macvlan2) entered blocking state
[  262.752881][T11894] bridge0: port 3(macvlan2) entered disabled state
[  262.770858][T11894] macvlan2: entered allmulticast mode
[  262.786753][T11894] bridge0: entered allmulticast mode
[  262.793731][T11903] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1837'.
[  262.814449][T11894] macvlan2: left allmulticast mode
[  262.819945][T11894] bridge0: left allmulticast mode
[  263.040265][T11895] wg1 speed is unknown, defaulting to 1000
[  264.092932][T11925] __nla_validate_parse: 1 callbacks suppressed
[  264.092951][T11925] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1842'.
[  264.116958][T11932] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1844'.
[  264.980989][T11944] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  266.211899][T11971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1860'.
[  267.428818][T11958] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.438961][T11958] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.480201][T11971] vlan2: entered promiscuous mode
[  267.494934][T11971] ip6gretap0: entered promiscuous mode
[  267.704824][T11982] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  267.815823][T11958] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.900778][T11993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1866'.
[  267.921990][T11958] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.957748][T11993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1866'.
[  267.990918][T11983] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1864'.
[  268.042210][T11980] wg1 speed is unknown, defaulting to 1000
[  268.199396][T11958] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  268.229878][T11958] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.263124][T12001] net_ratelimit: 1981 callbacks suppressed
[  268.263143][T12001] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  268.814167][T12010] xt_bpf: check failed: parse error
[  270.383495][T12027] siw: device registration error -23
[  270.857985][T12033] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1879'.
[  271.035830][T11958] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  271.050363][T11958] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.307044][T12038] netlink: 'syz.3.1881': attribute type 21 has an invalid length.
[  271.407310][T12038] netlink: 'syz.3.1881': attribute type 1 has an invalid length.
[  271.428325][T12038] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1881'.
[  271.633285][ T1159] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  271.646508][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.669853][ T1159] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.690142][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  272.030056][ T3543] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  272.080665][ T3543] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.296840][ T1159] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  272.335771][ T1159] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.401279][T12054] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  272.432594][ T6270] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  272.451965][ T6270] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.487274][T12057] xt_CT: You must specify a L4 protocol and not use inversions on it
[  273.145858][T12065] tipc: Enabled bearer <eth:syzkaller0>, priority 10
[  274.270028][T12097] wg1 speed is unknown, defaulting to 1000
[  274.517366][T12109] netlink: 'syz.2.1903': attribute type 21 has an invalid length.
[  274.553703][T12109] IPv6: NLM_F_CREATE should be specified when creating new route
[  274.879584][T12106] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.916178][T12117] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1902'.
[  274.995863][T12106] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.175550][T12105] wg1 speed is unknown, defaulting to 1000
[  275.379531][T12106] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  275.390452][T12106] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.489906][T12125] netlink: 'syz.0.1907': attribute type 3 has an invalid length.
[  275.511198][T12125] netlink: 'syz.0.1907': attribute type 3 has an invalid length.
[  275.656856][T12106] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  275.713849][T12106] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.837218][T12128] netlink: 'syz.0.1908': attribute type 13 has an invalid length.
[  275.872524][T12128] netlink: 'syz.0.1908': attribute type 17 has an invalid length.
[  276.119814][T12106] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  276.160381][T12138] netlink: 'syz.4.1910': attribute type 3 has an invalid length.
[  276.181275][T12106] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.387087][T12142] netlink: 'syz.3.1911': attribute type 5 has an invalid length.
[  276.433517][T12142] netlink: 'syz.3.1911': attribute type 7 has an invalid length.
[  276.471643][T12144] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1912'.
[  276.499529][T12144] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1912'.
[  276.722932][T12128] A link change request failed with some changes committed already. Interface teql0 may have been left with an inconsistent configuration, please check.
[  276.859350][T12142] : entered promiscuous mode
[  277.193789][ T6272] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  277.226070][ T6272] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  277.280947][ T6272] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  277.320073][ T6272] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  277.515517][ T6272] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  277.544439][ T6272] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  277.604277][ T6272] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  277.667409][ T6272] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.144578][T12167] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1921'.
[  278.401201][T12173] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1923'.
[  278.781289][T12180] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1926'.
[  278.958868][T12186] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1927'.
[  279.051644][T12186] tipc: Enabling of bearer <dth:t> rejected, media not registered
[  279.062707][T12189] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1928'.
[  279.133223][T12191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1931'.
[  279.170318][T12195] netlink: 'syz.3.1929': attribute type 23 has an invalid length.
[  279.668010][T12208] netlink: 'syz.0.1936': attribute type 10 has an invalid length.
[  279.695457][T12209] netlink: 'syz.0.1936': attribute type 10 has an invalid length.
[  279.739903][T12208] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1936'.
[  279.928403][T12209] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1936'.
[  279.987877][T12209] team0: entered promiscuous mode
[  279.992989][T12209] team_slave_0: entered promiscuous mode
[  280.107414][T12209] team_slave_1: entered promiscuous mode
[  280.113240][T12209] team0: entered allmulticast mode
[  280.176479][T12209] team_slave_0: entered allmulticast mode
[  280.202157][T12209] team_slave_1: entered allmulticast mode
[  280.233908][T12209] 8021q: adding VLAN 0 to HW filter on device team0
[  280.241137][T12209] bridge0: port 4(team0) entered blocking state
[  280.294038][T12209] bridge0: port 4(team0) entered disabled state
[  280.706176][T12227] vlan2: entered promiscuous mode
[  281.551567][T12240] netlink: 'syz.0.1947': attribute type 1 has an invalid length.
[  281.571611][T12240] __nla_validate_parse: 3 callbacks suppressed
[  281.571625][T12240] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1947'.
[  281.597253][T12240] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1947'.
[  283.222198][T12277] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1960'.
[  283.594794][T12286] netlink: 'syz.3.1964': attribute type 5 has an invalid length.
[  283.718515][T12289] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1966'.
[  283.889204][T12291] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1967'.
[  284.031069][T12300] netlink: 14212 bytes leftover after parsing attributes in process `syz.3.1969'.
[  284.112861][T12303] netlink: 'syz.4.1970': attribute type 1 has an invalid length.
[  284.228318][T12307] netlink: 'syz.4.1970': attribute type 1 has an invalid length.
