last executing test programs:

3.700617026s ago: executing program 0 (id=1195):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x6c, 0x30, 0xcac229faa96ee7df, 0x70bd26, 0x700, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0xc, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x9}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x3, 0xf, 0x1, 0x1000, 0xd}, 0x1}}]}, {0x4}, {0xc, 0x4, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000050}, 0x0)

3.576396269s ago: executing program 0 (id=1196):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x7800, 0x10000, 0x1, 0x2}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000000)=0xffffffff)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x101, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x401}, {0xa, 0x0, 0x0, @dev}, 0x0, {[0x410, 0x0, 0x0, 0x0, 0x0, 0x1]}}, 0x5c)

3.356128456s ago: executing program 0 (id=1201):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRESDEC=r0], 0x7c}, 0x1, 0x0, 0x0, 0x20000001}, 0x200048c0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0xffff, @any, 0x0, 0x1}, 0xe)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ad0010000090a050000000000000000000a0000000c0011800800010064757000480109800800014000000009e00002802c0001800800014000001aef080001400000006608000140000000800800014000000000080001400000000b14000180080001400000000608000140000000011c0001800800014000000002080001400000000608000140000000834c000180080001400000000308000140000000060800014000000000e2ff0140800000010800014080000001080001400000000008000140000000fd08000140ffffffb408000140000000000c0001800800014000000fff04000180240001800800014000000000080001400000000508000140000000080800014000000000080001400000000a08000140000000074c0002800c000180080001400000ae123c00018008000140000000050800014000000fff0800014000000001080001400000021d08000140000000070800014000000005080001400000000408000c40000100000900020073797a3200000000400011800800010066696200340002800800014000000001080001400000000d0800034000000009080001400000000d0800034000e6ff21080002400000000208000c400000000d0900020073797a3100000000140000001100010000000000000000000000000a"], 0x1f8}}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1}, 0x6e)
shutdown(r4, 0x0)
listen(r4, 0x0)
socketpair(0x3, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYBLOB="3b564a28b3e2b6cf7db4871ae44fb0b29e100add4076f68a1867e5386c7526e508f7e542e67544910a3ac94c12e0b4", @ANYBLOB="feffffff00"/20, @ANYRES64=r2, @ANYRES32, @ANYBLOB="000000000000000000000000008511778671d98f6c00000000000000"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
ppoll(&(0x7f0000000500)=[{r7}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r9}, 0x0, &(0x7f0000000140)=r6}, 0x20)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r10, 0x0, 0x48a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'wg1\x00'})
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f00000000c0)={0x5, &(0x7f0000000000)=[{0x15, 0x0, 0x3}, {0x0, 0x0, 0xfe}, {}, {}, {0x6, 0x3}]})
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000002c0)='veth1_to_bridge\x00', 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x20, &(0x7f0000000180)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x44}}]}, &(0x7f0000000280)=0x10)

2.324132844s ago: executing program 0 (id=1219):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r0 = socket$tipc(0x1e, 0x5, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x20}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010025bd7000fedbdf252600000008000300", @ANYRES32=r4, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4004)
r5 = socket(0xa, 0x2, 0x0)
close(r5)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x19, 0x0, &(0x7f0000003c00))
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x400000000000004)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r8, 0x11b, 0x3, &(0x7f00000001c0)=0x100000, 0x4)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
setsockopt$XDP_TX_RING(r8, 0x11b, 0x3, &(0x7f0000000040), 0x4)
bind$tipc(r0, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r9, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r10 = socket(0x10, 0x3, 0x0)
r11 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x18, 0x5, 0x2}}]}}]}, 0x44}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x9, 0x1f, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x56}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xd68}, @alu={0x7, 0x1, 0xb, 0x8, 0x6, 0xfffffffffffffff8, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0x27}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000100)='GPL\x00', 0xa8d, 0x92, &(0x7f0000000500)=""/146, 0x41000, 0x20, '\x00', r12, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x9, 0x13f5, 0xfffffffa}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffa, @void, @value}, 0x94)
socket$isdn(0x22, 0x3, 0x2)

2.130852015s ago: executing program 2 (id=1222):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
socket(0x10, 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, 0x0, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000080)={0x42, 0x0, 0x3, 0x3}, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000040)=0x1)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r5, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1b, &(0x7f0000000080), &(0x7f0000000100)=0x8)
socket$kcm(0x2, 0xa, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="00000000001100000300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
ppoll(&(0x7f0000000180)=[{r6}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r9, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)

1.63439907s ago: executing program 3 (id=1230):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="341000003b0007010000000000000000047c00000400000014000180080016"], 0x1034}}, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r2, &(0x7f0000002980)={&(0x7f0000001380)=@name={0x1e, 0x2, 0x2, {{0x43, 0x4}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x84)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0x0, 0x3}]}, 0x10)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r4, &(0x7f0000000240)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @remote, 0x9}, 0x1c, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}], 0x1, 0x8008801)
sendmmsg$inet6(r4, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000005c0)="985fd17837e723d8d874", 0xa}, {&(0x7f0000000980)="b93f77bb6bccf6ebb13021861879cf2102834122aef2a3dbaa2c67b5ea90e2b69fea47", 0x23}], 0x2}}], 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4c, 0x4e, 0x2, [@const={0x0, 0x0, 0x0, 0x9, 0x4}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x3}}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x1}}]}}, 0x0, 0x66, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000500)={0x1b8, r1, 0x20, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0xbb, 0x5b, "67af3d46801070d512a6a7953d87a664015a85326725f1cb8389b65de96f51ba2a3d1b30f80a86f6514b944f53e7ec32dd1dd8c7388649cf89250e5f32298e69dfcf630424994ac22bb054a4ea8bd87811a0fafe4a7f1ed7bfe5f4534264be9108202282d0aad0aba059078a537eef2c5e73462937ec6405c7fbad53798859ed0427642214dd2ecdc1e8f144a48d3d5f93f1768203f939d4959a097fdeaf9be2d69ac19dbd09845c68ccee602f26055009718aec520e0c"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x401}, @NL80211_ATTR_FRAME_MATCH={0xb4, 0x5b, "df4fcc6c5d6035717fd731d3514d93f3677afcb2db21af2ade6a07029d2812a2fcf42149a212f93617e9eb30dfc017c4ae42d547697e048369eecabc2aa58a0d12fd036f32de4e3ea6e42b1bc9efcce327fba16bf752b8f0fe669f4dcdd6d8932dc13cdbe2ea78422ad34bd4eae82f2ca09e24e1e40a29731a1294a601ded66aadb6afe7139b8d765f42f6d4bc0bf0ec6ddbafdb493edfe47e11d8f984c6dca83f5c4a5c617bc39938d6ba7d4259434c"}, @NL80211_ATTR_FRAME_MATCH={0x19, 0x5b, "b8939bd6b28ab8aa8e12673677fe962adf3c563193"}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
socketpair(0x18, 0x6, 0x7, &(0x7f0000000000))
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000180)={r8}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x17, 0x9, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = socket$caif_stream(0x25, 0x1, 0x3)
connect$caif(r9, &(0x7f00000004c0)=@util={0x25, "6f5455e357cc0f2e882aa16a75366124"}, 0x18)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f00000006c0)={0x48, r10, 0x400, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x8, 0x24}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PMK={0x14, 0xfe, "a78fe377f461cf4c30015cf6562c4c92"}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x4004800)

