last executing test programs:

4.870079797s ago: executing program 2 (id=1861):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000006, 0x4132, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="2800000076000100000000000000000007020000", @ANYRES32=0x0, @ANYBLOB="05000d"], 0x28}, 0x1, 0x5502000000000000}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000280)={'wpan0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000140)={0x80, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SEC_DEVKEY={0x64, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}, @NL802154_DEVKEY_ATTR_ID={0x31, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x44, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}]}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}]}, 0x80}}, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r7, 0x0, 0xf3a, 0x0)
write(r7, &(0x7f0000003300)="ac", 0x1)
setsockopt$MRT_PIM(r7, 0x0, 0xcf, &(0x7f00000001c0), 0x4)
pipe(&(0x7f0000000000))
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r4, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xd}]}, 0x24}}, 0x8000)

3.764724649s ago: executing program 0 (id=1880):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000007000000010001000900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x8, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="7a0a00ff000000007110bf000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=<r3=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0}) (async, rerun: 64)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r6=>0xffffffffffffffff}) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r7=>0x0}) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="380000005400e501000000000000000007000000", @ANYRES32=r5, @ANYBLOB="002a269e2d4228ae36839dc1a9000017", @ANYRES32=r3, @ANYBLOB="00000400ffffffff00000000000000000000000086dd0000"], 0x38}}, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, 0x0) (async, rerun: 32)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) (async)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0}) (async, rerun: 32)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="50000000275137c0bb7ca63ff9ee74b6d770c4b31cc53f48e01edfbaf4e0fcdd4ab1dfc1d4d468c9376bcea644aa", @ANYRES16=r1, @ANYBLOB="010000000000000000006600000008000300", @ANYRES8=r8, @ANYBLOB="080026008f0900000800b7"], 0x50}}, 0x0) (async, rerun: 32)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r12=>0xffffffffffffffff}) (rerun: 32)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r13}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r14 = socket$netlink(0x10, 0x3, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$nl_route(r14, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14) (async, rerun: 32)
r15 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1e00000000000000060000000600000002000200", @ANYRESOCT=r11, @ANYBLOB='\x00\b\x00'/20, @ANYRES32=r7, @ANYRES32, @ANYRES8=r7], 0x50) (rerun: 32)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r15}, &(0x7f0000000180), &(0x7f0000000100)=r12}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000380)={r0, &(0x7f0000000300), 0x0}, 0x20)

3.305589839s ago: executing program 0 (id=1885):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x11, &(0x7f0000000280)=0x3fa8, 0x4)
recvmmsg(r0, &(0x7f0000001c00)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x40010020, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={&(0x7f0000001d00)=@qipcrtr, 0x80, 0x0}, 0x0)
sendmsg$kcm(r3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2102}, [@IFLA_IFNAME={0x14, 0x3, 'wg2\x00'}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="340000001000010400f924153cae64c75dfcff0900000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163767461700004000280"], 0x34}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="2b63707500986574080000000000000000"], 0x11)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
unshare(0x62040200)
r7 = socket$netlink(0x10, 0x3, 0x8)
sendmsg$nl_route(r7, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket(0x0, 0x803, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r7)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ec000000", @ANYRES16=r8, @ANYBLOB="000428bd7000fcdbdf250400000050000280080009000300000008000600050000000800080054ac000014000100ac141421000000000000000000000000080006000500000005000d0001000000060002004e24000006000f00060000000800050006000000080006000000000008000500ff0100001c0003800800030004000000060004000180000008000100010000004c00038014000600fc00000000000000862e58e2a133972bac39026e57d5cf000000000000000008000100010000000500080008000000060004000400000014000600fe8000000000000000000000000000bb08"], 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x800)

2.866300329s ago: executing program 3 (id=1889):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c020000", @ANYRES16=0x0, @ANYBLOB="0000000000000000000005000000e00005800c00028008000100000000000c00028000000100000000004c00028008000100000000000800010000000000080003000000000008000200000000000000020000000000080004000000000000000400000000000800040000000000080001"], 0x23c}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r1)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r1)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf25040000000d000a0000000030323135340000000008"], 0xc0}}, 0x0)

2.827814243s ago: executing program 4 (id=1890):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x42}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r3, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}}, 0x0)
sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, r3, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xfffffff8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x200c150}, 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
listen(r4, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x50, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2000000}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x12}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x54}]}]}, 0x50}}, 0x0)

2.605921197s ago: executing program 3 (id=1892):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r0, &(0x7f0000000000)={{0x6, @rose, 0x1}, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
sendto(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=@nl=@proc={0x10, 0x0, 0x25dfdbfe}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000000000340000000000000000850000005300000085000000230000009500000000000000a94be0c51261be6a99e5e06bb0a232d5e1f59f18f845f82e9a7cde9e8f1b547edf612a03f1737d951d7a617558b674e1c4fdfd771ebe7c33af3e4917be59ac67f0bbabcb8f41c23ba8d91633a8b9c70e804744dc081ac69cfea08e4e5a06f70c6792f2888d6fd95f202028070000003771bc3f325a6386a9d49e3c13b3ef6b586eac8cdd5efe6320073628ed2461acf0be4b31638c29187d748841f439547bcdac15e52a4b6a2981eb4afadbbdf9157fa588f475c4cd2e44e2129dc6b93993909613e8d95f5610c067d9b97c524c210af077707d71e8512e"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r2, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000008c0)="3cb7e9e5c30a05c41dd519ab070a9833851847c82c6d026f7b4ee0b1c320fdc6d96ca36805a6391803b3e8", 0x2b}, {&(0x7f0000000540)="0000b1571fdf4d2c772384fe455c651a51b2c39d0b83ec769f19cd675b6314f54f056ad9ae96b339655c8990ae5d7f8cd15dd08984930d2c11a8db55fbf0a28c5f339a13509e0e489cf5dd6964d6ea7617c94ff3c4d59f81990d012feda666396b6c759a9e0e25ebab7e53179a0ac88e4f4e3f7753227ed80cacd2a38d00866426b02e769f387e16d656276bae46af12be7d2268df83cd96bc42dc17cfddb580a87fc0be15b4f386bf3cbd4ed990ac28ea44526cb6800ffac2fa3f9bec8e0dca52110c97", 0xc4}], 0x2}, 0x0)

2.541520441s ago: executing program 3 (id=1893):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x8000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r2}, 0x18)
sendmsg$can_j1939(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, 0x0, 0xfffffffffffffffe, {0x0, 0x0, 0x4}, 0x1}, 0x18, &(0x7f0000000080)={0x0}, 0x4}, 0x4c8c0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
unshare(0x68060200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x108)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x1000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r5, 0x0, 0x484, &(0x7f00000000c0)=""/24, &(0x7f0000000100)=0x18)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000400)='vegas\x00', 0x6)
sendfile(r4, r6, 0x0, 0x8000002b)
getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, 0x0, &(0x7f0000000000))

2.498174075s ago: executing program 4 (id=1894):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000fffffffffffffffd00000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000060000000060a010400000000000000000100000008000b40fffffffd300004802c00018008000100636d7000200002800c0003800500010000000000080001400000000008000240000000000900010073797a300000000005000740ef00000060010000160a050000000000000000000300000034000380180003801400010070696d3672656730000000000000000008000140000000000800024000000006"], 0x358}}, 0x0)

2.311754833s ago: executing program 4 (id=1896):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
sendmsg$NFC_CMD_GET_TARGET(r2, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c020000", @ANYRES16=0x0, @ANYBLOB="0000000000000000000005000000e00005800c00028008000100000000000c00028000000100000000004c00028008000100000000000800010000000000080003000000000008000200000000000000020000000000080004000000000000000400000000000800040000000000080001"], 0x23c}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r2)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf25040000000d000a0000000030323135340000000008"], 0xc0}}, 0x0)

1.954743545s ago: executing program 4 (id=1898):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9232f2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000200)="c67f0d7df9", 0x5}], 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000005c0)='syz_tun\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0800450000340003000000069078f808008e31ba9707bc1c24b517", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="8c10000090780000080a00"/20], 0x0)

1.736666267s ago: executing program 2 (id=1900):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
close(r0)
sendmsg$nl_xfrm(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[], 0x33fe0}}, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f0000001900)=ANY=[@ANYBLOB="04020000d2d588318e2ad6f17b5c3974e7c13f3e1cae86806840a176d4cade4fabcc51c7a7d635edd7d2b438c07a91a6740831819948801cdcc5f321e2bcd2aaa9ff1d2fb709224db3e71a5e3e4910c7fc8942e4493753478e017bc5133b41da4fea4e1b0bd00f82f6cec7bc461524decbb4ec2698bbb7fca4951b531945fbd502c7e6ba17e75cf841fcdd2406fd63727e51a596bcc26554d7cc09f3d5de3bb8d703983e2bd89dd6e8ff0a1aa99ffb1ca6e8e96f8a80268211ec6e2d38431f683ff059114f7dba52a0cd66f0c1e7", @ANYRES16=r1, @ANYBLOB="00012bbd7000fcdbdf254b0000000c009900030000003800000038002d800a00000002020202020200000a000000010101010101000010000000dd96fafe8d686faf448557730a00000002020202020200000400ff0008009e0080300000dc002a00025315394670142c9b13760cfd4b00d970c50266107413e40dc1525884caffebb510d2b8247df0579d5df2c916e0221ec94e53a887cbec661daa602cecf0f9100a66664bce764f4d891bd5d407e47f6461f45cd3840301eabd06080211000001bd06080211000000060201013c040107ad09825c04036d0500000008021100000005000000ffffffff02000000060008021100000022030000000802110000000400000005ffffffffffff0200000005080211000001cf00000004080211000000090000000408021100000194000000bd06ffffffffffff0600f70005f7000006009800ff030000b0002a008c18a308c212036d66aaa078d3721ee0695c01e75c72b8236bc47606b809120002008288037f0eff0f00000802110000000f00000004000000fdffffff0a00080211000001a237000001080211000000fbffffff000802110000000600000000080211000001100500000508021100000104000000050802110000000600000000080211000001ff0700000508021100000108000000040802110000010200000004080211000000070000000400ec00"], 0x204}, 0x1, 0x0, 0x0, 0x24008000}, 0x801)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$rds(r2, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@rdma_args={0x48, 0x114, 0x1, {{0x5}, {0x0}, &(0x7f00000001c0)=[{&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f00000003c0)=""/230, 0xe6}], 0x2, 0x34, 0x100000000004}}], 0x48, 0x40841}, 0x10)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000080)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000110400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="268f41df93afe60277e364d65fa61accfba1218b981b1e9e7c0677c5509df7aba2b42821b3dc87182a0322260e0bcf80529161d3de9847d4ed12ca5508b1676bba65aa263a929f107a247046caf2399f171c67122018280ea5327ed0aa5f02a4cdb5b0ef0ca441fb34b99677d2c3f572970e44d3051b80453e113fb382a5ffdcc0b44e16ab5a63e97ada4e91e6c479fad00b80957e173a517a270671357cd739763e", @ANYRESOCT=r4, @ANYBLOB="1f05028b17b30b629a9f25a85175330c13681c5d690f42869440f634d3ba14864cc486ed8fe4748cda891cdf53ccb3385945b09ee3dc161b61e32a2d93fb2a06195340d287cc4cb5c196d8bfae1c86f39673858efa980f1639f71fd1719612e6e2ecc0f6d42032eb2ca6b5c3f0801e133bbb03cc1550002c1c785b732b66820e6063d7e9a418821423a9e967ba6f9383bcc03704c6611aee55b7acb4455f1084b242dfc57de3989433bb55f3512d69cecfe1fd81743047d800d67dc9a6435b1e6f5bdf5a0c788b0f7c8d7dac3f70bfe3285f50330ff2f5ea42b8105a034ccca1ce9d001cf192c61f8e3dc639267540216673a8492c0d7aa8b9717419c35b09a062705ce40f6936a1fa9275d3565aa7ff256b01d4052c11a5bfad65020ce82dc4e486494b887af1a728dd9a89f0e6ff02fd0bf612a60f22d99867d6b3805cc7bd6206870b92607faa29a8b33b3939f8e256bd50959fa15623dee0a669a984dca682f361cfbe45eb74bd827cbeda27d3547701b4e7244bd6dd3b570c5c5bd6c01dc8049c18fc769afcfa50cb5ac00e78d8ebbf6c5290c31c56878d8039e4ba3028cd92e4cc7b9e6e3970504043bc12985d498b6f170df886bf23759ae9a2372fe0b234b85c288ffd4279216115e5c4e1d825e72030f804232dc3a5af3188c789eae64b865e3fde73477ba48beff24b20bab398f208ce58fd8184386401ccc585ba45d6b9723c66ac92c521839531ec6aafd3e1410643120e0357aa8281789855dcb9bce3d398fb9fa8b304816b1e8c2d6cd5243accf18756b15c76f345e454cf79dc4c9cddd71f09f3e419fd55cabaad41e56977bc886a9af5e9e1efa07bfce817e858486749ab04f1c30389f7dedc90f00f9e51cadf00cb80b4b3b75078efae2018fdee44cb99d7b066583660290e0e1a6379a280f41391fbe0247d5e56ea15922c2b91f41edc79ddec5f4c2f556aaec79c5220df658ab4a8318f21b2dacff87b4a0982443840e4b365d9398b69c14b6b9cb600cdad29bc19bbd4958d7b67d3423bfdd0c4487b1846d7ac0c69a01c4a46ab1e504cc059ccc8ff2859d14e02d0d2fc935e70ec66ec313dda2bb52e3594559c42582da3833ead6942ea2ad88d0bd90ab33c4e7ece218a91d457c1f2377b7e3b09f0f2c68de6e261c45f85b7ea2efc0ad5402b5fb8a6e4ef22b019bb257535ec8496c9ea51c7c3655832c1b1d45b0fb2414d8726be0c94885eb446fa23fb0e83e92d4e945a51c49e290695e00ca1757758eada45d0a8f35d4f3ca83677f1ab2c0f109453ee7270183d0bb6bcf0cc7121ea8535e174bebba39460b6984ecd6b507cc13196750057be92c8f6b3321130bbfe22de2450ff722aae4efcdaae23707cfef1a78f0f1d200a723594612ade146f38cefd444725b66a862f559cf43fbf01a84f608865d1a0d458e5f124d14517d88feacbeb2f933c18406b15e3e660195e6caa6c69722510a7d8c3ceed5d154689549f80bda0c6b8cfca57cfefba6531c02be33552a2fce52f4006e0887c2262cac1682fd139d56286edb351d0d8a5e294fdde0f835c3a2b1d53247cdf40dfbb0ca6f7d22f97e48ce4e9ed64ad1b832ef1f348909a35c2643e0ae02cde5000b5cb66bdc54a340305c8209525220e78769ab125dc619b82046a519521fc05f1cdf8c8ece7b45de256891692d6716932b2da98a70ea07b6aa79c9334dcb28066b5c399e40adc9a67c35b478aa7d2442320ce0cc801dfefd0b425e1fec6eb88cf3c6e6b43bd4067bf847841d25fa37045428d12b9c311d54206dbe7e58640b1876bea939c6e3c0142be0021883b5cd298e169f96e4f55a0d7c4cc3af346e4dc62aa22e1b0e3ac4d268beae0632d8f39c9b2fd8a224caa79ba818d6458d336c2fca12e91f02cb06be9d4913ca9a6fcd3c2cd801a0e28899d01d58ae0be0154a0aba175f36dca75708e7705490952b173967cfe64d49a556e444dcfcf13c6f1b8f48ee12e41c75fbcc0533896ccd2645acf3bbebb588352301665c928a54c10510a834cdbdc8495088071271b6b5046723bde528e91d6397c2147afbcd743aacc79e4f42720cdccac0ff20650d92fffae8ee99ef0e778652e5e06ed62dd6bb374ba9a79b9e60ed288e22e03628a343edd34fb4b7e0097acb3d7d8c184f88e4f70e2662c13489a37cf90e69a3b9e7dd40d1cd7e8abc432e43c590051c8173c6d6d0254df8bd892a0551201731b36cdf5084cdea914883ff2c96d30fe2075c5576e4d38ebcb876694cf2f2408bcbaf4c77681fe497ef17891820bbd2d772ecd7742ea9b5c6be5f9571cda1a15f6f6a2e8b4b90a0d205fd73d9b813550c918f7b0c7ba20d19ee5913b1c261318269f028057e9b5b9c56394695ca1f0933e76554e87bc99fd27eb29bc28939d527c797525b5339f802bea60e1cf349dc54b984b91262d47844960c16d1d0805309d21845e2dfb6ad83cb8ba028f104efde77db880ff63594f5cb632ac69332726828800792ceb544b9e9648a9548d4d809883863a2fab2cc43765b4f48e0a61ee545a69f78123bcffd321e815a2772c79cf1750fd3ac2e070ccb6a1cd4c00b448dc70ea80908dd160a88db881710938e371e12256c444ba49ecd1c9a6b24de671d17f19369cb1db4ba48f993cd6d50a0bed42faa54ee16c91e6ed2d79d4400bdeb6b28a9f10235495caba3b9a2ee1a755083cda7e4a5fdcebbe030b2463276b15b4f6a8317979b7aaf3ea900af59eb37871fad6c57cf81846aaf214005231322d3de5732811543cb30c5074c7befd1d7d117ece15d057a892eef55fd16f473ae7cf9e4abe27a22cac59e4b62fb26bd8d54463123d53bcdd9919031877c3e249e4cab9e2124f3b2215a7df0863c3cefc4fcbcf985183af372f28222b5129c6b569ece8caf9750dfdbb550d9e3016d5ba1ec6980436706617e420a1ed9425957e7d53fe17ff8c2461d157451bcf2c52ed172547235e3a2a068a47b65f4164a00c9a6da61fff8ac08f3949837e7d7e8b0f6a6a5fcf891803ddee933ec768ccbc7046aa6a1707c225ca185619d26ad3d592d4f5f220f7a16403e06d5c5b90ac3054c28bd631e3cb2808f073fdf6d59294258c8b794d177fb26483325a7f5f3a1aa6703265c14c477a4297382383960b105faa5b0a5cb513acb1a89806a891a2d9121373b46783cfdb65c8f1c533fb53a59703ffc74e11784773ca92ea1fd355c683fe7447e46a270976a2fcae6c7418b376885a1f0869cee8394a00d19b31f6602179c940f44e84223062198903fb85c78c0101377af027bd92461c167bbc391c06583f4af73232db3e539ddba37ca4739265fb0c7f1763e673bd878af1840254796f9f25c04f498f76a5219060b3ceb121a51ef4e04faab784c69efe780c87df7a63c4d35750add502b10f7b5469e0f9363f5efb6852c9a39596cef8e71e6a871e6e45df72b08572c5ac6d26decd99e414c6a4ae2cf6278672f4c23da4a9227806f60ba4afeac85afd0812cb965535452693b22c0b102eb40c2984669d58d717ee155ce6aa6dd967427b63d3a0d672492e1b4f4e32b1e2abc623ccfde99723bfbb4bf9a7f8c88b30f267b522f51571083ef4f84a0d60634050209410aebfa64be0b36dcd471abe0b9b459a75985a2e13de32f89856c5a52db41e58795b7343c0ae5b9f4bf6a192536aec2bd3462e2711f14bbc52884bef0f745756b552675fee585c1fde1ece5386fc1b9c90edb453ffa4443f387744ff81be9fc74ce18979831b0e8ee9ed555da872d9d43d2e8ee242fd40fbc90ac8b6c4ba2252fd1079fe5f77893e75faf5762a74eddceac71371589f43b6683eaddb8cfd0d63cd67426da67f826cc4adb6b6b6bfbc7840ba223431e27056da2dc8eea5499047d9346312a68bd0feca33ce35f8cd634356d0702e69ece4077cde4cd1dc48afd8be644c07c70cb9f28131fedaea9c3a21c2d27b2b494b46c547be777af0b324c234822f2f1779715aba9755dba5d7884318a7bacf05f53bbeca825bc76fb3344b42063b33412652e75f1b25a00af5a6e48c75ae19dac3ad23ee5d6fe9061dfdd64ba69bf4ab106692a0bcb05465b17106c32a6a1ad576b37c2848edb78cd0fcec38c1e31574796e853486fb662fe4d729cb48675005841d4608d91412f0ee8ef050fa68aae99a3c8bf3fc3ca4f41857fdf67ab4ed91c57296bd8d5ddce9e8fc78cd6fca67eac83e6976b8873c52311e9dc38036f48f4c9e764c13586d3a7d5ebaf14d4201ae95a743ae2bdb9df157590c9b43155c48e5eacb671cfd71cb8f9b5b2a753bf74cd831c47a2d63bf9789b5d6b68bfe311b8db0671e7759844ddf5f78c56bf4f4324056ea753286d277f9c5f05889b87555ab2c9e65cac509e8cf5beee0717ed2be1b512168375cc209eb1608eb197985615d76a01911fdd1672ec1a3ce24986dd526bd551cb7e99fdc6ed220cc6017a433a009b19f011ff0a5854582b483d0b5fa88e480c44206f953d16b728592f0f7f3a77206dbf92b281b4e3c50843f8b27ff6124693caa6c677ddc1a62377e22799c34578f133eeb4b194c6f0c505ddaa345eee451b48be0e3d805848c6582c3ca0c2f0776e0bbb809fbf2f96b7f4cfaba0f9dda8863a17000e014529ce9802f85ffee91714e77e19f5714aa571c154274d4d22360c55d9327e5b96b86223de79396908e9a022808f0bda4ec833df8f9a4b19dfa7515d52d0f4309589f32e8a026d6a29631183d212c1c08409f24bc9c5e0025aaf6d13300bdd64b12b2bf509fe7bea222ceffb509380ab9c3d56c382141911b4ff7d218ece76da14f84754a4fe1b81ceb05139431d952013006a2fc902f1ea5fac348f4ddc5c72ec95e296e52d6ab3646ae031f0a76ad871cad79c0c6321e468ed121019a361ec232c9c5325865ebac8513c6ac9473857ab36508d373cd8a02c6f74bc39351fd8a523237ba77af19f96a0d99a2436db4d5f1bc4e499837437ab43bfddc22e8edd21bc5b3e79d003e2ce3e36178b460ef6f05a296512b181f3c7a846e8a1bd6b7af12a0d2d102d43a4668e0ed23397d0fe13139f6eda5d15bd5fa05538a655b22dc42af0374ed88f1501446886e43678da1c449ec75ea4ebb7ee6455cf4db12847515dce33919e543ebf11213cfa5cb4d72a63c28fa48ebbff0679dfb6374a1c1c08f7a606a6a3dcf42836e6f2b9c39c7cc1915ef6a3e81210f0761389a66a9d318f189905b71e5da4a43608e0dfec594231daacfa74010f1fd57afe65fe21361c49008c7f345289094e6a8e31ed20164e06500ed5e9f2e8ca902a1cab04b70e2589a7fc52078a76d93b366f96ab338d6430c06b507707238fd7a2e50a09b963e1f47774f3f408cdfb580903529053e362a239f043f0f9c626395208dcee0323d09d13c21b8cbc84c77cb8dc25ad6342326bb62feac7448c21e971d6cce071282946e97bcb9b7b100634cdbc00b94604d1b47c2fcfe2efc25ccd878e8f96e237bdf3dadca1cfae93d4cf034bc3e9332262ecd31f226aeedb7674bb66fa6f78a85b9f9c9790f8edf7c4d8b6ac604533146ae43cd735a0f1bdbc9b799439c3be0431f6c4cfd8f901524b840209e59c782b214b815452cba720b854015948ecbd410a6d5dcfb6e8fffb314cb5765f098edcd2599fc40e834d744df8cb9c1cf063fa3b464db4a3d3f584a78ae1635fc8a9e71125e3d7c554f964c6857fc5ad6307a669fa1367508dd1ba87fac7d4e5a16481e5bcdc13816725ed26e87a191cf5f240069f3e9d15da5fa49e7765ccc224165acf0", @ANYRESHEX=r4, @ANYRESDEC=0x0, @ANYRESHEX=r5, @ANYRESHEX=r4, @ANYRESOCT=r4, @ANYRES16=r1, @ANYRES64=r2], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x19, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1900000000d62fbf67d9112d65"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='bcache_btree_write\x00', r7, 0x0, 0x3fd}, 0x18)
socket$rxrpc(0x21, 0x2, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(r0, &(0x7f0000000580)='pids.current\x00', 0x7a05, 0x1700)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_rdma(0x10, 0x3, 0x14)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})

1.691534232s ago: executing program 0 (id=1901):
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, 0x4, 0x6, 0x101}, 0x14}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @remote}, 0x10)
close(0xffffffffffffffff)
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000200)={r3, 0x1, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}, 0x10)
setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000440)={r3, 0x1, 0x6, @remote}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=@ipv6_newroute={0x44, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x2}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x0, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0xa, {0x0, 0x0, 0x10}}}}}, @RTA_OIF={0x8, 0x4, r1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}]}, 0x44}}, 0x0)

1.499152542s ago: executing program 2 (id=1903):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'hsr0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r2, @ANYBLOB="e19b0ab7", @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x0)

1.361241766s ago: executing program 0 (id=1904):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)={0x1b, 0x0, 0x0, 0x7ffffffc, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xd, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x8, 0xfff8, 0xa0}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_GET_TARGET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x40050}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c020000", @ANYRES16=0x0, @ANYBLOB="0000000000000000000005000000e00005800c00028008000100000000000c00028000000100000000004c00028008000100000000000800010000000000080003000000000008000200000000000000020000000000080004000000000000000400000000000800040000000000080001"], 0x23c}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r3)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r5, 0x29, 0xc8, 0x0, 0xc000000)
r6 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r6, &(0x7f0000000140)={'full'}, 0xfffffdef)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, &(0x7f0000000340)={0x77359400}, 0x10)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8b0f, &(0x7f0000000040)={'wlan0\x00'})
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r7, &(0x7f0000000000)={@val={0x4}, @void, @eth={@broadcast, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "01d55e", 0x44, 0x29, 0x1, @local, @mcast2={0xff, 0x3}}}}}}, 0x7e)
r10 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r3)
r11 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x25}})
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)={0x20, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x160}]}]}, 0x20}}, 0x0)
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="27c20938f5b680c26be67d67", @ANYRES16=r10, @ANYBLOB="010028bd7000fddbdf25040000000d000a0000000030323135340000000008"], 0xc0}}, 0x0)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r5)
sendmsg$NL80211_CMD_GET_SURVEY(r5, &(0x7f0000000440)={&(0x7f0000000280), 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r13, @ANYBLOB="00032dbd7000efdbdf253200fd000c08990006000000fe7fffff699c9e9c0597ec2f2a8a01756e35e35968d80b997b063812a8bc24f401f062d75dfc5964e5423b0b"], 0x20}, 0x1, 0x0, 0x0, 0x4044080}, 0x4000001)

1.249756766s ago: executing program 2 (id=1905):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$packet(0x11, 0x3, 0x300) (async, rerun: 64)
socket$packet(0x11, 0x3, 0x300) (async, rerun: 64)
r2 = socket$kcm(0x29, 0x6, 0x0)
sendmmsg$inet(r2, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000300)="89c064", 0x3}], 0x1, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x0) (async)
write(r2, &(0x7f0000000540)="d5e227572845", 0x6) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async, rerun: 64)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (rerun: 64)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000b40)={0x4, 0x3, {0x1, @usage=0x10, <r4=>0x0, 0x40, 0x5288, 0x79abd68b, 0x10, 0x9, 0x4, @struct={0x6, 0x55}, 0x9, 0x8, [0x5, 0x2, 0x9, 0xb, 0xfffffffffffff1b6, 0x2]}, {0x5, @usage=0x4, 0x0, 0x2, 0x1, 0x6, 0x8, 0x0, 0x0, @usage, 0x2, 0x7, [0x2, 0x4, 0x8, 0x2, 0x0, 0x8]}, {0x1, @struct={0x398, 0x407}, 0x0, 0x7, 0x6, 0x3, 0x0, 0x8bee, 0x73, @struct={0xb63, 0x2}, 0x4, 0x1, [0x6, 0x9, 0x9, 0x919, 0x3, 0x905]}, {0x9, 0x4, 0x2}})
ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000001340)={{r1}, 0x0, 0x1e, @unused=[0x4f141cb1, 0x9, 0x1, 0x400], @devid=r4}) (async)
r5 = openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="68000000100037040300"/20, @ANYRES32=r5, @ANYBLOB="88040400000000004800128008000100736974003c0002"], 0x68}, 0x1, 0x0, 0x0, 0x8801}, 0x0) (async, rerun: 32)
r7 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 32)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r7, {0x2, 0x0, @local}, 0x2}}, 0x26)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r5, 0x89f9, &(0x7f0000000280)={'sit0\x00', &(0x7f0000000180)={@private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xac, 0x14, 0x14, 0x11}, 0x1a, 0x1a}})
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r9 = openat$cgroup_ro(r3, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
connect$vsock_stream(r9, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @local}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071123000000000209553000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 32)
r10 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
sendmsg$L2TP_CMD_SESSION_DELETE(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010013bd70100400000005000000080009000200000008000c00a80a0000060001000b00000008000b"], 0x34}}, 0x20)