[  284.294163][T12296] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  285.186883][T12323] wg1 speed is unknown, defaulting to 1000
[  285.362865][T12334] _ÐZ`Ô€@ÿÿ: entered promiscuous mode
[  285.414516][T12335] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1980'.
[  285.583401][T12341] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1982'.
[  285.620185][T12341] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1982'.
[  286.058266][T12351] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1985'.
[  286.585813][T12362] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  287.059518][T12373] netlink: 'syz.0.1995': attribute type 1 has an invalid length.
[  287.087881][T12373] netlink: 'syz.0.1995': attribute type 1 has an invalid length.
[  287.263870][T12377] __nla_validate_parse: 1 callbacks suppressed
[  287.263888][T12377] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1997'.
[  287.477367][T12382] netlink: 'syz.1.2000': attribute type 3 has an invalid length.
[  287.491088][T12385] FAULT_INJECTION: forcing a failure.
[  287.491088][T12385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.555137][T12388] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2001'.
[  287.567552][T12385] CPU: 0 UID: 0 PID: 12385 Comm: syz.0.1998 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  287.567577][T12385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  287.567588][T12385] Call Trace:
[  287.567596][T12385]  <TASK>
[  287.567604][T12385]  dump_stack_lvl+0x189/0x250
[  287.567638][T12385]  ? __pfx____ratelimit+0x10/0x10
[  287.567656][T12385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.567684][T12385]  ? __pfx__printk+0x10/0x10
[  287.567703][T12385]  ? __might_fault+0xb0/0x130
[  287.567731][T12385]  should_fail_ex+0x414/0x560
[  287.567758][T12385]  _copy_from_user+0x2d/0xb0
[  287.567777][T12385]  wext_handle_ioctl+0xba/0x1c0
[  287.567804][T12385]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  287.567825][T12385]  ? __lock_acquire+0xab9/0xd20
[  287.567865][T12385]  sock_ioctl+0x15f/0x790
[  287.567886][T12385]  ? __pfx_sock_ioctl+0x10/0x10
[  287.567905][T12385]  ? __fget_files+0x2a/0x420
[  287.567924][T12385]  ? __fget_files+0x3a0/0x420
[  287.567941][T12385]  ? __fget_files+0x2a/0x420
[  287.567963][T12385]  ? bpf_lsm_file_ioctl+0x9/0x20
[  287.567989][T12385]  ? __pfx_sock_ioctl+0x10/0x10
[  287.568007][T12385]  __se_sys_ioctl+0xfc/0x170
[  287.568036][T12385]  do_syscall_64+0xfa/0x3b0
[  287.568053][T12385]  ? lockdep_hardirqs_on+0x9c/0x150
[  287.568070][T12385]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.568087][T12385]  ? clear_bhb_loop+0x60/0xb0
[  287.568109][T12385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.568125][T12385] RIP: 0033:0x7f8d2578e929
[  287.568141][T12385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.568157][T12385] RSP: 002b:00007f8d266d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  287.568176][T12385] RAX: ffffffffffffffda RBX: 00007f8d259b5fa0 RCX: 00007f8d2578e929
[  287.568189][T12385] RDX: 0000200000000040 RSI: 0000000000008b2a RDI: 0000000000000008
[  287.568200][T12385] RBP: 00007f8d266d6090 R08: 0000000000000000 R09: 0000000000000000
[  287.568211][T12385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.568221][T12385] R13: 0000000000000000 R14: 00007f8d259b5fa0 R15: 00007ffcd8510bb8
[  287.568256][T12385]  </TASK>
[  287.980817][T12395] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2003'.
[  288.026130][T12386] bridge7: port 1(ip6gretap3) entered blocking state
[  288.033984][T12386] bridge7: port 1(ip6gretap3) entered disabled state
[  288.046557][T12386] ip6gretap3: entered allmulticast mode
[  288.055705][T12386] ip6gretap3: entered promiscuous mode
[  288.306005][T12377] veth3: entered promiscuous mode
[  288.319233][T12377] bridge7: port 2(veth3) entered blocking state
[  288.360594][T12377] bridge7: port 2(veth3) entered disabled state
[  288.407993][T12377] veth3: entered allmulticast mode
[  288.979658][T12420] macvtap1: entered promiscuous mode
[  288.998491][T12420] vlan0: entered promiscuous mode
[  289.039941][T12420] macvtap1: entered allmulticast mode
[  289.068380][T12420] vlan0: entered allmulticast mode
[  289.110127][T12420] veth0_vlan: entered allmulticast mode
[  289.339393][T12404] wg1 speed is unknown, defaulting to 1000
[  289.967587][T12446] xt_bpf: check failed: parse error
[  290.015790][T12436] pim6reg1: entered promiscuous mode
[  290.043699][T12436] pim6reg1: entered allmulticast mode
[  290.421617][T12456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2015'.
[  291.668650][T12473] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2018'.
[  292.617502][T12485] FAULT_INJECTION: forcing a failure.