1.469092353s ago: executing program 3 (id=1232):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x360, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x308, 0x178, 0x178, 0x308, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0x108, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3c0)

1.308171556s ago: executing program 3 (id=1234):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'vlan0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x17, 0x400004, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001100)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00aa19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e468eea3fcfcf498278a315f5b87e1c26433a8acd715f5888b2007f00000000000000000100000000000000010015d60605000053350000000034a70c2ab40c7cf5691db43a5c00000000000000f030007ce2c6f800000000000000e75a89faff01218087560cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bef5d7d617da7a6520655a805608df4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf050000008600a62e96b7cb8e52cbdc2ba9d580609e31c30879d6fce424c2208af6c3784a1975fa657de38a3a32e4fd67ce446adb431d07db79241aca1dd9ba02453bbb5ee8babe1745e645f091231b986e952afdac972f342c6f184777d05d988d6edc71df0100000013a38300cabf2b554380ad215c789bef4cc574109b8df8d9a9db669557b3809d8c396d2c0361629d1822f722ec23812770d72cd00100000078a75dea785be550dbb420287e0789b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b8a0ae6fb5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fc7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff25184d4e3c6f7f623559435b2c505fb711300000000040000000000000000000000000000e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7a49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd029406000000433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671a5767014b09ddbf69b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7b49991be06b950ccd48f4e49833f3c4a02bbd06c84680549f9eb16682ecb722e8ffaca907a3eaaebfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c52108d9c0d51dc30209872ec602af42eb29d54a37be0fdfdcd74c2d859a566ee5c30677173a2592a4617ae08bec07422d52d2ba7271550a5c20e3a8d1c8c8fd3025ff00607b2249ae9a18391e01b21b36169790b8e96f7955754b6b01a75165d3573d1dec5cf1b08b6115b43203a5654cce2277eb4c02ef4817b4cb989ac178895810eff7b697f2dc9b308aa2460e3cb85cdc4833571a62bf310700000000000000cc7f923284230ada8c756096a66119d4b6b2f159585c3cf8e7bfdd619e294b1d21cd491b8cfd4a253856e485fe29c6ad177a9fb078ca905782b9ed3c30675b89a784bb8031cac0de95178a5acff029a0f0fe972df22b20afe95fba722056f94ab15f1cf605c33df627311f1b614684d77549"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0x0, 0x5d, 0x0, &(0x7f0000000040)="cc9f4d42d0e005000000bb03d0b5", 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
setsockopt$bt_BT_SECURITY(r5, 0x112, 0x4, 0x0, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x58, 0x58, 0x9, [@restrict={0x5, 0x0, 0x0, 0xb, 0x3}, @func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x9}, {0xd}, {0x8, 0x3}]}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xd3bb}}, @int={0x10, 0x0, 0x0, 0x1, 0x0, 0xd, 0x0, 0x58}]}, {0x0, [0x5f, 0x61, 0x5f, 0x30, 0x5f, 0x1e, 0x61]}}, &(0x7f0000000440)=""/179, 0x79, 0xb3, 0x0, 0x9, 0x10000, @value}, 0x28)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRESOCT=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.idle_time\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0000000000000000efff16000000080001007063690011000200303030303a30303a31302e3000000000080003000000000008000b"], 0x50}}, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x15, &(0x7f0000000340)={@ipv4={'\x00', '\xff\xff', @multicast2}, r1}, 0x14)
r10 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000c00", 0x33fe0}], 0x1}, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r2, &(0x7f0000000240)="ba66b63e371011ceae5e89051a65880e76eae1430deb8dcb21ee6dd5d6b66dde89826984c2ac06ef72"}, 0x20)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @remote, {[@ra={0x94, 0x4}, @cipso={0x86, 0x25, 0x0, [{0x0, 0x10, "f79eb4cf48b5a5788fc15a45b5b1"}, {0x0, 0xf, "749018c9a54b61394327f11535"}]}]}}}}}}}, 0x0)

1.033162096s ago: executing program 0 (id=1238):
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x3000}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYRES64=r2], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x18, &(0x7f0000000000)=""/24, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
setsockopt$packet_int(r0, 0x107, 0x12, &(0x7f0000000380), 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x40, 0x41, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r5}, 0x38)
r6 = socket$kcm(0x2, 0x3, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet(r6, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @multicast1}}}], 0x20}, 0x4008804)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r7, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
connect$inet6(r7, &(0x7f0000000340)={0xa, 0x0, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
shutdown(r7, 0x1)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000380), &(0x7f00000003c0)=0x8)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0x0, 0x3, 0x18}, 0xc)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r8, 0x81f8943c, &(0x7f0000000d00))
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f00000002c0)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000600)="3282db78e0ea55c52d87bc2a166b9e46818f5faca0b3a411e056b7928ccacd30019d925e47ecd2f92675d1d8c795dd0ab0", 0x31}], 0x1}, 0x8400)
sendmsg$inet(r6, &(0x7f0000000c00)={&(0x7f0000000540)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000280)="6e4602e2", 0x4}], 0x1}, 0x0)

1.018272483s ago: executing program 3 (id=1239):
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000280)=0x2, 0x4)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1, 0xffffffffffffffff, 0x3f000000}, 0x57)

952.56865ms ago: executing program 1 (id=1240):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
close(0xffffffffffffffff)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r2 = socket$inet6(0xa, 0x80803, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x32}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
connect$inet6(r2, &(0x7f00000000c0), 0x1c)