1.012737128s ago: executing program 1 (id=1907):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000fdffffffffffffff00000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000060000000060a010400000000000000000100000008000b40fffffffd300004802c00018008000100636d7000200002800c0003800500010000000000080001400000000008000240000000000900010073797a300000000005000740ef00000060010000160a050000000000000000000300000034000380180003801400010070696d3672656730000000000000000008000140000000000800024000000006"], 0x358}}, 0x0)

961.633557ms ago: executing program 4 (id=1908):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000180)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x98}, [@ldst={0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'dummy0\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001440)={{}, 0x0, &(0x7f0000001400)}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e00000000000000000000000000000001"], 0x48)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001401)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x20000010) (async)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20000014) (async)
close(r3) (async)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="200000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="020000ae6f000000"], 0x20}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000200095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0e00000004000000040000000300000000000000", @ANYRES32, @ANYBLOB="00020000000000000000000000000000000000004f5b0f19cde119827089938b5cc60978af414063a34760f3cef51586245701839e1b712fc002003882728eb40faceaf899beba4ceed617b01028ef7d24a71a9a82c9986bf9fffffffffffffffd304e66f6ffeb2872cb2fad13b62dc9c19211f19b86e136c5ba0a4d4593c71872d393590135c8ba025a839eae6c856130cf117113b07ce58b559a4256aba358b768c58ab275bc132fb74ac79e0577f742d8c6763a89018a15e759be28d9642a5a7ebdf82b71152ef17e4a23808096dea27db8e1e263daeba96234d2301d2c3a234bb280b45572565e43d1b265ce15feb6c587fc09287e26a25ab30f312bcef73b1e864c805b72b9ebd013ad38739627cb4de1825eee137aabb0e28938918950ecc07ebc4ac3bcc61e372b68f929d7687ee9dc377db0ea7819f3086591", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) (async)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f00000000c0)={0x3, 0x77, 0x2, 0x6, 0xda, 0xd2, 0xbb, 0x5, 0x0, 0x9, 0x7, 0x3, 0x9, 0xb}, 0xe) (async)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000028000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000070000b7020000000000007b9a00fe00000000b6090000000000a80700000050000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffff550000000800000018220000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7050000080000004608f0ff760000005d9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x11, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
writev(0xffffffffffffffff, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) (async)
write(0xffffffffffffffff, 0x0, 0x0) (async)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

827.319415ms ago: executing program 2 (id=1909):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
sendmsg$NFC_CMD_GET_TARGET(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c020000", @ANYRES16=0x0, @ANYBLOB="0000000000000000000005000000e00005800c00028008000100000000000c00028000000100000000004c00028008000100000000000800010000000000080003000000000008000200000000000000020000000000080004000000000000000400000000000800040000000000080001"], 0x23c}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r2)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf25040000000d000a0000000030323135340000000008"], 0xc0}}, 0x0)

821.102749ms ago: executing program 1 (id=1910):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="001500000000007885e4989d8224f1f056172373ed120c02663ab0ba9a83614be082b734484b29432808002af447caae00000000000000000000000000b6882fd943dcb47f1ea18b98d9e691818e2e08a111d9206a1ad132ba60d8fcd20d9c36784fe11048fe6cd58495b8ac46444932489ba4900bb85a9e8b9a0ac4bdbe4d3fd74b467e0692df090d27a60e268dc292871001ecfd6bbe1d46e87a8cfb28bff4a982b089b0941b7857bfc39c0929dd2db1f89b7e799006ec7178d79ea34397fa149c15137dee68d13c7146ecaf5029a058", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMSETDEVNAME(r4, 0x80184947, &(0x7f0000000100)={0x0, 'syz1\x00'})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000580)={0x0, 'veth0_to_batadv\x00', {0x3}, 0x9})
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000001, 0x4000010, r2, 0xa22eb000)
accept(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, &(0x7f0000000100)=0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x18, &(0x7f0000000180)=ANY=[@ANYBLOB="18690000020000000000000003000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000072402000820000018010000202078f8d7003bce51a8ffce72505a2c2500ffffffb702000008000000b70300000104000085000000060000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="001500000000007885e4989d8224f1f056172373ed120c02663ab0ba9a83614be082b734484b29432808002af447caae00000000000000000000000000b6882fd943dcb47f1ea18b98d9e691818e2e08a111d9206a1ad132ba60d8fcd20d9c36784fe11048fe6cd58495b8ac46444932489ba4900bb85a9e8b9a0ac4bdbe4d3fd74b467e0692df090d27a60e268dc292871001ecfd6bbe1d46e87a8cfb28bff4a982b089b0941b7857bfc39c0929dd2db1f89b7e799006ec7178d79ea34397fa149c15137dee68d13c7146ecaf5029a058", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
socket$isdn_base(0x22, 0x3, 0x0) (async)
ioctl$IMSETDEVNAME(r4, 0x80184947, &(0x7f0000000100)={0x0, 'syz1\x00'}) (async)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000580)={0x0, 'veth0_to_batadv\x00', {0x3}, 0x9}) (async)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) (async)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000001, 0x4000010, r2, 0xa22eb000) (async)
accept(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, &(0x7f0000000100)=0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x18, &(0x7f0000000180)=ANY=[@ANYBLOB="18690000020000000000000003000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000072402000820000018010000202078f8d7003bce51a8ffce72505a2c2500ffffffb702000008000000b70300000104000085000000060000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)

657.288366ms ago: executing program 3 (id=1911):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r3=>0x0})
sendmsg$can_raw(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r3}, 0x10, &(0x7f00000005c0)={&(0x7f00000000c0)=@can={{}, 0x89, 0x0, 0x4, 0x2, "000000000300"}, 0x10}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wg0\x00', <r4=>0x0})
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000003c0)={'gre0\x00', &(0x7f00000004c0)={'erspan0\x00', <r7=>0x0, 0x7, 0x700, 0x400, 0x8001, {{0x33, 0x4, 0x3, 0x36, 0xcc, 0x68, 0x0, 0x8a, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@timestamp_addr={0x44, 0x24, 0x32, 0x1, 0xa, [{@remote}, {@loopback, 0x800}, {@multicast1, 0x3}, {@dev={0xac, 0x14, 0x14, 0x23}, 0xfffffe01}]}, @timestamp={0x44, 0x2c, 0x3f, 0x0, 0x4, [0xfffffffa, 0xc0000000, 0x24f9d789, 0x31, 0x101, 0x7fff, 0x80000001, 0x8, 0x2, 0x7]}, @end, @cipso={0x86, 0x66, 0x2, [{0x5, 0x2}, {0x6, 0xe, "a9077e7f12cce1872f6dba6f"}, {0x6, 0xd, "03408e4e79211a00484024"}, {0x7, 0x10, "2c6dea2ef22dfa0207290f8b860f"}, {0x5, 0xd, "bac4a5550006da8d9f7461"}, {0x5, 0x10, "211a5afd6a239adc2110f440ba22"}, {0x6, 0x5, ' d\v'}, {0x5, 0x11, "48cfddf65cd2d573e35101103806b0"}]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000400)={'gre0\x00', &(0x7f00000005c0)={'tunl0\x00', <r8=>0x0, 0x7800, 0x8000, 0x4, 0x2, {{0x1c, 0x4, 0x1, 0x4, 0x70, 0x65, 0x0, 0x1, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, {[@noop, @cipso={0x86, 0x2e, 0x1, [{0x7, 0x8, "9e3e29aadb38"}, {0x1, 0x5, "497aac"}, {0x3, 0xb, "32628a0ca392915890"}, {0x5, 0x10, "4be47ac9085963b4fa5c385a7e51"}]}, @rr={0x7, 0x2b, 0x99, [@local, @rand_addr=0x64010101, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, @local, @empty, @local, @local, @multicast2]}]}}}}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000680)={<r9=>0x0, @empty, @private}, &(0x7f00000006c0)=0xc)
r10 = openat$tun(0xffffff9c, &(0x7f0000000940), 0x200400, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8924, &(0x7f0000000980)={'veth0\x00', @random="e96ac19a8390"})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000800)={'syztnl1\x00', &(0x7f0000000700)={'syztnl2\x00', <r11=>0x0, 0x8000, 0x80, 0x2b7f, 0x8001, {{0x2c, 0x4, 0x0, 0xe, 0xb0, 0x68, 0x0, 0x80, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@generic={0x88, 0x11, "d996f4965188fc93e69416c284f748"}, @rr={0x7, 0x1b, 0xa1, [@dev={0xac, 0x14, 0x14, 0x28}, @remote, @multicast2, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @rr={0x7, 0x2b, 0x2d, [@remote, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0xf}, @private=0xa010100, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010102]}, @ssrr={0x89, 0xf, 0xff, [@multicast2, @loopback, @local]}, @timestamp_addr={0x44, 0x1c, 0x69, 0x1, 0x3, [{@rand_addr=0x64010102, 0x8}, {@local}, {@local, 0xa0}]}, @noop, @timestamp={0x44, 0x18, 0x16, 0x0, 0x2, [0x0, 0x3, 0x5b, 0x7, 0x9]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'team0\x00', <r12=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000900)={'erspan0\x00', &(0x7f0000000a40)={'tunl0\x00', <r13=>r12, 0x0, 0x8000, 0x60, 0x40df, {{0x52, 0x4, 0x0, 0x4, 0x148, 0x64, 0x0, 0x10, 0x29, 0x0, @remote, @empty, {[@timestamp_addr={0x44, 0x1c, 0x6d, 0x1, 0xc, [{@local, 0xd7c8}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast, 0x200}]}, @ssrr={0x89, 0x17, 0xb3, [@broadcast, @dev={0xac, 0x14, 0x14, 0x29}, @broadcast, @dev={0xac, 0x14, 0x14, 0x26}, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @noop, @ssrr={0x89, 0x17, 0xe7, [@loopback, @dev={0xac, 0x14, 0x14, 0xe}, @rand_addr=0x64010100, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x4c, 0x44, 0x1, 0x0, [{@empty, 0xb0}, {@multicast2, 0xf3}, {@empty, 0x7fffffff}, {@multicast2, 0x8}, {@empty, 0x5}, {@private=0xa010100, 0x1}, {@loopback, 0x8}, {@multicast1, 0x8}, {@broadcast, 0x988f}]}, @timestamp={0x44, 0x8, 0x5f, 0x0, 0xe, [0x2]}, @generic={0x94, 0x7, "bfddf3ddc7"}, @lsrr={0x83, 0x1f, 0xc3, [@dev={0xac, 0x14, 0x14, 0x17}, @rand_addr=0x64010100, @broadcast, @dev={0xac, 0x14, 0x14, 0x2e}, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}, @timestamp_addr={0x44, 0x1c, 0x4e, 0x1, 0x1, [{@empty, 0x6}, {@local, 0x7}, {@multicast1, 0x9}]}, @cipso={0x86, 0x50, 0xffffffffffffffff, [{0x6, 0x12, "8d7f2d07d2d63603178259c9a114117e"}, {0x7, 0xf, "3d614a3a9804676b9bf84505c8"}, {0x0, 0x8, "577de45d9b5c"}, {0x6, 0xb, "fe722b2b43a56d2cbc"}, {0x1, 0xd, "75d3010d331947d56caf61"}, {0x0, 0x9, "66b972a796a750"}]}]}}}}})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000880)={&(0x7f0000001340)={0x37c, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0x158, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r4}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r7}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}]}}, {{0x8}, {0x134, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r7}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r11}}}]}}, {{0x8, 0x1, r12}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffd}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x37c}, 0x1, 0x0, 0x0, 0x80}, 0x11)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r15}, 0x10)
r16 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r16}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r14, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

632.240236ms ago: executing program 2 (id=1912):
syz_emit_ethernet(0xaf, &(0x7f0000000500)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa8100000086dd60f7d8ff00753c0020010000000000000000000000000000ff0200000000000000000000000000010004c910"], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xe4}}, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r2, &(0x7f00000003c0)='@', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x7b, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000080)=0x8)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000740)={&(0x7f00000005c0)={0x158, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x51}, @val={0x8}, @val={0xc, 0x99, {0xfff, 0xe}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x1800}, @NL80211_ATTR_VENDOR_DATA={0x78, 0xc5, "61554ec7839c67fc4da4f5e006ada8c35f4548467c68e056af35b3b6d24857fd767b7b59c3a32d2379db43a23ae0ee908ac09ef5186a4bf1815b6add7ced104435e57638b3f36f43e5746d95f93c526f1a350dce8eb5ef1c2db0dd8ead69ad94889d3254ee738cd8e94eb056f1b2f32813e7a923"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x1}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x1000}, @NL80211_ATTR_VENDOR_DATA={0x13, 0xc5, "bbf98a445d6706c08ff9cc06622d4d"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xf}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x10001}, @NL80211_ATTR_VENDOR_DATA={0x74, 0xc5, "febdabd931a7095d9999095bfab8387d39b5310b80103ec8b268652eca4fef9a591ba60773b1b64d5497dfafe6157f831a011196540fdcc698165daf35b210de17ccf578d2ac979354bd914707125776759d06d617e174ac0c8d6afad881606756b6d64f057ba677419a42067ff742a7"}]}, 0x158}, 0x1, 0x0, 0x0, 0x40}, 0x44)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000004c0)={{0x1, <r6=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000400)='%pI4   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r6}, 0x4)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r9, <r10=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r8}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r10}, &(0x7f0000000240), &(0x7f0000000280)=r8}, 0x20)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r5, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001500)={0x2c, r7, 0x1, 0x0, 0x0, {0x22}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}]}]}, 0x2c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x12, 0x1e, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = socket(0x22, 0x6, 0x4)
setsockopt$MISDN_TIME_STAMP(r11, 0x0, 0x1, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r11, 0x84, 0x7b, &(0x7f00000001c0)={r4, 0x105e}, 0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={r4, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000180)=0x9c)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x63, &(0x7f0000000080)={'HL\x00'}, &(0x7f0000000180)=0x1e)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$rose(r11, &(0x7f00000002c0)="dc1676bf3046908961b8ccbd429c29b576ddcce982dadb5cc72166b83a20757ab8e39b3034ed7daee7e492f097473549687b130b4b7df6c277edec19932784b8b26cda4e2cda442b727d0be6014262eb774d18e7bb24ca382d7e580ac85f25b331fcf0837aca2b1f0237bdb53e1b7bd89a4b62efb7614717d6a9f7024a58a34a8b172ce0da4629687275ead168d7126f8663659661f64d5033489c35f066529d93ac3e439154364bfe", 0xa9, 0x40800, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0xfffffefffbfbbffb, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000002580)="b0", 0xfffffffffffffd57, 0x200000c1, 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)={0x14, 0x1, 0x7, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x20000850}, 0x800)
poll(&(0x7f0000000040)=[{r1, 0x804}], 0x1, 0x9)

557.756202ms ago: executing program 1 (id=1913):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newlink={0x38, 0x10, 0x401, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in6=@private1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@multicast1, 0x0, 0x32}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x0, 0x0, @in=@broadcast}}]}, 0x154}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001e00431b000000000000000007000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n'], 0x2c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x5, 0x6, 0x201, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8}]}, 0x1c}}, 0x0)

461.665151ms ago: executing program 4 (id=1914):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@ipv6_delroute={0xe4, 0x19, 0x8, 0x70bd26, 0x25dfdbfb, {0xa, 0x80, 0x0, 0x2, 0x0, 0x4, 0xfe, 0x7, 0x100}, [@RTA_PRIORITY={0x8, 0x6, 0x4}, @RTA_EXPIRES={0x8, 0x17, 0x2}, @RTA_PREF={0x5, 0x14, 0x40}, @RTA_METRICS={0x26, 0x8, 0x0, 0x1, "7d5fc1cba4e13296e93de7f685d3f5128c655957137a3e452f301b505ea93f581481"}, @RTA_METRICS={0x85, 0x8, 0x0, 0x1, "fc2b1c3d82699e7d716c1c53ef22b02a0718c748695e96070ffd12c5b8950c50254948b5cf2aa4420c00893f31b7e73017d6d61ab2c1b5e188c4e4dfe65149d668a8650e0115c79691930816765c39edaf46f91939af342eddf5d34ab48a153f8e975a710bdce39c436e2d4b9cafba3b051009282b2f1308576f1276438930d2be"}]}, 0xe4}}, 0x24000810)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0xfffffdff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4008040)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff01000e0000000000000000000000010c00068005000100000000004700028005000100010000000600034000000000060005"], 0xe4}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xf)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x405, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}]}}}]}, 0x44}}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r5, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)={0x1c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="2400000037a8357d9a6979674f76783acc27bd13c099fffffffff56b9c5039c8d200b4ed308846a1e843269d75af00", @ANYRES16=r7, @ANYBLOB="00032abd7000fbdbdf250700000005005300000000000800050004000000"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x8)

422.035969ms ago: executing program 0 (id=1915):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
r1 = socket$kcm(0x10, 0x2, 0x4)
r2 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r3 = socket(0x15, 0x5, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000140009050000000000000000021800fd", @ANYRES32=r6, @ANYBLOB="08000200ac1414"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000840)=@delqdisc={0xa0, 0x25, 0x500, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0xe, 0x6}, {0x3, 0x7}, {0xb, 0xfff1}}, [@TCA_STAB={0x74, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xb, 0x2, 0x2, 0xb, 0x2, 0x6, 0x7, 0x3}}, {0xa, 0x2, [0x7, 0x3, 0x9]}}, {{0x1c, 0x1, {0x1, 0x0, 0x4, 0xc, 0x2, 0x3, 0xfffffffe, 0x2}}, {0x8, 0x2, [0x2, 0xd8]}}, {{0x1c, 0x1, {0x6, 0x1, 0x3, 0x4, 0x1, 0xfffff583, 0x8001, 0x1}}, {0x6, 0x2, [0x673]}}]}, @TCA_RATE={0x6, 0x5, {0x0, 0x6}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x4002010)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000001c0)=@nat={'nat\x00', 0x8, 0x5, 0x4e0, 0x0, 0x0, 0xffffffff, 0x320, 0x320, 0x410, 0x410, 0xffffffff, 0x410, 0x410, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv6=@private1, @ipv6=@empty, @gre_key}}}, {{@ipv6={@dev, @mcast1, [], [], 'veth0_macvtap\x00', 'veth1_to_batadv\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@remote, @ipv4=@multicast2, @port, @icmp_id}}}, {{@ipv6={@mcast2, @local, [], [], 'wg1\x00', 'virt_wifi0\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@hl={{0x28}}, @common=@hl={{0x28}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x1, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv6=@rand_addr=' \x01\x00', @gre_key, @icmp_id}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @private1, [], [], 'vlan0\x00', 'team0\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x1001)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6e911b51818462b400", 0x28}], 0x1}, 0x0)

329.149587ms ago: executing program 3 (id=1916):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@map=r1, r0, 0x26, 0x0, 0x0, @void, @value}, 0x10) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r1, &(0x7f0000000940), &(0x7f0000000a40)=@udp=r2}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={r1, &(0x7f0000000200)}, 0x20) (async)
r3 = socket(0x10, 0x3, 0x0) (async)
r4 = socket$pppoe(0x18, 0x1, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=@base={0x2, 0x4, 0x4, 0xbf22, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000c00071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
mmap(&(0x7f0000fa2000/0x4000)=nil, 0x4000, 0x2, 0x82011, r5, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0) (async, rerun: 64)
connect$pppoe(r4, &(0x7f00000001c0)={0x18, 0x0, {0x3, @broadcast, 'macvlan1\x00'}}, 0x1e) (async, rerun: 64)
sendmmsg(r4, &(0x7f0000001700)=[{{0x0, 0x4, &(0x7f0000001300)=[{&(0x7f0000000a00)="89891e388b9eab00be256aecf12c287826cd598251ce769af17bc1cfd2137f56001e19a2763bffebaa8a422f01090e571fad6cc22db0f1c5a77466cfdd9335c05fb640c2687ac2aa1c9a4e392cfad45cf8500427b99636c70c7313945c8ae63962c859fba70be417fa61970031965c95d8f33fe0a3736e6a96135dff85f87b51a79c97ab1404e5ad447c99f830c06d432e0e289b7fe7a34d5d38571c63b109176b9e02405df7128d9548dc384088a5e47251be87a925ce0366207cbbdecde1913dabdf468fb17eba88e8baf2c8a38254eef4c64dc865c48e1be8e9261cf0", 0xde}, {&(0x7f0000000240)="74bf3a98923e5ec107bbbeb9d31fdbd712a0b99df702e8ebdd5d242f7afa99d61ad4d1d1ada0935578b9731691277d203c456ec06c3182aa7cf3e5efc11ecdc3b4f0920602d4b8ff74fa9dd8dd57e56f985ae241ab3ca39227af7756f718848223d584b4fbb7fde6a0c79f2adc44c393f29bcfb981c4f3352b06baca6bb72fb78c6f2eb82504ea61d23196c216ec73e82d42fa7b4cb7ea2198fac8c1be7deacdb478eda28103e84f3a732e0ad54a34f6cd44ca4e8b68a9e959cfcedc313108cc46aa545f6de611e42e56813aa9b0605a90043f5f60aa2e6308fe3ced1898e4718cae11424c927fceb53797265e1d3460473cc974d3fb2eebdc04ebcc000b76138ee2127522e8993605830f3e702cb3afbf9b0df7d859ba29762e45169963b5fa748af3c9c238401544d3590f75765febfd5ddafc9f7d7ba25d252c653a53eb1fa6d887cd51723b83ee5e4c940baa1d41eaf3189608e61140c1f2f8b0448999d51043d620797fd21f20ff9099c8ba565502418d8560f92a340033e59824f64455df1dfa608103e9ca07fe9044e8a343ce628d2e532211f6168a4b58631c983d425ec834763c1c89fda0eefae7db61f325cda02278e4b004f25d9293dc779878e4e793ec3eb45a453d1e192f841df399838ef0c7efada7120cb88b4ed13fd169f7915811b373f406b94a416004471440f056a4a973da4cc3162a4a108b663ec1a7cfb2d3dcd1d28126672eab8763ab207af83c268e0f1a185aa448b11e670cac9a520cf8454ff5bd6c338d9ae319d9d506b8fc331898c69e6192ffb226f106b30acb44ed8c7b5905635c50eecfe78e42e0e6f3a0ed91e08d436d147b3c0107fc9101248baad567a818fc7fabccd01f61ab75c9e1cd22616aaf7c442e0a9361917129d3123a25f44ea2ee734a77bfa116819a4ddd669104ad66beedee5162b667f7bef5943028db106a11272335ba0208d69c4109dfb2e0afb1ad1844f1ff60e416fb51541d2fe197a5b9fcbc70203a2c6a80b74c6d03a8907144d8e49a3c4cab26f2bca9ecf39709e53e4f4d64beb2b9963a8bd35e6a5e169eb312031f8132e2f56844462a76c29cfe8a5954e5d59a348fec99005f457bbbdaf6350bddb86c7866254c9b947520fe46b025825bcec8673c9f926c58f07d58c56a6f7bb37bfe4b62b4ca3f7faa17945398292610442566fb4794b8c087a945e268481cefdb5ea1d1c3f869c2d62b1692c67d53eb69b5b6bb2d0e1b64048f911f474196452f851ad5356993a4066377ae83d654a381f34c8ecf04d0b1b8a196abc81ad984caaac1bd59221b2fd9cd889cc40a81f9fc7ff851ebd78c9c17391cd25d0ad867bf54d719197361835e84ffcfb03eb20cac56b5e65889d6b516591698d89f95e066658f0b877a17ce71ec72986fd41dcc3e7f1a0db42010ccfde9ae933096b26afdfbf4185f6e01107af45bb78daef9de807558af958abc2ada7bb4f9901e35cc7e4e7f1c22d8d8b5ba8ab8d9f425ba28d052ef0657ec3c493b882cb7d2fff7c12c38bff895b046df4df737a207ca74c3c8bceea2065e3d19cc6e2dbe9ea8b58d4f05cd35ad1b71899308d0ac1114cf7f9bfbd89a0dea8678ddef85bbdb789bbaf8155009c825546b59c2fbc4ace224af1e058bd2d269812b6ba5c409ae35fd45a934fe18d2bc904b0bbe04f2fcb6eac0120d8ba7b1f910ac0f6711f6b03f478201f911f97576816104c051185108d6a88720ff4de2fb4184e5c9347b14df49466d3ec7dfba6bc3fca964fb040c231654827de62a5865e1a9d31f5230855e267f82", 0x4fd}], 0x2}}], 0x1, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001200010a00000000000000000a0b"], 0x26}}, 0x0)

221.904753ms ago: executing program 1 (id=1917):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000940)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0}}], 0x1, 0x48884) (async)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000680)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x7}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}}, 0x0)

189.01796ms ago: executing program 3 (id=1918):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000002507739f99c037611e0668cd5456e371"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x10, 0x10, &(0x7f0000000080)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x30)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
close(0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

182.910368ms ago: executing program 1 (id=1919):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x14, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r5}, 0xc)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000000b00)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x2, [{{0xa, 0x0, 0x0, @remote}}, {{0xa, 0x0, 0x0, @remote}}]}, 0x190)
syz_emit_ethernet(0x8a, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaade9ea3f675c186dd60083ff200540600fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)
sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7, 0x12}, [@FRA_SRC={0x14, 0x2, @dev}]}, 0x30}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}}, 0x0)

37.91447ms ago: executing program 0 (id=1920):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000001300000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000060000000060a010400000000000000000100000008000b40fffffffd300004802c00018008000100636d7000200002800c0003800500010000000000080001400000000008000240000000000900010073797a300000000005000740ef00000060010000160a050000000000000000000300000034000380180003801400010070696d3672656730000000000000000008000140000000000800024000000006"], 0x358}}, 0x0)

0s ago: executing program 1 (id=1921):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
unshare(0x62040200) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) (async)
ioctl(0xffffffffffffffff, 0x7fffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x40a01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r0)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a400fe0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe040400007203ffffffd00000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
bind$x25(0xffffffffffffffff, &(0x7f0000000000)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}}, 0x12)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffff8000, 0x0) (async)
write$tun(r2, 0x0, 0xffe)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) (async)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async)
sendmmsg$inet6(r5, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="90", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000240)='\a', 0x1}], 0x1}}], 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) (async)
r7 = socket(0x2, 0x3, 0x6)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r8, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x7, 0x10012, r6, 0x0)

kernel console output (not intermixed with test programs):