[  292.617502][T12485] name failslab, interval 1, probability 0, space 0, times 0
[  292.665103][T12485] CPU: 0 UID: 0 PID: 12485 Comm: syz.3.2019 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  292.665130][T12485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.665141][T12485] Call Trace:
[  292.665148][T12485]  <TASK>
[  292.665155][T12485]  dump_stack_lvl+0x189/0x250
[  292.665188][T12485]  ? __pfx____ratelimit+0x10/0x10
[  292.665207][T12485]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.665234][T12485]  ? __pfx__printk+0x10/0x10
[  292.665259][T12485]  ? __pfx___might_resched+0x10/0x10
[  292.665285][T12485]  ? fs_reclaim_acquire+0x7d/0x100
[  292.665311][T12485]  should_fail_ex+0x414/0x560
[  292.665339][T12485]  should_failslab+0xa8/0x100
[  292.665360][T12485]  __kmalloc_noprof+0xcb/0x4f0
[  292.665377][T12485]  ? ioctl_standard_iw_point+0x4d5/0xd40
[  292.665406][T12485]  ioctl_standard_iw_point+0x4d5/0xd40
[  292.665443][T12485]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  292.665465][T12485]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  292.665489][T12485]  ? __pfx___mutex_lock+0x10/0x10
[  292.665514][T12485]  ? full_name_hash+0x92/0xe0
[  292.665537][T12485]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  292.665559][T12485]  ioctl_standard_call+0xaf/0x1b0
[  292.665584][T12485]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  292.665603][T12485]  wext_ioctl_dispatch+0xee/0x410
[  292.665623][T12485]  ? __pfx_ioctl_standard_call+0x10/0x10
[  292.665650][T12485]  wext_handle_ioctl+0x100/0x1c0
[  292.665676][T12485]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  292.665695][T12485]  ? __lock_acquire+0xab9/0xd20
[  292.665736][T12485]  sock_ioctl+0x15f/0x790
[  292.665757][T12485]  ? __pfx_sock_ioctl+0x10/0x10
[  292.665776][T12485]  ? __fget_files+0x2a/0x420
[  292.665800][T12485]  ? __fget_files+0x3a0/0x420
[  292.665818][T12485]  ? __fget_files+0x2a/0x420
[  292.665840][T12485]  ? bpf_lsm_file_ioctl+0x9/0x20
[  292.665866][T12485]  ? __pfx_sock_ioctl+0x10/0x10
[  292.665884][T12485]  __se_sys_ioctl+0xfc/0x170
[  292.665912][T12485]  do_syscall_64+0xfa/0x3b0
[  292.665930][T12485]  ? lockdep_hardirqs_on+0x9c/0x150
[  292.665947][T12485]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.665982][T12485]  ? clear_bhb_loop+0x60/0xb0
[  292.666005][T12485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.666023][T12485] RIP: 0033:0x7f383f98e929
[  292.666039][T12485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.666054][T12485] RSP: 002b:00007f38407f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  292.666074][T12485] RAX: ffffffffffffffda RBX: 00007f383fbb5fa0 RCX: 00007f383f98e929
[  292.666088][T12485] RDX: 0000200000000040 RSI: 0000000000008b2a RDI: 0000000000000003
[  292.666104][T12485] RBP: 00007f38407f9090 R08: 0000000000000000 R09: 0000000000000000
[  292.666116][T12485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.666126][T12485] R13: 0000000000000000 R14: 00007f383fbb5fa0 R15: 00007fffa1d93408
[  292.666158][T12485]  </TASK>
[  293.693288][T12496] siw: device registration error -23
[  294.275959][T12503] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2026'.
[  294.407483][T12505] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2026'.
[  294.766230][T12503] macvtap1: entered promiscuous mode
[  294.786148][T12503] erspan0: entered promiscuous mode
[  294.885947][T12503] macvtap1: entered allmulticast mode
[  294.914711][T12503] erspan0: entered allmulticast mode
[  295.168314][T12515] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2031'.
[  295.201918][T12504] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2026'.
[  295.398498][T12516] pim6reg: entered allmulticast mode
[  295.996895][T12512] pim6reg: left allmulticast mode
[  296.075408][T12535] Cannot find del_set index 2 as target
[  296.738434][T12545] netlink: 'syz.4.2041': attribute type 3 has an invalid length.
[  297.340695][T12567] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2043'.
[  297.398319][T12568] siw: device registration error -23
[  298.069839][T12565] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2045'.
[  298.607102][T12578] tipc: Trying to set illegal importance in message
[  298.852523][T12587] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  298.993433][T12564] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.093540][T12590] netlink: 212 bytes leftover after parsing attributes in process `syz.4.2049'.
[  299.116400][T12590] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  299.225892][T12564] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.289082][T12593] x_tables: ip_tables: udp match: only valid for protocol 17
[  299.507125][T12564] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.661772][T12564] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.762903][T12599] wg1 speed is unknown, defaulting to 1000
[  299.944705][ T8153] IPVS: starting estimator thread 0...
[  300.055793][T12605] IPVS: using max 28 ests per chain, 67200 per kthread
[  300.144461][ T1159] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.325248][ T1159] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.373098][ T1159] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.810923][ T6270] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.826995][T12628] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2060'.
[  303.469245][T12675] netlink: 'syz.2.2078': attribute type 23 has an invalid length.
[  303.772040][T12680] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2079'.
[  304.100931][T12682] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2081'.
[  304.180882][T12682] vlan2: entered promiscuous mode
[  304.203906][T12682] ip6gretap0: entered promiscuous mode
[  304.584732][T12661] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2071'.
[  304.605036][T12691] FAULT_INJECTION: forcing a failure.
[  304.605036][T12691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.652365][T12691] CPU: 0 UID: 0 PID: 12691 Comm: syz.4.2082 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  304.652392][T12691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.652417][T12691] Call Trace:
[  304.652429][T12691]  <TASK>
[  304.652437][T12691]  dump_stack_lvl+0x189/0x250
[  304.652471][T12691]  ? __pfx____ratelimit+0x10/0x10
[  304.652490][T12691]  ? __pfx_dump_stack_lvl+0x10/0x10
[  304.652518][T12691]  ? __pfx__printk+0x10/0x10
[  304.652540][T12691]  ? __asan_memcpy+0x40/0x70
[  304.652577][T12691]  should_fail_ex+0x414/0x560
[  304.652610][T12691]  _copy_to_user+0x31/0xb0
[  304.652632][T12691]  bpf_verifier_vlog+0x3ba/0x900
[  304.652674][T12691]  __btf_verifier_log+0xd4/0x120
[  304.652710][T12691]  ? __pfx___btf_verifier_log+0x10/0x10
[  304.652734][T12691]  ? __might_fault+0xb0/0x130
[  304.652758][T12691]  ? btf_parse_hdr+0x1e2/0x6d0
[  304.652781][T12691]  btf_parse_hdr+0x356/0x6d0
[  304.652811][T12691]  btf_new_fd+0x36d/0xc90
[  304.652830][T12691]  ? apparmor_capable+0x137/0x1b0
[  304.652856][T12691]  ? __pfx_btf_new_fd+0x10/0x10
[  304.652878][T12691]  ? bpf_token_put+0x143/0x160
[  304.652906][T12691]  ? bpf_btf_load+0x126/0x190
[  304.652934][T12691]  __sys_bpf+0x635/0x860
[  304.652961][T12691]  ? __pfx___sys_bpf+0x10/0x10
[  304.653005][T12691]  ? ksys_write+0x22a/0x250
[  304.653025][T12691]  ? __pfx_ksys_write+0x10/0x10
[  304.653040][T12691]  ? rcu_is_watching+0x15/0xb0
[  304.653076][T12691]  __x64_sys_bpf+0x7c/0x90
[  304.653099][T12691]  do_syscall_64+0xfa/0x3b0
[  304.653118][T12691]  ? lockdep_hardirqs_on+0x9c/0x150
[  304.653136][T12691]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.653154][T12691]  ? clear_bhb_loop+0x60/0xb0
[  304.653177][T12691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.653194][T12691] RIP: 0033:0x7f200e58e929
[  304.653214][T12691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.653229][T12691] RSP: 002b:00007f200f3eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  304.653249][T12691] RAX: ffffffffffffffda RBX: 00007f200e7b5fa0 RCX: 00007f200e58e929
[  304.653263][T12691] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 0000000000000012
[  304.653274][T12691] RBP: 00007f200f3eb090 R08: 0000000000000000 R09: 0000000000000000
[  304.653285][T12691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  304.653295][T12691] R13: 0000000000000000 R14: 00007f200e7b5fa0 R15: 00007ffdb58514b8
[  304.653324][T12691]  </TASK>
[  305.591833][T12702] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2083'.