951.481122ms ago: executing program 4 (id=1241):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
close(r0)
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x5, 0x1, 0x301, 0x0, 0x0, {0x4, 0x0, 0x4}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8050}, 0x20000000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@dev={0xfe, 0x80, '\x00', 0x13}, @mcast1, @private2, 0x0, 0x3, 0x0, 0x0, 0x0, 0xa0022})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'veth0_to_hsr\x00', <r8=>0x0})
sendto$packet(r6, &(0x7f0000000180)="0b041000e0ff030002004788aa96a13bb100000000004305000f", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r8}, 0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r9=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r10=>0x0}}, 0x10)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r13=>0x0})
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x9c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x6c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x5c, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x4, 0x3}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x6a}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x8001}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xb22}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x4, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x80}}]}]}}}, @IFLA_LINK={0x8, 0x5, r13}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x9c}, 0x1, 0xba01}, 0x810)
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000200)={0x254, r5, 0x300, 0x70bd26, 0x25dfdbfd, {}, [{{0x8, 0x1, r8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0x1ec, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r10}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r13}}}]}}]}, 0x254}, 0x1, 0x0, 0x0, 0x400c810}, 0x4)
getsockopt$sock_buf(r2, 0x1, 0x3d, &(0x7f0000000180)=""/60, &(0x7f00000001c0)=0x3c)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2fff03000000000000000000000000000200000009000100730000000900020073797a320000000020000000080a05000064940000000000020000000900010073797a300000000020090000000000000000000000000000020000000900010073797a30000000001400000011000134e2001000000000000000000a00000000"], 0x94}}, 0x0)

951.183393ms ago: executing program 3 (id=1242):
socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x4, @none, 0x1}, 0xe)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x20, 0x31, 0x107, 0x0, 0x0, {0x2, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}]}, 0x20}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYRESHEX=r4, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800150000000000050016"], 0x4c}}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000002c0)=[@in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}, @in6={0xa, 0x4e24, 0x3, @empty, 0x1000}, @in6={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x27}}, 0x432f}, @in6={0xa, 0x4e23, 0x17b, @local, 0x2f140}, @in6={0xa, 0x4e20, 0xffffffff, @loopback, 0xaa32}, @in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e23, @multicast2}, @in={0x2, 0x4e23, @empty}, @in6={0xa, 0x4e20, 0xfffffff8, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}], 0xe8)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000040)={'ip_vti0\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private}}}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @dev}})

888.35787ms ago: executing program 2 (id=1243):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r2, &(0x7f0000000e40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@sndrcv={0x30, 0x84, 0x1, {0x3ff, 0x3ff, 0x0, 0x4, 0x0, 0x40, 0x83, 0x9}}, @sndinfo={0x20, 0x84, 0x2, {0xfffc, 0x201, 0x0, 0xfffffffb}}], 0x50, 0x4000000}], 0x1, 0x4000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c00000010000100"/20, @ANYRES32=r3, @ANYBLOB="c89904bd0000000008000d000000000034001680300001802c000c"], 0x5c}}, 0x0)

808.551581ms ago: executing program 1 (id=1244):
unshare(0x20000400)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000200), 0x10)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x2, 'ip6_vti0\x00', {0x6}, 0x7f})
sendmsg$can_bcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x5, 0x603, 0x0, {}, {}, {0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "94b1c39a3cc2fbfd"}}, 0x48}}, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x65, &(0x7f0000000200)=0xfffffffc, 0x4)

732.308444ms ago: executing program 1 (id=1245):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1eb481, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
write$tun(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b800294429118927"], 0xfdef)
r1 = socket(0x10, 0x803, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
read$alg(r2, &(0x7f0000000200)=""/82, 0x52)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x10, 0x4, 0x8, 0x5, 0x48696, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @value, @void, @void, @value}, 0x50)
write(r4, &(0x7f0000000100)='\x00', 0x1c)
splice(r4, &(0x7f0000000040), r3, 0x0, 0x800000000ff, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000380)={<r6=>r1})
ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f0000000480)=<r7=>0x0)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000580)=<r8=>0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r6, &(0x7f0000000640)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x2c, 0x0, 0x800, 0x70bd2d, 0x25dfdbff, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_PID={0x8, 0x52, r7}, @NL80211_ATTR_PID={0x8, 0x52, r8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44801)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x14, 0x1, @mcast2}]}, 0x2c}}, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[@ANYRESHEX=r0, @ANYRES32=r0, @ANYRESDEC=r5, @ANYRES8=r5, @ANYRESOCT, @ANYRESHEX, @ANYRES32=r5], 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000280), 0xffffffffffffffff)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r10}, 0xc)