][ T8889] Call Trace:
[  243.733582][ T8889]  <TASK>
[  243.736564][ T8889]  dump_stack_lvl+0x241/0x360
[  243.741315][ T8889]  ? __pfx_dump_stack_lvl+0x10/0x10
[  243.746580][ T8889]  ? __pfx__printk+0x10/0x10
[  243.751221][ T8889]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  243.756729][ T8889]  ? __pfx___might_resched+0x10/0x10
[  243.762074][ T8889]  should_fail_ex+0x3b0/0x4e0
[  243.766807][ T8889]  should_failslab+0xac/0x100
[  243.771639][ T8889]  ? nfnetlink_rcv+0x1265/0x2ab0
[  243.776614][ T8889]  __kmalloc_cache_noprof+0x6c/0x2c0
[  243.781954][ T8889]  nfnetlink_rcv+0x1265/0x2ab0
[  243.786793][ T8889]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  243.792087][ T8889]  ? netlink_deliver_tap+0x2e/0x1b0
[  243.797333][ T8889]  ? skb_clone+0x240/0x390
[  243.801810][ T8889]  ? __pfx_lock_release+0x10/0x10
[  243.806904][ T8889]  ? netlink_deliver_tap+0x2e/0x1b0
[  243.812162][ T8889]  netlink_unicast+0x7f6/0x990
[  243.816988][ T8889]  ? __pfx_netlink_unicast+0x10/0x10
[  243.822318][ T8889]  ? __virt_addr_valid+0x183/0x530
[  243.827472][ T8889]  ? __check_object_size+0x48e/0x900
[  243.832810][ T8889]  netlink_sendmsg+0x8e4/0xcb0
[  243.837647][ T8889]  ? __pfx_netlink_sendmsg+0x10/0x10
[  243.842981][ T8889]  ? aa_sock_msg_perm+0x91/0x160
[  243.847970][ T8889]  ? __pfx_netlink_sendmsg+0x10/0x10
[  243.853293][ T8889]  __sock_sendmsg+0x221/0x270
[  243.858024][ T8889]  ____sys_sendmsg+0x52a/0x7e0
[  243.862846][ T8889]  ? __pfx_____sys_sendmsg+0x10/0x10
[  243.868200][ T8889]  __sys_sendmsg+0x292/0x380
[  243.872838][ T8889]  ? __pfx___sys_sendmsg+0x10/0x10
[  243.878011][ T8889]  ? __pfx_vfs_write+0x10/0x10
[  243.882843][ T8889]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  243.889237][ T8889]  ? do_syscall_64+0x100/0x230
[  243.894055][ T8889]  ? do_syscall_64+0xb6/0x230
[  243.898787][ T8889]  do_syscall_64+0xf3/0x230
[  243.903372][ T8889]  ? clear_bhb_loop+0x35/0x90
[  243.908088][ T8889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.914031][ T8889] RIP: 0033:0x7f893837dff9
[  243.918482][ T8889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.935508][ T8895] netlink: 12 bytes leftover after parsing attributes in process `syz.3.951'.
[  243.938144][ T8889] RSP: 002b:00007f893909e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  243.938176][ T8889] RAX: ffffffffffffffda RBX: 00007f8938535f80 RCX: 00007f893837dff9
[  243.938195][ T8889] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  243.938212][ T8889] RBP: 00007f893909e090 R08: 0000000000000000 R09: 0000000000000000
[  243.938228][ T8889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  243.987486][ T8889] R13: 0000000000000000 R14: 00007f8938535f80 R15: 00007ffe093d4298
[  243.995549][ T8889]  </TASK>
[  244.000123][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  244.057093][ T8898] netlink: 'syz.1.952': attribute type 10 has an invalid length.
[  244.415862][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  244.424226][ T8914] netlink: 'syz.1.957': attribute type 9 has an invalid length.
[  244.458527][ T8914] netlink: 'syz.1.957': attribute type 9 has an invalid length.
[  244.496007][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  244.576004][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  244.690124][ T5247] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  244.702745][ T5247] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  244.711905][ T5247] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  244.723680][ T5247] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  244.732786][ T5247] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  244.740844][ T5247] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  245.029943][ T8922] chnl_net:caif_netlink_parms(): no params data found
[  245.055975][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  245.212020][ T8942] netlink: 'syz.1.964': attribute type 4 has an invalid length.
[  245.245135][ T8944] netlink: 'syz.0.965': attribute type 10 has an invalid length.
[  245.290196][ T8942] netlink: 'syz.1.964': attribute type 1 has an invalid length.
[  245.355549][ T8942] netlink: 'syz.1.964': attribute type 4 has an invalid length.
[  245.460602][ T8942] netlink: 'syz.1.964': attribute type 1 has an invalid length.
[  245.468810][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  245.479448][ T8922] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.506768][ T8922] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.535923][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  245.545205][ T8922] bridge_slave_0: entered allmulticast mode
[  245.561318][ T8922] bridge_slave_0: entered promiscuous mode
[  245.597927][ T8922] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.614707][ T8922] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.653074][ T8922] bridge_slave_1: entered allmulticast mode
[  245.677456][ T8922] bridge_slave_1: entered promiscuous mode
[  245.751723][ T8968] __nla_validate_parse: 6 callbacks suppressed
[  245.751743][ T8968] netlink: 16 bytes leftover after parsing attributes in process `syz.4.970'.
[  245.789238][ T8922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.844090][ T8922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  246.091519][ T8922] team0: Port device team_slave_0 added
[  246.135408][ T8922] team0: Port device team_slave_1 added
[  246.244440][ T8922] batman_adv: batadv0: Adding interface: batadv_slave_0
[  246.278176][ T8922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.414429][ T8922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  246.467770][ T8922] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.476427][ T8922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.534852][ T8922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  246.750848][ T9007] netlink: 'syz.3.978': attribute type 10 has an invalid length.
[  246.759395][ T9007] netlink: 132 bytes leftover after parsing attributes in process `syz.3.978'.
[  246.826128][ T5242] Bluetooth: hci1: command tx timeout
[  247.073774][ T8922] hsr_slave_0: entered promiscuous mode
[  247.109149][ T8922] hsr_slave_1: entered promiscuous mode
[  247.163194][ T8922] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  247.187537][ T8922] Cannot create hsr debugfs directory
[  247.203348][ T9012] ip6gretap0: vlans aren't supported yet for dev_uc|mc_add()
[  248.059925][ T8922] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.445328][ T8922] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.575775][    C1] net_ratelimit: 10 callbacks suppressed
[  248.575799][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  248.593592][ T8922] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.655871][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  248.749409][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  248.763782][ T8922] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.801179][ T9057] netlink: 'syz.1.990': attribute type 1 has an invalid length.
[  248.895918][ T5242] Bluetooth: hci1: command tx timeout
[  249.061142][ T9057] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  249.096403][ T9057] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  249.149357][ T9057] bond1: (slave ip6gre1): making interface the new active one
[  249.166859][ T9057] bond1: (slave ip6gre1): Enslaving as an active interface with an up link
[  249.215877][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  249.233477][ T9062] vlan0: entered promiscuous mode
[  249.254745][ T9062] mac80211_hwsim hwsim27 wlan0: entered promiscuous mode
[  249.280576][ T9062] mac80211_hwsim hwsim27 wlan0: left promiscuous mode
[  249.492563][ T9072] netlink: 20 bytes leftover after parsing attributes in process `syz.1.993'.
[  249.526946][ T9072] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  249.554863][ T9072] netlink: 8 bytes leftover after parsing attributes in process `syz.1.993'.
[  249.584859][ T9066] delete_channel: no stack
[  249.616034][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  249.636975][ T8922] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  249.659895][ T8922] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  249.696594][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  249.775874][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  249.787595][ T8922] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  249.801549][ T8922] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  249.862828][ T9084] netlink: 'syz.3.996': attribute type 10 has an invalid length.
[  249.895934][ T9084] netlink: 156 bytes leftover after parsing attributes in process `syz.3.996'.
[  250.020292][ T8922] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.038542][ T8922] 8021q: adding VLAN 0 to HW filter on device team0
[  250.062500][ T8984] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.069717][ T8984] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.147681][ T8984] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.154825][ T8984] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.214053][ T8922] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  250.224908][ T8922] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  250.255887][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  250.353679][ T9096] netlink: 8 bytes leftover after parsing attributes in process `syz.3.999'.
[  250.413930][ T9096] netlink: 4 bytes leftover after parsing attributes in process `syz.3.999'.
[  250.486982][ T9092] netlink: 68 bytes leftover after parsing attributes in process `syz.3.999'.
[  250.605868][ T9096] netlink: 44 bytes leftover after parsing attributes in process `syz.3.999'.
[  250.618163][ T9102] netlink: 'syz.1.1001': attribute type 21 has an invalid length.
[  250.655817][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  250.736715][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  250.851677][ T8922] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.978234][ T5242] Bluetooth: hci1: command tx timeout
[  251.023456][ T8922] veth0_vlan: entered promiscuous mode
[  251.056456][ T8922] veth1_vlan: entered promiscuous mode
[  251.174664][ T8922] veth0_macvtap: entered promiscuous mode
[  251.215651][ T8922] veth1_macvtap: entered promiscuous mode
[  251.324933][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.363714][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.394133][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.416986][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.436716][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.462090][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.504008][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.537832][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.575588][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.625745][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.657182][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.685386][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.720353][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.754398][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.828683][ T8922] batman_adv: batadv0: Interface activated: batadv_slave_0
[  251.868759][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.907248][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.932463][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.967125][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.995662][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.021721][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.039960][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.098118][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.138115][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.149591][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.160170][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.171358][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.193737][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.206404][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.219878][ T8922] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.244676][ T9122] netlink: 'syz.0.1007': attribute type 10 has an invalid length.
[  252.290217][ T9122] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  252.313033][ T9122] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  252.343265][ T8922] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.383903][ T8922] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.441301][ T8922] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.467072][ T8922] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.492516][ T9130] netlink: 'syz.3.1008': attribute type 10 has an invalid length.
[  252.523274][ T9130] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1008'.
[  252.679059][ T9134] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  252.690018][ T9132] bond0: option all_slaves_active: invalid value (110)
[  252.855252][ T9142] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1011'.
[  252.945490][ T2576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.955647][ T2576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.018284][ T9145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.027193][ T9145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.078962][ T5242] Bluetooth: hci1: command tx timeout
[  253.308268][ T9161] netlink: 'syz.0.1018': attribute type 10 has an invalid length.
[  253.325958][ T9161] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1018'.
[  253.475517][ T9170] netlink: 280 bytes leftover after parsing attributes in process `syz.4.1022'.
[  253.785883][    C1] net_ratelimit: 11 callbacks suppressed
[  253.785906][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  253.812412][ T9188] bond0: (slave batadv0): Releasing backup interface
[  253.854496][ T9188] bridge_slave_0: left allmulticast mode
[  253.866069][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  253.890371][ T9188] bridge_slave_0: left promiscuous mode
[  253.908037][ T9188] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.937293][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  253.983578][ T9188] bridge_slave_1: left allmulticast mode
[  254.009463][ T9194] netlink: 'syz.3.1025': attribute type 10 has an invalid length.
[  254.013182][ T9188] bridge_slave_1: left promiscuous mode
[  254.026246][ T9194] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1025'.
[  254.036983][ T9188] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.048879][ T9194] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  254.065256][ T9194] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  254.103760][ T9188] bond0: (slave bond_slave_0): Releasing backup interface
[  254.163073][ T9188] bond0: (slave bond_slave_1): Releasing backup interface
[  254.305196][ T9188] team0: Port device team_slave_0 removed
[  254.378516][ T9188] team0: Port device team_slave_1 removed
[  254.397761][ T9188] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.415982][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  254.426994][ T9188] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.484384][ T9188] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.523196][ T9188] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.689474][ T9194] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1025'.
[  254.815936][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  254.905840][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  254.975867][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  255.028420][ T9217] netlink: 'syz.3.1032': attribute type 10 has an invalid length.
[  255.075813][ T9217] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1032'.
[  255.281978][ T9223] macvlan2: entered allmulticast mode
[  255.308293][ T9223] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode
[  255.335884][ T9223] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode
[  255.355439][ T9223] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  255.384957][ T9224] bond0: entered promiscuous mode
[  255.390872][ T9224] bond_slave_0: entered promiscuous mode
[  255.398151][ T9224] bond_slave_1: entered promiscuous mode
[  255.404023][ T9224] macvlan2: entered promiscuous mode
[  255.455795][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  255.614014][ T9242] netlink: 'syz.1.1039': attribute type 32 has an invalid length.
[  255.643429][ T9242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1039'.
[  255.672090][ T9247] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1039'.
[  255.682854][ T9242] (unnamed net_device) (uninitialized): option coupled_control: invalid value (10)
[  255.857025][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  255.960408][ T9258] 
@ÿ: renamed from veth0_vlan (while UP)
[  255.977845][ T9259] netlink: 'syz.0.1043': attribute type 9 has an invalid length.
[  255.986478][ T9259] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.1043'.
[  257.232907][ T9311] nbd: must specify a size in bytes for the device
[  257.542550][ T9318] __nla_validate_parse: 3 callbacks suppressed
[  257.542575][ T9318] netlink: 280 bytes leftover after parsing attributes in process `syz.4.1059'.
[  257.689014][ T9329] netlink: 'syz.1.1062': attribute type 10 has an invalid length.
[  257.701066][ T9329] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1062'.
[  257.878535][ T9333] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1064'.
[  257.919926][ T9333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1064'.
[  257.949117][ T9338] netlink: 'syz.0.1065': attribute type 11 has an invalid length.
[  257.966657][ T9338] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1065'.
[  257.987744][ T9333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1064'.
[  257.998475][ T9333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1064'.
[  258.038548][ T9333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1064'.
[  258.210669][ T9343] syzkaller0: tun_chr_ioctl cmd 2147767520
[  258.224350][ T9351] sctp: [Deprecated]: syz.3.1068 (pid 9351) Use of int in max_burst socket option deprecated.
[  258.224350][ T9351] Use struct sctp_assoc_value instead
[  258.317349][ T9353] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1069'.
[  258.663622][ T9370] netlink: 'syz.1.1075': attribute type 10 has an invalid length.
[  258.672301][ T9370] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1075'.
[  258.804938][ T9373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  258.975863][    C1] net_ratelimit: 12 callbacks suppressed
[  258.975886][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  259.036780][ T9397] netlink: 'syz.4.1081': attribute type 2 has an invalid length.
[  259.061329][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  259.135826][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  259.161288][ T9402] netlink: 'syz.4.1081': attribute type 1 has an invalid length.
[  259.177624][ T9402] netlink: 'syz.4.1081': attribute type 1 has an invalid length.
[  259.380393][ T9413] netlink: 'syz.0.1082': attribute type 29 has an invalid length.
[  259.389633][ T9413] netlink: 'syz.0.1082': attribute type 29 has an invalid length.
[  259.398465][ T9413] netlink: 'syz.0.1082': attribute type 29 has an invalid length.
[  259.615773][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  259.651897][ T9419] syzkaller1: entered promiscuous mode
[  259.693398][ T9419] syzkaller1: entered allmulticast mode
[  259.756510][ T9422] netlink: 'syz.3.1087': attribute type 10 has an invalid length.
[  259.917360][ T9424] debugfs: Directory 'netdev:nicvf0' with parent 'phy28' already present!
[  260.015857][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  260.096159][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  260.175865][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  260.234066][ T9434] sit0: entered promiscuous mode
[  260.252628][ T9434] netlink: 'syz.0.1091': attribute type 1 has an invalid length.
[  260.345068][ T9440] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  260.523717][ T9448] netlink: 'syz.0.1098': attribute type 10 has an invalid length.
[  260.655862][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  261.055804][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  261.236668][ T9485] x_tables: duplicate underflow at hook 1
[  261.375605][ T9489] syzkaller0: tun_chr_ioctl cmd 2147767506
[  262.064372][ T9501] netlink: 'syz.0.1112': attribute type 10 has an invalid length.
[  262.601797][ T9526] __nla_validate_parse: 19 callbacks suppressed
[  262.601818][ T9526] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1121'.
[  262.833572][ T9539] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1126'.
[  262.996876][ T9549] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1127'.
[  263.075329][ T9558] netlink: 280 bytes leftover after parsing attributes in process `syz.0.1130'.
[  263.287587][ T9569] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1133'.
[  263.332394][ T9572] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1135'.
[  263.420836][ T9580] netlink: 9352 bytes leftover after parsing attributes in process `syz.0.1134'.
[  263.447074][ T9580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1134'.
[  263.577970][ T9584] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1138'.
[  263.591788][ T9587] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1139'.
[  263.637000][ T9589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.689049][ T9589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.756484][ T9589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.805335][ T9589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.866426][ T9589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.900108][ T9589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.913781][ T9589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.958321][ T9589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.978881][ T9589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.006464][ T9589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.022323][ T9589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.035200][ T9589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.103579][ T9606] bridge0: entered promiscuous mode
[  264.186393][    C1] net_ratelimit: 11 callbacks suppressed
[  264.186416][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  264.255934][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  264.311838][ T9618] sctp: [Deprecated]: syz.3.1146 (pid 9618) Use of struct sctp_assoc_value in delayed_ack socket option.
[  264.311838][ T9618] Use struct sctp_sack_info instead
[  264.335996][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  264.714934][ T9637] validate_nla: 4 callbacks suppressed
[  264.714968][ T9637] netlink: 'syz.0.1153': attribute type 10 has an invalid length.
[  264.816867][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  265.215828][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  265.296438][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  265.375823][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  265.483267][ T9655] netlink: 'syz.2.1160': attribute type 4 has an invalid length.
[  265.766097][ T9681] netlink: 'syz.1.1167': attribute type 10 has an invalid length.
[  265.855776][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  265.967819][ T9690] netlink: 'syz.3.1169': attribute type 21 has an invalid length.
[  266.027822][ T9690] netlink: 'syz.3.1169': attribute type 5 has an invalid length.
[  266.255928][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  266.336572][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  267.022586][ T9756] netlink: 'syz.3.1176': attribute type 1 has an invalid length.
[  267.658629][ T9774] __nla_validate_parse: 15 callbacks suppressed
[  267.658650][ T9774] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1185'.
[  267.683004][ T9777] netlink: 280 bytes leftover after parsing attributes in process `syz.2.1184'.
[  267.693569][ T9776] vxcan1: entered allmulticast mode
[  267.709292][ T9776] netlink: 'syz.3.1183': attribute type 39 has an invalid length.
[  267.727244][ T9776] vxcan1: left allmulticast mode
[  267.851391][ T9782] netlink: 'syz.0.1188': attribute type 96 has an invalid length.
[  267.928001][ T9788] x_tables: duplicate entry at hook 2
[  268.007084][ T9790] netlink: 'syz.1.1189': attribute type 3 has an invalid length.
[  268.036385][ T9790] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1189'.
[  268.113770][ T9796] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1192'.
[  268.207409][ T9800] netlink: 'syz.2.1194': attribute type 10 has an invalid length.
[  268.234672][ T9800] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1194'.
[  268.319039][ T9802] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1195'.
[  268.448719][ T9808] netlink: 280 bytes leftover after parsing attributes in process `syz.4.1198'.
[  268.573731][ T9813] syz.3.1201[9813] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.573846][ T9813] syz.3.1201[9813] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.586549][ T9813] syz.3.1201[9813] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  268.852527][ T9833] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1206'.
[  269.057835][ T9844] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1208'.
[  269.385817][    C1] net_ratelimit: 10 callbacks suppressed
[  269.385873][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  269.456180][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  269.466616][ T9855] syz.4.1212[9855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.466718][ T9855] syz.4.1212[9855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.489772][ T9855] syz.4.1212[9855] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  269.535902][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  269.667576][ T9855] pim6reg1: entered promiscuous mode
[  269.688472][ T9855] pim6reg1: entered allmulticast mode
[  269.694227][ T9863] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1215'.
[  269.880373][ T9869] netlink: 'syz.3.1217': attribute type 11 has an invalid length.
[  270.015830][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  270.352128][ T9890] validate_nla: 2 callbacks suppressed
[  270.352150][ T9890] netlink: 'syz.4.1222': attribute type 2 has an invalid length.
[  270.417503][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  270.495820][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  270.576098][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  271.042670][ T9909] netlink: 'syz.3.1229': attribute type 21 has an invalid length.
[  271.055830][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  271.455941][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  271.536439][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  273.064896][ T9989] __nla_validate_parse: 9 callbacks suppressed
[  273.064923][ T9989] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1254'.
[  273.295806][ T5242] Bluetooth: hci1: command tx timeout
[  273.492966][ T9997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1256'.
[  273.522830][ T9997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1256'.
[  274.276738][T10030] netlink: 280 bytes leftover after parsing attributes in process `syz.2.1266'.
[  274.481861][T10034] net_ratelimit: 12 callbacks suppressed
[  274.481883][T10034] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  274.585825][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  274.637102][T10011] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  274.652691][T10044] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1269'.
[  274.666319][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  274.735911][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  274.750746][T10048] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20001
[  274.794247][T10049] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1270'.
[  274.808990][T10053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1273'.
[  274.880000][T10053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1273'.
[  275.041742][T10068] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1278'.
[  275.070132][T10069] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1277'.
[  275.215935][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  275.379499][T10076] bridge5: entered promiscuous mode
[  275.417362][T10074] netlink: 'syz.0.1279': attribute type 2 has an invalid length.
[  275.615930][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  275.645453][T10090] netlink: 'syz.2.1283': attribute type 3 has an invalid length.
[  275.696860][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  275.775875][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  275.818090][    T8] IPVS: starting estimator thread 0...
[  275.916444][T10104] IPVS: using max 17 ests per chain, 40800 per kthread
[  276.255795][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  276.665784][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  277.237355][T10164] netlink: 'syz.1.1303': attribute type 3 has an invalid length.
[  277.579297][T10179] x_tables: ip6_tables: rpfilter match: used from hooks POSTROUTING, but only valid from PREROUTING
[  278.278178][T10213] netlink: 'syz.1.1320': attribute type 10 has an invalid length.
[  278.287133][T10213] veth1_vlan: left allmulticast mode
[  278.293555][T10213] macvlan0: entered promiscuous mode
[  278.304764][T10213] veth1_vlan: entered allmulticast mode
[  278.313763][T10213] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  278.385083][T10220] __nla_validate_parse: 13 callbacks suppressed
[  278.385107][T10220] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1322'.
[  278.596991][T10230] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1324'.
[  278.626983][T10230] netlink: 'syz.1.1324': attribute type 2 has an invalid length.
[  278.731549][T10238] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1328'.
[  278.876985][T10241] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1330'.
[  279.009857][T10245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1329'.
[  279.094517][T10247] netlink: 'syz.3.1332': attribute type 21 has an invalid length.
[  279.106530][T10247] IPv6: NLM_F_CREATE should be specified when creating new route
[  279.124123][T10247] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  279.131473][T10247] IPv6: NLM_F_CREATE should be set when creating new route
[  279.138800][T10247] IPv6: NLM_F_CREATE should be set when creating new route
[  279.146126][T10247] IPv6: NLM_F_CREATE should be set when creating new route
[  279.214502][T10255] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1334'.
[  279.242881][T10255] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.429698][T10262] xt_CT: You must specify a L4 protocol and not use inversions on it
[  279.580443][T10270] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1339'.
[  279.715316][T10276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1341'.
[  279.736508][T10276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1341'.
[  279.775937][    C1] net_ratelimit: 12 callbacks suppressed
[  279.775958][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  279.855842][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  279.935829][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  280.169099][T10283] netlink: 'syz.1.1343': attribute type 12 has an invalid length.
[  280.200802][T10283] netlink: 197276 bytes leftover after parsing attributes in process `syz.1.1343'.
[  280.415784][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  280.816381][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  280.857089][T10309] xt_connbytes: Forcing CT accounting to be enabled
[  280.874070][T10309] set_match_v0_checkentry: 16 callbacks suppressed
[  280.874091][T10309] Cannot find set identified by id 0 to match
[  280.898473][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  280.975896][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  281.454514][T10340] lo speed is unknown, defaulting to 1000
[  281.457100][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  281.476215][T10342] siw: device registration error -23
[  281.505523][T10340] lo speed is unknown, defaulting to 1000
[  281.523082][T10340] lo speed is unknown, defaulting to 1000
[  281.564516][T10340] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  281.648538][T10340] lo speed is unknown, defaulting to 1000
[  281.667131][T10340] lo speed is unknown, defaulting to 1000
[  281.674149][T10340] lo speed is unknown, defaulting to 1000
[  281.694828][T10340] lo speed is unknown, defaulting to 1000
[  281.717157][T10340] lo speed is unknown, defaulting to 1000
[  281.724103][T10340] lo speed is unknown, defaulting to 1000
[  281.742148][T10340] lo speed is unknown, defaulting to 1000
[  281.755024][T10340] lo speed is unknown, defaulting to 1000
[  281.766966][T10340] lo speed is unknown, defaulting to 1000
[  281.855876][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  281.885360][T10366] netlink: 'syz.4.1371': attribute type 1 has an invalid length.
[  281.893943][T10366] netlink: 'syz.4.1371': attribute type 1 has an invalid length.
[  281.912221][T10366] IPVS: lc: SCTP 172.20.20.187:0 - no destination available
[  281.928087][    T9] IPVS: starting estimator thread 0...
[  281.953443][T10370] tipc: Started in network mode
[  281.971077][T10370] tipc: Node identity aaaaaaaaaa3a, cluster identity 4711
[  281.985414][T10370] tipc: Enabled bearer <eth:macvtap0>, priority 9
[  282.025950][T10368] IPVS: using max 18 ests per chain, 43200 per kthread
[  282.213785][T10385] netlink: 'syz.3.1377': attribute type 10 has an invalid length.
[  283.096529][ T5287] tipc: Node number set to 9480874
[  283.488436][T10451] __nla_validate_parse: 13 callbacks suppressed
[  283.488456][T10451] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1396'.
[  283.497493][T10450] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1396'.
[  283.531513][T10450] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  283.594931][T10451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  283.662593][T10456] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1398'.
[  283.797443][T10462] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1400'.
[  283.982370][T10472] geneve2: entered promiscuous mode
[  284.315133][T10489] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1408'.
[  284.361589][T10493] syzkaller0: entered promiscuous mode
[  284.368055][T10493] syzkaller0: entered allmulticast mode
[  284.378046][ T8978] syzkaller0: tun_net_xmit 48
[  284.393692][T10495] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  284.404075][T10493] syzkaller0: create flow: hash 1422853215 index 1
[  284.631706][T10511] netlink: 'syz.4.1415': attribute type 1 has an invalid length.
[  284.643048][T10511] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  284.643325][T10513] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1414'.
[  284.650423][T10511] IPv6: NLM_F_CREATE should be set when creating new route
[  284.805436][T10517] netlink: 'syz.3.1417': attribute type 1 has an invalid length.
[  284.818561][T10517] netlink: 'syz.3.1417': attribute type 2 has an invalid length.
[  284.835784][T10517] netlink: 16074 bytes leftover after parsing attributes in process `syz.3.1417'.
[  284.975937][    C1] net_ratelimit: 14 callbacks suppressed
[  284.975957][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  284.977292][T10525] lo speed is unknown, defaulting to 1000
[  285.014796][T10523] netlink: 'syz.3.1420': attribute type 9 has an invalid length.
[  285.028526][T10523] bond_slave_0: entered promiscuous mode
[  285.034605][T10523] bond_slave_1: entered promiscuous mode
[  285.041554][T10523] macvlan0: entered promiscuous mode
[  285.052554][T10523] bond0: entered promiscuous mode
[  285.058658][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  285.076317][T10523] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  285.135904][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  285.236646][T10490] syzkaller0: delete flow: hash 1422853215 index 1