[  306.245939][T12715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2092'.
[  306.373731][T12715] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2092'.
[  306.884931][T12734] sctp: [Deprecated]: syz.2.2099 (pid 12734) Use of int in max_burst socket option.
[  306.884931][T12734] Use struct sctp_assoc_value instead
[  307.209579][T12747] FAULT_INJECTION: forcing a failure.
[  307.209579][T12747] name failslab, interval 1, probability 0, space 0, times 0
[  307.267765][T12747] CPU: 0 UID: 0 PID: 12747 Comm: syz.2.2103 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  307.267795][T12747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.267807][T12747] Call Trace:
[  307.267816][T12747]  <TASK>
[  307.267825][T12747]  dump_stack_lvl+0x189/0x250
[  307.267862][T12747]  ? __pfx____ratelimit+0x10/0x10
[  307.267883][T12747]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.267914][T12747]  ? __pfx__printk+0x10/0x10
[  307.267943][T12747]  ? __pfx___might_resched+0x10/0x10
[  307.267980][T12747]  should_fail_ex+0x414/0x560
[  307.268012][T12747]  should_failslab+0xa8/0x100
[  307.268046][T12747]  __kmalloc_noprof+0xcb/0x4f0
[  307.268065][T12747]  ? __kasan_kmalloc+0x93/0xb0
[  307.268083][T12747]  ? nla_strdup+0x9d/0x140
[  307.268118][T12747]  nla_strdup+0x9d/0x140
[  307.268149][T12747]  nf_tables_newtable+0x491/0x1890
[  307.268178][T12747]  ? nfnetlink_subsys_unregister+0x172/0x1b0
[  307.268221][T12747]  nfnetlink_rcv+0x112f/0x2520
[  307.268279][T12747]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  307.268320][T12747]  ? ref_tracker_free+0x63a/0x7d0
[  307.268383][T12747]  ? __netlink_deliver_tap+0x807/0x850
[  307.268427][T12747]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.268453][T12747]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.268485][T12747]  netlink_unicast+0x75b/0x8d0
[  307.268522][T12747]  netlink_sendmsg+0x805/0xb30
[  307.268560][T12747]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.268592][T12747]  ? aa_sock_msg_perm+0x94/0x160
[  307.268621][T12747]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  307.268647][T12747]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.268680][T12747]  __sock_sendmsg+0x219/0x270
[  307.268731][T12747]  ____sys_sendmsg+0x505/0x830
[  307.268768][T12747]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.268809][T12747]  ? import_iovec+0x74/0xa0
[  307.268833][T12747]  ___sys_sendmsg+0x21f/0x2a0
[  307.268865][T12747]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.268936][T12747]  ? __fget_files+0x2a/0x420
[  307.268957][T12747]  ? __fget_files+0x3a0/0x420
[  307.268991][T12747]  __x64_sys_sendmsg+0x19b/0x260
[  307.269024][T12747]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.269085][T12747]  ? __pfx_ksys_write+0x10/0x10
[  307.269101][T12747]  ? rcu_is_watching+0x15/0xb0
[  307.269138][T12747]  ? do_syscall_64+0xbe/0x3b0
[  307.269165][T12747]  do_syscall_64+0xfa/0x3b0
[  307.269185][T12747]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.269218][T12747]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.269238][T12747]  ? clear_bhb_loop+0x60/0xb0
[  307.269262][T12747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.269281][T12747] RIP: 0033:0x7fb55cf8e929
[  307.269298][T12747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.269315][T12747] RSP: 002b:00007fb55dd3b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.269336][T12747] RAX: ffffffffffffffda RBX: 00007fb55d1b5fa0 RCX: 00007fb55cf8e929
[  307.269351][T12747] RDX: 0000000044040090 RSI: 00002000000000c0 RDI: 0000000000000003
[  307.269364][T12747] RBP: 00007fb55dd3b090 R08: 0000000000000000 R09: 0000000000000000
[  307.269376][T12747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.269387][T12747] R13: 0000000000000000 R14: 00007fb55d1b5fa0 R15: 00007fff03fc05b8
[  307.269426][T12747]  </TASK>
[  307.602361][T12751] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2105'.
[  307.859678][T12760] xt_CT: No such helper "pptp"
[  308.237394][T12749] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2101'.
[  309.489244][T12793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  309.834256][T12773] wg1 speed is unknown, defaulting to 1000
[  309.876361][T12798] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2118'.
[  309.990858][T12800] netlink: 'syz.2.2119': attribute type 23 has an invalid length.
[  310.399789][T12807] team0: left allmulticast mode
[  310.428427][T12807] team0: left promiscuous mode
[  310.442020][T12807] bridge0: port 1(team0) entered disabled state
[  310.510994][T12807] vlan2: left allmulticast mode
[  310.526057][T12807] bond0: left allmulticast mode
[  310.541225][T12807] vlan2: left promiscuous mode
[  310.560674][T12807] bond0: left promiscuous mode
[  310.675153][T12807] bridge0: port 2(vlan2) entered disabled state
[  310.690125][T12816] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2121'.
[  310.767390][T12807] bond2: (slave veth3): Releasing active interface
[  310.890745][T12814] tap0: tun_chr_ioctl cmd 1074025677
[  310.916322][T12814] tap0: linktype set to 769
[  311.645915][T12833] netlink: 'syz.3.2130': attribute type 1 has an invalid length.
[  311.680151][T12833] netlink: 'syz.3.2130': attribute type 1 has an invalid length.
[  311.840892][T12836] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2131'.