660.195803ms ago: executing program 4 (id=1246):
r0 = socket(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000008000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e670000000000000000000000000000002000000000000000000000002008000000000000140400000c000000000000000a0000000000003c31957c58e609ea3404000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000002f00000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff000000000000000000000000e4ff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000006fb7cd02b734bcce41ef6e95bd000000008000100000000000000000000000000000000000000000000000000000000000000040000000008fc7660c490587b3ab213098a6767c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000088b999350317960900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000629244b7a419c5f714f4d16c3700000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000949853000000000000000000000000440a05000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f18a0afe99350000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b389d708839d3c00000000000000000000000000000000000000000056629f615a20576900000000000000000000000000de44000000000000000000000000000000000000000000000000f4f016fa70c1255400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ff0000000000000000feffffff0000000000000000001000000000000000000000000000000000cf4810668e73cab61331b8f60000000000000000000000000000000000000000000001000000000000000000000000000062f75a00627f34dd71012eed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff00000000000000000000000000000000000000000000001b000000000000000000000004000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2573bd04a330000000e00000000000000000000000000000000000000e9ffffff00000000000000000000000000000000000000000000000000f56ed659f0072400000000000000000000000000000000000000000000000000000000000000000000000000003a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000075dab07149f533af00000000000000000000cb33322c9c564ae5f8eef74d5aa7cc9c000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c53c1b3e900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006fd58098000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e85100000000000000000000000000000000000000000000000000000000006e666c6f670000001100000000000000000000000000000000000000000000005080000000e3c800000000000000000000010000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a44cc58ff5bc83d5e4066c7700"/2448]}, 0xa08)
r1 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @hyper}, 0x10, 0x800)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000040)=0xe, 0x8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f00000000c0)=0xbd6f)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x2, 0x3, 0x201, 0x0, 0x0, {0x7, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000811)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTALL(r3, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x78, r4, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @remote}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r5=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r3, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x58, 0x0, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x4084}, 0x4010)
getpeername$packet(0xffffffffffffffff, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000600)=0x14)
ioctl$sock_inet_SIOCSIFBRDADDR(r2, 0x891a, &(0x7f0000000640)={'batadv0\x00', {0x2, 0x4e23, @rand_addr=0x64010101}})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000740)={'ip_vti0\x00', &(0x7f00000006c0)={'syztnl2\x00', <r7=>0x0, 0x8041, 0x8000, 0x28eb, 0x1, {{0x9, 0x4, 0x2, 0x7, 0x24, 0x67, 0x0, 0xe1, 0x4, 0x0, @multicast2, @local, {[@lsrr={0x83, 0xf, 0x47, [@rand_addr=0x64010101, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @end]}}}}})
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000780)={{{@in=@broadcast, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@private2}, 0x0, @in=@multicast2}}, &(0x7f0000000500)=0xe8)
sendmsg$nl_xfrm(r6, &(0x7f0000000a40)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a00)={&(0x7f00000008c0)=@expire={0x100, 0x18, 0x300, 0x70bd2d, 0x25dfdbfd, {{{@in6=@loopback, @in=@remote, 0x4e20, 0xdb9, 0x4e24, 0x0, 0xa, 0x80, 0x80, 0x67, r7, r8}, {@in=@rand_addr=0x64010100, 0x4d4, 0x2b}, @in6=@dev={0xfe, 0x80, '\x00', 0xc}, {0xfff, 0x9, 0x9, 0x6, 0x4, 0xb9, 0x0, 0x26561ed8}, {0x3, 0x1ff, 0x2, 0xb}, {0x3ff, 0x101, 0x6}, 0x70bd2d, 0x3506, 0x2, 0x4, 0x0, 0x24}, 0x2}, [@tfcpad={0x8, 0x16, 0xffffffff}]}, 0x100}, 0x1, 0x0, 0x0, 0x4044899}, 0x1)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000a80), 0xffffffffffffffff)
r9 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r9, &(0x7f0000000ac0)={0x1d, r7, 0x0, {0x2, 0xf0}, 0x2}, 0x18)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000b40), r3)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r3, &(0x7f0000000c40)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)={0x4c, r10, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x810}, 0x4040000)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r3, &(0x7f0000000d40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x38, r10, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x2}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0xf}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x24000050)
socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$IEEE802154_ADD_IFACE(r3, &(0x7f0000000e80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x44, r10, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy2\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x8000)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000f00), 0x2, 0x0)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[], 0x70}, 0x1, 0x7}, 0x0)

659.919441ms ago: executing program 2 (id=1247):
r0 = socket(0x2a, 0x2, 0xffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000070000004d0000000000000045000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x64)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@deltfilter={0x24, 0x2d, 0x400, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xb, 0xe}, {0xf, 0xf}, {0xfff3, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000001500)=ANY=[@ANYBLOB="aaaaa3aaaaaa0180c2000000080045000024000000000011907800000000000000ce00004e200010907802001f0000000000"], 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002dc0)=@newtfilter={0x134, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xffff}, {}, {0x2, 0xc}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x4}}, @filter_kind_options=@f_u32={{0x8}, {0xe8, 0x2, [@TCA_U32_SEL={0xe4, 0x5, {0x0, 0x4, 0xfb, 0x7a, 0x8000, 0xc, 0x3, 0x81, [{0x5344, 0x8001, 0x4, 0x8}, {0x0, 0x3, 0xb, 0x5}, {0x4, 0x2e27, 0x10000, 0x100000}, {0x7ff, 0x1, 0xf6, 0x3}, {0x207, 0x7fff, 0x8000, 0x100}, {0xd18, 0xa, 0x9, 0x80000000}, {0x400000, 0x7, 0x1000, 0x8}, {0x3f, 0xf, 0xfffffffb, 0x6}, {0x8, 0x1, 0x10000000, 0x3ff}, {0x3, 0x9, 0x2, 0x32}, {0x2, 0xa24, 0x9, 0x8}, {0x1, 0x6, 0xffffffff, 0x2}, {0x5, 0x2b, 0x847f, 0x3}]}}]}}, @TCA_RATE={0x6, 0x5, {0x5}}, @TCA_CHAIN={0x8, 0xb, 0x4}, @TCA_RATE={0x6, 0x5, {0x3, 0x2}}]}, 0x134}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

627.066223ms ago: executing program 3 (id=1248):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000010000e1850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r7, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, 0xb, 0x6, 0xe01, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IFACE={0x14, 0x17, 'pim6reg1\x00'}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x7fffffffffffffff}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x40004)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r8)
sendmsg$NLBL_CIPSOV4_C_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x40, r9, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x18, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xff000000}]}]}]}, 0x40}}, 0x0)
sendmsg$NFC_CMD_GET_TARGET(r8, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x200, 0x25dfdbfd}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r6)
r10 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r10, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
r11 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r6)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$sock_buf(r12, 0x1, 0x4d, 0x0, &(0x7f0000000040))
sendmsg$NBD_CMD_RECONFIGURE(r5, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="0100000000000000000002000000080001"], 0x28}}, 0x0)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3000000}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}]}}}]}, 0x48}}, 0x0)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000000c0)=r14, 0x4)
sendmsg$unix(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

575.043932ms ago: executing program 2 (id=1249):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xc0fe}, 0x1c)

520.363982ms ago: executing program 1 (id=1250):
socket(0x5, 0xa, 0x1)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f00000005c0))
r1 = socket$l2tp(0x2, 0x2, 0x73)
recvfrom$l2tp(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
shutdown(r1, 0x0) (async, rerun: 32)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6) (async, rerun: 32)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e8, 0x1c0, 0x111, 0x4b4, 0x8, 0xd4feffff, 0x318, 0x20a, 0x278, 0x318, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x7a, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000000c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c81a9176f5888c14e2ee2a2df43eedd69631572fb3904e3f6b503359ce4073d5eb77d3c4f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xfffffffffffffed2, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600053582c137153e370c0c188006ac0f000300", 0x33fe0}], 0x1}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r7, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r6}, 0x20) (async)
recvmmsg(r6, &(0x7f0000002100)=[{{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000340)=""/157, 0x9d}], 0x1}}], 0x1, 0x0, 0x0) (async, rerun: 64)
accept(r3, &(0x7f0000000280)=@hci, &(0x7f00000000c0)=0x80) (rerun: 64)
ioctl$int_in(r2, 0x5452, &(0x7f0000000180)=0x6a8c) (async)
setsockopt$inet6_tcp_int(r6, 0x6, 0x19, &(0x7f0000000080), 0x4) (async)
ioctl$sock_bt_hci(r2, 0x400448c9, 0x0)