[  285.615834][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  286.017901][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  286.100824][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  286.177665][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  286.655770][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  286.702989][ T5247] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  286.726596][ T5247] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  286.745790][ T5247] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  286.763228][ T5247] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  286.778665][ T5247] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  286.786462][ T5247] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  287.060879][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  287.139912][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  287.325014][T10536] lo speed is unknown, defaulting to 1000
[  287.465758][T10546] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1427'.
[  287.630541][T10555] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1428'.
[  287.766726][T10562] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1431'.
[  287.830531][T10536] chnl_net:caif_netlink_parms(): no params data found
[  287.977128][T10569] tipc: Started in network mode
[  287.992319][T10569] tipc: Node identity ac1414aa, cluster identity 4711
[  288.009791][T10569] tipc: Enabled bearer <udp:s>, priority 10
[  288.148262][T10536] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.163508][T10536] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.228793][T10536] bridge_slave_0: entered allmulticast mode
[  288.268961][T10536] bridge_slave_0: entered promiscuous mode
[  288.279966][T10536] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.287737][T10536] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.295064][T10536] bridge_slave_1: entered allmulticast mode
[  288.302909][T10536] bridge_slave_1: entered promiscuous mode
[  288.431496][T10536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.461717][T10536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.499119][T10597] __nla_validate_parse: 2 callbacks suppressed
[  288.499140][T10597] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1442'.
[  288.544326][T10597] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1442'.
[  288.572942][T10597] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1442'.
[  288.631686][ T5242] block nbd0: Receive control failed (result -107)
[  288.651627][T10536] team0: Port device team_slave_0 added
[  288.674681][T10536] team0: Port device team_slave_1 added
[  288.780924][T10536] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.796218][T10536] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.829886][ T5242] Bluetooth: hci2: command tx timeout
[  288.847020][T10536] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.870436][T10610] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  289.075100][T10623] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1451'.
[  289.136655][ T5325] tipc: Node number set to 2886997162
[  289.271626][T10536] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.286583][T10536] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.319577][T10536] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.404889][T10620] bond0: (slave bond_slave_0): Releasing backup interface
[  289.438285][T10620] bond_slave_0: left promiscuous mode
[  289.516298][T10620] bond0: (slave bond_slave_1): Releasing backup interface
[  289.525052][T10620] bond_slave_1: left promiscuous mode
[  289.548222][T10620] team_slave_0: left promiscuous mode
[  289.589003][T10620] team0: Port device team_slave_0 removed
[  289.607754][T10620] team_slave_1: left promiscuous mode
[  289.661595][T10620] team0: Port device team_slave_1 removed
[  289.698327][T10620] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  289.715950][T10620] batman_adv: batadv0: Removing interface: batadv_slave_0
[  289.725539][T10620] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  289.754374][T10620] batman_adv: batadv0: Removing interface: batadv_slave_1
[  289.806573][T10620] bond0: (slave netdevsim0): Releasing backup interface
[  289.836656][T10620] mac80211_hwsim hwsim15 wlan1: left promiscuous mode
[  289.911794][T10620] team0: Port device wlan1 removed
[  289.951040][T10620] bond0: (slave macvlan2): Releasing backup interface
[  289.964084][T10620] macvlan2: left promiscuous mode
[  289.974803][T10620] team0: left promiscuous mode
[  290.015135][T10630] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1453'.
[  290.075782][    C1] net_ratelimit: 21 callbacks suppressed
[  290.075802][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  290.175777][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  290.201598][T10626] lo speed is unknown, defaulting to 1000
[  290.254267][T10649] netlink: 'syz.3.1457': attribute type 4 has an invalid length.
[  290.265952][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  290.280131][T10649] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1457'.
[  290.320916][T10536] hsr_slave_0: entered promiscuous mode
[  290.335949][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  290.359652][T10536] hsr_slave_1: entered promiscuous mode
[  290.384918][T10536] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  290.404681][T10536] Cannot create hsr debugfs directory
[  290.513410][T10659] netlink: 'syz.3.1460': attribute type 1 has an invalid length.
[  290.554329][T10659] netlink: 636 bytes leftover after parsing attributes in process `syz.3.1460'.
[  290.719051][T10667] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  290.751475][T10667] tipc: Enabled bearer <udp:s>, priority 10
[  290.792592][T10671] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1463'.
[  290.815748][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  290.856386][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  290.891906][T10536] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.904271][ T5242] Bluetooth: hci2: command tx timeout
[  290.980966][T10678] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1465'.
[  291.126336][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  291.145766][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  291.213088][T10536] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.225874][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  291.287381][T10686] netlink: 11562 bytes leftover after parsing attributes in process `syz.4.1467'.
[  291.390790][T10536] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.567886][T10536] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.851949][T10710] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  291.931099][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.965872][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.049735][T10536] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  292.071598][T10536] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  292.093494][T10536] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  292.125970][T10536] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  292.335087][T10536] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.370841][T10536] 8021q: adding VLAN 0 to HW filter on device team0
[  292.389237][ T8543] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.396497][ T8543] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.425358][ T8543] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.432619][ T8543] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.771672][T10536] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.832243][T10536] veth0_vlan: entered promiscuous mode
[  292.858567][T10536] veth1_vlan: entered promiscuous mode
[  292.949538][T10536] veth0_macvtap: entered promiscuous mode
[  292.964598][T10536] veth1_macvtap: entered promiscuous mode
[  292.991286][ T4625] Bluetooth: hci2: command tx timeout
[  293.030982][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.072855][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.091371][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.103058][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.120743][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.134855][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.163743][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.187616][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.208046][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.236277][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.255736][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.273821][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.305154][T10536] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.367332][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.405732][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.437921][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.471590][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.505904][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.534291][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.557470][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.578221][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.594246][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.613675][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.627543][T10536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.639847][T10536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.652045][T10536] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.673351][T10536] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.697265][T10536] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.716283][T10536] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.725027][T10536] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.781143][ T4625] Bluetooth: hci5: command 0x0406 tx timeout
[  293.781736][ T5243] Bluetooth: hci7: command 0x0406 tx timeout
[  293.789625][ T5244] Bluetooth: hci8: command 0x0406 tx timeout
[  293.793679][ T5243] Bluetooth: hci6: command 0x0406 tx timeout
[  293.819594][T10761] __nla_validate_parse: 2 callbacks suppressed
[  293.819614][T10761] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1485'.
[  293.892168][T10764] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  293.907254][T10767] netlink: 'syz.1.1487': attribute type 12 has an invalid length.
[  293.920159][T10767] netlink: 'syz.1.1487': attribute type 11 has an invalid length.
[  293.967238][T10767] netlink: 190580 bytes leftover after parsing attributes in process `syz.1.1487'.
[  294.222451][T10779] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1491'.
[  294.263206][ T2576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.272624][ T2576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.351161][ T8542] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.394884][ T8542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.425167][T10791] netlink: 'syz.1.1493': attribute type 14 has an invalid length.
[  294.457733][T10788] nbd: nbd0 already in use
[  294.463836][T10788] block nbd0: must specify backend
[  294.487138][T10793] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1495'.
[  294.520614][T10793] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1495'.
[  294.633702][    T8] IPVS: starting estimator thread 0...
[  294.644186][T10801] tipc: Started in network mode
[  294.664364][T10801] tipc: Node identity ac1414aa, cluster identity 4711
[  294.672751][T10801] tipc: Enabled bearer <udp:s>, priority 10
[  294.681973][T10803] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1496'.
[  294.726254][T10802] IPVS: using max 17 ests per chain, 40800 per kthread
[  294.943496][T10817] netlink: 'syz.2.1500': attribute type 10 has an invalid length.
[  295.056530][ T5242] Bluetooth: hci2: command tx timeout
[  295.086487][    C0] net_ratelimit: 26 callbacks suppressed
[  295.086508][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.108523][T10822] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1502'.
[  295.226582][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.295833][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.366503][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.375805][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  295.455864][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.506109][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.521575][T10834] netlink: 'syz.3.1505': attribute type 9 has an invalid length.
[  295.535972][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.586140][T10834] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1505'.
[  295.640692][T10836] netlink: 'syz.3.1505': attribute type 9 has an invalid length.
[  295.646399][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  295.654672][T10836] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1505'.
[  295.714576][T10836] ieee80211 phy36: Failed to add default virtual iface
[  295.775344][T10838] netlink: 'syz.3.1505': attribute type 9 has an invalid length.
[  295.784319][T10838] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1505'.
[  295.794544][    T9] tipc: Node number set to 2886997162
[  295.855789][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  296.113686][T10863] netlink: 'syz.0.1512': attribute type 12 has an invalid length.
[  296.265313][T10863] ieee80211 phy37: Failed to add default virtual iface
[  296.732324][T10891] Cannot find add_set index 0 as target
[  297.149582][ T5242] Bluetooth: hci2: command 0x0405 tx timeout
[  297.315086][T10913] ip6gre1: entered allmulticast mode
[  298.906186][T10959] __nla_validate_parse: 16 callbacks suppressed
[  298.906207][T10959] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1539'.
[  299.216346][ T5247] Bluetooth: hci2: command 0x0405 tx timeout
[  299.249570][T10973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1543'.
[  299.632764][T10993] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1545'.
[  299.656797][T10993] netlink: 'syz.1.1545': attribute type 4 has an invalid length.
[  299.685351][T10988] delete_channel: no stack
[  300.007642][T11004] bridge6: entered promiscuous mode
[  300.175823][    C0] net_ratelimit: 33 callbacks suppressed
[  300.175847][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  300.422234][T11015] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1552'.
[  300.442779][T11015] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1552'.
[  300.457457][T11017] netlink: 'syz.0.1554': attribute type 8 has an invalid length.
[  300.497187][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  300.575831][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  300.656065][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  300.681645][T11025] netlink: 'syz.0.1556': attribute type 3 has an invalid length.
[  300.690586][T11025] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1556'.
[  300.718438][T11025] bM: left allmulticast mode
[  300.735997][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  300.895808][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  301.055834][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  301.057676][T11025] sit0: left promiscuous mode
[  301.215758][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  301.281250][T11029] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1558'.
[  301.535756][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  301.625755][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  301.783179][T11025] bond0: left promiscuous mode
[  303.347086][T11025] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.358547][T11025] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.391021][T11025] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.406354][T11025] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  303.446558][T11025] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  303.586186][T11025] mac80211_hwsim hwsim14 wlan0: left promiscuous mode
[  303.617990][T11025] mac80211_hwsim hwsim15 wlan1: left allmulticast mode
[  303.625153][T11025] vlan2: left promiscuous mode
[  303.669468][T11025] gre1: left promiscuous mode
[  303.674218][T11025] gre1: left allmulticast mode
[  303.696598][T11025] macvlan3: left promiscuous mode
[  303.701680][T11025] macvlan3: left allmulticast mode
[  303.724523][T11025] bridge0: left promiscuous mode
[  303.740560][T11025] bridge5: left promiscuous mode
[  303.760930][T11025] bridge6: left promiscuous mode
[  303.798123][T11039] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1561'.
[  303.814939][T11041] tap0: tun_chr_ioctl cmd 1074025677
[  303.826486][T11041] tap0: linktype set to 270
[  304.383848][T11065] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1567'.
[  304.744505][T11073] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1570'.
[  304.967368][T11080] netlink: 'syz.0.1572': attribute type 21 has an invalid length.
[  304.975445][T11080] IPv6: NLM_F_CREATE should be specified when creating new route
[  305.041264][T11085] netlink: 'syz.0.1577': attribute type 10 has an invalid length.
[  305.050005][T11085] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1577'.
[  305.215817][    C0] net_ratelimit: 24 callbacks suppressed
[  305.215838][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  305.232650][T11095] FAULT_INJECTION: forcing a failure.
[  305.232650][T11095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.283262][T11095] CPU: 1 UID: 0 PID: 11095 Comm: syz.2.1579 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  305.294098][T11095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  305.304186][T11095] Call Trace:
[  305.307496][T11095]  <TASK>
[  305.310447][T11095]  dump_stack_lvl+0x241/0x360
[  305.315166][T11095]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.320397][T11095]  ? __pfx__printk+0x10/0x10
[  305.325040][T11095]  ? __pfx_lock_release+0x10/0x10
[  305.330125][T11095]  should_fail_ex+0x3b0/0x4e0
[  305.334871][T11095]  _copy_from_user+0x2f/0xe0
[  305.339504][T11095]  copy_msghdr_from_user+0xae/0x680
[  305.344731][T11095]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  305.350574][T11095]  __sys_sendmsg+0x22d/0x380
[  305.355234][T11095]  ? __pfx___sys_sendmsg+0x10/0x10
[  305.360389][T11095]  ? __pfx_vfs_write+0x10/0x10
[  305.365267][T11095]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  305.371627][T11095]  ? do_syscall_64+0x100/0x230
[  305.375807][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  305.376409][T11095]  ? do_syscall_64+0xb6/0x230
[  305.388047][T11095]  do_syscall_64+0xf3/0x230
[  305.392674][T11095]  ? clear_bhb_loop+0x35/0x90
[  305.397389][T11095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.403325][T11095] RIP: 0033:0x7fd1eff7dff9
[  305.407769][T11095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.427413][T11095] RSP: 002b:00007fd1f0d17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  305.435871][T11095] RAX: ffffffffffffffda RBX: 00007fd1f0135f80 RCX: 00007fd1eff7dff9
[  305.443872][T11095] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  305.451873][T11095] RBP: 00007fd1f0d17090 R08: 0000000000000000 R09: 0000000000000000
[  305.459879][T11095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.467973][T11095] R13: 0000000000000000 R14: 00007fd1f0135f80 R15: 00007ffc162faf48
[  305.476092][T11095]  </TASK>
[  305.695757][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  305.776893][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  305.855757][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  305.935778][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  306.095935][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  306.255755][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  306.416808][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  306.735773][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  307.761415][T11110] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1585'.
[  307.932775][T11121] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1588'.
[  307.945492][T11119] netlink: 'syz.4.1589': attribute type 10 has an invalid length.
[  307.976444][T11121] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1588'.
[  308.006528][T11119] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1589'.
[  308.044017][T11127] netlink: 'syz.3.1591': attribute type 10 has an invalid length.
[  308.065995][T11127] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1591'.
[  308.338645][T11143] FAULT_INJECTION: forcing a failure.
[  308.338645][T11143] name failslab, interval 1, probability 0, space 0, times 0
[  308.373912][T11143] CPU: 1 UID: 0 PID: 11143 Comm: syz.1.1594 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  308.384747][T11143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  308.391841][T11144] lo speed is unknown, defaulting to 1000
[  308.394813][T11143] Call Trace:
[  308.394827][T11143]  <TASK>
[  308.394843][T11143]  dump_stack_lvl+0x241/0x360
[  308.411540][T11143]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.416774][T11143]  ? __pfx__printk+0x10/0x10
[  308.421461][T11143]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  308.427489][T11143]  ? __pfx___might_resched+0x10/0x10
[  308.432816][T11143]  ? aa_label_sk_perm+0x4f3/0x6c0
[  308.433526][T11147] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1593'.
[  308.437871][T11143]  should_fail_ex+0x3b0/0x4e0
[  308.437917][T11143]  should_failslab+0xac/0x100
[  308.437947][T11143]  ? __alloc_skb+0x1c3/0x440
[  308.437971][T11143]  kmem_cache_alloc_node_noprof+0x71/0x320
[  308.438008][T11143]  __alloc_skb+0x1c3/0x440
[  308.438036][T11143]  ? __pfx___alloc_skb+0x10/0x10
[  308.438068][T11143]  netlink_sendmsg+0x638/0xcb0
[  308.438102][T11143]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.438129][T11143]  ? aa_sock_msg_perm+0x91/0x160
[  308.438161][T11143]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.438182][T11143]  __sock_sendmsg+0x221/0x270
[  308.438215][T11143]  ____sys_sendmsg+0x52a/0x7e0
[  308.438250][T11143]  ? __pfx_____sys_sendmsg+0x10/0x10
[  308.438293][T11143]  __sys_sendmsg+0x292/0x380
[  308.438320][T11143]  ? __pfx___sys_sendmsg+0x10/0x10
[  308.438358][T11143]  ? __pfx_vfs_write+0x10/0x10
[  308.438409][T11143]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  308.438446][T11143]  ? do_syscall_64+0x100/0x230
[  308.438473][T11143]  ? do_syscall_64+0xb6/0x230
[  308.438499][T11143]  do_syscall_64+0xf3/0x230
[  308.438521][T11143]  ? clear_bhb_loop+0x35/0x90
[  308.438546][T11143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.438580][T11143] RIP: 0033:0x7fb76617dff9
[  308.438601][T11143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.438622][T11143] RSP: 002b:00007fb765bff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  308.589486][T11143] RAX: ffffffffffffffda RBX: 00007fb766335f80 RCX: 00007fb76617dff9
[  308.597474][T11143] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  308.605455][T11143] RBP: 00007fb765bff090 R08: 0000000000000000 R09: 0000000000000000
[  308.613450][T11143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.621457][T11143] R13: 0000000000000000 R14: 00007fb766335f80 R15: 00007ffd1ba514d8
[  308.629455][T11143]  </TASK>
[  308.821286][T11154] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) !
[  308.987259][T11158] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1600'.
[  309.009950][T11163] netlink: 'syz.4.1603': attribute type 10 has an invalid length.
[  309.178818][T11174] netlink: 'syz.3.1608': attribute type 3 has an invalid length.
[  309.236831][T11176] netlink: 'syz.1.1607': attribute type 10 has an invalid length.
[  309.403988][T11144] __nla_validate_parse: 3 callbacks suppressed
[  309.404007][T11144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1595'.
[  309.766683][T11200] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1614'.
[  309.918217][T11206] netlink: 'syz.2.1616': attribute type 10 has an invalid length.
[  309.937469][T11206] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1616'.
[  310.023127][T11213] netlink: 280 bytes leftover after parsing attributes in process `syz.4.1618'.
[  310.162087][T11217] netlink: 'syz.0.1620': attribute type 1 has an invalid length.
[  310.226032][T11217] 8021q: adding VLAN 0 to HW filter on device bond3
[  310.256136][    C0] net_ratelimit: 25 callbacks suppressed
[  310.256156][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  310.349498][T11230] netlink: 'syz.1.1623': attribute type 5 has an invalid length.
[  310.407739][T11229] netlink: 'syz.1.1623': attribute type 21 has an invalid length.
[  310.415773][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  310.427192][T11226] lo speed is unknown, defaulting to 1000
[  310.437312][T11218] lo speed is unknown, defaulting to 1000
[  310.444715][T11232] FAULT_INJECTION: forcing a failure.
[  310.444715][T11232] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.487440][T11232] CPU: 1 UID: 0 PID: 11232 Comm: syz.0.1624 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  310.498278][T11232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  310.508375][T11232] Call Trace:
[  310.511689][T11232]  <TASK>
[  310.514651][T11232]  dump_stack_lvl+0x241/0x360
[  310.519375][T11232]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.524607][T11232]  ? __pfx__printk+0x10/0x10
[  310.529244][T11232]  ? __pfx_lock_release+0x10/0x10
[  310.534347][T11232]  should_fail_ex+0x3b0/0x4e0
[  310.539091][T11232]  _copy_from_iter+0x1ed/0x1d60
[  310.543979][T11232]  ? __virt_addr_valid+0x183/0x530
[  310.549131][T11232]  ? __pfx_lock_release+0x10/0x10
[  310.554220][T11232]  ? __alloc_skb+0x28f/0x440
[  310.558851][T11232]  ? __pfx__copy_from_iter+0x10/0x10
[  310.564178][T11232]  ? __virt_addr_valid+0x183/0x530
[  310.569326][T11232]  ? __virt_addr_valid+0x183/0x530
[  310.574464][T11232]  ? __virt_addr_valid+0x45f/0x530
[  310.577151][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  310.579670][T11232]  ? __check_object_size+0x48e/0x900
[  310.591831][T11232]  netlink_sendmsg+0x73d/0xcb0
[  310.596616][T11232]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.601932][T11232]  ? aa_sock_msg_perm+0x91/0x160
[  310.606894][T11232]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.612191][T11232]  __sock_sendmsg+0x221/0x270
[  310.616986][T11232]  ____sys_sendmsg+0x52a/0x7e0
[  310.621770][T11232]  ? __pfx_____sys_sendmsg+0x10/0x10
[  310.627081][T11232]  __sys_sendmsg+0x292/0x380
[  310.631859][T11232]  ? __pfx___sys_sendmsg+0x10/0x10
[  310.637168][T11232]  ? __pfx_vfs_write+0x10/0x10
[  310.642046][T11232]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  310.648404][T11232]  ? do_syscall_64+0x100/0x230
[  310.653178][T11232]  ? do_syscall_64+0xb6/0x230
[  310.657865][T11232]  do_syscall_64+0xf3/0x230
[  310.662419][T11232]  ? clear_bhb_loop+0x35/0x90
[  310.667112][T11232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.673022][T11232] RIP: 0033:0x7f9034d7dff9
[  310.677453][T11232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.697160][T11232] RSP: 002b:00007f9035b59038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  310.705612][T11232] RAX: ffffffffffffffda RBX: 00007f9034f35f80 RCX: 00007f9034d7dff9
[  310.713627][T11232] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  310.721609][T11232] RBP: 00007f9035b59090 R08: 0000000000000000 R09: 0000000000000000
[  310.729584][T11232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.737564][T11232] R13: 0000000000000000 R14: 00007f9034f35f80 R15: 00007ffd3ef9f4c8
[  310.745560][T11232]  </TASK>
[  310.905874][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  310.975850][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  311.065738][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  311.135873][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  311.283778][T11252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1629'.
[  311.295791][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  311.433280][T11256] netlink: 'syz.4.1630': attribute type 10 has an invalid length.
[  311.445353][T11256] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1630'.
[  311.455746][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  311.562924][T11262] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1633'.
[  311.615750][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  311.704731][T11270] FAULT_INJECTION: forcing a failure.
[  311.704731][T11270] name failslab, interval 1, probability 0, space 0, times 0
[  311.753743][T11270] CPU: 1 UID: 0 PID: 11270 Comm: syz.1.1636 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  311.764582][T11270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  311.774724][T11270] Call Trace:
[  311.778039][T11270]  <TASK>
[  311.780994][T11270]  dump_stack_lvl+0x241/0x360
[  311.785807][T11270]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.791041][T11270]  ? __pfx__printk+0x10/0x10
[  311.795678][T11270]  ? __kmalloc_noprof+0xb0/0x400
[  311.800660][T11270]  ? __pfx___might_resched+0x10/0x10
[  311.805992][T11270]  should_fail_ex+0x3b0/0x4e0
[  311.810721][T11270]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  311.817004][T11270]  should_failslab+0xac/0x100
[  311.821702][T11270]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  311.827962][T11270]  __kmalloc_noprof+0xd8/0x400
[  311.832923][T11270]  ? apparmor_capable+0x13b/0x1b0
[  311.837990][T11270]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  311.844103][T11270]  genl_rcv_msg+0x802/0xec0
[  311.848635][T11270]  ? mark_lock+0x9a/0x360
[  311.853084][T11270]  ? __pfx_genl_rcv_msg+0x10/0x10
[  311.858152][T11270]  ? __pfx_lock_acquire+0x10/0x10
[  311.863208][T11270]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[  311.868971][T11270]  ? __pfx___might_resched+0x10/0x10
[  311.874302][T11270]  netlink_rcv_skb+0x1e3/0x430
[  311.879118][T11270]  ? __pfx_genl_rcv_msg+0x10/0x10
[  311.884247][T11270]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  311.889597][T11270]  genl_rcv+0x28/0x40
[  311.893592][T11270]  netlink_unicast+0x7f6/0x990
[  311.898382][T11270]  ? __pfx_netlink_unicast+0x10/0x10
[  311.903718][T11270]  ? __virt_addr_valid+0x183/0x530
[  311.908855][T11270]  ? __check_object_size+0x48e/0x900
[  311.914158][T11270]  netlink_sendmsg+0x8e4/0xcb0
[  311.918961][T11270]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.924266][T11270]  ? aa_sock_msg_perm+0x91/0x160
[  311.929226][T11270]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.934543][T11270]  __sock_sendmsg+0x221/0x270
[  311.939253][T11270]  ____sys_sendmsg+0x52a/0x7e0
[  311.944080][T11270]  ? __pfx_____sys_sendmsg+0x10/0x10
[  311.949415][T11270]  __sys_sendmsg+0x292/0x380
[  311.954122][T11270]  ? __pfx___sys_sendmsg+0x10/0x10
[  311.959258][T11270]  ? __pfx_vfs_write+0x10/0x10
[  311.964048][T11270]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  311.970410][T11270]  ? do_syscall_64+0x100/0x230
[  311.975200][T11270]  ? do_syscall_64+0xb6/0x230
[  311.979889][T11270]  do_syscall_64+0xf3/0x230
[  311.984412][T11270]  ? clear_bhb_loop+0x35/0x90
[  311.989188][T11270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.995102][T11270] RIP: 0033:0x7fb76617dff9
[  311.999543][T11270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.019173][T11270] RSP: 002b:00007fb765bff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.027610][T11270] RAX: ffffffffffffffda RBX: 00007fb766335f80 RCX: 00007fb76617dff9
[  312.035606][T11270] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  312.043602][T11270] RBP: 00007fb765bff090 R08: 0000000000000000 R09: 0000000000000000
[  312.051776][T11270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.059757][T11270] R13: 0000000000000000 R14: 00007fb766335f80 R15: 00007ffd1ba514d8
[  312.067753][T11270]  </TASK>
[  312.322821][T11288] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1643'.
[  312.544161][T11297] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1645'.
[  312.560529][T11295] rdma_op ffff888064e7e9f0 conn xmit_rdma 0000000000000000
[  312.596141][T11301] x_tables: duplicate underflow at hook 3
[  312.596160][T11302] x_tables: duplicate underflow at hook 3
[  312.614331][T11300] lo speed is unknown, defaulting to 1000
[  312.647667][T11295] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1644'.
[  312.664154][T11306] xt_TPROXY: Can be used only with -p tcp or -p udp
[  312.882220][T11315] FAULT_INJECTION: forcing a failure.
[  312.882220][T11315] name failslab, interval 1, probability 0, space 0, times 0
[  312.899313][T11315] CPU: 1 UID: 0 PID: 11315 Comm: syz.3.1651 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  312.910148][T11315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  312.920235][T11315] Call Trace:
[  312.923542][T11315]  <TASK>
[  312.926525][T11315]  dump_stack_lvl+0x241/0x360
[  312.931248][T11315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.936514][T11315]  ? __pfx__printk+0x10/0x10
[  312.941181][T11315]  ? __kmalloc_noprof+0xb0/0x400
[  312.946164][T11315]  ? __pfx___might_resched+0x10/0x10
[  312.951517][T11315]  should_fail_ex+0x3b0/0x4e0
[  312.956249][T11315]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  312.961396][T11315]  should_failslab+0xac/0x100
[  312.966110][T11315]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  312.971259][T11315]  __kmalloc_noprof+0xd8/0x400
[  312.976076][T11315]  nfc_llcp_build_tlv+0xe0/0x1f0
[  312.981059][T11315]  nfc_llcp_build_gb+0x1be/0x720
[  312.986034][T11315]  ? nfc_llcp_find_local+0x108/0x160
[  312.991356][T11315]  ? __pfx_lock_release+0x10/0x10
[  312.996432][T11315]  ? __pfx_nfc_llcp_build_gb+0x10/0x10
[  313.002057][T11315]  ? nfc_get_device+0x98/0x100
[  313.006863][T11315]  ? do_raw_spin_unlock+0x13c/0x8b0
[  313.012106][T11315]  ? class_find_device+0x33b/0x390
[  313.017271][T11315]  ? _raw_spin_unlock+0x28/0x50
[  313.022173][T11315]  nfc_llcp_general_bytes+0x3d/0x170
[  313.027512][T11315]  nfc_dep_link_up+0x1c9/0x560
[  313.032328][T11315]  ? nfc_get_device+0x98/0x100
[  313.037137][T11315]  ? __pfx_nfc_dep_link_up+0x10/0x10
[  313.042468][T11315]  ? __nla_parse+0x40/0x60
[  313.046942][T11315]  nfc_genl_dep_link_up+0x16b/0x220
[  313.052193][T11315]  genl_rcv_msg+0xb14/0xec0
[  313.056735][T11315]  ? mark_lock+0x9a/0x360
[  313.061116][T11315]  ? __pfx_genl_rcv_msg+0x10/0x10
[  313.066214][T11315]  ? __pfx_lock_acquire+0x10/0x10
[  313.071295][T11315]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[  313.077068][T11315]  ? __pfx___might_resched+0x10/0x10
[  313.082412][T11315]  netlink_rcv_skb+0x1e3/0x430
[  313.087325][T11315]  ? __pfx_genl_rcv_msg+0x10/0x10
[  313.092451][T11315]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  313.097934][T11315]  genl_rcv+0x28/0x40
[  313.101969][T11315]  netlink_unicast+0x7f6/0x990
[  313.106816][T11315]  ? __pfx_netlink_unicast+0x10/0x10
[  313.112167][T11315]  ? __virt_addr_valid+0x183/0x530
[  313.117341][T11315]  ? __check_object_size+0x48e/0x900
[  313.122691][T11315]  netlink_sendmsg+0x8e4/0xcb0
[  313.127518][T11315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.132854][T11315]  ? aa_sock_msg_perm+0x91/0x160
[  313.137861][T11315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.143189][T11315]  __sock_sendmsg+0x221/0x270
[  313.147920][T11315]  ____sys_sendmsg+0x52a/0x7e0
[  313.152732][T11315]  ? __pfx_____sys_sendmsg+0x10/0x10
[  313.158080][T11315]  __sys_sendmsg+0x292/0x380
[  313.162716][T11315]  ? __pfx___sys_sendmsg+0x10/0x10
[  313.167888][T11315]  ? __pfx_vfs_write+0x10/0x10
[  313.172720][T11315]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  313.179182][T11315]  ? do_syscall_64+0x100/0x230
[  313.183993][T11315]  ? do_syscall_64+0xb6/0x230
[  313.188716][T11315]  do_syscall_64+0xf3/0x230
[  313.193275][T11315]  ? clear_bhb_loop+0x35/0x90
[  313.197993][T11315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.203940][T11315] RIP: 0033:0x7f1cfc57dff9
[  313.208396][T11315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.228049][T11315] RSP: 002b:00007f1cfd374038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  313.236558][T11315] RAX: ffffffffffffffda RBX: 00007f1cfc735f80 RCX: 00007f1cfc57dff9
[  313.244610][T11315] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  313.252617][T11315] RBP: 00007f1cfd374090 R08: 0000000000000000 R09: 0000000000000000