[  312.167261][T12840] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2132'.
[  312.319034][T12847] FAULT_INJECTION: forcing a failure.
[  312.319034][T12847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.357449][T12847] CPU: 0 UID: 0 PID: 12847 Comm: syz.4.2135 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  312.357475][T12847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  312.357486][T12847] Call Trace:
[  312.357494][T12847]  <TASK>
[  312.357501][T12847]  dump_stack_lvl+0x189/0x250
[  312.357533][T12847]  ? __pfx____ratelimit+0x10/0x10
[  312.357552][T12847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.357579][T12847]  ? __pfx__printk+0x10/0x10
[  312.357598][T12847]  ? __might_fault+0xb0/0x130
[  312.357626][T12847]  should_fail_ex+0x414/0x560
[  312.357653][T12847]  _copy_from_iter+0x3f5/0x16f0
[  312.357705][T12847]  ? __pfx__copy_from_iter+0x10/0x10
[  312.357738][T12847]  ? set_page_refcounted+0xa0/0x1e0
[  312.357763][T12847]  af_alg_sendmsg+0x1436/0x22e0
[  312.357784][T12847]  ? __pfx___might_resched+0x10/0x10
[  312.357833][T12847]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  312.357851][T12847]  ? __lock_acquire+0xab9/0xd20
[  312.357893][T12847]  ? __pfx_aa_sk_perm+0x10/0x10
[  312.357913][T12847]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  312.357946][T12847]  ? aa_sock_msg_perm+0x94/0x160
[  312.357981][T12847]  ? skcipher_sendmsg+0x26/0xf0
[  312.358019][T12847]  ? __pfx_skcipher_sendmsg+0x10/0x10
[  312.358045][T12847]  __sock_sendmsg+0x219/0x270
[  312.358070][T12847]  ____sys_sendmsg+0x52d/0x830
[  312.358104][T12847]  ? __pfx_____sys_sendmsg+0x10/0x10
[  312.358143][T12847]  ? import_iovec+0x74/0xa0
[  312.358165][T12847]  ___sys_sendmsg+0x21f/0x2a0
[  312.358196][T12847]  ? __pfx____sys_sendmsg+0x10/0x10
[  312.358286][T12847]  ? vfs_write+0x8d8/0xa90
[  312.358325][T12847]  __sys_sendmmsg+0x227/0x430
[  312.358369][T12847]  ? __pfx___sys_sendmmsg+0x10/0x10
[  312.358409][T12847]  ? kmem_cache_free+0x18f/0x400
[  312.358446][T12847]  ? ksys_write+0x1e1/0x250
[  312.358467][T12847]  ? __pfx_ksys_write+0x10/0x10
[  312.358482][T12847]  ? rcu_is_watching+0x15/0xb0
[  312.358521][T12847]  __x64_sys_sendmmsg+0xa0/0xc0
[  312.358554][T12847]  do_syscall_64+0xfa/0x3b0
[  312.358575][T12847]  ? lockdep_hardirqs_on+0x9c/0x150
[  312.358594][T12847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.358613][T12847]  ? clear_bhb_loop+0x60/0xb0
[  312.358637][T12847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.358656][T12847] RIP: 0033:0x7f200e58e929
[  312.358674][T12847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.358700][T12847] RSP: 002b:00007f200f3eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  312.358721][T12847] RAX: ffffffffffffffda RBX: 00007f200e7b5fa0 RCX: 00007f200e58e929
[  312.358736][T12847] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  312.358748][T12847] RBP: 00007f200f3eb090 R08: 0000000000000000 R09: 0000000000000000
[  312.358760][T12847] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000002
[  312.358773][T12847] R13: 0000000000000000 R14: 00007f200e7b5fa0 R15: 00007ffdb58514b8
[  312.358805][T12847]  </TASK>
[  313.661474][T12883] netlink: 248 bytes leftover after parsing attributes in process `syz.3.2148'.
[  314.539791][T12904] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2155'.
[  314.582354][T12900] wg1 speed is unknown, defaulting to 1000
[  314.925257][T12896] wg1 speed is unknown, defaulting to 1000
[  315.158038][T12917] geneve4: entered promiscuous mode
[  315.262478][ T3543] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.302314][ T3543] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.397961][ T3543] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.448011][ T3543] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.800746][T12936] netlink: 172 bytes leftover after parsing attributes in process `syz.0.2161'.
[  316.107611][T12939] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.646315][T12939] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.838421][T12919] warn_alloc: 1 callbacks suppressed
[  316.838438][T12919] syz.1.2159: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  316.896885][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  316.933240][T12919] ,cpuset=/,mems_allowed=0-1
[  316.957973][T12919] CPU: 0 UID: 0 PID: 12919 Comm: syz.1.2159 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  316.957997][T12919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  316.958009][T12919] Call Trace:
[  316.958016][T12919]  <TASK>
[  316.958027][T12919]  dump_stack_lvl+0x189/0x250
[  316.958063][T12919]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.958090][T12919]  ? __pfx__printk+0x10/0x10
[  316.958110][T12919]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  316.958131][T12919]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  316.958152][T12919]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  316.958174][T12919]  warn_alloc+0x214/0x310
[  316.958200][T12919]  ? __pfx_warn_alloc+0x10/0x10
[  316.958229][T12919]  ? __get_vm_area_node+0x28f/0x300
[  316.958248][T12919]  ? translate_table+0x19b/0x2040
[  316.958277][T12919]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  316.958325][T12919]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  316.958349][T12919]  ? rcu_is_watching+0x15/0xb0
[  316.958377][T12919]  ? translate_table+0x19b/0x2040
[  316.958400][T12919]  ? translate_table+0x19b/0x2040
[  316.958423][T12919]  __kvmalloc_node_noprof+0x3b8/0x5f0
[  316.958442][T12919]  ? translate_table+0x19b/0x2040
[  316.958465][T12919]  ? xt_alloc_table_info+0x3b/0xa0
[  316.958505][T12919]  translate_table+0x19b/0x2040
[  316.958543][T12919]  ? __lock_acquire+0xab9/0xd20
[  316.958573][T12919]  ? __pfx_translate_table+0x10/0x10
[  316.958600][T12919]  ? __might_fault+0xb0/0x130
[  316.958635][T12919]  ? _copy_from_user+0x94/0xb0
[  316.958658][T12919]  do_ip6t_set_ctl+0x970/0xce0
[  316.958690][T12919]  ? rcu_is_watching+0x15/0xb0
[  316.958717][T12919]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  316.958760][T12919]  ? __pfx___mutex_lock+0x10/0x10
[  316.958780][T12919]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  316.958798][T12919]  ? aa_sk_perm+0x81e/0x950
[  316.958824][T12919]  ? __pfx_aa_sk_perm+0x10/0x10
[  316.958852][T12919]  nf_setsockopt+0x26c/0x290
[  316.958879][T12919]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  316.958904][T12919]  do_sock_setsockopt+0x25a/0x3e0
[  316.958933][T12919]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  316.958963][T12919]  ? __fget_files+0x2a/0x420
[  316.958991][T12919]  __x64_sys_setsockopt+0x18b/0x220
[  316.959023][T12919]  do_syscall_64+0xfa/0x3b0
[  316.959042][T12919]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.959059][T12919]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.959076][T12919]  ? clear_bhb_loop+0x60/0xb0
[  316.959098][T12919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.959114][T12919] RIP: 0033:0x7fbe7078e929
[  316.959132][T12919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.959147][T12919] RSP: 002b:00007fbe71575038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  316.959165][T12919] RAX: ffffffffffffffda RBX: 00007fbe709b5fa0 RCX: 00007fbe7078e929
[  316.959178][T12919] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  316.959189][T12919] RBP: 00007fbe70810b39 R08: 0000000000000380 R09: 0000000000000000
[  316.959200][T12919] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.959212][T12919] R13: 0000000000000000 R14: 00007fbe709b5fa0 R15: 00007ffec8f63458
[  316.959240][T12919]  </TASK>
[  317.316381][T12955] netlink: 'syz.4.2165': attribute type 10 has an invalid length.