436.608801ms ago: executing program 4 (id=1251):
syz_emit_ethernet(0x7e, &(0x7f0000000800)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0xf00, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@empty}, {@broadcast}, {@broadcast}, {@dev={0xac, 0x14, 0x14, 0x3a}}, {@multicast1}, {@dev={0xac, 0x14, 0x14, 0x19}}, {@dev={0xac, 0x14, 0x14, 0x27}}]}, @lsrr={0x83, 0x3}]}}}}}}}, 0x0)

436.358823ms ago: executing program 2 (id=1252):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x48, 0x32, 0xffff, 0x700, 0x0, {}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0x22, 0x2}, {0x4}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040001}, 0x40)

380.609305ms ago: executing program 2 (id=1253):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000001d00070f000200000800000007000000", @ANYRES32=r2], 0x1c}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f0000000000)="259a53f271a76d2688474c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x12, r3, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
close(0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}}]}, &(0x7f00000003c0)='syzkaller\x00', 0xd, 0xff7, &(0x7f0000001e00)=""/4087, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket(0x10, 0x80002, 0x0)
socket$inet6(0xa, 0x3, 0x6)
pipe(&(0x7f0000000080))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
pipe(&(0x7f00000001c0))

376.35655ms ago: executing program 4 (id=1254):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
close(0xffffffffffffffff)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r2 = socket$inet6(0xa, 0x80803, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x32}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
connect$inet6(r2, &(0x7f00000000c0), 0x1c)

297.589803ms ago: executing program 4 (id=1255):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x1, 0x0, 0x2, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}, @sadb_spirange={0x2, 0x10, 0x0, 0xffffffff}]}, 0x38}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r1)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x603}, 0x14}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r3, 0x29, 0x10, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001300)={0x3, 0x4, &(0x7f0000000180)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x3c}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mkdirat$cgroup(r5, &(0x7f0000000740)='syz1\x00', 0x1ff)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414000800080004"], 0x2c}}, 0x0)

232.628653ms ago: executing program 1 (id=1256):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x34, &(0x7f00000a2000)={0x0, 0x0}, 0x10)

74.095241ms ago: executing program 0 (id=1257):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x24, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r2, &(0x7f00000002c0), 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r2}, &(0x7f0000000700), &(0x7f0000000740)=r1}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=@ipv4_newroute={0x2c, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r5}, @RTA_PREFSRC={0x8, 0x7, @multicast1}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfff}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}], 0x12}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