[  313.260637][T11315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.268655][T11315] R13: 0000000000000000 R14: 00007f1cfc735f80 R15: 00007ffe89d68258
[  313.276781][T11315]  </TASK>
[  313.617522][T11335] validate_nla: 4 callbacks suppressed
[  313.617544][T11335] netlink: 'syz.2.1658': attribute type 10 has an invalid length.
[  313.722999][T11340] lo speed is unknown, defaulting to 1000
[  313.929079][T11349] netlink: 'syz.0.1660': attribute type 10 has an invalid length.
[  314.119040][T11362] netlink: 'syz.4.1664': attribute type 10 has an invalid length.
[  314.141249][T11362] FAULT_INJECTION: forcing a failure.
[  314.141249][T11362] name failslab, interval 1, probability 0, space 0, times 0
[  314.183544][T11362] CPU: 0 UID: 0 PID: 11362 Comm: syz.4.1664 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  314.194383][T11362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  314.204489][T11362] Call Trace:
[  314.207804][T11362]  <TASK>
[  314.210773][T11362]  dump_stack_lvl+0x241/0x360
[  314.215500][T11362]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.220748][T11362]  ? __pfx__printk+0x10/0x10
[  314.225398][T11362]  ? __kmalloc_noprof+0xb0/0x400
[  314.230395][T11362]  ? __pfx___might_resched+0x10/0x10
[  314.235828][T11362]  should_fail_ex+0x3b0/0x4e0
[  314.240564][T11362]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  314.245720][T11362]  should_failslab+0xac/0x100
[  314.250526][T11362]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  314.255671][T11362]  __kmalloc_noprof+0xd8/0x400
[  314.260490][T11362]  nfc_llcp_build_tlv+0xe0/0x1f0
[  314.265485][T11362]  nfc_llcp_build_gb+0x20d/0x720
[  314.270476][T11362]  ? nfc_llcp_find_local+0x108/0x160
[  314.275806][T11362]  ? __pfx_lock_release+0x10/0x10
[  314.280886][T11362]  ? __pfx_nfc_llcp_build_gb+0x10/0x10
[  314.286481][T11362]  ? nfc_get_device+0x98/0x100
[  314.291303][T11362]  ? do_raw_spin_unlock+0x13c/0x8b0
[  314.296553][T11362]  ? class_find_device+0x33b/0x390
[  314.301721][T11362]  ? _raw_spin_unlock+0x28/0x50
[  314.306625][T11362]  nfc_llcp_general_bytes+0x3d/0x170
[  314.311956][T11362]  nfc_dep_link_up+0x1c9/0x560
[  314.316767][T11362]  ? nfc_get_device+0x98/0x100
[  314.321572][T11362]  ? __pfx_nfc_dep_link_up+0x10/0x10
[  314.326897][T11362]  ? __nla_parse+0x40/0x60
[  314.331368][T11362]  nfc_genl_dep_link_up+0x16b/0x220
[  314.336635][T11362]  genl_rcv_msg+0xb14/0xec0
[  314.341184][T11362]  ? mark_lock+0x9a/0x360
[  314.345594][T11362]  ? __pfx_genl_rcv_msg+0x10/0x10
[  314.350703][T11362]  ? __pfx_lock_acquire+0x10/0x10
[  314.355784][T11362]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[  314.361555][T11362]  ? __pfx___might_resched+0x10/0x10
[  314.366912][T11362]  netlink_rcv_skb+0x1e3/0x430
[  314.371750][T11362]  ? __pfx_genl_rcv_msg+0x10/0x10
[  314.376832][T11362]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  314.382237][T11362]  genl_rcv+0x28/0x40
[  314.386359][T11362]  netlink_unicast+0x7f6/0x990
[  314.391189][T11362]  ? __pfx_netlink_unicast+0x10/0x10
[  314.396530][T11362]  ? __virt_addr_valid+0x183/0x530
[  314.401703][T11362]  ? __check_object_size+0x48e/0x900
[  314.407058][T11362]  netlink_sendmsg+0x8e4/0xcb0
[  314.412048][T11362]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.417391][T11362]  ? aa_sock_msg_perm+0x91/0x160
[  314.422395][T11362]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.427734][T11362]  __sock_sendmsg+0x221/0x270
[  314.432478][T11362]  ____sys_sendmsg+0x52a/0x7e0
[  314.437300][T11362]  ? __pfx_____sys_sendmsg+0x10/0x10
[  314.442659][T11362]  __sys_sendmsg+0x292/0x380
[  314.447301][T11362]  ? __pfx___sys_sendmsg+0x10/0x10
[  314.452468][T11362]  ? __pfx_vfs_write+0x10/0x10
[  314.457308][T11362]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  314.463688][T11362]  ? do_syscall_64+0x100/0x230
[  314.468474][T11362]  ? do_syscall_64+0xb6/0x230
[  314.473161][T11362]  do_syscall_64+0xf3/0x230
[  314.477670][T11362]  ? clear_bhb_loop+0x35/0x90
[  314.482401][T11362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.488321][T11362] RIP: 0033:0x7f893837dff9
[  314.492854][T11362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.512552][T11362] RSP: 002b:00007f893909e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.520984][T11362] RAX: ffffffffffffffda RBX: 00007f8938535f80 RCX: 00007f893837dff9
[  314.528962][T11362] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  314.536943][T11362] RBP: 00007f893909e090 R08: 0000000000000000 R09: 0000000000000000
[  314.544924][T11362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.552903][T11362] R13: 0000000000000000 R14: 00007f8938535f80 R15: 00007ffe093d4298
[  314.560909][T11362]  </TASK>
[  314.655103][T11347] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.253986][T11412] __nla_validate_parse: 7 callbacks suppressed
[  315.254006][T11412] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1673'.
[  315.308767][T11347] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.375871][    C1] net_ratelimit: 22 callbacks suppressed
[  315.375892][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  315.388584][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  315.395648][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  315.402640][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  315.403550][T11415] netlink: 'syz.2.1676': attribute type 10 has an invalid length.
[  315.452028][T11415] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1676'.
[  315.469308][T11417] netlink: 280 bytes leftover after parsing attributes in process `syz.4.1675'.
[  315.470699][T11347] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.616077][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  315.623229][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  315.655379][T11347] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.679763][T11424] netlink: 'syz.4.1678': attribute type 10 has an invalid length.
[  315.692946][T11424] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1678'.
[  315.729770][T11424] FAULT_INJECTION: forcing a failure.
[  315.729770][T11424] name failslab, interval 1, probability 0, space 0, times 0
[  315.767983][T11429] netlink: 'syz.0.1680': attribute type 10 has an invalid length.
[  315.775833][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  315.785296][T11424] CPU: 1 UID: 0 PID: 11424 Comm: syz.4.1678 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  315.796135][T11424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  315.806238][T11424] Call Trace:
[  315.809553][T11424]  <TASK>
[  315.812517][T11424]  dump_stack_lvl+0x241/0x360
[  315.817231][T11424]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.822475][T11424]  ? __pfx__printk+0x10/0x10
[  315.827234][T11424]  ? __kmalloc_noprof+0xb0/0x400
[  315.832281][T11424]  ? __pfx___might_resched+0x10/0x10
[  315.837620][T11424]  should_fail_ex+0x3b0/0x4e0
[  315.842325][T11424]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  315.847473][T11424]  should_failslab+0xac/0x100
[  315.852169][T11424]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  315.857293][T11424]  __kmalloc_noprof+0xd8/0x400
[  315.862099][T11424]  nfc_llcp_build_tlv+0xe0/0x1f0
[  315.867140][T11424]  nfc_llcp_build_gb+0x262/0x720
[  315.872095][T11424]  ? __pfx_nfc_llcp_build_gb+0x10/0x10
[  315.877562][T11424]  ? nfc_get_device+0x98/0x100
[  315.882349][T11424]  ? trace_raw_output_emulate_vsyscall+0xa4/0xd0
[  315.888828][T11424]  ? _raw_spin_unlock+0x3e/0x50
[  315.893716][T11424]  nfc_llcp_general_bytes+0x3d/0x170
[  315.899018][T11424]  nfc_dep_link_up+0x1c9/0x560
[  315.903802][T11424]  ? nfc_get_device+0x98/0x100
[  315.908674][T11424]  ? __pfx_nfc_dep_link_up+0x10/0x10
[  315.913984][T11424]  ? __nla_parse+0x40/0x60
[  315.918427][T11424]  nfc_genl_dep_link_up+0x16b/0x220
[  315.923651][T11424]  genl_rcv_msg+0xb14/0xec0
[  315.928175][T11424]  ? mark_lock+0x9a/0x360
[  315.932540][T11424]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.937612][T11424]  ? __pfx_lock_acquire+0x10/0x10
[  315.942659][T11424]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[  315.948399][T11424]  ? __pfx___might_resched+0x10/0x10
[  315.953723][T11424]  netlink_rcv_skb+0x1e3/0x430
[  315.958505][T11424]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.963543][T11424]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  315.968962][T11424]  genl_rcv+0x28/0x40
[  315.973045][T11424]  netlink_unicast+0x7f6/0x990
[  315.977839][T11424]  ? __pfx_netlink_unicast+0x10/0x10
[  315.983145][T11424]  ? __virt_addr_valid+0x183/0x530
[  315.988271][T11424]  ? __check_object_size+0x48e/0x900
[  315.993577][T11424]  netlink_sendmsg+0x8e4/0xcb0
[  315.998358][T11424]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.003750][T11424]  ? aa_sock_msg_perm+0x91/0x160
[  316.008716][T11424]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.014024][T11424]  __sock_sendmsg+0x221/0x270
[  316.018763][T11424]  ____sys_sendmsg+0x52a/0x7e0
[  316.023550][T11424]  ? __pfx_____sys_sendmsg+0x10/0x10
[  316.028870][T11424]  __sys_sendmsg+0x292/0x380
[  316.033479][T11424]  ? __pfx___sys_sendmsg+0x10/0x10
[  316.038621][T11424]  ? __pfx_vfs_write+0x10/0x10
[  316.043419][T11424]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  316.049772][T11424]  ? do_syscall_64+0x100/0x230
[  316.054549][T11424]  ? do_syscall_64+0xb6/0x230
[  316.059257][T11424]  do_syscall_64+0xf3/0x230
[  316.063858][T11424]  ? clear_bhb_loop+0x35/0x90
[  316.068553][T11424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.074472][T11424] RIP: 0033:0x7f893837dff9
[  316.078903][T11424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.098615][T11424] RSP: 002b:00007f893909e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.107057][T11424] RAX: ffffffffffffffda RBX: 00007f8938535f80 RCX: 00007f893837dff9
[  316.115304][T11424] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  316.123297][T11424] RBP: 00007f893909e090 R08: 0000000000000000 R09: 0000000000000000
[  316.131380][T11424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.139361][T11424] R13: 0000000000000000 R14: 00007f8938535f80 R15: 00007ffe093d4298
[  316.147537][T11424]  </TASK>
[  316.162052][T11429] team0: Port device netdevsim0 added
[  316.234714][T11347] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.272074][T11347] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.311171][T11347] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.323132][T11439] netlink: 'syz.1.1682': attribute type 1 has an invalid length.
[  316.339620][T11347] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.426023][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  316.433187][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  316.440224][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  316.468865][T11442] netlink: 'syz.0.1683': attribute type 8 has an invalid length.
[  316.489938][T11442] netlink: 'syz.0.1683': attribute type 7 has an invalid length.
[  316.515067][T11442] netlink: 212 bytes leftover after parsing attributes in process `syz.0.1683'.
[  316.643803][T11451] mac80211_hwsim hwsim32 wlan0: entered promiscuous mode
[  316.651281][T11451] macsec1: entered promiscuous mode
[  316.658228][T11451] macsec1: entered allmulticast mode
[  316.663662][T11451] mac80211_hwsim hwsim32 wlan0: entered allmulticast mode
[  316.725635][T11453] netlink: 280 bytes leftover after parsing attributes in process `syz.2.1688'.
[  316.834059][T11459] netlink: 'syz.2.1690': attribute type 10 has an invalid length.
[  316.845509][T11459] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1690'.
[  316.985496][T11464] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 1
[  317.218892][T11486] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1696'.
[  317.249647][T11486] FAULT_INJECTION: forcing a failure.
[  317.249647][T11486] name failslab, interval 1, probability 0, space 0, times 0
[  317.278000][T11486] CPU: 1 UID: 0 PID: 11486 Comm: syz.2.1696 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  317.288849][T11486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  317.298952][T11486] Call Trace:
[  317.302271][T11486]  <TASK>
[  317.305243][T11486]  dump_stack_lvl+0x241/0x360
[  317.309970][T11486]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.315246][T11486]  ? __pfx__printk+0x10/0x10
[  317.319913][T11486]  ? __kmalloc_noprof+0xb0/0x400
[  317.324897][T11486]  ? __pfx___might_resched+0x10/0x10
[  317.330250][T11486]  should_fail_ex+0x3b0/0x4e0
[  317.335013][T11486]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  317.339128][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  317.340144][T11486]  should_failslab+0xac/0x100
[  317.351108][T11486]  ? nfc_llcp_build_tlv+0xe0/0x1f0
[  317.356361][T11486]  __kmalloc_noprof+0xd8/0x400
[  317.361184][T11486]  nfc_llcp_build_tlv+0xe0/0x1f0
[  317.366175][T11486]  nfc_llcp_build_gb+0x2bf/0x720
[  317.371190][T11486]  ? __pfx_nfc_llcp_build_gb+0x10/0x10
[  317.376669][T11486]  ? nfc_get_device+0x98/0x100
[  317.381453][T11486]  ? do_raw_spin_unlock+0x13c/0x8b0
[  317.386666][T11486]  ? class_find_device+0x33b/0x390
[  317.391807][T11486]  ? _raw_spin_unlock+0x28/0x50
[  317.396682][T11486]  nfc_llcp_general_bytes+0x3d/0x170
[  317.401979][T11486]  nfc_dep_link_up+0x1c9/0x560
[  317.406757][T11486]  ? nfc_get_device+0x98/0x100
[  317.411551][T11486]  ? __pfx_nfc_dep_link_up+0x10/0x10
[  317.416849][T11486]  ? __nla_parse+0x40/0x60
[  317.421282][T11486]  nfc_genl_dep_link_up+0x16b/0x220
[  317.426503][T11486]  genl_rcv_msg+0xb14/0xec0
[  317.431020][T11486]  ? mark_lock+0x9a/0x360
[  317.435373][T11486]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.440444][T11486]  ? __pfx_lock_acquire+0x10/0x10
[  317.445489][T11486]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[  317.451227][T11486]  ? __pfx___might_resched+0x10/0x10
[  317.456558][T11486]  netlink_rcv_skb+0x1e3/0x430
[  317.461520][T11486]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.466561][T11486]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  317.471889][T11486]  genl_rcv+0x28/0x40
[  317.476237][T11486]  netlink_unicast+0x7f6/0x990
[  317.481055][T11486]  ? __pfx_netlink_unicast+0x10/0x10
[  317.486363][T11486]  ? __virt_addr_valid+0x183/0x530
[  317.491499][T11486]  ? __check_object_size+0x48e/0x900
[  317.496819][T11486]  netlink_sendmsg+0x8e4/0xcb0
[  317.501605][T11486]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.506910][T11486]  ? aa_sock_msg_perm+0x91/0x160
[  317.511948][T11486]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.517269][T11486]  __sock_sendmsg+0x221/0x270
[  317.521967][T11486]  ____sys_sendmsg+0x52a/0x7e0
[  317.526753][T11486]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.532062][T11486]  __sys_sendmsg+0x292/0x380
[  317.536723][T11486]  ? __pfx___sys_sendmsg+0x10/0x10
[  317.541881][T11486]  ? __pfx_vfs_write+0x10/0x10
[  317.546679][T11486]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  317.553032][T11486]  ? do_syscall_64+0x100/0x230
[  317.557811][T11486]  ? do_syscall_64+0xb6/0x230
[  317.562499][T11486]  do_syscall_64+0xf3/0x230
[  317.567280][T11486]  ? clear_bhb_loop+0x35/0x90
[  317.571971][T11486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.577886][T11486] RIP: 0033:0x7fd1eff7dff9
[  317.582313][T11486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.601956][T11486] RSP: 002b:00007fd1f0d17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.610423][T11486] RAX: ffffffffffffffda RBX: 00007fd1f0135f80 RCX: 00007fd1eff7dff9
[  317.618411][T11486] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  317.626397][T11486] RBP: 00007fd1f0d17090 R08: 0000000000000000 R09: 0000000000000000
[  317.634378][T11486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.642364][T11486] R13: 0000000000000000 R14: 00007fd1f0135f80 R15: 00007ffc162faf48
[  317.650407][T11486]  </TASK>
[  317.857748][T11497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1699'.
[  317.892195][T11499] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1700'.
[  317.947435][T11503] sit0: entered promiscuous mode
[  318.161440][T11512] pimreg3: entered allmulticast mode
[  318.419832][T11529] FAULT_INJECTION: forcing a failure.
[  318.419832][T11529] name failslab, interval 1, probability 0, space 0, times 0
[  318.443501][T11529] CPU: 1 UID: 0 PID: 11529 Comm: syz.3.1714 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  318.454432][T11529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  318.464705][T11529] Call Trace:
[  318.468022][T11529]  <TASK>
[  318.470992][T11529]  dump_stack_lvl+0x241/0x360
[  318.475706][T11529]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.480946][T11529]  ? __pfx__printk+0x10/0x10
[  318.485592][T11529]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  318.491615][T11529]  ? __pfx___might_resched+0x10/0x10
[  318.496930][T11529]  should_fail_ex+0x3b0/0x4e0
[  318.501641][T11529]  should_failslab+0xac/0x100
[  318.506338][T11529]  ? __alloc_skb+0x1c3/0x440
[  318.510944][T11529]  kmem_cache_alloc_node_noprof+0x71/0x320
[  318.516777][T11529]  __alloc_skb+0x1c3/0x440
[  318.521209][T11529]  ? __pfx___alloc_skb+0x10/0x10
[  318.526170][T11529]  ? netlink_ack_tlv_len+0x6e/0x200
[  318.531405][T11529]  netlink_ack+0x13f/0xa30
[  318.535933][T11529]  ? __pfx_lock_acquire+0x10/0x10
[  318.541020][T11529]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[  318.546772][T11529]  netlink_rcv_skb+0x262/0x430
[  318.551558][T11529]  ? __pfx_genl_rcv_msg+0x10/0x10
[  318.556629][T11529]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  318.561962][T11529]  genl_rcv+0x28/0x40
[  318.565974][T11529]  netlink_unicast+0x7f6/0x990
[  318.570776][T11529]  ? __pfx_netlink_unicast+0x10/0x10
[  318.576086][T11529]  ? __virt_addr_valid+0x183/0x530
[  318.581263][T11529]  ? __check_object_size+0x48e/0x900
[  318.586592][T11529]  netlink_sendmsg+0x8e4/0xcb0
[  318.591380][T11529]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.596686][T11529]  ? aa_sock_msg_perm+0x91/0x160
[  318.601670][T11529]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.606970][T11529]  __sock_sendmsg+0x221/0x270
[  318.611664][T11529]  ____sys_sendmsg+0x52a/0x7e0
[  318.616448][T11529]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.621759][T11529]  __sys_sendmsg+0x292/0x380
[  318.626371][T11529]  ? __pfx___sys_sendmsg+0x10/0x10
[  318.631504][T11529]  ? __pfx_vfs_write+0x10/0x10
[  318.636315][T11529]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  318.642676][T11529]  ? do_syscall_64+0x100/0x230
[  318.647452][T11529]  ? do_syscall_64+0xb6/0x230
[  318.652141][T11529]  do_syscall_64+0xf3/0x230
[  318.656654][T11529]  ? clear_bhb_loop+0x35/0x90
[  318.661343][T11529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.667260][T11529] RIP: 0033:0x7f1cfc57dff9
[  318.671685][T11529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.691305][T11529] RSP: 002b:00007f1cfd374038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.699740][T11529] RAX: ffffffffffffffda RBX: 00007f1cfc735f80 RCX: 00007f1cfc57dff9
[  318.707749][T11529] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000004
[  318.715738][T11529] RBP: 00007f1cfd374090 R08: 0000000000000000 R09: 0000000000000000
[  318.723731][T11529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  318.731721][T11529] R13: 0000000000000000 R14: 00007f1cfc735f80 R15: 00007ffe89d68258
[  318.739725][T11529]  </TASK>
[  318.801901][T11538] batman_adv: batadv0: Adding interface: dummy0
[  318.803821][T11535] validate_nla: 6 callbacks suppressed
[  318.803838][T11535] netlink: 'syz.1.1713': attribute type 1 has an invalid length.
[  318.809689][T11538] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  318.834388][T11535] netlink: 'syz.1.1713': attribute type 1 has an invalid length.
[  318.857405][T11538] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  319.039456][T11551] netlink: 'syz.3.1718': attribute type 10 has an invalid length.
[  319.213805][T11558] vlan2: entered promiscuous mode
[  319.490906][T11574] bridge0: port 3(veth0_to_bridge) entered blocking state
[  319.510244][T11574] bridge0: port 3(veth0_to_bridge) entered disabled state
[  319.516930][T11578] netlink: 'syz.0.1729': attribute type 10 has an invalid length.
[  319.533740][T11574] veth0_to_bridge: entered allmulticast mode
[  319.547650][T11574] veth0_to_bridge: entered promiscuous mode
[  319.582486][T11574] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  319.611397][T11574] bridge0: port 3(veth0_to_bridge) entered blocking state
[  319.618731][T11574] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  319.907360][T11591] netlink: 'syz.1.1733': attribute type 10 has an invalid length.
[  320.054174][T11605] netlink: 'syz.4.1735': attribute type 10 has an invalid length.
[  320.119603][T11606] lo speed is unknown, defaulting to 1000
[  320.463357][T11619] macvlan1: entered promiscuous mode
[  320.470607][T11619] team_slave_0: entered promiscuous mode
[  320.476385][T11619] team_slave_1: entered promiscuous mode
[  320.483120][T11619] team0: entered promiscuous mode
[  320.494847][T11619] 8021q: adding VLAN 0 to HW filter on device macvlan1
[  320.512216][T11619] bond0: (slave macvlan1): Enslaving as an active interface with an up link
[  320.586242][T11621] IPv6: NLM_F_CREATE should be specified when creating new route
[  320.769486][T11627] netlink: 'syz.3.1741': attribute type 10 has an invalid length.
[  320.800522][T11627] __nla_validate_parse: 19 callbacks suppressed
[  320.800546][T11627] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1741'.
[  320.816206][    C0] net_ratelimit: 28 callbacks suppressed
[  320.816228][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  320.816294][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  320.816517][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  320.816589][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  320.816645][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  320.925073][T11627] FAULT_INJECTION: forcing a failure.
[  320.925073][T11627] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  320.967008][T11627] CPU: 1 UID: 0 PID: 11627 Comm: syz.3.1741 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  320.975976][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  320.977824][T11627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  320.995049][T11627] Call Trace:
[  320.998369][T11627]  <TASK>
[  321.001328][T11627]  dump_stack_lvl+0x241/0x360
[  321.006049][T11627]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.011293][T11627]  ? __pfx__printk+0x10/0x10
[  321.015937][T11627]  ? snprintf+0xda/0x120
[  321.020221][T11627]  should_fail_ex+0x3b0/0x4e0
[  321.024938][T11627]  _copy_to_user+0x2f/0xb0
[  321.029383][T11627]  simple_read_from_buffer+0xca/0x150
[  321.034781][T11627]  proc_fail_nth_read+0x1e9/0x250
[  321.039830][T11627]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  321.045423][T11627]  ? rw_verify_area+0x55e/0x6f0
[  321.050293][T11627]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  321.055911][T11627]  vfs_read+0x201/0xbc0
[  321.060133][T11627]  ? __pfx_lock_release+0x10/0x10
[  321.065202][T11627]  ? __pfx_vfs_read+0x10/0x10
[  321.070008][T11627]  ? __fget_files+0x3f3/0x470
[  321.074712][T11627]  ? fdget_pos+0x24e/0x320
[  321.079150][T11627]  ksys_read+0x183/0x2b0
[  321.083429][T11627]  ? __pfx_ksys_read+0x10/0x10
[  321.088212][T11627]  ? do_syscall_64+0x100/0x230
[  321.092992][T11627]  ? do_syscall_64+0xb6/0x230
[  321.097684][T11627]  do_syscall_64+0xf3/0x230
[  321.102206][T11627]  ? clear_bhb_loop+0x35/0x90
[  321.106897][T11627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.112820][T11627] RIP: 0033:0x7f1cfc57ca3c
[  321.117340][T11627] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  321.136987][T11627] RSP: 002b:00007f1cfd374030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  321.145442][T11627] RAX: ffffffffffffffda RBX: 00007f1cfc735f80 RCX: 00007f1cfc57ca3c
[  321.153432][T11627] RDX: 000000000000000f RSI: 00007f1cfd3740a0 RDI: 0000000000000003
[  321.161418][T11627] RBP: 00007f1cfd374090 R08: 0000000000000000 R09: 0000000000000000
[  321.169403][T11627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  321.177385][T11627] R13: 0000000000000000 R14: 00007f1cfc735f80 R15: 00007ffe89d68258
[  321.185384][T11627]  </TASK>
[  321.236153][T11634] netlink: 280 bytes leftover after parsing attributes in process `syz.0.1742'.
[  321.457219][T11644] netlink: 'syz.1.1747': attribute type 10 has an invalid length.
[  321.504693][T11644] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1747'.
[  321.521364][T11649] veth0_vlan: left promiscuous mode
[  321.563880][T11647] netlink: 'syz.0.1749': attribute type 4 has an invalid length.
[  321.814530][T11666] netlink: 'syz.3.1753': attribute type 1 has an invalid length.
[  321.856168][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  321.858558][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  321.863392][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  321.870160][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  322.033367][T11681] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1759'.
[  322.100696][T11684] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1760'.
[  322.119661][T11685] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1758'.
[  322.192023][T11685] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1758'.
[  322.225306][T11686] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1758'.
[  322.252071][T11690] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1761'.
[  322.551520][T11705] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1767'.
[  322.585210][T11706] tipc: Bearer <udp:s¬>: already 2 bearers with priority 10
[  322.605324][T11706] tipc: Bearer <udp:s¬>: trying with adjusted priority
[  322.614654][T11706] tipc: Enabled bearer <udp:s¬>, priority 9
[  322.622933][T11703] xt_CT: You must specify a L4 protocol and not use inversions on it
[  322.782421][T11715] FAULT_INJECTION: forcing a failure.
[  322.782421][T11715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.840779][T11715] CPU: 1 UID: 0 PID: 11715 Comm: syz.1.1771 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  322.851633][T11715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  322.861733][T11715] Call Trace:
[  322.865048][T11715]  <TASK>
[  322.868007][T11715]  dump_stack_lvl+0x241/0x360
[  322.872720][T11715]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.877958][T11715]  ? __pfx__printk+0x10/0x10
[  322.882609][T11715]  ? __pfx_lock_release+0x10/0x10
[  322.887698][T11715]  should_fail_ex+0x3b0/0x4e0
[  322.892428][T11715]  _copy_from_user+0x2f/0xe0
[  322.897090][T11715]  __sys_bpf+0x1a4/0x810
[  322.901380][T11715]  ? __pfx___sys_bpf+0x10/0x10
[  322.906194][T11715]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  322.912218][T11715]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  322.918679][T11715]  ? do_syscall_64+0x100/0x230
[  322.923481][T11715]  __x64_sys_bpf+0x7c/0x90
[  322.927944][T11715]  do_syscall_64+0xf3/0x230
[  322.932494][T11715]  ? clear_bhb_loop+0x35/0x90
[  322.937228][T11715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.943259][T11715] RIP: 0033:0x7fb76617dff9
[  322.947716][T11715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.967374][T11715] RSP: 002b:00007fb765bff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  322.975849][T11715] RAX: ffffffffffffffda RBX: 00007fb766335f80 RCX: 00007fb76617dff9
[  322.984012][T11715] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  322.992114][T11715] RBP: 00007fb765bff090 R08: 0000000000000000 R09: 0000000000000000
[  323.000122][T11715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.008300][T11715] R13: 0000000000000000 R14: 00007fb766335f80 R15: 00007ffd1ba514d8
[  323.016411][T11715]  </TASK>
[  323.522591][T11744] ieee802154 phy1 wpan1: encryption failed: -22
[  323.800292][T11763] FAULT_INJECTION: forcing a failure.
[  323.800292][T11763] name failslab, interval 1, probability 0, space 0, times 0
[  323.827094][T11763] CPU: 0 UID: 0 PID: 11763 Comm: syz.3.1788 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  323.837961][T11763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  323.848062][T11763] Call Trace:
[  323.851378][T11763]  <TASK>
[  323.854349][T11763]  dump_stack_lvl+0x241/0x360
[  323.859076][T11763]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.864316][T11763]  ? __pfx__printk+0x10/0x10
[  323.868974][T11763]  ? __kmalloc_cache_node_noprof+0x4c/0x300
[  323.874704][T11765] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  323.874900][T11763]  ? __pfx___might_resched+0x10/0x10
[  323.887608][T11763]  should_fail_ex+0x3b0/0x4e0
[  323.892400][T11763]  should_failslab+0xac/0x100
[  323.897133][T11763]  __kmalloc_cache_node_noprof+0x74/0x300
[  323.902904][T11763]  ? __get_vm_area_node+0x113/0x270
[  323.908164][T11763]  __get_vm_area_node+0x113/0x270
[  323.913335][T11763]  __vmalloc_node_range_noprof+0x3a6/0x13f0
[  323.919272][T11763]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  323.924968][T11763]  ? mark_lock+0x9a/0x360
[  323.929374][T11763]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  323.935753][T11763]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  323.941344][T11763]  __vmalloc_noprof+0x79/0x90
[  323.946067][T11763]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  323.951662][T11763]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  323.957074][T11763]  ? bpf_prog_alloc+0x28/0x1b0
[  323.961854][T11763]  bpf_prog_alloc+0x3a/0x1b0
[  323.966485][T11763]  bpf_prog_load+0x7f7/0x20f0
[  323.971207][T11763]  ? __pfx_bpf_prog_load+0x10/0x10
[  323.976362][T11763]  ? __pfx___might_resched+0x10/0x10
[  323.981697][T11763]  ? __might_fault+0xc6/0x120
[  323.986400][T11763]  __sys_bpf+0x4ee/0x810
[  323.990691][T11763]  ? __pfx___sys_bpf+0x10/0x10
[  323.995509][T11763]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  324.001543][T11763]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  324.007926][T11763]  ? do_syscall_64+0x100/0x230
[  324.012723][T11763]  __x64_sys_bpf+0x7c/0x90
[  324.017157][T11763]  do_syscall_64+0xf3/0x230
[  324.021667][T11763]  ? clear_bhb_loop+0x35/0x90
[  324.026352][T11763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.032273][T11763] RIP: 0033:0x7f1cfc57dff9
[  324.036724][T11763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.056360][T11763] RSP: 002b:00007f1cfd374038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  324.064912][T11763] RAX: ffffffffffffffda RBX: 00007f1cfc735f80 RCX: 00007f1cfc57dff9
[  324.072898][T11763] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  324.080881][T11763] RBP: 00007f1cfd374090 R08: 0000000000000000 R09: 0000000000000000
[  324.088876][T11763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.096883][T11763] R13: 0000000000000000 R14: 00007f1cfc735f80 R15: 00007ffe89d68258
[  324.104907][T11763]  </TASK>
[  324.114037][T11763] syz.3.1788: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  324.169469][T11763] CPU: 0 UID: 0 PID: 11763 Comm: syz.3.1788 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  324.180316][T11763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  324.190482][T11763] Call Trace:
[  324.193804][T11763]  <TASK>
[  324.196774][T11763]  dump_stack_lvl+0x241/0x360
[  324.201497][T11763]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.206743][T11763]  ? __pfx__printk+0x10/0x10
[  324.211397][T11763]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  324.217864][T11763]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  324.224413][T11763]  warn_alloc+0x278/0x410
[  324.228794][T11763]  ? __pfx_warn_alloc+0x10/0x10
[  324.233701][T11763]  ? __get_vm_area_node+0x113/0x270
[  324.238965][T11763]  ? __get_vm_area_node+0x261/0x270
[  324.244226][T11763]  __vmalloc_node_range_noprof+0x3cb/0x13f0
[  324.250163][T11763]  ? mark_lock+0x9a/0x360
[  324.254564][T11763]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  324.260947][T11763]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  324.266551][T11763]  __vmalloc_noprof+0x79/0x90
[  324.271263][T11763]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  324.276840][T11763]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  324.282258][T11763]  ? bpf_prog_alloc+0x28/0x1b0
[  324.287072][T11763]  bpf_prog_alloc+0x3a/0x1b0
[  324.291701][T11763]  bpf_prog_load+0x7f7/0x20f0
[  324.296493][T11763]  ? __pfx_bpf_prog_load+0x10/0x10
[  324.301644][T11763]  ? __pfx___might_resched+0x10/0x10
[  324.307000][T11763]  ? __might_fault+0xc6/0x120
[  324.311723][T11763]  __sys_bpf+0x4ee/0x810
[  324.316101][T11763]  ? __pfx___sys_bpf+0x10/0x10
[  324.320926][T11763]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  324.326982][T11763]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  324.333358][T11763]  ? do_syscall_64+0x100/0x230
[  324.338163][T11763]  __x64_sys_bpf+0x7c/0x90
[  324.342622][T11763]  do_syscall_64+0xf3/0x230
[  324.347169][T11763]  ? clear_bhb_loop+0x35/0x90
[  324.351889][T11763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.357841][T11763] RIP: 0033:0x7f1cfc57dff9
[  324.362293][T11763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.381955][T11763] RSP: 002b:00007f1cfd374038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  324.390430][T11763] RAX: ffffffffffffffda RBX: 00007f1cfc735f80 RCX: 00007f1cfc57dff9
[  324.398450][T11763] RDX: 0000000000000094 RSI: 0000000020000440 RDI: 0000000000000005
[  324.406471][T11763] RBP: 00007f1cfd374090 R08: 0000000000000000 R09: 0000000000000000
[  324.414573][T11763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.422589][T11763] R13: 0000000000000000 R14: 00007f1cfc735f80 R15: 00007ffe89d68258
[  324.430625][T11763]  </TASK>
[  324.447041][T11763] Mem-Info:
[  324.450720][T11763] active_anon:9697 inactive_anon:0 isolated_anon:0
[  324.450720][T11763]  active_file:1510 inactive_file:38283 isolated_file:0
[  324.450720][T11763]  unevictable:768 dirty:102 writeback:0
[  324.450720][T11763]  slab_reclaimable:10459 slab_unreclaimable:111762
[  324.450720][T11763]  mapped:38228 shmem:4100 pagetables:887
[  324.450720][T11763]  sec_pagetables:0 bounce:0
[  324.450720][T11763]  kernel_misc_reclaimable:0
[  324.450720][T11763]  free:1310813 free_pcp:702 free_cma:0
[  324.499975][T11765] batman_adv: batadv0: Removing interface: batadv_slave_0
[  324.519718][T11763] Node 0 active_anon:38888kB inactive_anon:0kB active_file:6040kB inactive_file:153052kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:152912kB dirty:408kB writeback:0kB shmem:14864kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12536kB pagetables:3548kB sec_pagetables:0kB all_unreclaimable? no
[  324.554822][T11763] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  324.588400][T11763] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  324.633256][T11763] lowmem_reserve[]: 0 2465 2466 0 0
[  324.646918][T11763] Node 0 DMA32 free:1299312kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:38848kB inactive_anon:0kB active_file:6040kB inactive_file:152236kB unevictable:1536kB writepending:408kB present:3129332kB managed:2552504kB mlocked:0kB bounce:0kB free_pcp:2712kB local_pcp:1576kB free_cma:0kB
[  324.711722][T11763] lowmem_reserve[]: 0 0 0 0 0
[  324.723505][T11763] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:816kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB
[  324.779579][T11763] lowmem_reserve[]: 0 0 0 0 0
[  324.784400][T11763] Node 1 Normal free:3928128kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  324.847380][T11763] lowmem_reserve[]: 0 0 0 0 0
[  324.856534][T11763] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  324.915008][T11763] Node 0 DMA32: 48*4kB (UM) 145*8kB (UM) 72*16kB (UME) 117*32kB (UME) 134*64kB (UME) 73*128kB (UME) 43*256kB (UM) 22*512kB (UME) 5*1024kB (UME) 1*2048kB (M) 304*4096kB (UM) = 1298792kB
[  324.939068][T11798] validate_nla: 5 callbacks suppressed
[  324.939088][T11798] netlink: 'syz.1.1795': attribute type 10 has an invalid length.
[  324.978460][T11763] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  325.032650][T11763] Node 1 Normal: 180*4kB (UME) 46*8kB (UME) 40*16kB (UME) 204*32kB (UME) 82*64kB (UME) 31*128kB (UE) 16*256kB (UM) 4*512kB (UM) 3*1024kB (UM) 1*2048kB (U) 952*4096kB (ME) = 3928128kB