[  317.324264][T12955] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2165'.
[  317.333324][T12919] Mem-Info:
[  317.340849][T12919] active_anon:6647 inactive_anon:0 isolated_anon:0
[  317.340849][T12919]  active_file:1781 inactive_file:39921 isolated_file:0
[  317.340849][T12919]  unevictable:768 dirty:261 writeback:0
[  317.340849][T12919]  slab_reclaimable:11075 slab_unreclaimable:142349
[  317.340849][T12919]  mapped:32959 shmem:2394 pagetables:1332
[  317.340849][T12919]  sec_pagetables:0 bounce:0
[  317.340849][T12919]  kernel_misc_reclaimable:0
[  317.340849][T12919]  free:1251999 free_pcp:26014 free_cma:0
[  317.389500][T12919] Node 0 active_anon:26588kB inactive_anon:0kB active_file:7124kB inactive_file:159476kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:131836kB dirty:1044kB writeback:0kB shmem:8040kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12868kB pagetables:5172kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  317.423375][T12919] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  317.455040][T12919] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  317.484242][T12919] lowmem_reserve[]: 0 2500 2502 2502 2502
[  317.490021][T12919] Node 0 DMA32 free:1086420kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:26540kB inactive_anon:0kB active_file:7124kB inactive_file:157648kB unevictable:1536kB writepending:1044kB present:3129332kB managed:2561008kB mlocked:0kB bounce:0kB free_pcp:85228kB local_pcp:44540kB free_cma:0kB
[  317.522339][T12919] lowmem_reserve[]: 0 0 1 1 1
[  317.527647][T12919] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1828kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  317.556654][T12919] lowmem_reserve[]: 0 0 0 0 0
[  317.561383][T12919] Node 1 Normal free:3905476kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:19400kB local_pcp:13128kB free_cma:0kB
[  317.592993][T12919] lowmem_reserve[]: 0 0 0 0 0
[  317.597745][T12919] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  317.610998][T12919] Node 0 DMA32: 311*4kB (UM) 112*8kB (UME) 50*16kB (UME) 123*32kB (ME) 75*64kB (ME) 38*128kB (ME) 9*256kB (M) 11*512kB (UM) 13*1024kB (UME) 6*2048kB (M) 253*4096kB (UM) = 1086364kB
[  317.634922][T12919] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[  317.665980][T12919] Node 1 Normal: 163*4kB (UE) 45*8kB (UME) 47*16kB (UME) 95*32kB (UME) 30*64kB (UME) 9*128kB (UME) 3*256kB (UM) 3*512kB (ME) 4*1024kB (UME) 2*2048kB (UE) 949*4096kB (M) = 3905476kB
[  317.699526][T12953] siw: device registration error -23
[  317.705044][T12919] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  317.753209][T12919] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  317.774604][T12919] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  317.794942][T12919] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  317.810919][T12951] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.821731][T12919] 44375 total pagecache pages
[  317.833564][T12919] 0 pages in swap cache
[  317.838124][T12919] Free swap  = 124996kB
[  317.842442][T12919] Total swap = 124996kB
[  317.853733][T12919] 2097051 pages RAM
[  317.859903][T12919] 0 pages HighMem/MovableOnly
[  317.871614][T12919] 424693 pages reserved
[  317.878146][T12919] 0 pages cma reserved
[  318.104881][T12939] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.173511][T12955] veth0_vlan: left promiscuous mode
[  318.180969][T12955] veth0_vlan: entered promiscuous mode
[  318.215662][T12955] bridge0: port 4(veth0_vlan) entered blocking state
[  318.250293][T12955] bridge0: port 4(veth0_vlan) entered disabled state
[  318.293273][T12955] veth0_vlan: entered allmulticast mode
[  318.335122][T12955] veth0_vlan: left allmulticast mode
[  318.362624][T12955] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  318.750951][T12951] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.876136][T12939] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.020207][T12951] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.397651][T12951] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.449514][ T3543] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.561516][ T6272] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.865567][ T3543] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.983713][ T3543] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.224636][   T36] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  320.359564][   T36] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  320.512600][   T36] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  320.569294][   T36] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.663042][T12985] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2175'.
[  320.728854][T12984] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2174'.
[  320.779088][T12985] FAULT_INJECTION: forcing a failure.