72.83792ms ago: executing program 4 (id=1258):
r0 = socket$kcm(0x2, 0x2, 0x106)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x81000)
sendmmsg$alg(r2, &(0x7f0000005dc0)=[{0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f0000001d40)="d8750288189987d0fabb09b23867772c615b8004f5071a7715f73be32aea3bb1ecc3e0814fb9b752a6d48b1d4d68a4282f76c2c6535ec3ec0fe9843311a22b58a46ed495465703756e040dd9002584b5f9ae54dd851daed0c915d40f3a3fb324415ea188556f05a94c5a063dcf7be1743c393ed5fd0563366b67048a89f49375cd26cdbbe7f4b9f7d02fb8c26996da27d63c84e31f1b8a8b942e2b7b25354a25c9b79d6dfbd7f7d9ee7c0767dc1e21f382382ac9a01aa1fb75a182d9d410079b15e59a58c12e44ea45aaf6021bf0179b6a99c4b47de940e8c244a8ab542700028dbd1950c70f022dc6", 0xe9}, {&(0x7f0000000180)="224a1f4b1161baddab286f59366916998e7ac05aef5807ab52a488c02ae9987c1bc1", 0x22}, {&(0x7f0000003940)="cb5310a368be4d9d608d0206477400a213bbe0bafb5428a2e705df7610ddf6c9d8853dd82e9f92b2022646e9edef08adc089bb18c83e97cc5d3387a1eb4bc1f452de715a25151a300e07d3d4e08a98476c293ed51deac36299fbb9e4f4f865e0b151ac2ea08c217dabbe43633d175e543b6e709c547673c15c6a05a6c60a4445650976a83303407a7722350f4eb490166551444632b9d843cac8223a1392010bc308998f52ad97d1341c2fcf51bdd0591c8b4a71fee93e8a07a0e8dea27aae3a217c8d032337580dbabc32338ef90a68ce9e2dcccc1e775737d2eab1e405e4b20e71f528281eae237af8277275b4ff419f73aec1063ef535a766d8f1f3f159ea72130f2ebd5353a123ecfaa2419a1d12d023e7776797ab37ba948e4cf5aa4e3f994089769b7263544c8696d20067a67e0123b27e6935b0ad5f71de021e3b0e7aa58b0b3130e1a34e84339c7079614d4a0cec664255e11ecc68757e00353c0b9d3d7344b6ea1525a78c83366bd1b8d9e62f6b09fed575173ecb13626c93b4da24a799325dac3efaa6d3fe965e4b34dfd98cbc0deb173811197b9da7ea09fc096e9b82001410478de77d0a7b467c71348960320d43dbadb3d4a1b0fea40c8afba55722ef80dd66eec913fb345dacc8476922153684d452ef1b7650975909ca7eee88e928b860fa49f37c6d1c0f7a9ca351aee568ce17a52615ff99191af4addfc8e1b915aa37a8c0cf0ab76e7407d88bb2aba057fa73684955bd1403950cdb5ed18fba64cf3aac40578ce19491dab3c39e06a843b73d9580877697a5e2e46122842929920bb4d24b493cda3139f17643b9cc4a13cc5c197a206a46df056844f1199e1d8fce00a37e7e5a6a7bc67435de1f581d2e400b13b80dad6cfa4648c781b26b6c44379e68281a6511fc505b9b619aae63b2fb9b430a58da5b9f81a90c2932b8fd16330031691f214e718874a1447698da571effd4aa27e336ef6f3ee152e6da0d61aecffd2b5f93e5133cbb6adf3714c7bf43f750274a3319a2fa68f00eac7398be698814cc673dab5fe50e9ae0e33fcc305a72393d14bb9fa82fa27ba766594874bb7caf775a322f696bd7c407fb532c2a13947532c770f29510eeb513ac2e39a47b31cc750312ef47918f16432d70bd8630eeb204782976927996be65d20ffbd16cd5ecb8fa809e091b97e3a3c1f8d8eb9849aa08f2b015cb252a4b60b5cddb78d11fafbb9e0c64e8219f8657c23d8595f766abda3813e8b77170c2757860e294c9b26e680493443ffaadef4683d51eeaad6c4f16878c44141b8b6a150726b995e3dc3e928f8c76cc18e2f757361e1e3f6b141ffed195a04ea6c4803f81eadc904233257b37ab19a2c02718c78151e30c3724e73bf772f651a7f0968e87d146246b81f2f7fb49c977ed2e48ca9a698183d5a2992e4805e59568e218087b6640e140a20020bb1f37e524a1d6050899678b50693084180a31d375f6d36a5e1d42ad087a823e46c3a45041d9361e35c264be78ce21e7eb54a949505c0d04cc179876e72b38a581e546850d163a1014b778cae812fb01b8949ab8fdc876ac857a0d8222400a7a12a91f89d2fdb6fd0c5625d5ec39690478b20ffaf4fdfe58e77ca255cfa3a603661aa879912534607c21a399d15e32f5df9c3927235ccf7370ac68299f80b8995261be7d0691ce24e1513a85f1fd565ffcd56c7c355dd411f553aded3f0e939d583c1166c2dca39f979f181c9b55eb3228a3a560ea87a9ca32ed951aaa9f4c02a0086f46ad4252313dea8441c0af8c4ad156e84b21fa577a82977fb484070bb84f96766d0a0a268fa055be5ee0144d2704f10ea72405f3bde015fb165b4d958f17fd1e6d8fdfd50a7e25dd86a459a2cd715f659eb932e7e392ce81ce468d9b892597b38f58ea3cf1449847f3e820684d60208d752788bea16a5d2c344797895634e7fd058fc2cf7100b1a521169773d2ea053f2f788711632b45fba007b9ae6d1768f9a18a0b412cc8a403d34381a81f2cddad22104f8a067078f20f6fbd172d757da554be0700916b489800734a89aa49672de3a751f283f1bdca0ba5a0b9f46b61bd8e1bbbb4974f7ae8a553ebe8cbb140f383d685521bff7a34e1cf0abdf0c56de2a00ed9cd2ca050d84387f9b5d38ee51d8ad117585958f77f671eff411bd74822012e19518d98a1d7eac8a305dd4eefe51d318a49a8797ce60091069084d21e94cfcf3ccd750fc322323a43898c010e4fc55e266e5cdbc54a480896519d163bd652cc01fd814c13515670dfbbe38e0a2c1c7171f3b858847a8895e841236c9805b217fe8ec73ad2e87d9d771ca26165bb73fb622c2e8f425ead9c99d6b9958e558109afa647258f04736f29a09ac1c1b24afd98100d43601aeafe7c2729047262ba384a609fbde842db216bbfcfc10f35a31c34b3850b79cbba417ec49b5468f1ffe05d4efeda1692b6450ea531a77a5cb28c1a149c14f1d0b848faee4fe559ba84a80be5ce3ca214054001ff9c8cff9406fcde4c3ed9087a78c43f9307354c62231ba03b3aab927c7165755e3ef143c4575f022b46e1468e17f85c415d195f55a7fad429e148919982557d38b927777e7e5778070062a5deccd187452a957