[  325.073492][T11803] netlink: 'syz.2.1797': attribute type 10 has an invalid length.
[  325.107152][T11763] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  325.137813][T11763] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  325.166518][T11763] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  325.196653][T11763] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  325.226525][T11763] 43895 total pagecache pages
[  325.231327][T11763] 0 pages in swap cache
[  325.259873][T11763] Free swap  = 124996kB
[  325.264194][T11763] Total swap = 124996kB
[  325.280127][T11763] 2097051 pages RAM
[  325.284009][T11763] 0 pages HighMem/MovableOnly
[  325.317064][T11763] 427075 pages reserved
[  325.322203][T11763] 0 pages cma reserved
[  325.586224][T11833] netlink: 'syz.2.1804': attribute type 10 has an invalid length.
[  325.843544][T11846] lo speed is unknown, defaulting to 1000
[  325.957928][T11856] netlink: 'syz.2.1809': attribute type 10 has an invalid length.
[  325.989943][T11856] __nla_validate_parse: 16 callbacks suppressed
[  325.989966][T11856] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1809'.
[  326.005305][T11860] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1810'.
[  326.175878][    C1] net_ratelimit: 27 callbacks suppressed
[  326.175898][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  326.175923][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  326.181746][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  326.188557][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  326.195499][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  326.202478][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  326.212741][T11871] netlink: 'syz.0.1813': attribute type 10 has an invalid length.
[  326.231966][T11871] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1813'.
[  326.249596][T11873] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1814'.
[  326.370584][T11879] netlink: 280 bytes leftover after parsing attributes in process `syz.0.1816'.
[  326.417228][T11878] vlan2: entered promiscuous mode
[  326.423559][T11878] vlan2: entered allmulticast mode
[  326.429947][T11878] geneve1: entered allmulticast mode
[  326.438588][T11878] geneve1: entered promiscuous mode
[  326.454286][T11878] team0: Port device vlan2 added
[  326.465409][T11877] netlink: 'syz.3.1815': attribute type 1 has an invalid length.
[  326.474365][T11877] netlink: 'syz.3.1815': attribute type 4 has an invalid length.
[  326.483155][T11877] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.1815'.
[  326.513717][T11882] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1817'.
[  326.536861][T11877] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1815'.
[  326.655818][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  326.906882][T11899] netlink: 'syz.2.1824': attribute type 10 has an invalid length.
[  326.915214][T11899] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1824'.
[  326.959597][T11895] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1822'.
[  327.021919][T11903] netlink: 'syz.0.1827': attribute type 10 has an invalid length.
[  327.046721][T11895] ipt_ECN: cannot use operation on non-tcp rule
[  327.054054][T11906] openvswitch: netlink: Actions may not be safe on all matching packets
[  327.215748][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  327.216007][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  327.334717][T11923] netlink: 'syz.2.1832': attribute type 10 has an invalid length.
[  327.767696][T11937] syzkaller1: entered promiscuous mode
[  327.796114][T11937] syzkaller1: entered allmulticast mode
[  327.842073][T11947] dummy0: entered promiscuous mode
[  328.013351][T11947] dummy0: left promiscuous mode
[  328.891505][T11978] IPVS: set_ctl: invalid protocol: 255 172.30.1.4:20000
[  329.388032][ T5311] lo speed is unknown, defaulting to 1000
[  330.446964][T12068] validate_nla: 5 callbacks suppressed
[  330.446983][T12068] netlink: 'syz.3.1876': attribute type 10 has an invalid length.
[  331.173323][T12098] batman_adv: batadv0: Removing interface: dummy0
[  331.249889][T12098] team0: Port device netdevsim0 removed
[  331.269782][T12103] wg2: entered promiscuous mode
[  331.274860][T12103] team0: Refused to change device type
[  331.345549][T12098] __nla_validate_parse: 21 callbacks suppressed
[  331.345573][T12098] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1885'.
[  331.375829][    C0] net_ratelimit: 25 callbacks suppressed
[  331.375850][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  331.386106][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  331.388754][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  331.395633][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  331.402485][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  331.409445][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  331.466173][T12098] lo speed is unknown, defaulting to 1000
[  331.640851][T12110] netlink: 'syz.3.1889': attribute type 10 has an invalid length.
[  331.667689][T12110] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1889'.
[  331.761915][T12115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1891'.
[  331.775295][T12115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1891'.
[  331.855822][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  331.932712][T12121] netlink: 280 bytes leftover after parsing attributes in process `syz.4.1894'.
[  331.962096][T12119] lo speed is unknown, defaulting to 1000
[  332.318932][T12131] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1897'.
[  332.385572][T12131] RDS: rds_bind could not find a transport for ::ffff:172.20.20.0, load rds_tcp or rds_rdma?
[  332.415744][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  332.415744][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  332.415816][    C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  332.692796][T12122] lo speed is unknown, defaulting to 1000
[  332.782519][T12144] team0: entered promiscuous mode
[  332.937970][T12142] team0: left promiscuous mode
[  332.988004][T12150] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1903'.
[  333.451418][T12168] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1907'.
[  333.953985][T12187] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1913'.
[  334.009107][T12187] netlink: 'syz.1.1913': attribute type 1 has an invalid length.
[  334.079148][T12195] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1914'.
[  334.121592][T12195] netlink: 'syz.4.1914': attribute type 5 has an invalid length.
[  334.434282][T12208] BUG: Bad page state in process syz.3.1918  pfn:531a4
[  334.441730][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803258d000 pfn:0x531a4
[  334.451944][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  334.459160][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  334.467846][T12208] raw: ffff88803258d000 0000000000000001 00000000ffffffff 0000000000000000
[  334.476597][T12208] page dumped because: page_pool leak
[  334.482041][T12208] page_owner tracks the page as allocated
[  334.488258][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405820842, free_ts 333828489486
[  334.505697][T12208]  post_alloc_hook+0x1f3/0x230
[  334.510533][T12208]  get_page_from_freelist+0x3045/0x3190
[  334.517138][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  334.522407][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  334.527959][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  334.533933][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  334.539236][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  334.544686][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  334.550287][T12208]  bpf_prog_test_run+0x2e4/0x360
[  334.555301][T12208]  __sys_bpf+0x48d/0x810
[  334.559670][T12208]  __x64_sys_bpf+0x7c/0x90
[  334.564177][T12208]  do_syscall_64+0xf3/0x230
[  334.568795][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.574840][T12208] page last free pid 12154 tgid 12154 stack trace:
[  334.581426][T12208]  free_unref_page+0xcfb/0xf20
[  334.586375][T12208]  __folio_put+0x2c7/0x440
[  334.590841][T12208]  skb_release_data+0x483/0x8a0
[  334.593830][T12213] lo speed is unknown, defaulting to 1000
[  334.595755][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  334.595795][T12208]  skb_release_data+0x5cc/0x8a0
[  334.595819][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  334.595842][T12208]  kcm_release+0x123/0x5c0
[  334.595865][T12208]  sock_close+0xbc/0x240
[  334.595893][T12208]  __fput+0x23f/0x880
[  334.595923][T12208]  task_work_run+0x24f/0x310
[  334.595949][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  334.595990][T12208]  do_syscall_64+0x100/0x230
[  334.596012][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.650783][T12208] Modules linked in:
[  334.654751][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Not tainted 6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  334.665558][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  334.675662][T12208] Call Trace:
[  334.678988][T12208]  <TASK>
[  334.681963][T12208]  dump_stack_lvl+0x241/0x360
[  334.686705][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  334.691956][T12208]  ? __pfx_print_modules+0x10/0x10
[  334.697226][T12208]  ? do_xdp_generic+0x104/0xd30
[  334.702144][T12208]  bad_page+0x166/0x1b0
[  334.706357][T12208]  free_unref_page+0xed0/0xf20
[  334.711182][T12208]  skb_release_data+0x6dc/0x8a0
[  334.716100][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  334.721196][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  334.726993][T12208]  ? __lock_acquire+0x1384/0x2050
[  334.732101][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  334.738277][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  334.744332][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  334.751001][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  334.757556][T12208]  ? read_tsc+0x9/0x20
[  334.761658][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  334.766889][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  334.773325][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  334.779506][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  334.785863][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  334.792576][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  334.797793][T12208]  ? __phys_addr+0xba/0x170
[  334.802315][T12208]  ? build_skb_around+0x111/0x260
[  334.807358][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  334.813282][T12208]  netif_receive_skb_list+0x55/0x4b0
[  334.818596][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  334.824093][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  334.830019][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  334.835589][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  334.841425][T12208]  ? synchronize_rcu+0x11b/0x360
[  334.846476][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  334.851802][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  334.858079][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  334.864013][T12208]  ? _copy_from_user+0xa6/0xe0
[  334.868811][T12208]  ? bpf_test_init+0x15a/0x180
[  334.873596][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  334.879080][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  334.884485][T12208]  ? __pfx_lock_release+0x10/0x10
[  334.889552][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  334.895436][T12208]  ? __fget_files+0x29/0x470
[  334.900157][T12208]  ? fput+0x1a8/0x230
[  334.904167][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  334.910018][T12208]  bpf_prog_test_run+0x2e4/0x360
[  334.914996][T12208]  __sys_bpf+0x48d/0x810
[  334.919263][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  334.924051][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  334.930057][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  334.936406][T12208]  ? do_syscall_64+0x100/0x230
[  334.941185][T12208]  __x64_sys_bpf+0x7c/0x90
[  334.945624][T12208]  do_syscall_64+0xf3/0x230
[  334.950156][T12208]  ? clear_bhb_loop+0x35/0x90
[  334.954935][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.960872][T12208] RIP: 0033:0x7f1cfc57dff9
[  334.965319][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.984962][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  334.993424][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  335.001518][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  335.009590][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  335.017668][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.025654][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  335.033666][T12208]  </TASK>
[  335.036826][T12208] Disabling lock debugging due to kernel taint
[  335.043266][T12208] BUG: Bad page state in process syz.3.1918  pfn:531a3
[  335.050176][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803258d000 pfn:0x531a3
[  335.060319][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  335.067507][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  335.076856][T12208] raw: ffff88803258d000 0000000000000001 00000000ffffffff 0000000000000000
[  335.085475][T12208] page dumped because: page_pool leak
[  335.090932][T12208] page_owner tracks the page as allocated
[  335.096711][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405808398, free_ts 333828489486
[  335.113995][T12208]  post_alloc_hook+0x1f3/0x230
[  335.118843][T12208]  get_page_from_freelist+0x3045/0x3190
[  335.124778][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  335.130047][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  335.135550][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  335.141525][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  335.146790][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  335.152212][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  335.157836][T12208]  bpf_prog_test_run+0x2e4/0x360
[  335.162811][T12208]  __sys_bpf+0x48d/0x810
[  335.167121][T12208]  __x64_sys_bpf+0x7c/0x90
[  335.171569][T12208]  do_syscall_64+0xf3/0x230
[  335.176150][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.182099][T12208] page last free pid 12154 tgid 12154 stack trace:
[  335.188663][T12208]  free_unref_page+0xcfb/0xf20
[  335.193467][T12208]  __folio_put+0x2c7/0x440
[  335.197949][T12208]  skb_release_data+0x483/0x8a0
[  335.202838][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  335.208198][T12208]  skb_release_data+0x5cc/0x8a0
[  335.213086][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  335.218177][T12208]  kcm_release+0x123/0x5c0
[  335.222629][T12208]  sock_close+0xbc/0x240
[  335.226937][T12208]  __fput+0x23f/0x880
[  335.230958][T12208]  task_work_run+0x24f/0x310
[  335.235593][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  335.241301][T12208]  do_syscall_64+0x100/0x230
[  335.245960][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.251905][T12208] Modules linked in:
[  335.255865][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  335.268230][T12208] Tainted: [B]=BAD_PAGE
[  335.272403][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  335.282483][T12208] Call Trace:
[  335.285786][T12208]  <TASK>
[  335.288738][T12208]  dump_stack_lvl+0x241/0x360
[  335.293456][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.298684][T12208]  ? __pfx_print_modules+0x10/0x10
[  335.303814][T12208]  ? do_xdp_generic+0x104/0xd30
[  335.308677][T12208]  bad_page+0x166/0x1b0
[  335.312932][T12208]  free_unref_page+0xed0/0xf20
[  335.317708][T12208]  skb_release_data+0x6dc/0x8a0
[  335.322605][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  335.327641][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  335.333375][T12208]  ? __lock_acquire+0x1384/0x2050
[  335.338424][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  335.344516][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  335.350522][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  335.357130][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  335.363653][T12208]  ? read_tsc+0x9/0x20
[  335.367768][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  335.372986][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  335.379327][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  335.385493][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  335.391832][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  335.398518][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  335.403725][T12208]  ? __phys_addr+0xba/0x170
[  335.408235][T12208]  ? build_skb_around+0x111/0x260
[  335.413265][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  335.419185][T12208]  netif_receive_skb_list+0x55/0x4b0
[  335.424479][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  335.429952][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  335.435876][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  335.441451][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  335.447280][T12208]  ? synchronize_rcu+0x11b/0x360
[  335.452227][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  335.457534][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  335.463829][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  335.469823][T12208]  ? _copy_from_user+0xa6/0xe0
[  335.474601][T12208]  ? bpf_test_init+0x15a/0x180
[  335.479376][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  335.484854][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  335.490266][T12208]  ? __pfx_lock_release+0x10/0x10
[  335.495308][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  335.501131][T12208]  ? __fget_files+0x29/0x470
[  335.505761][T12208]  ? fput+0x1a8/0x230
[  335.509764][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  335.515588][T12208]  bpf_prog_test_run+0x2e4/0x360
[  335.520538][T12208]  __sys_bpf+0x48d/0x810
[  335.524793][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  335.529571][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  335.535570][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  335.541930][T12208]  ? do_syscall_64+0x100/0x230
[  335.546720][T12208]  __x64_sys_bpf+0x7c/0x90
[  335.551144][T12208]  do_syscall_64+0xf3/0x230
[  335.555694][T12208]  ? clear_bhb_loop+0x35/0x90
[  335.560400][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.566402][T12208] RIP: 0033:0x7f1cfc57dff9
[  335.570829][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.590471][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  335.598897][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  335.607065][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  335.615042][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  335.623020][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.631009][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  335.638992][T12208]  </TASK>
[  335.642127][T12208] BUG: Bad page state in process syz.3.1918  pfn:531a2
[  335.649055][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803258d000 pfn:0x531a2
[  335.659189][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  335.666367][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  335.675023][T12208] raw: ffff88803258d000 0000000000000001 00000000ffffffff 0000000000000000
[  335.683659][T12208] page dumped because: page_pool leak
[  335.689084][T12208] page_owner tracks the page as allocated
[  335.694927][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405795718, free_ts 333828489486
[  335.712217][T12208]  post_alloc_hook+0x1f3/0x230
[  335.717059][T12208]  get_page_from_freelist+0x3045/0x3190
[  335.722642][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  335.727924][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  335.733428][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  335.739399][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  335.744642][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  335.750192][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  335.755613][T12208]  bpf_prog_test_run+0x2e4/0x360
[  335.760627][T12208]  __sys_bpf+0x48d/0x810
[  335.764911][T12208]  __x64_sys_bpf+0x7c/0x90
[  335.769417][T12208]  do_syscall_64+0xf3/0x230
[  335.773952][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.780027][T12208] page last free pid 12154 tgid 12154 stack trace:
[  335.786590][T12208]  free_unref_page+0xcfb/0xf20
[  335.791482][T12208]  __folio_put+0x2c7/0x440
[  335.795955][T12208]  skb_release_data+0x483/0x8a0
[  335.800846][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  335.806193][T12208]  skb_release_data+0x5cc/0x8a0
[  335.811079][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  335.816173][T12208]  kcm_release+0x123/0x5c0
[  335.820623][T12208]  sock_close+0xbc/0x240
[  335.824920][T12208]  __fput+0x23f/0x880
[  335.828980][T12208]  task_work_run+0x24f/0x310
[  335.833604][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  335.839314][T12208]  do_syscall_64+0x100/0x230
[  335.843950][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.849898][T12208] Modules linked in:
[  335.853961][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  335.866392][T12208] Tainted: [B]=BAD_PAGE
[  335.870583][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  335.880649][T12208] Call Trace:
[  335.883971][T12208]  <TASK>
[  335.886914][T12208]  dump_stack_lvl+0x241/0x360
[  335.891631][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.896851][T12208]  ? __pfx_print_modules+0x10/0x10
[  335.902000][T12208]  ? do_xdp_generic+0x104/0xd30
[  335.906877][T12208]  bad_page+0x166/0x1b0
[  335.911062][T12208]  free_unref_page+0xed0/0xf20
[  335.915946][T12208]  skb_release_data+0x6dc/0x8a0
[  335.920826][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  335.925879][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  335.931635][T12208]  ? __lock_acquire+0x1384/0x2050
[  335.936694][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  335.942801][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  335.948798][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  335.955407][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  335.962013][T12208]  ? read_tsc+0x9/0x20
[  335.966104][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  335.971333][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  335.977683][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  335.983856][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  335.990201][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  335.996901][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  336.002319][T12208]  ? __phys_addr+0xba/0x170
[  336.006929][T12208]  ? build_skb_around+0x111/0x260
[  336.011965][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  336.017875][T12208]  netif_receive_skb_list+0x55/0x4b0
[  336.023179][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  336.028672][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  336.034604][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  336.040170][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  336.045997][T12208]  ? synchronize_rcu+0x11b/0x360
[  336.050955][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  336.056302][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  336.062561][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  336.068469][T12208]  ? _copy_from_user+0xa6/0xe0
[  336.073279][T12208]  ? bpf_test_init+0x15a/0x180
[  336.078063][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  336.083544][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  336.088941][T12208]  ? __pfx_lock_release+0x10/0x10
[  336.093988][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  336.099811][T12208]  ? __fget_files+0x29/0x470
[  336.104414][T12208]  ? fput+0x1a8/0x230
[  336.108409][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  336.114232][T12208]  bpf_prog_test_run+0x2e4/0x360
[  336.119185][T12208]  __sys_bpf+0x48d/0x810
[  336.123464][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  336.128245][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  336.134242][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  336.140586][T12208]  ? do_syscall_64+0x100/0x230
[  336.145358][T12208]  __x64_sys_bpf+0x7c/0x90
[  336.149791][T12208]  do_syscall_64+0xf3/0x230
[  336.154304][T12208]  ? clear_bhb_loop+0x35/0x90
[  336.158993][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.164909][T12208] RIP: 0033:0x7f1cfc57dff9
[  336.169335][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.188966][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  336.197423][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  336.205404][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  336.213383][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  336.221364][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  336.229367][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  336.237363][T12208]  </TASK>
[  336.240502][T12208] BUG: Bad page state in process syz.3.1918  pfn:531a1
[  336.247405][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000008 pfn:0x531a1
[  336.257594][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  336.264764][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  336.273420][T12208] raw: ffff888000000008 0000000000000001 00000000ffffffff 0000000000000000
[  336.282102][T12208] page dumped because: page_pool leak
[  336.287529][T12208] page_owner tracks the page as allocated
[  336.293285][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405743046, free_ts 333828489486
[  336.310526][T12208]  post_alloc_hook+0x1f3/0x230
[  336.315333][T12208]  get_page_from_freelist+0x3045/0x3190
[  336.320915][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  336.326160][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  336.331816][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  336.337780][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  336.343025][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  336.348433][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  336.353817][T12208]  bpf_prog_test_run+0x2e4/0x360
[  336.358798][T12208]  __sys_bpf+0x48d/0x810
[  336.363049][T12208]  __x64_sys_bpf+0x7c/0x90
[  336.368005][T12208]  do_syscall_64+0xf3/0x230
[  336.372509][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.378471][T12208] page last free pid 12154 tgid 12154 stack trace:
[  336.384998][T12208]  free_unref_page+0xcfb/0xf20
[  336.389837][T12208]  __folio_put+0x2c7/0x440
[  336.394274][T12208]  skb_release_data+0x483/0x8a0
[  336.399167][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  336.404456][T12208]  skb_release_data+0x5cc/0x8a0
[  336.409332][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  336.414357][T12208]  kcm_release+0x123/0x5c0
[  336.419272][T12208]  sock_close+0xbc/0x240
[  336.423525][T12208]  __fput+0x23f/0x880
[  336.427546][T12208]  task_work_run+0x24f/0x310
[  336.432248][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  336.437950][T12208]  do_syscall_64+0x100/0x230
[  336.442574][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.448502][T12208] Modules linked in:
[  336.452401][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  336.464642][T12208] Tainted: [B]=BAD_PAGE
[  336.468791][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  336.478861][T12208] Call Trace:
[  336.482158][T12208]  <TASK>
[  336.485096][T12208]  dump_stack_lvl+0x241/0x360
[  336.489789][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.494993][T12208]  ? __pfx_print_modules+0x10/0x10
[  336.500121][T12208]  ? do_xdp_generic+0x104/0xd30
[  336.504988][T12208]  bad_page+0x166/0x1b0
[  336.509153][T12208]  free_unref_page+0xed0/0xf20
[  336.513929][T12208]  skb_release_data+0x6dc/0x8a0
[  336.518795][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  336.523825][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  336.529563][T12208]  ? __lock_acquire+0x1384/0x2050
[  336.534608][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  336.540707][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  336.546705][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  336.553302][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  336.559812][T12208]  ? read_tsc+0x9/0x20
[  336.563891][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  336.569107][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  336.575444][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  336.575731][    C0] net_ratelimit: 17 callbacks suppressed
[  336.575749][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  336.581598][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  336.587288][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  336.594143][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  336.600609][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  336.607374][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  336.607406][T12208]  ? __phys_addr+0xba/0x170
[  336.630626][T12208]  ? build_skb_around+0x111/0x260
[  336.635668][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  336.641587][T12208]  netif_receive_skb_list+0x55/0x4b0
[  336.646892][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  336.652374][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  336.658287][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  336.663852][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  336.669677][T12208]  ? synchronize_rcu+0x11b/0x360
[  336.674626][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  336.679932][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  336.686211][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  336.692150][T12208]  ? _copy_from_user+0xa6/0xe0
[  336.696957][T12208]  ? bpf_test_init+0x15a/0x180
[  336.701750][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  336.707235][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  336.712660][T12208]  ? __pfx_lock_release+0x10/0x10
[  336.717710][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  336.723533][T12208]  ? __fget_files+0x29/0x470
[  336.728172][T12208]  ? fput+0x1a8/0x230
[  336.732169][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  336.738077][T12208]  bpf_prog_test_run+0x2e4/0x360
[  336.743039][T12208]  __sys_bpf+0x48d/0x810
[  336.747309][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  336.752104][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  336.758119][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  336.764477][T12208]  ? do_syscall_64+0x100/0x230
[  336.769260][T12208]  __x64_sys_bpf+0x7c/0x90
[  336.773693][T12208]  do_syscall_64+0xf3/0x230
[  336.778206][T12208]  ? clear_bhb_loop+0x35/0x90
[  336.782894][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.788806][T12208] RIP: 0033:0x7f1cfc57dff9
[  336.793226][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.812862][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  336.821293][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  336.829277][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  336.837344][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  336.845349][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  336.853330][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  336.861318][T12208]  </TASK>
[  336.864442][T12208] BUG: Bad page state in process syz.3.1918  pfn:531a0
[  336.871353][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803258d000 pfn:0x531a0
[  336.881503][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  336.888688][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  336.897322][T12208] raw: ffff88803258d000 0000000000000001 00000000ffffffff 0000000000000000
[  336.905944][T12208] page dumped because: page_pool leak
[  336.911342][T12208] page_owner tracks the page as allocated
[  336.917084][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405730568, free_ts 333828489486
[  336.934305][T12208]  post_alloc_hook+0x1f3/0x230
[  336.939109][T12208]  get_page_from_freelist+0x3045/0x3190
[  336.944664][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  336.950005][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  336.955489][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  336.961417][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  336.966666][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  336.972075][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  336.977485][T12208]  bpf_prog_test_run+0x2e4/0x360
[  336.982431][T12208]  __sys_bpf+0x48d/0x810
[  336.986719][T12208]  __x64_sys_bpf+0x7c/0x90
[  336.991166][T12208]  do_syscall_64+0xf3/0x230
[  336.995724][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.001666][T12208] page last free pid 12154 tgid 12154 stack trace:
[  337.008216][T12208]  free_unref_page+0xcfb/0xf20
[  337.013007][T12208]  __folio_put+0x2c7/0x440
[  337.017497][T12208]  skb_release_data+0x483/0x8a0
[  337.022375][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  337.027711][T12208]  skb_release_data+0x5cc/0x8a0
[  337.032589][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  337.037678][T12208]  kcm_release+0x123/0x5c0
[  337.042129][T12208]  sock_close+0xbc/0x240
[  337.046437][T12208]  __fput+0x23f/0x880
[  337.050452][T12208]  task_work_run+0x24f/0x310
[  337.055048][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  337.060725][T12208]  do_syscall_64+0x100/0x230
[  337.065322][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.071257][T12208] Modules linked in:
[  337.075157][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  337.087415][T12208] Tainted: [B]=BAD_PAGE
[  337.091576][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  337.101634][T12208] Call Trace:
[  337.104938][T12208]  <TASK>
[  337.107886][T12208]  dump_stack_lvl+0x241/0x360
[  337.112600][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.117819][T12208]  ? __pfx_print_modules+0x10/0x10
[  337.122944][T12208]  ? do_xdp_generic+0x104/0xd30
[  337.127812][T12208]  bad_page+0x166/0x1b0
[  337.132013][T12208]  free_unref_page+0xed0/0xf20
[  337.136804][T12208]  skb_release_data+0x6dc/0x8a0
[  337.141663][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  337.146700][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  337.152443][T12208]  ? __lock_acquire+0x1384/0x2050
[  337.157490][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  337.163586][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  337.169600][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  337.176209][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  337.182732][T12208]  ? read_tsc+0x9/0x20
[  337.186815][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  337.192046][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  337.198387][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  337.204556][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  337.210898][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  337.217594][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  337.222808][T12208]  ? __phys_addr+0xba/0x170
[  337.227320][T12208]  ? build_skb_around+0x111/0x260
[  337.232350][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  337.238256][T12208]  netif_receive_skb_list+0x55/0x4b0
[  337.243552][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  337.249200][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  337.255111][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  337.260675][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  337.266495][T12208]  ? synchronize_rcu+0x11b/0x360
[  337.271445][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  337.276750][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  337.283006][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  337.288911][T12208]  ? _copy_from_user+0xa6/0xe0
[  337.293692][T12208]  ? bpf_test_init+0x15a/0x180
[  337.298475][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  337.303966][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  337.309361][T12208]  ? __pfx_lock_release+0x10/0x10
[  337.314409][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  337.320230][T12208]  ? __fget_files+0x29/0x470
[  337.324835][T12208]  ? fput+0x1a8/0x230
[  337.328846][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  337.334672][T12208]  bpf_prog_test_run+0x2e4/0x360
[  337.339627][T12208]  __sys_bpf+0x48d/0x810