[  320.779088][T12985] name failslab, interval 1, probability 0, space 0, times 0
[  320.863931][T12985] CPU: 0 UID: 0 PID: 12985 Comm: syz.3.2175 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  320.863958][T12985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  320.863968][T12985] Call Trace:
[  320.863976][T12985]  <TASK>
[  320.863984][T12985]  dump_stack_lvl+0x189/0x250
[  320.864016][T12985]  ? __pfx____ratelimit+0x10/0x10
[  320.864034][T12985]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.864062][T12985]  ? __pfx__printk+0x10/0x10
[  320.864087][T12985]  ? __pfx___might_resched+0x10/0x10
[  320.864113][T12985]  ? fs_reclaim_acquire+0x7d/0x100
[  320.864151][T12985]  should_fail_ex+0x414/0x560
[  320.864180][T12985]  should_failslab+0xa8/0x100
[  320.864201][T12985]  __kmalloc_cache_noprof+0x70/0x3d0
[  320.864218][T12985]  ? allocate_file_region_entries+0x1e7/0x5a0
[  320.864247][T12985]  allocate_file_region_entries+0x1e7/0x5a0
[  320.864282][T12985]  ? __pfx_allocate_file_region_entries+0x10/0x10
[  320.864319][T12985]  region_chg+0x2c4/0x3c0
[  320.864347][T12985]  __vma_reservation_common+0x328/0x6e0
[  320.864377][T12985]  hugetlb_fault+0x1735/0x29e0
[  320.864413][T12985]  ? __pfx_hugetlb_fault+0x10/0x10
[  320.864450][T12985]  ? __up_read+0x280/0x680
[  320.864471][T12985]  handle_mm_fault+0x740/0x8e0
[  320.864510][T12985]  __get_user_pages+0x1af4/0x30b0
[  320.864549][T12985]  ? mt_find+0x15c/0x5f0
[  320.864588][T12985]  ? __pfx___get_user_pages+0x10/0x10
[  320.864623][T12985]  populate_vma_page_range+0x26b/0x340
[  320.864652][T12985]  ? __pfx_populate_vma_page_range+0x10/0x10
[  320.864675][T12985]  ? userfaultfd_unmap_complete+0x278/0x2d0
[  320.864708][T12985]  ? down_read+0x1ad/0x2e0
[  320.864731][T12985]  __mm_populate+0x24c/0x380
[  320.864758][T12985]  ? __pfx___mm_populate+0x10/0x10
[  320.864786][T12985]  ? up_write+0x1c4/0x420
[  320.864809][T12985]  vm_mmap_pgoff+0x3f0/0x4c0
[  320.864840][T12985]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  320.864861][T12985]  ? rcu_is_watching+0x15/0xb0
[  320.864888][T12985]  ? hugetlbfs_get_inode+0x448/0x660
[  320.864921][T12985]  ? hugetlb_file_setup+0x429/0x630
[  320.864953][T12985]  ksys_mmap_pgoff+0x587/0x760
[  320.864977][T12985]  do_syscall_64+0xfa/0x3b0
[  320.864995][T12985]  ? lockdep_hardirqs_on+0x9c/0x150
[  320.865012][T12985]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.865029][T12985]  ? clear_bhb_loop+0x60/0xb0
[  320.865051][T12985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.865067][T12985] RIP: 0033:0x7f383f98e929
[  320.865083][T12985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.865098][T12985] RSP: 002b:00007f38407f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  320.865116][T12985] RAX: ffffffffffffffda RBX: 00007f383fbb5fa0 RCX: 00007f383f98e929
[  320.865129][T12985] RDX: 0000000000000002 RSI: 0000000000800000 RDI: 0000200000800000
[  320.865146][T12985] RBP: 00007f38407f9090 R08: ffffffffffffffff R09: 0000000000000000
[  320.865159][T12985] R10: 0000000000042032 R11: 0000000000000246 R12: 0000000000000002
[  320.865169][T12985] R13: 0000000000000000 R14: 00007f383fbb5fa0 R15: 00007fffa1d93408
[  320.865199][T12985]  </TASK>
[  321.287185][T12991] siw: device registration error -23
[  322.221279][T12998] wg1 speed is unknown, defaulting to 1000
[  322.234959][T13006] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2180'.
[  323.629332][T13034] siw: device registration error -23
[  323.744184][T13037] x_tables: duplicate underflow at hook 2
[  323.777695][T13037] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2186'.
[  324.031601][T13041] siw: device registration error -23
[  324.443376][T13040] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.871649][T13040] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.202274][T13040] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.440266][T13051] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2190'.
[  325.453390][T13043] wg1 speed is unknown, defaulting to 1000
[  325.521150][T13053] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2189'.
[  325.547631][T13040] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.791112][T13055] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2191'.
[  325.842940][T13057] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2192'.
[  325.889037][T13055] vlan0: entered promiscuous mode
[  326.231135][   T64] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.416124][   T64] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.444690][   T64] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.652478][T13074] netlink: 13480 bytes leftover after parsing attributes in process `syz.3.2196'.
[  328.111117][   T36] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.186300][T13080] tipc: Enabling of bearer <eth:geneve1> rejected, already enabled
[  328.568949][T13086] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2202'.
[  329.332262][T13105] FAULT_INJECTION: forcing a failure.
[  329.332262][T13105] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.487880][T13105] CPU: 0 UID: 0 PID: 13105 Comm: syz.1.2207 Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0 PREEMPT(full) 
[  329.487908][T13105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  329.487919][T13105] Call Trace:
[  329.487927][T13105]  <TASK>
[  329.487935][T13105]  dump_stack_lvl+0x189/0x250
[  329.487966][T13105]  ? __pfx____ratelimit+0x10/0x10
[  329.487985][T13105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  329.488013][T13105]  ? __pfx__printk+0x10/0x10
[  329.488032][T13105]  ? __might_fault+0xb0/0x130
[  329.488061][T13105]  should_fail_ex+0x414/0x560
[  329.488098][T13105]  _copy_from_user+0x2d/0xb0
[  329.488117][T13105]  sk_getsockopt+0x197/0x2530
[  329.488149][T13105]  ? __pfx_sk_getsockopt+0x10/0x10
[  329.488172][T13105]  ? do_syscall_64+0x80/0x3b0
[  329.488203][T13105]  ? __lock_acquire+0xab9/0xd20
[  329.488238][T13105]  ? __might_fault+0xb0/0x130
[  329.488275][T13105]  do_sock_getsockopt+0x275/0x650
[  329.488300][T13105]  ? do_syscall_64+0x80/0x3b0
[  329.488321][T13105]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  329.488346][T13105]  ? do_syscall_64+0x80/0x3b0
[  329.488364][T13105]  ? __fget_files+0x3a0/0x420
[  329.488382][T13105]  ? __fget_files+0x2a/0x420
[  329.488408][T13105]  __x64_sys_getsockopt+0x1a5/0x250
[  329.488433][T13105]  ? do_syscall_64+0x80/0x3b0
[  329.488456][T13105]  ? do_syscall_64+0x80/0x3b0
[  329.488478][T13105]  do_syscall_64+0xfa/0x3b0
[  329.488495][T13105]  ? lockdep_hardirqs_on+0x9c/0x150
[  329.488512][T13105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.488529][T13105]  ? clear_bhb_loop+0x60/0xb0
[  329.488550][T13105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.488567][T13105] RIP: 0033:0x7fbe7078e929
[  329.488582][T13105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.488597][T13105] RSP: 002b:00007fbe71575038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  329.488615][T13105] RAX: ffffffffffffffda RBX: 00007fbe709b5fa0 RCX: 00007fbe7078e929
[  329.488628][T13105] RDX: 0000000000000027 RSI: 0000000000000001 RDI: 0000000000000003
[  329.488639][T13105] RBP: 00007fbe71575090 R08: 0000200000000040 R09: 0000000000000000
[  329.488650][T13105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.488660][T13105] R13: 0000000000000000 R14: 00007fbe709b5fa0 R15: 00007ffec8f63458
[  329.488689][T13105]  </TASK>
[  330.009776][T13115] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2213'.