055fc08b057ac465f070af794e123f3ff86f84d247c7f19cbc8d55e7b980a79057837269800930e16e35b9de20f45157b3f2ab80abc6edd36e844ca320733a080d34b53d06daa546cc903063e664818fa2c0eb4f1933915a65d4a000ab2c63175500b35398a54a68b54020b66c9884992e88a43f6ebcafcea1c8a72abc2f3b7bf15c465eca6b337b09be252b450aea094986987f2c07944d5b79a6ff47cbc9aa01ce7becd46dc4017c5143af1191b2c937bcad4331156462fb284c3572e75193253520dfd6fb8867109eec24deadc6f622f09740e242df7759e22111e6ac9a0afd1e013149a7ac1caebe203e127f29e0ce32c2d4cf0295b7c73688c126dfe260a188d5725a5a7513be866c6875ad40fb2fa2614610aafa3c6c7250a39b0b86b1600b4119eb21421f0b691796359e7f95f22a9c17040790ff41674612d67e163a94b0e66857fcb32ff68238854bf0942ef463172c22d486f9eb4d19957db7c83ef4df910b172df4d67fdcd2abced40d15e91c27c28f2e2d92013e9eb4c8a36204f44ff89d1bd269de567ba018f4d235972331027921b35f6965d377b286ee63cf616a2192d39e609484926c3108e3d7e4ceb197fcedb8a3d5b02c390611a1e8e8f4db31434d2cf3e890ad4ef8226f0854ed57086c0827a32522c4b6d86e83e4560611067c30dfe448a2ce331b7501144fd615dfb27b0ae6c918234ddf2310d4b58918b37131b2ccc7081b36a8caffafdba10156ca4637fb0ccb4aca5598e902172d616c7509bb54220382d9b6878a1fb306d60b73de5935bb008afedbac172474f061d7eeb51880ba9766bf29ae68e59e227a2876e85e27011cb3aaacd7f547997ec4ee1c96e73a877a9ac667a7acf7c0ae89b1e8c318cab153d5b49c2c667464996b85a7dbb00f8bc7cb0ccfa92a0b15f79fc0a46409a5c852932ed08c2eda42cbe86e1943d6fa2bf996475e27187e16904ca93ac674f8d66934a3176d7c0b3cf57205209228215915e0d2a5ae964b1761a90aa00ffceb95a137d7fb176deb09b133b5c2d74ba2bcd347e00bd3489d3dec9e902283d51d3fb249cd7ad74eab260e41f2b4104f0c531a6bc26f70d5ea0c62265be4869625c7ef4450b9801c82d510d1e12dc5ceaf1b9ba76f98f36fef2517b4a24eb7d922be0424a4b05321850cd11807451b8a65d47920b9114ac5f7f2a7b33696e14ad057e11027e60980d9971707fc72d16d61e597792c105a28f0774be01b0eb79123a709cb4e51632e6e57dbefa39d0a1527c62a6b6bfa2aac0c668f258289bf6cbf50e31ddde33dcf64afc6ee0828a11729ac5a9b186ac1105ddea5d30480eddad0e579133bb515ff4762e63157b068cb4b68a34bd061fb7a81f4591d44845ebfca3287b495ab49009b4f676a46268279cb32015150ccdd5cf50e3ac3bce78626b508805b0a76ea3717fe981e3173c0e469a1d22e8ad66ebf2379e7964ee07cb414bc8f5361d41159cedee7a379a9117a7eb6653e3c73289871702c193df94568f3c1d0428fce2ce7c5e5461e30e31e9c11c58c473019c177616b22b0ca824ff2438df7c70fdc222f8b711b6b247859be01e87327b8f2e5a96c7aa87dc232bacc6a2d2061dec5095c301dd8b85514ba1bb32739d381c5db72e1753dd76371e63fd03851194708015f10fcd8571437a2402746b7a2377c5c236d9729ff54e076c828366ff547f06008b9dca393efab7828624b703f7ad3621dbff5fca81a1ad9237caf3e67e80cc87fdf1b5fdec510445e3b81fd94844ed5542692ef380eaa2038322dd52021ecfbb79fc0f6a8dcf0be7052be9ec7b9218f585db84b4148f7e8b9bad2e67545e85269ec28ebecc6d1089e1d3a9d51f9107a5c712087e25389a5fd102ffe4d3953e103a222a3e1ec1534e825c709b04e5316ca15b283e640b4b83bdbd41f59c217586cad7fad2564eac15c556df9ca2670b20c3bfda7775fbb0e7f75f12cc3d1490f787e7d5c899b880159d805d4900ac234e88147d28b070cfddcc9c75bde93e4e7608fb29d451c7efc5c1449590a2a91ddf941b8a01efdf58282981866ef98310d35ca849f1662265dd8bdcfbf8c159229508005bcbe92a73c9bdf6c16be90de01d0658bd59035142000f9a71a9a6212a8c4e65e40d268848cf3af2e9fcb87c21e39f3fd70e750afc149d48cc8ed9ae2fd499645a40b39cadb9f55cbc1ca8ccf10d6cb33e99301a1c334126e1eb6d73152d45e353630711590c2c094ff330d321105abd88ace08e5f3713f21714f0a06b0e611dce660d9623bf9f0b6220427389a3eb8bdc0b55a11a911edae02aa3020c68bd68515fc05d1aee608d4b15b9e37da70eb13a1211061357d25eb2f694709e180e8aa969a72e0f0f51bb858546e27b9faddd766036e25a90fa2561e9be8555c58dbb26367c75c714fea0c1068e65cb1597a6d23d48747b3946b0b302fd27dea69a062f261492cf2b805ee218e512efe597e58ce11c34cb2ffc3094f98847c50e345a35349022b4400394ab051a26361b9c1beb5650a1ac4a44a66d0d737e3f57bc11decc5d7d777e980348200ee0afbb71639d983a6a1f33ddad60b4cadfedcd0ccb7dbf3bddad54fe350d606c3afb131ffbe140b40b573dc54be398371d29647a88b008968391e259f0451a32c05ce50b70885c35197d29ea89f7ddb35b690e7e703ff19bd32cb63e4d4235882829aa2a4c271eccd1e7fbc20a636ba6c08944ba16305f4aac66e45ad142868cd380d83b39c9c72afb7d916cc1578a6b774e", 0xef5}], 0x3, &(0x7f0000001800)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)=""/4081, 0xff1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000480)=""/186, 0xba}], 0x1}}], 0x2, 0x10000, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x101}, @NFTA_NG_DREG={0x8}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0xffffffd9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@link_local, @random="7f0a00034011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}, @time_exceeded={0x3, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @empty}}}}}}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x8, 0x0, 0x0)