[  337.343882][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  337.348660][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  337.354657][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  337.361022][T12208]  ? do_syscall_64+0x100/0x230
[  337.365803][T12208]  __x64_sys_bpf+0x7c/0x90
[  337.370241][T12208]  do_syscall_64+0xf3/0x230
[  337.374750][T12208]  ? clear_bhb_loop+0x35/0x90
[  337.379442][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.385354][T12208] RIP: 0033:0x7f1cfc57dff9
[  337.389808][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.409428][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  337.417862][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  337.425844][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  337.433828][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  337.441813][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.449792][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  337.457777][T12208]  </TASK>
[  337.460901][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c1f
[  337.467802][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202d5 pfn:0x56c1f
[  337.476978][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  337.484125][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  337.492765][T12208] raw: 00000000000202d5 0000000000000001 00000000ffffffff 0000000000000000
[  337.501398][T12208] page dumped because: page_pool leak
[  337.506814][T12208] page_owner tracks the page as allocated
[  337.512573][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405717766, free_ts 333828572414
[  337.529849][T12208]  post_alloc_hook+0x1f3/0x230
[  337.534653][T12208]  get_page_from_freelist+0x3045/0x3190
[  337.540233][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  337.545476][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  337.551060][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  337.557003][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  337.562294][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  337.567799][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  337.573217][T12208]  bpf_prog_test_run+0x2e4/0x360
[  337.578205][T12208]  __sys_bpf+0x48d/0x810
[  337.582464][T12208]  __x64_sys_bpf+0x7c/0x90
[  337.586921][T12208]  do_syscall_64+0xf3/0x230
[  337.591449][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.597408][T12208] page last free pid 12154 tgid 12154 stack trace:
[  337.604088][T12208]  free_unref_page+0xcfb/0xf20
[  337.608898][T12208]  __folio_put+0x2c7/0x440
[  337.613448][T12208]  skb_release_data+0x483/0x8a0
[  337.615735][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  337.618317][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  337.625235][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  337.630450][T12208]  skb_release_data+0x5cc/0x8a0
[  337.637335][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  337.642165][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  337.654209][T12208]  kcm_release+0x123/0x5c0
[  337.658666][T12208]  sock_close+0xbc/0x240
[  337.662914][T12208]  __fput+0x23f/0x880
[  337.666938][T12208]  task_work_run+0x24f/0x310
[  337.671545][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  337.677223][T12208]  do_syscall_64+0x100/0x230
[  337.681838][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.687784][T12208] Modules linked in:
[  337.691712][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  337.703978][T12208] Tainted: [B]=BAD_PAGE
[  337.708139][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  337.718223][T12208] Call Trace:
[  337.721514][T12208]  <TASK>
[  337.724446][T12208]  dump_stack_lvl+0x241/0x360
[  337.729160][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.734385][T12208]  ? __pfx_print_modules+0x10/0x10
[  337.739508][T12208]  ? do_xdp_generic+0x104/0xd30
[  337.744372][T12208]  bad_page+0x166/0x1b0
[  337.748535][T12208]  free_unref_page+0xed0/0xf20
[  337.753319][T12208]  skb_release_data+0x6dc/0x8a0
[  337.758192][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  337.763255][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  337.769005][T12208]  ? __lock_acquire+0x1384/0x2050
[  337.774070][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  337.780173][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  337.786204][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  337.792851][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  337.799378][T12208]  ? read_tsc+0x9/0x20
[  337.803470][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  337.808698][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  337.815063][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  337.821256][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  337.827624][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  337.834319][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  337.839540][T12208]  ? __phys_addr+0xba/0x170
[  337.844052][T12208]  ? build_skb_around+0x111/0x260
[  337.849086][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  337.854996][T12208]  netif_receive_skb_list+0x55/0x4b0
[  337.860298][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  337.865779][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  337.871697][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  337.877267][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  337.883086][T12208]  ? synchronize_rcu+0x11b/0x360
[  337.888035][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  337.893340][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  337.899614][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  337.905620][T12208]  ? _copy_from_user+0xa6/0xe0
[  337.910413][T12208]  ? bpf_test_init+0x15a/0x180
[  337.915282][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  337.920777][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  337.926181][T12208]  ? __pfx_lock_release+0x10/0x10
[  337.931238][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  337.937069][T12208]  ? __fget_files+0x29/0x470
[  337.941673][T12208]  ? fput+0x1a8/0x230
[  337.945770][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  337.951617][T12208]  bpf_prog_test_run+0x2e4/0x360
[  337.956568][T12208]  __sys_bpf+0x48d/0x810
[  337.960824][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  337.965601][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  337.971602][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  337.977945][T12208]  ? do_syscall_64+0x100/0x230
[  337.982717][T12208]  __x64_sys_bpf+0x7c/0x90
[  337.987140][T12208]  do_syscall_64+0xf3/0x230
[  337.991648][T12208]  ? clear_bhb_loop+0x35/0x90
[  337.996347][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.002258][T12208] RIP: 0033:0x7f1cfc57dff9
[  338.006682][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.026478][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  338.034910][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  338.043161][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  338.051135][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  338.059197][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  338.067172][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  338.075158][T12208]  </TASK>
[  338.078276][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c1e
[  338.085176][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202d4 pfn:0x56c1e
[  338.094346][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  338.101520][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  338.110169][T12208] raw: 00000000000202d4 0000000000000001 00000000ffffffff 0000000000000000
[  338.118818][T12208] page dumped because: page_pool leak
[  338.124220][T12208] page_owner tracks the page as allocated
[  338.129967][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405704650, free_ts 333828572414
[  338.147221][T12208]  post_alloc_hook+0x1f3/0x230
[  338.151995][T12208]  get_page_from_freelist+0x3045/0x3190
[  338.157580][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  338.162799][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  338.168276][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  338.174174][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  338.179408][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  338.184834][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  338.190258][T12208]  bpf_prog_test_run+0x2e4/0x360
[  338.195199][T12208]  __sys_bpf+0x48d/0x810
[  338.199494][T12208]  __x64_sys_bpf+0x7c/0x90
[  338.203929][T12208]  do_syscall_64+0xf3/0x230
[  338.208446][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.214348][T12208] page last free pid 12154 tgid 12154 stack trace:
[  338.220886][T12208]  free_unref_page+0xcfb/0xf20
[  338.225703][T12208]  __folio_put+0x2c7/0x440
[  338.230327][T12208]  skb_release_data+0x483/0x8a0
[  338.235205][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  338.240572][T12208]  skb_release_data+0x5cc/0x8a0
[  338.245446][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  338.250520][T12208]  kcm_release+0x123/0x5c0
[  338.254945][T12208]  sock_close+0xbc/0x240
[  338.259227][T12208]  __fput+0x23f/0x880
[  338.263230][T12208]  task_work_run+0x24f/0x310
[  338.267845][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  338.273491][T12208]  do_syscall_64+0x100/0x230
[  338.278120][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.284049][T12208] Modules linked in:
[  338.287967][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  338.300223][T12208] Tainted: [B]=BAD_PAGE
[  338.304384][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.314873][T12208] Call Trace:
[  338.318165][T12208]  <TASK>
[  338.321109][T12208]  dump_stack_lvl+0x241/0x360
[  338.325808][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.331030][T12208]  ? __pfx_print_modules+0x10/0x10
[  338.336163][T12208]  ? do_xdp_generic+0x104/0xd30
[  338.341149][T12208]  bad_page+0x166/0x1b0
[  338.345343][T12208]  free_unref_page+0xed0/0xf20
[  338.350114][T12208]  skb_release_data+0x6dc/0x8a0
[  338.354981][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  338.360030][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  338.365773][T12208]  ? __lock_acquire+0x1384/0x2050
[  338.370848][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  338.376942][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  338.382938][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  338.389534][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  338.396043][T12208]  ? read_tsc+0x9/0x20
[  338.400132][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  338.405340][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  338.411686][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  338.417852][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  338.424188][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  338.430895][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  338.436111][T12208]  ? __phys_addr+0xba/0x170
[  338.440631][T12208]  ? build_skb_around+0x111/0x260
[  338.445681][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  338.451612][T12208]  netif_receive_skb_list+0x55/0x4b0
[  338.456914][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  338.462388][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  338.468291][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  338.473849][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  338.479668][T12208]  ? synchronize_rcu+0x11b/0x360
[  338.484614][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  338.489917][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  338.496179][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  338.502093][T12208]  ? _copy_from_user+0xa6/0xe0
[  338.506866][T12208]  ? bpf_test_init+0x15a/0x180
[  338.511635][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  338.517119][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  338.522503][T12208]  ? __pfx_lock_release+0x10/0x10
[  338.527542][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  338.533380][T12208]  ? __fget_files+0x29/0x470
[  338.537990][T12208]  ? fput+0x1a8/0x230
[  338.541989][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  338.547807][T12208]  bpf_prog_test_run+0x2e4/0x360
[  338.552760][T12208]  __sys_bpf+0x48d/0x810
[  338.557016][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  338.561798][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  338.567791][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  338.574134][T12208]  ? do_syscall_64+0x100/0x230
[  338.578902][T12208]  __x64_sys_bpf+0x7c/0x90
[  338.583320][T12208]  do_syscall_64+0xf3/0x230
[  338.587829][T12208]  ? clear_bhb_loop+0x35/0x90
[  338.592512][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.598418][T12208] RIP: 0033:0x7f1cfc57dff9
[  338.602838][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.622453][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  338.630878][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  338.638859][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  338.646835][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  338.654813][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  338.655731][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  338.662778][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  338.669805][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  338.677709][T12208]  </TASK>
[  338.677820][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c1d
[  338.684599][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  338.687611][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202d3 pfn:0x56c1d
[  338.710574][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  338.717756][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  338.726415][T12208] raw: 00000000000202d3 0000000000000001 00000000ffffffff 0000000000000000
[  338.735171][T12208] page dumped because: page_pool leak
[  338.740609][T12208] page_owner tracks the page as allocated
[  338.746372][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405634140, free_ts 333828572414
[  338.763639][T12208]  post_alloc_hook+0x1f3/0x230
[  338.768451][T12208]  get_page_from_freelist+0x3045/0x3190
[  338.774003][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  338.779228][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  338.784690][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  338.790647][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  338.795905][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  338.801356][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  338.806866][T12208]  bpf_prog_test_run+0x2e4/0x360
[  338.811829][T12208]  __sys_bpf+0x48d/0x810
[  338.816113][T12208]  __x64_sys_bpf+0x7c/0x90
[  338.820551][T12208]  do_syscall_64+0xf3/0x230
[  338.825064][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.830999][T12208] page last free pid 12154 tgid 12154 stack trace:
[  338.837530][T12208]  free_unref_page+0xcfb/0xf20
[  338.842317][T12208]  __folio_put+0x2c7/0x440
[  338.846780][T12208]  skb_release_data+0x483/0x8a0
[  338.851650][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  338.856983][T12208]  skb_release_data+0x5cc/0x8a0
[  338.861853][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  338.866916][T12208]  kcm_release+0x123/0x5c0
[  338.871356][T12208]  sock_close+0xbc/0x240
[  338.875617][T12208]  __fput+0x23f/0x880
[  338.879668][T12208]  task_work_run+0x24f/0x310
[  338.884322][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  338.890075][T12208]  do_syscall_64+0x100/0x230
[  338.894695][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.900654][T12208] Modules linked in:
[  338.904550][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  338.916804][T12208] Tainted: [B]=BAD_PAGE
[  338.920966][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.931025][T12208] Call Trace:
[  338.934306][T12208]  <TASK>
[  338.937249][T12208]  dump_stack_lvl+0x241/0x360
[  338.941955][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.947170][T12208]  ? __pfx_print_modules+0x10/0x10
[  338.952306][T12208]  ? do_xdp_generic+0x104/0xd30
[  338.957180][T12208]  bad_page+0x166/0x1b0
[  338.961370][T12208]  free_unref_page+0xed0/0xf20
[  338.966169][T12208]  skb_release_data+0x6dc/0x8a0
[  338.971060][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  338.976098][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  338.981845][T12208]  ? __lock_acquire+0x1384/0x2050
[  338.986898][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  338.993018][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  338.999016][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  339.005629][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  339.012201][T12208]  ? read_tsc+0x9/0x20
[  339.016303][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  339.021525][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  339.027866][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  339.034029][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  339.040372][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  339.047068][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  339.052277][T12208]  ? __phys_addr+0xba/0x170
[  339.056793][T12208]  ? build_skb_around+0x111/0x260
[  339.061837][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  339.067742][T12208]  netif_receive_skb_list+0x55/0x4b0
[  339.073134][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  339.078613][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  339.084552][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  339.090117][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  339.095941][T12208]  ? synchronize_rcu+0x11b/0x360
[  339.100903][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  339.106213][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  339.112476][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  339.118387][T12208]  ? _copy_from_user+0xa6/0xe0
[  339.123165][T12208]  ? bpf_test_init+0x15a/0x180
[  339.127950][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  339.133422][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  339.138817][T12208]  ? __pfx_lock_release+0x10/0x10
[  339.143877][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  339.149705][T12208]  ? __fget_files+0x29/0x470
[  339.154315][T12208]  ? fput+0x1a8/0x230
[  339.158306][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  339.164132][T12208]  bpf_prog_test_run+0x2e4/0x360
[  339.169083][T12208]  __sys_bpf+0x48d/0x810
[  339.173344][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  339.178125][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  339.184138][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  339.190494][T12208]  ? do_syscall_64+0x100/0x230
[  339.195262][T12208]  __x64_sys_bpf+0x7c/0x90
[  339.199690][T12208]  do_syscall_64+0xf3/0x230
[  339.204194][T12208]  ? clear_bhb_loop+0x35/0x90
[  339.208877][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.214789][T12208] RIP: 0033:0x7f1cfc57dff9
[  339.219210][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.238825][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  339.247253][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  339.255228][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  339.263200][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  339.271171][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  339.279144][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  339.287128][T12208]  </TASK>
[  339.290242][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c1c
[  339.297145][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202d2 pfn:0x56c1c
[  339.306315][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  339.313453][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  339.322088][T12208] raw: 00000000000202d2 0000000000000001 00000000ffffffff 0000000000000000
[  339.330721][T12208] page dumped because: page_pool leak
[  339.336130][T12208] page_owner tracks the page as allocated
[  339.341965][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405621708, free_ts 333828572414
[  339.359183][T12208]  post_alloc_hook+0x1f3/0x230
[  339.363955][T12208]  get_page_from_freelist+0x3045/0x3190
[  339.369536][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  339.374756][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  339.380236][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  339.386244][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  339.391481][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  339.396900][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  339.402300][T12208]  bpf_prog_test_run+0x2e4/0x360
[  339.407270][T12208]  __sys_bpf+0x48d/0x810
[  339.411561][T12208]  __x64_sys_bpf+0x7c/0x90
[  339.416008][T12208]  do_syscall_64+0xf3/0x230
[  339.420518][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.426454][T12208] page last free pid 12154 tgid 12154 stack trace:
[  339.432962][T12208]  free_unref_page+0xcfb/0xf20
[  339.437746][T12208]  __folio_put+0x2c7/0x440
[  339.442160][T12208]  skb_release_data+0x483/0x8a0
[  339.447061][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  339.452386][T12208]  skb_release_data+0x5cc/0x8a0
[  339.457315][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  339.462369][T12208]  kcm_release+0x123/0x5c0
[  339.466819][T12208]  sock_close+0xbc/0x240
[  339.471097][T12208]  __fput+0x23f/0x880
[  339.475077][T12208]  task_work_run+0x24f/0x310
[  339.479691][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  339.485331][T12208]  do_syscall_64+0x100/0x230
[  339.489951][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.495890][T12208] Modules linked in:
[  339.499830][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  339.512090][T12208] Tainted: [B]=BAD_PAGE
[  339.516244][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.526327][T12208] Call Trace:
[  339.529617][T12208]  <TASK>
[  339.532562][T12208]  dump_stack_lvl+0x241/0x360
[  339.537302][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.542545][T12208]  ? __pfx_print_modules+0x10/0x10
[  339.547680][T12208]  ? do_xdp_generic+0x104/0xd30
[  339.552561][T12208]  bad_page+0x166/0x1b0
[  339.556735][T12208]  free_unref_page+0xed0/0xf20
[  339.561549][T12208]  skb_release_data+0x6dc/0x8a0
[  339.566417][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  339.571477][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  339.577236][T12208]  ? __lock_acquire+0x1384/0x2050
[  339.582318][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  339.588409][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  339.594403][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  339.601008][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  339.607523][T12208]  ? read_tsc+0x9/0x20
[  339.611599][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  339.616831][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  339.623194][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  339.629363][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  339.635711][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  339.642595][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  339.647806][T12208]  ? __phys_addr+0xba/0x170
[  339.652314][T12208]  ? build_skb_around+0x111/0x260
[  339.657351][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  339.663359][T12208]  netif_receive_skb_list+0x55/0x4b0
[  339.668658][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  339.674133][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  339.680049][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  339.685625][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  339.691474][T12208]  ? synchronize_rcu+0x11b/0x360
[  339.695720][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  339.696406][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  339.708549][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  339.714811][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  339.720721][T12208]  ? _copy_from_user+0xa6/0xe0
[  339.725501][T12208]  ? bpf_test_init+0x15a/0x180
[  339.730276][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  339.735755][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  339.741158][T12208]  ? __pfx_lock_release+0x10/0x10
[  339.746203][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  339.752028][T12208]  ? __fget_files+0x29/0x470
[  339.756866][T12208]  ? fput+0x1a8/0x230
[  339.760875][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  339.766719][T12208]  bpf_prog_test_run+0x2e4/0x360
[  339.771687][T12208]  __sys_bpf+0x48d/0x810
[  339.775951][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  339.780746][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  339.786749][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  339.793098][T12208]  ? do_syscall_64+0x100/0x230
[  339.797882][T12208]  __x64_sys_bpf+0x7c/0x90
[  339.802317][T12208]  do_syscall_64+0xf3/0x230
[  339.806826][T12208]  ? clear_bhb_loop+0x35/0x90
[  339.811505][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.817410][T12208] RIP: 0033:0x7f1cfc57dff9
[  339.821839][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.841470][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  339.849897][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  339.857878][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  339.865957][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  339.873943][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  339.882067][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  339.890081][T12208]  </TASK>
[  339.893310][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c1b
[  339.900221][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202d1 pfn:0x56c1b
[  339.909398][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  339.916577][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  339.925194][T12208] raw: 00000000000202d1 0000000000000001 00000000ffffffff 0000000000000000
[  339.933814][T12208] page dumped because: page_pool leak
[  339.939226][T12208] page_owner tracks the page as allocated
[  339.944954][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405609250, free_ts 333828572414
[  339.962183][T12208]  post_alloc_hook+0x1f3/0x230
[  339.967094][T12208]  get_page_from_freelist+0x3045/0x3190
[  339.972660][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  339.977896][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  339.983464][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  339.989389][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  339.994695][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  340.000154][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  340.005623][T12208]  bpf_prog_test_run+0x2e4/0x360
[  340.010696][T12208]  __sys_bpf+0x48d/0x810
[  340.014948][T12208]  __x64_sys_bpf+0x7c/0x90
[  340.019411][T12208]  do_syscall_64+0xf3/0x230
[  340.023954][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.029921][T12208] page last free pid 12154 tgid 12154 stack trace:
[  340.036489][T12208]  free_unref_page+0xcfb/0xf20
[  340.041364][T12208]  __folio_put+0x2c7/0x440
[  340.045818][T12208]  skb_release_data+0x483/0x8a0
[  340.050685][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  340.056008][T12208]  skb_release_data+0x5cc/0x8a0
[  340.060882][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  340.065965][T12208]  kcm_release+0x123/0x5c0
[  340.070420][T12208]  sock_close+0xbc/0x240
[  340.074711][T12208]  __fput+0x23f/0x880
[  340.078744][T12208]  task_work_run+0x24f/0x310
[  340.083449][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  340.089114][T12208]  do_syscall_64+0x100/0x230
[  340.093705][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.099631][T12208] Modules linked in:
[  340.103551][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  340.115808][T12208] Tainted: [B]=BAD_PAGE
[  340.119983][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  340.130072][T12208] Call Trace:
[  340.133347][T12208]  <TASK>
[  340.136284][T12208]  dump_stack_lvl+0x241/0x360
[  340.141010][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.146220][T12208]  ? __pfx_print_modules+0x10/0x10
[  340.151366][T12208]  ? do_xdp_generic+0x104/0xd30
[  340.156236][T12208]  bad_page+0x166/0x1b0
[  340.160441][T12208]  free_unref_page+0xed0/0xf20
[  340.165207][T12208]  skb_release_data+0x6dc/0x8a0
[  340.170157][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  340.175193][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  340.180928][T12208]  ? __lock_acquire+0x1384/0x2050
[  340.186028][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  340.192312][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  340.198337][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  340.205026][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  340.211537][T12208]  ? read_tsc+0x9/0x20
[  340.215644][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  340.220898][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  340.227250][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  340.233437][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  340.239785][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  340.246471][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  340.251681][T12208]  ? __phys_addr+0xba/0x170
[  340.256196][T12208]  ? build_skb_around+0x111/0x260
[  340.261237][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  340.267145][T12208]  netif_receive_skb_list+0x55/0x4b0
[  340.272443][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  340.277933][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  340.283843][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  340.289407][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  340.295227][T12208]  ? synchronize_rcu+0x11b/0x360
[  340.300175][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  340.305477][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  340.311737][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  340.317680][T12208]  ? _copy_from_user+0xa6/0xe0
[  340.322456][T12208]  ? bpf_test_init+0x15a/0x180
[  340.327233][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  340.332722][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  340.338114][T12208]  ? __pfx_lock_release+0x10/0x10
[  340.343159][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  340.348983][T12208]  ? __fget_files+0x29/0x470
[  340.353588][T12208]  ? fput+0x1a8/0x230
[  340.357584][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  340.363411][T12208]  bpf_prog_test_run+0x2e4/0x360
[  340.368363][T12208]  __sys_bpf+0x48d/0x810
[  340.372618][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  340.377407][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  340.383405][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  340.389844][T12208]  ? do_syscall_64+0x100/0x230
[  340.394788][T12208]  __x64_sys_bpf+0x7c/0x90
[  340.399212][T12208]  do_syscall_64+0xf3/0x230
[  340.403722][T12208]  ? clear_bhb_loop+0x35/0x90
[  340.408408][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.414320][T12208] RIP: 0033:0x7f1cfc57dff9
[  340.418742][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.438444][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  340.446982][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  340.454963][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  340.462967][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  340.470944][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  340.478943][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  340.486937][T12208]  </TASK>
[  340.490055][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c1a
[  340.496972][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202d0 pfn:0x56c1a
[  340.506144][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  340.513298][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  340.521947][T12208] raw: 00000000000202d0 0000000000000001 00000000ffffffff 0000000000000000
[  340.530579][T12208] page dumped because: page_pool leak
[  340.536000][T12208] page_owner tracks the page as allocated
[  340.541721][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405596741, free_ts 333828572414
[  340.558952][T12208]  post_alloc_hook+0x1f3/0x230
[  340.563745][T12208]  get_page_from_freelist+0x3045/0x3190
[  340.569339][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  340.574561][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  340.580085][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  340.586022][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  340.591248][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  340.596671][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  340.602085][T12208]  bpf_prog_test_run+0x2e4/0x360
[  340.607073][T12208]  __sys_bpf+0x48d/0x810
[  340.611370][T12208]  __x64_sys_bpf+0x7c/0x90
[  340.615834][T12208]  do_syscall_64+0xf3/0x230
[  340.620368][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.626305][T12208] page last free pid 12154 tgid 12154 stack trace:
[  340.632831][T12208]  free_unref_page+0xcfb/0xf20
[  340.637621][T12208]  __folio_put+0x2c7/0x440
[  340.642036][T12208]  skb_release_data+0x483/0x8a0
[  340.646934][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  340.652242][T12208]  skb_release_data+0x5cc/0x8a0
[  340.657113][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  340.662137][T12208]  kcm_release+0x123/0x5c0
[  340.666594][T12208]  sock_close+0xbc/0x240
[  340.670913][T12208]  __fput+0x23f/0x880
[  340.674918][T12208]  task_work_run+0x24f/0x310
[  340.679575][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  340.685238][T12208]  do_syscall_64+0x100/0x230
[  340.689887][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.695848][T12208] Modules linked in:
[  340.699769][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  340.712044][T12208] Tainted: [B]=BAD_PAGE
[  340.716204][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  340.726282][T12208] Call Trace:
[  340.729585][T12208]  <TASK>
[  340.732530][T12208]  dump_stack_lvl+0x241/0x360
[  340.737304][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.742501][T12208]  ? __pfx_print_modules+0x10/0x10
[  340.747630][T12208]  ? do_xdp_generic+0x104/0xd30
[  340.752521][T12208]  bad_page+0x166/0x1b0
[  340.756866][T12208]  free_unref_page+0xed0/0xf20
[  340.761637][T12208]  skb_release_data+0x6dc/0x8a0
[  340.766503][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  340.771551][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  340.777282][T12208]  ? __lock_acquire+0x1384/0x2050
[  340.782323][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  340.788421][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  340.794506][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  340.801127][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  340.807648][T12208]  ? read_tsc+0x9/0x20
[  340.811731][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  340.816950][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  340.823376][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  340.829632][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  340.835978][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  340.842694][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  340.847925][T12208]  ? __phys_addr+0xba/0x170
[  340.852462][T12208]  ? build_skb_around+0x111/0x260
[  340.857502][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  340.863417][T12208]  netif_receive_skb_list+0x55/0x4b0
[  340.868809][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  340.874293][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  340.880208][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  340.885798][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  340.891641][T12208]  ? synchronize_rcu+0x11b/0x360
[  340.896600][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  340.901919][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  340.908189][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  340.914120][T12208]  ? _copy_from_user+0xa6/0xe0
[  340.918911][T12208]  ? bpf_test_init+0x15a/0x180