[  330.254839][T13122] netlink: 172 bytes leftover after parsing attributes in process `syz.0.2214'.
[  330.549695][T13132] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  330.656546][T13131] wg1 speed is unknown, defaulting to 1000
[  331.387403][T13149] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  379.484165][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  440.270790][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  446.772007][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  447.685549][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  447.798844][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  448.389439][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  448.621888][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  449.001515][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  449.089853][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  449.298908][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  449.849025][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  450.012670][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  450.160326][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  450.434861][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  450.540196][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  451.202463][ T5834] Bluetooth: hci0: command tx timeout
[  451.358761][ T5155] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  451.381658][ T5155] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  453.494165][   T51] Bluetooth: hci0: command tx timeout
[  455.398230][   T51] Bluetooth: hci1: command tx timeout
[  455.422746][ T5834] Bluetooth: hci2: command tx timeout
[  455.595435][   T51] Bluetooth: hci0: command tx timeout
[  457.605937][   T51] Bluetooth: hci1: command tx timeout
[  457.611401][   T51] Bluetooth: hci2: command tx timeout
[  457.698146][   T51] Bluetooth: hci0: command tx timeout
[  460.327610][ T5834] Bluetooth: hci2: command tx timeout
[  460.333151][ T5834] Bluetooth: hci1: command tx timeout
[  465.298003][ T5834] Bluetooth: hci2: command tx timeout
[  465.303463][ T5834] Bluetooth: hci1: command tx timeout
[  495.938658][ T5840] syz_tun (unregistering): left allmulticast mode
[  496.012684][ T5840] syz_tun (unregistering): left promiscuous mode
[  497.566907][ T5840] bridge0: port 3(syz_tun) entered disabled state
[  501.567333][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  501.600660][ T5155] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  501.623399][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  501.671706][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  501.707575][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  501.730514][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  503.968611][   T51] Bluetooth: hci3: Opcode 0x1001 failed: -110
[  504.359055][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  504.664023][ T5834] Bluetooth: hci4: Opcode 0x1005 failed: -110
[  504.672031][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  504.699048][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  504.720230][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  504.760179][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  504.798744][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  504.821313][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  504.862272][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  504.884098][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  505.238269][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  506.223493][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  507.498347][   T51] Bluetooth: hci4: command tx timeout
[  508.907148][   T51] Bluetooth: hci3: command tx timeout
[  509.936465][   T51] Bluetooth: hci4: command tx timeout
[  510.992052][ T5834] Bluetooth: hci3: command tx timeout
[  512.316665][ T5834] Bluetooth: hci4: command tx timeout
[  513.150715][ T5834] Bluetooth: hci3: command tx timeout
[  514.410234][ T5834] Bluetooth: hci4: command tx timeout
[  515.238395][ T5834] Bluetooth: hci3: command tx timeout
[  528.570322][ T5834] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  535.092903][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  537.128926][T13232] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  552.717743][   T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  555.787759][ T5834] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  556.368976][   T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  556.427654][   T51] Bluetooth: hci6: unexpected event for opcode 0x1003
[  558.348600][T13238] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  558.451138][   T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  562.787754][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  575.721594][ T5844] Bluetooth: hci2: command 0x0406 tx timeout
[  575.741934][ T5844] Bluetooth: hci0: command 0x0406 tx timeout
[  575.820011][ T5844] Bluetooth: hci1: command 0x0406 tx timeout
[  578.497804][ T5155] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  578.570002][ T5155] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  580.440641][   T31] INFO: task syz-executor:5842 blocked for more than 144 seconds.
[  580.465195][   T31]       Not tainted 6.16.0-rc2-syzkaller-00624-g5e95c0a3a55a #0
[  580.472846][   T31]       Blocked by coredump.
[  580.999090][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  581.726924][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  581.787794][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  581.809599][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  583.931181][   T31] task:syz-executor    state:D stack:21320 pid:5842  tgid:5842  ppid:1      task_flags:0x40054c flags:0x00004006
[  586.124159][   T31] Call Trace:
[  586.127576][   T31]  <TASK>
[  586.130537][   T31]  __schedule+0x16f5/0x4d00
[  587.750874][   T31]  ? stack_trace_save+0x9c/0xe0
[  587.773815][   T31]  ? __lock_acquire+0xab9/0xd20
[  587.778711][   T31]  ? schedule+0x165/0x360
[  587.783068][   T31]  ? __pfx___schedule+0x10/0x10
[  588.360725][   T31]  ? schedule+0x91/0x360
[  588.383418][   T31]  schedule+0x165/0x360
[  588.993477][   T31]  schedule_preempt_disabled+0x13/0x30
[  589.012148][   T31]  __mutex_lock+0x724/0xe80
[  589.740404][   T31]  ? __mutex_lock+0x51b/0xe80
[  589.758484][   T31]  ? tun_chr_close+0x3e/0x1c0
[  589.763191][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  590.049752][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  590.068562][   T31]  tun_chr_close+0x3e/0x1c0
[  590.073098][   T31]  __fput+0x44c/0xa70