[  340.923894][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  340.929401][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  340.934800][T12208]  ? __pfx_lock_release+0x10/0x10
[  340.939848][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  340.945674][T12208]  ? __fget_files+0x29/0x470
[  340.950296][T12208]  ? fput+0x1a8/0x230
[  340.954289][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  340.960116][T12208]  bpf_prog_test_run+0x2e4/0x360
[  340.965071][T12208]  __sys_bpf+0x48d/0x810
[  340.969324][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  340.974151][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  340.980213][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  340.986659][T12208]  ? do_syscall_64+0x100/0x230
[  340.991440][T12208]  __x64_sys_bpf+0x7c/0x90
[  340.995965][T12208]  do_syscall_64+0xf3/0x230
[  341.000488][T12208]  ? clear_bhb_loop+0x35/0x90
[  341.005178][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.011094][T12208] RIP: 0033:0x7f1cfc57dff9
[  341.015519][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.035140][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  341.043578][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  341.051559][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  341.059549][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  341.067537][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  341.075540][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  341.083552][T12208]  </TASK>
[  341.086680][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c19
[  341.093555][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x8 pfn:0x56c19
[  341.102390][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  341.109559][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  341.118198][T12208] raw: 0000000000000008 0000000000000001 00000000ffffffff 0000000000000000
[  341.126827][T12208] page dumped because: page_pool leak
[  341.132202][T12208] page_owner tracks the page as allocated
[  341.137931][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405584199, free_ts 333828572414
[  341.155169][T12208]  post_alloc_hook+0x1f3/0x230
[  341.159964][T12208]  get_page_from_freelist+0x3045/0x3190
[  341.165508][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  341.170725][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  341.176199][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  341.182095][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  341.187333][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  341.192739][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  341.198146][T12208]  bpf_prog_test_run+0x2e4/0x360
[  341.203085][T12208]  __sys_bpf+0x48d/0x810
[  341.207368][T12208]  __x64_sys_bpf+0x7c/0x90
[  341.211804][T12208]  do_syscall_64+0xf3/0x230
[  341.216337][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.222246][T12208] page last free pid 12154 tgid 12154 stack trace:
[  341.228783][T12208]  free_unref_page+0xcfb/0xf20
[  341.233569][T12208]  __folio_put+0x2c7/0x440
[  341.238003][T12208]  skb_release_data+0x483/0x8a0
[  341.242850][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  341.248169][T12208]  skb_release_data+0x5cc/0x8a0
[  341.253039][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  341.258108][T12208]  kcm_release+0x123/0x5c0
[  341.262522][T12208]  sock_close+0xbc/0x240
[  341.266802][T12208]  __fput+0x23f/0x880
[  341.270808][T12208]  task_work_run+0x24f/0x310
[  341.275409][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  341.281095][T12208]  do_syscall_64+0x100/0x230
[  341.285713][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.291639][T12208] Modules linked in:
[  341.295560][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  341.307817][T12208] Tainted: [B]=BAD_PAGE
[  341.311968][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.322029][T12208] Call Trace:
[  341.325312][T12208]  <TASK>
[  341.328248][T12208]  dump_stack_lvl+0x241/0x360
[  341.332937][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.338144][T12208]  ? __pfx_print_modules+0x10/0x10
[  341.343269][T12208]  ? do_xdp_generic+0x104/0xd30
[  341.348130][T12208]  bad_page+0x166/0x1b0
[  341.352296][T12208]  free_unref_page+0xed0/0xf20
[  341.357068][T12208]  skb_release_data+0x6dc/0x8a0
[  341.361936][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  341.366971][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  341.372737][T12208]  ? __lock_acquire+0x1384/0x2050
[  341.377802][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  341.383894][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  341.389888][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  341.396499][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  341.403025][T12208]  ? read_tsc+0x9/0x20
[  341.407108][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  341.412318][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  341.418656][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  341.424823][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  341.431161][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  341.437846][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  341.443054][T12208]  ? __phys_addr+0xba/0x170
[  341.447567][T12208]  ? build_skb_around+0x111/0x260
[  341.452609][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  341.458517][T12208]  netif_receive_skb_list+0x55/0x4b0
[  341.463819][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  341.469299][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  341.475206][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  341.480771][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  341.486593][T12208]  ? synchronize_rcu+0x11b/0x360
[  341.491549][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  341.496863][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  341.503132][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  341.509048][T12208]  ? _copy_from_user+0xa6/0xe0
[  341.513835][T12208]  ? bpf_test_init+0x15a/0x180
[  341.518625][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  341.524100][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  341.529492][T12208]  ? __pfx_lock_release+0x10/0x10
[  341.534546][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  341.540454][T12208]  ? __fget_files+0x29/0x470
[  341.545145][T12208]  ? fput+0x1a8/0x230
[  341.549136][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  341.554958][T12208]  bpf_prog_test_run+0x2e4/0x360
[  341.559912][T12208]  __sys_bpf+0x48d/0x810
[  341.564344][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  341.569134][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  341.575130][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  341.581480][T12208]  ? do_syscall_64+0x100/0x230
[  341.586261][T12208]  __x64_sys_bpf+0x7c/0x90
[  341.590691][T12208]  do_syscall_64+0xf3/0x230
[  341.595199][T12208]  ? clear_bhb_loop+0x35/0x90
[  341.599885][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.605802][T12208] RIP: 0033:0x7f1cfc57dff9
[  341.610344][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.629983][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  341.638411][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  341.646387][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  341.654363][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  341.662337][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  341.670316][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  341.678299][T12208]  </TASK>
[  341.681409][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c18
[  341.688305][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202ce pfn:0x56c18
[  341.697487][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  341.704642][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  341.713275][T12208] raw: 00000000000202ce 0000000000000001 00000000ffffffff 0000000000000000
[  341.721889][T12208] page dumped because: page_pool leak
[  341.727286][T12208] page_owner tracks the page as allocated
[  341.733006][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405571513, free_ts 333828572414
[  341.750233][T12208]  post_alloc_hook+0x1f3/0x230
[  341.755009][T12208]  get_page_from_freelist+0x3045/0x3190
[  341.760583][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  341.765812][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  341.771290][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  341.775751][    C0] net_ratelimit: 5 callbacks suppressed
[  341.775768][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  341.777205][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  341.782755][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  341.789564][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  341.794791][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  341.801605][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  341.819394][T12208]  bpf_prog_test_run+0x2e4/0x360
[  341.824383][T12208]  __sys_bpf+0x48d/0x810
[  341.828681][T12208]  __x64_sys_bpf+0x7c/0x90
[  341.833115][T12208]  do_syscall_64+0xf3/0x230
[  341.837649][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.843548][T12208] page last free pid 12154 tgid 12154 stack trace:
[  341.850074][T12208]  free_unref_page+0xcfb/0xf20
[  341.854850][T12208]  __folio_put+0x2c7/0x440
[  341.859288][T12208]  skb_release_data+0x483/0x8a0
[  341.864135][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  341.869489][T12208]  skb_release_data+0x5cc/0x8a0
[  341.874404][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  341.879470][T12208]  kcm_release+0x123/0x5c0
[  341.883899][T12208]  sock_close+0xbc/0x240
[  341.888188][T12208]  __fput+0x23f/0x880
[  341.892198][T12208]  task_work_run+0x24f/0x310
[  341.896831][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  341.902467][T12208]  do_syscall_64+0x100/0x230
[  341.907087][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.913017][T12208] Modules linked in:
[  341.916941][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  341.929192][T12208] Tainted: [B]=BAD_PAGE
[  341.933349][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.943414][T12208] Call Trace:
[  341.946705][T12208]  <TASK>
[  341.949688][T12208]  dump_stack_lvl+0x241/0x360
[  341.954375][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.959580][T12208]  ? __pfx_print_modules+0x10/0x10
[  341.964711][T12208]  ? do_xdp_generic+0x104/0xd30
[  341.969580][T12208]  bad_page+0x166/0x1b0
[  341.973756][T12208]  free_unref_page+0xed0/0xf20
[  341.978531][T12208]  skb_release_data+0x6dc/0x8a0
[  341.983394][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  341.988427][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  341.994162][T12208]  ? __lock_acquire+0x1384/0x2050
[  341.999314][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  342.005414][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  342.011413][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  342.018034][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  342.024549][T12208]  ? read_tsc+0x9/0x20
[  342.028668][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  342.033881][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  342.040223][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  342.046408][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  342.052751][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  342.059437][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  342.064646][T12208]  ? __phys_addr+0xba/0x170
[  342.069155][T12208]  ? build_skb_around+0x111/0x260
[  342.074185][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  342.080092][T12208]  netif_receive_skb_list+0x55/0x4b0
[  342.085388][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  342.090867][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  342.096784][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  342.102346][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  342.108165][T12208]  ? synchronize_rcu+0x11b/0x360
[  342.113116][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  342.118427][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  342.124691][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  342.130597][T12208]  ? _copy_from_user+0xa6/0xe0
[  342.135376][T12208]  ? bpf_test_init+0x15a/0x180
[  342.140169][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  342.145690][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  342.151111][T12208]  ? __pfx_lock_release+0x10/0x10
[  342.156161][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  342.161993][T12208]  ? __fget_files+0x29/0x470
[  342.166600][T12208]  ? fput+0x1a8/0x230
[  342.170595][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  342.176518][T12208]  bpf_prog_test_run+0x2e4/0x360
[  342.181478][T12208]  __sys_bpf+0x48d/0x810
[  342.185744][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  342.190535][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  342.196533][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  342.202888][T12208]  ? do_syscall_64+0x100/0x230
[  342.207660][T12208]  __x64_sys_bpf+0x7c/0x90
[  342.212090][T12208]  do_syscall_64+0xf3/0x230
[  342.216604][T12208]  ? clear_bhb_loop+0x35/0x90
[  342.221289][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.227197][T12208] RIP: 0033:0x7f1cfc57dff9
[  342.231619][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.251235][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  342.259664][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  342.267656][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  342.275657][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  342.283763][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.291747][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  342.299740][T12208]  </TASK>
[  342.302866][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c17
[  342.309780][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202cd pfn:0x56c17
[  342.318956][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  342.326227][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  342.334842][T12208] raw: 00000000000202cd 0000000000000001 00000000ffffffff 0000000000000000
[  342.343483][T12208] page dumped because: page_pool leak
[  342.348905][T12208] page_owner tracks the page as allocated
[  342.354637][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405558843, free_ts 333828547198
[  342.371909][T12208]  post_alloc_hook+0x1f3/0x230
[  342.376733][T12208]  get_page_from_freelist+0x3045/0x3190
[  342.382326][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  342.387558][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  342.393038][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  342.398960][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  342.404163][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  342.409578][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  342.414991][T12208]  bpf_prog_test_run+0x2e4/0x360
[  342.419960][T12208]  __sys_bpf+0x48d/0x810
[  342.424231][T12208]  __x64_sys_bpf+0x7c/0x90
[  342.428687][T12208]  do_syscall_64+0xf3/0x230
[  342.433245][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.439193][T12208] page last free pid 12154 tgid 12154 stack trace:
[  342.445715][T12208]  free_unref_page+0xcfb/0xf20
[  342.450509][T12208]  __folio_put+0x2c7/0x440
[  342.454924][T12208]  skb_release_data+0x483/0x8a0
[  342.459825][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  342.465133][T12208]  skb_release_data+0x5cc/0x8a0
[  342.470013][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  342.475040][T12208]  kcm_release+0x123/0x5c0
[  342.479513][T12208]  sock_close+0xbc/0x240
[  342.483777][T12208]  __fput+0x23f/0x880
[  342.487805][T12208]  task_work_run+0x24f/0x310
[  342.492420][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  342.498083][T12208]  do_syscall_64+0x100/0x230
[  342.502671][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.508615][T12208] Modules linked in:
[  342.512529][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  342.524791][T12208] Tainted: [B]=BAD_PAGE
[  342.528961][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  342.539029][T12208] Call Trace:
[  342.542314][T12208]  <TASK>
[  342.545249][T12208]  dump_stack_lvl+0x241/0x360
[  342.549944][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.555272][T12208]  ? __pfx_print_modules+0x10/0x10
[  342.560397][T12208]  ? do_xdp_generic+0x104/0xd30
[  342.565261][T12208]  bad_page+0x166/0x1b0
[  342.569431][T12208]  free_unref_page+0xed0/0xf20
[  342.574206][T12208]  skb_release_data+0x6dc/0x8a0
[  342.579100][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  342.584134][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  342.589959][T12208]  ? __lock_acquire+0x1384/0x2050
[  342.595009][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  342.601105][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  342.607100][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  342.613701][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  342.620221][T12208]  ? read_tsc+0x9/0x20
[  342.624313][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  342.629535][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  342.635888][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  342.642075][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  342.648417][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  342.655104][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  342.660313][T12208]  ? __phys_addr+0xba/0x170
[  342.664822][T12208]  ? build_skb_around+0x111/0x260
[  342.669858][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  342.675776][T12208]  netif_receive_skb_list+0x55/0x4b0
[  342.681169][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  342.686648][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  342.692560][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  342.698129][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  342.703958][T12208]  ? synchronize_rcu+0x11b/0x360
[  342.708908][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  342.714210][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  342.720468][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  342.726383][T12208]  ? _copy_from_user+0xa6/0xe0
[  342.731182][T12208]  ? bpf_test_init+0x15a/0x180
[  342.736147][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  342.741655][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  342.747052][T12208]  ? __pfx_lock_release+0x10/0x10
[  342.752097][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  342.757922][T12208]  ? __fget_files+0x29/0x470
[  342.762528][T12208]  ? fput+0x1a8/0x230
[  342.766521][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  342.772371][T12208]  bpf_prog_test_run+0x2e4/0x360
[  342.777328][T12208]  __sys_bpf+0x48d/0x810
[  342.781585][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  342.786455][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  342.792453][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  342.798797][T12208]  ? do_syscall_64+0x100/0x230
[  342.803569][T12208]  __x64_sys_bpf+0x7c/0x90
[  342.807991][T12208]  do_syscall_64+0xf3/0x230
[  342.812502][T12208]  ? clear_bhb_loop+0x35/0x90
[  342.815726][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  342.817180][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.824141][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  342.829982][T12208] RIP: 0033:0x7f1cfc57dff9
[  342.830003][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.830024][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246
[  342.836909][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  342.841252][T12208]  ORIG_RAX: 0000000000000141
[  342.841266][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  342.886519][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  342.894609][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  342.902596][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.910583][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  342.918571][T12208]  </TASK>
[  342.921679][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c16
[  342.928586][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202cc pfn:0x56c16
[  342.937753][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  342.945056][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  342.953777][T12208] raw: 00000000000202cc 0000000000000001 00000000ffffffff 0000000000000000
[  342.962397][T12208] page dumped because: page_pool leak
[  342.967800][T12208] page_owner tracks the page as allocated
[  342.973526][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405546296, free_ts 333828547198
[  342.990756][T12208]  post_alloc_hook+0x1f3/0x230
[  342.995532][T12208]  get_page_from_freelist+0x3045/0x3190
[  343.001193][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  343.006429][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  343.012012][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  343.017959][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  343.023184][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  343.028600][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  343.033997][T12208]  bpf_prog_test_run+0x2e4/0x360
[  343.038987][T12208]  __sys_bpf+0x48d/0x810
[  343.043232][T12208]  __x64_sys_bpf+0x7c/0x90
[  343.047702][T12208]  do_syscall_64+0xf3/0x230
[  343.052227][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.058170][T12208] page last free pid 12154 tgid 12154 stack trace:
[  343.064724][T12208]  free_unref_page+0xcfb/0xf20
[  343.069514][T12208]  __folio_put+0x2c7/0x440
[  343.073926][T12208]  skb_release_data+0x483/0x8a0
[  343.078796][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  343.084082][T12208]  skb_release_data+0x5cc/0x8a0
[  343.088987][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  343.094026][T12208]  kcm_release+0x123/0x5c0
[  343.098494][T12208]  sock_close+0xbc/0x240
[  343.102740][T12208]  __fput+0x23f/0x880
[  343.106759][T12208]  task_work_run+0x24f/0x310
[  343.111389][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  343.117065][T12208]  do_syscall_64+0x100/0x230
[  343.121689][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.127628][T12208] Modules linked in:
[  343.131547][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  343.143793][T12208] Tainted: [B]=BAD_PAGE
[  343.147955][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  343.158016][T12208] Call Trace:
[  343.161297][T12208]  <TASK>
[  343.164231][T12208]  dump_stack_lvl+0x241/0x360
[  343.168922][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.174127][T12208]  ? __pfx_print_modules+0x10/0x10
[  343.179261][T12208]  ? do_xdp_generic+0x104/0xd30
[  343.184226][T12208]  bad_page+0x166/0x1b0
[  343.188396][T12208]  free_unref_page+0xed0/0xf20
[  343.193174][T12208]  skb_release_data+0x6dc/0x8a0
[  343.198045][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  343.203077][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  343.208813][T12208]  ? __lock_acquire+0x1384/0x2050
[  343.213859][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  343.219979][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  343.225985][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  343.232606][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  343.239152][T12208]  ? read_tsc+0x9/0x20
[  343.243236][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  343.248452][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  343.254794][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  343.260960][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  343.267298][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  343.273983][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  343.279191][T12208]  ? __phys_addr+0xba/0x170
[  343.283699][T12208]  ? build_skb_around+0x111/0x260
[  343.288735][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  343.294668][T12208]  netif_receive_skb_list+0x55/0x4b0
[  343.299981][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  343.305474][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  343.311391][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  343.316968][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  343.322796][T12208]  ? synchronize_rcu+0x11b/0x360
[  343.327836][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  343.333143][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  343.339405][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  343.345320][T12208]  ? _copy_from_user+0xa6/0xe0
[  343.350108][T12208]  ? bpf_test_init+0x15a/0x180
[  343.354890][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  343.360369][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  343.365773][T12208]  ? __pfx_lock_release+0x10/0x10
[  343.370842][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  343.376675][T12208]  ? __fget_files+0x29/0x470
[  343.381290][T12208]  ? fput+0x1a8/0x230
[  343.385286][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  343.391124][T12208]  bpf_prog_test_run+0x2e4/0x360
[  343.396079][T12208]  __sys_bpf+0x48d/0x810
[  343.400343][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  343.405122][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  343.411117][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  343.417500][T12208]  ? do_syscall_64+0x100/0x230
[  343.422270][T12208]  __x64_sys_bpf+0x7c/0x90
[  343.426695][T12208]  do_syscall_64+0xf3/0x230
[  343.431220][T12208]  ? clear_bhb_loop+0x35/0x90
[  343.435909][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.441828][T12208] RIP: 0033:0x7f1cfc57dff9
[  343.446254][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.465903][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  343.474354][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  343.482373][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  343.490349][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  343.498339][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  343.506313][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  343.514295][T12208]  </TASK>
[  343.517419][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c15
[  343.524296][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202ae pfn:0x56c15
[  343.533475][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  343.540738][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  343.549493][T12208] raw: 00000000000202ae 0000000000000001 00000000ffffffff 0000000000000000
[  343.558131][T12208] page dumped because: page_pool leak
[  343.563531][T12208] page_owner tracks the page as allocated
[  343.569266][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405533807, free_ts 333828547198
[  343.586571][T12208]  post_alloc_hook+0x1f3/0x230
[  343.591368][T12208]  get_page_from_freelist+0x3045/0x3190
[  343.596976][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  343.602195][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  343.607704][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  343.613602][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  343.618883][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  343.624387][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  343.629807][T12208]  bpf_prog_test_run+0x2e4/0x360
[  343.634748][T12208]  __sys_bpf+0x48d/0x810
[  343.639050][T12208]  __x64_sys_bpf+0x7c/0x90
[  343.643491][T12208]  do_syscall_64+0xf3/0x230
[  343.648036][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.653975][T12208] page last free pid 12154 tgid 12154 stack trace:
[  343.660520][T12208]  free_unref_page+0xcfb/0xf20
[  343.665303][T12208]  __folio_put+0x2c7/0x440
[  343.669737][T12208]  skb_release_data+0x483/0x8a0
[  343.674589][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  343.679915][T12208]  skb_release_data+0x5cc/0x8a0
[  343.684783][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  343.689834][T12208]  kcm_release+0x123/0x5c0
[  343.694249][T12208]  sock_close+0xbc/0x240
[  343.698534][T12208]  __fput+0x23f/0x880
[  343.702543][T12208]  task_work_run+0x24f/0x310
[  343.707152][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  343.712793][T12208]  do_syscall_64+0x100/0x230
[  343.717441][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.723367][T12208] Modules linked in:
[  343.727301][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  343.739557][T12208] Tainted: [B]=BAD_PAGE
[  343.743899][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  343.753999][T12208] Call Trace:
[  343.757297][T12208]  <TASK>
[  343.760243][T12208]  dump_stack_lvl+0x241/0x360
[  343.765010][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.770223][T12208]  ? __pfx_print_modules+0x10/0x10
[  343.775357][T12208]  ? do_xdp_generic+0x104/0xd30
[  343.780226][T12208]  bad_page+0x166/0x1b0
[  343.784405][T12208]  free_unref_page+0xed0/0xf20
[  343.789269][T12208]  skb_release_data+0x6dc/0x8a0
[  343.794132][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  343.799165][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  343.804905][T12208]  ? __lock_acquire+0x1384/0x2050
[  343.809974][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  343.816084][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  343.822182][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  343.828782][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  343.835299][T12208]  ? read_tsc+0x9/0x20
[  343.839405][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  343.844638][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  343.851000][T12208]  netif_receive_skb_list_internal+0xa51/0xe30
[  343.855749][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  343.857258][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  343.864156][    C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  343.870427][T12208]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  343.870462][T12208]  ? __pfx_eth_type_trans+0x10/0x10
[  343.877366][    C0] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  343.883963][T12208]  ? __phys_addr+0xba/0x170
[  343.900644][T12208]  ? build_skb_around+0x111/0x260
[  343.905691][T12208]  ? __xdp_build_skb_from_frame+0x338/0x650
[  343.911615][T12208]  netif_receive_skb_list+0x55/0x4b0
[  343.916939][T12208]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  343.922427][T12208]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  343.928437][T12208]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  343.934010][T12208]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  343.939842][T12208]  ? synchronize_rcu+0x11b/0x360
[  343.944798][T12208]  ? __pfx_synchronize_rcu+0x10/0x10
[  343.950109][T12208]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  343.956393][T12208]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  343.962313][T12208]  ? _copy_from_user+0xa6/0xe0
[  343.967123][T12208]  ? bpf_test_init+0x15a/0x180
[  343.971917][T12208]  ? xdp_convert_md_to_buff+0x5b/0x330
[  343.977403][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  343.982807][T12208]  ? __pfx_lock_release+0x10/0x10
[  343.987863][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  343.993695][T12208]  ? __fget_files+0x29/0x470
[  343.998310][T12208]  ? fput+0x1a8/0x230
[  344.002313][T12208]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  344.008144][T12208]  bpf_prog_test_run+0x2e4/0x360
[  344.013273][T12208]  __sys_bpf+0x48d/0x810
[  344.017529][T12208]  ? __pfx___sys_bpf+0x10/0x10
[  344.022311][T12208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  344.028317][T12208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  344.034764][T12208]  ? do_syscall_64+0x100/0x230
[  344.039549][T12208]  __x64_sys_bpf+0x7c/0x90
[  344.043986][T12208]  do_syscall_64+0xf3/0x230
[  344.048596][T12208]  ? clear_bhb_loop+0x35/0x90
[  344.053289][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.059209][T12208] RIP: 0033:0x7f1cfc57dff9
[  344.063638][T12208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.083271][T12208] RSP: 002b:00007f1cfd353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  344.091707][T12208] RAX: ffffffffffffffda RBX: 00007f1cfc736058 RCX: 00007f1cfc57dff9
[  344.099694][T12208] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  344.107686][T12208] RBP: 00007f1cfc5f0296 R08: 0000000000000000 R09: 0000000000000000
[  344.115667][T12208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  344.123652][T12208] R13: 0000000000000000 R14: 00007f1cfc736058 R15: 00007ffe89d68258
[  344.131645][T12208]  </TASK>
[  344.134766][T12208] BUG: Bad page state in process syz.3.1918  pfn:56c14
[  344.141727][T12208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x202ad pfn:0x56c14
[  344.150918][T12208] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  344.158158][T12208] raw: 00fff00000000000 dead000000000040 ffff88805cc52000 0000000000000000
[  344.166818][T12208] raw: 00000000000202ad 0000000000000001 00000000ffffffff 0000000000000000
[  344.175434][T12208] page dumped because: page_pool leak
[  344.180855][T12208] page_owner tracks the page as allocated
[  344.186634][T12208] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 12208, tgid 12203 (syz.3.1918), ts 334405521315, free_ts 333828547198
[  344.203976][T12208]  post_alloc_hook+0x1f3/0x230
[  344.208817][T12208]  get_page_from_freelist+0x3045/0x3190
[  344.214426][T12208]  __alloc_pages_noprof+0x256/0x6c0
[  344.219779][T12208]  alloc_pages_bulk_noprof+0x729/0xd40
[  344.225283][T12208]  __page_pool_alloc_pages_slow+0x122/0x690
[  344.231224][T12208]  page_pool_alloc_pages+0xd0/0x1c0
[  344.236457][T12208]  bpf_test_run_xdp_live+0x950/0x2160
[  344.241942][T12208]  bpf_prog_test_run_xdp+0x805/0x11e0
[  344.247363][T12208]  bpf_prog_test_run+0x2e4/0x360
[  344.252325][T12208]  __sys_bpf+0x48d/0x810
[  344.256598][T12208]  __x64_sys_bpf+0x7c/0x90
[  344.261014][T12208]  do_syscall_64+0xf3/0x230
[  344.265536][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.271469][T12208] page last free pid 12154 tgid 12154 stack trace:
[  344.278069][T12208]  free_unref_page+0xcfb/0xf20
[  344.282830][T12208]  __folio_put+0x2c7/0x440
[  344.287294][T12208]  skb_release_data+0x483/0x8a0
[  344.292230][T12208]  kfree_skb_list_reason+0x2ee/0x750
[  344.297542][T12208]  skb_release_data+0x5cc/0x8a0
[  344.302424][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  344.307490][T12208]  kcm_release+0x123/0x5c0
[  344.311928][T12208]  sock_close+0xbc/0x240
[  344.316210][T12208]  __fput+0x23f/0x880
[  344.320217][T12208]  task_work_run+0x24f/0x310
[  344.324807][T12208]  syscall_exit_to_user_mode+0x168/0x370
[  344.330492][T12208]  do_syscall_64+0x100/0x230
[  344.335102][T12208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.341028][T12208] Modules linked in:
[  344.344948][T12208] CPU: 1 UID: 0 PID: 12208 Comm: syz.3.1918 Tainted: G    B              6.12.0-rc1-syzkaller-00237-gcf9545686230 #0
[  344.357290][T12208] Tainted: [B]=BAD_PAGE
[  344.361455][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  344.371523][T12208] Call Trace:
[  344.374811][T12208]  <TASK>
[  344.377758][T12208]  dump_stack_lvl+0x241/0x360
[  344.382445][T12208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.387649][T12208]  ? __pfx_print_modules+0x10/0x10
[  344.392775][T12208]  ? do_xdp_generic+0x104/0xd30
[  344.397652][T12208]  bad_page+0x166/0x1b0
[  344.401820][T12208]  free_unref_page+0xed0/0xf20
[  344.406596][T12208]  skb_release_data+0x6dc/0x8a0
[  344.411460][T12208]  sk_skb_reason_drop+0x1c9/0x380
[  344.416491][T12208]  __netif_receive_skb_core+0x3edd/0x4570
[  344.422228][T12208]  ? __lock_acquire+0x1384/0x2050
[  344.427275][T12208]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  344.433369][T12208]  __netif_receive_skb_list_core+0x2b1/0x980
[  344.439370][T12208]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  344.445977][T12208]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  344.452499][T12208]  ? read_tsc+0x9/0x20
[  344.456585][T12208]  ? timekeeping_get_ns+0x2c0/0x420
[  344.461796][T12208]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  344.468227][T12208]  netif_receive_skb_list_internal+0xa51/0xe30