0s ago: executing program 1 (id=1259):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x20000801}, 0x4084)

kernel console output (not intermixed with test programs):

6248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  162.299938][ T6248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  162.324776][ T6244] hsr_slave_0: entered promiscuous mode
[  162.331361][ T6244] hsr_slave_1: entered promiscuous mode
[  162.338449][ T6244] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  162.346883][ T6244] Cannot create hsr debugfs directory
[  162.397442][ T6237] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.461231][ T6248] team0: Port device team_slave_0 added
[  162.471405][ T6248] team0: Port device team_slave_1 added
[  162.501835][ T6237] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.618835][ T6248] batman_adv: batadv0: Adding interface: batadv_slave_0
[  162.632444][ T6248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.658871][ T6248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  162.674328][ T6248] batman_adv: batadv0: Adding interface: batadv_slave_1
[  162.681313][ T6248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.726338][ T6248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  162.991749][   T53] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.080346][   T53] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.082430][ T5239] Bluetooth: hci1: command tx timeout
[  163.151143][ T6248] hsr_slave_0: entered promiscuous mode
[  163.169556][ T6248] hsr_slave_1: entered promiscuous mode
[  163.176209][ T6248] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  163.188130][ T6248] Cannot create hsr debugfs directory
[  163.233249][   T53] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.310518][   T53] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.470724][ T6240] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  163.492336][ T5239] Bluetooth: hci3: command tx timeout
[  163.499039][ T6240] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  163.541052][ T6240] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  163.553539][ T6240] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  163.562540][ T5239] Bluetooth: hci4: command tx timeout
[  163.628784][   T53] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.643126][ T5239] Bluetooth: hci8: command tx timeout
[  163.652780][ T5239] Bluetooth: hci9: command tx timeout
[  163.704360][   T53] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.772797][   T53] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.802091][ T6237] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  163.824763][ T6237] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  163.858132][   T53] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.873236][ T6237] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  163.888121][ T6237] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  164.109758][   T53] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.165577][ T6240] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.264474][   T53] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.376483][   T53] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.402940][ T6240] 8021q: adding VLAN 0 to HW filter on device team0
[  164.416035][ T6237] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.444735][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.451866][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.522964][   T53] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.560073][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.567272][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.614552][ T6246] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  164.630571][ T6237] 8021q: adding VLAN 0 to HW filter on device team0
[  164.655404][ T6246] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  164.728974][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.736217][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.788623][ T6246] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  164.859457][ T6246] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  164.873240][  T956] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.880377][  T956] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.063998][   T53] bridge_slave_1: left allmulticast mode
[  165.069728][   T53] bridge_slave_1: left promiscuous mode
[  165.093053][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.105151][   T53] bridge_slave_1: left allmulticast mode
[  165.110860][   T53] bridge_slave_1: left promiscuous mode
[  165.128709][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.150562][   T53] bridge_slave_0: left allmulticast mode
[  165.165350][   T53] bridge_slave_0: left promiscuous mode
[  165.171095][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.172386][ T5239] Bluetooth: hci1: command tx timeout
[  165.186795][   T53] bridge_slave_1: left allmulticast mode
[  165.193981][   T53] bridge_slave_1: left promiscuous mode
[  165.199739][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.220109][   T53] bridge_slave_0: left allmulticast mode
[  165.226704][   T53] bridge_slave_0: left promiscuous mode
[  165.233606][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.244718][   T53] bridge_slave_1: left allmulticast mode
[  165.250411][   T53] bridge_slave_1: left promiscuous mode
[  165.262963][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.280669][   T53] bridge_slave_0: left allmulticast mode
[  165.290528][   T53] bridge_slave_0: left promiscuous mode
[  165.302088][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.562425][ T5239] Bluetooth: hci3: command tx timeout
[  165.642515][ T5239] Bluetooth: hci4: command tx timeout
[  165.726796][ T5239] Bluetooth: hci9: command tx timeout
[  165.726806][   T55] Bluetooth: hci8: command tx timeout
[  166.800915][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  166.811718][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.823831][   T53] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  166.835901][   T53] team0: left promiscuous mode
[  166.841198][   T53] team_slave_0: left promiscuous mode
[  166.846880][   T53] team_slave_1: left promiscuous mode
[  166.859005][   T53] bond0 (unregistering): Released all slaves
[  166.960104][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  166.971171][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.982019][   T53] bond0 (unregistering): Released all slaves
[  167.081638][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.092603][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.103220][   T53] bond0 (unregistering): Released all slaves
[  167.199998][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.210758][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.221428][   T53] bond0 (unregistering): Released all slaves
[  167.507131][ T6237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.679320][ T6244] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  167.690692][ T6244] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  167.754058][ T6244] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  167.836801][ T6246] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.876467][ T6244] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  167.935887][ T6240] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.004718][ T6237] veth0_vlan: entered promiscuous mode
[  168.019133][ T6246] 8021q: adding VLAN 0 to HW filter on device team0
[  168.067912][ T6237] veth1_vlan: entered promiscuous mode
[  168.076888][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.084056][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  168.096631][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.103773][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  168.205699][ T6240] veth0_vlan: entered promiscuous mode
[  168.218019][ T6240] veth1_vlan: entered promiscuous mode
[  168.334960][ T6237] veth0_macvtap: entered promiscuous mode
[  168.341582][ T6248] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  168.355078][ T6248] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  168.405299][ T6248] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  168.417595][ T6248] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  168.444034][ T6237] veth1_macvtap: entered promiscuous mode
[  168.480550][ T6240] veth0_macvtap: entered promiscuous mode
[  168.527547][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.545530][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.556932][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.568082][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.578133][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.588904][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.598929][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.609638][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.622785][ T6237] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.633473][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.644904][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.655478][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.667262][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.677242][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.688164][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.698628][ T6237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.709219][ T6237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.720293][ T6237] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.735252][ T6240] veth1_macvtap: entered promiscuous mode
[  168.778464][ T6237] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.797640][ T6237] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.811068][ T6237] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.820002][ T6237] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.896864][ T6244] 8021q: adding VLAN 0 to HW filter on device bond0
[  168.975391][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.997591][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.008083][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.019051][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.040728][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.053814][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.067276][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.091630][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.112285][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  169.134120][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.154072][ T6240] batman_adv: batadv0: Interface activated: batadv_slave_0
[  169.180362][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.196088][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.213582][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.232324][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.252534][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.272525][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.291496][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.312282][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.323353][ T6240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  169.334314][ T6240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  169.345678][ T6240] batman_adv: batadv0: Interface activated: batadv_slave_1
[  169.405430][ T6240] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.416941][ T6240] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.426570][ T6240] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.435704][ T6240] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.475844][ T6246] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.491267][ T6248] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.501813][ T6244] 8021q: adding VLAN 0 to HW filter on device team0
[  169.550789][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.569524][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.571601][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.584068][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.596713][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.603878][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.670293][ T6248] 8021q: adding VLAN 0 to HW filter on device team0
[  169.737266][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.744520][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.793633][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.794150][ T6246] veth0_vlan: entered promiscuous mode
[  169.809145][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.849282][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.856479][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.883963][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.891836][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.945875][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.984386][ T6246] veth1_vlan: entered promiscuous mode
[  170.002996][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.175813][ T6246] veth0_macvtap: entered promiscuous mode
[  170.230529][ T6248] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.319029][ T6246] veth1_macvtap: entered promiscuous mode
[  170.416298][ T6244] 8021q: adding VLAN 0 to HW filter on device batadv0
[  170.465304][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.496884][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.537413][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.554856][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.586192][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.614161][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.632429][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.652312][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.682383][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.702358][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.723650][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.745789][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.783721][ T6246] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.867125][ T6451] netlink: 8 bytes leftover after parsing attributes in process `syz.0.247'.
[  170.945713][ T6446] bridge0: entered promiscuous mode
[  170.956312][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.988827][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.013862][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.025198][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.035386][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.046174][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.057148][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.067917][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.079488][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.091252][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.101255][ T6246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.111849][ T6246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.133018][ T6246] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.187904][   T53] hsr_slave_0: left promiscuous mode
[  171.201787][   T53] hsr_slave_1: left promiscuous mode
[  171.210798][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.220260][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.229058][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.240973][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.252393][   T53] hsr_slave_0: left promiscuous mode
[  171.258429][   T53] hsr_slave_1: left promiscuous mode
[  171.264976][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.274198][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.284782][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.293809][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.313010][   T53] hsr_slave_0: left promiscuous mode
[  171.319265][   T53] hsr_slave_1: left promiscuous mode
[  171.326667][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.334601][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.340255][ T6457] x_tables: duplicate underflow at hook 2
[  171.348550][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.357010][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.368703][   T53] hsr_slave_0: left promiscuous mode
[  171.380251][   T53] hsr_slave_1: left promiscuous mode
[  171.401696][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.420032][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.431596][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.449506][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.525947][   T53] veth1_macvtap: left promiscuous mode
[  171.541449][   T53] veth0_macvtap: left promiscuous mode
[  171.547432][   T53] veth1_vlan: left promiscuous mode
[  171.553018][   T53] veth0_vlan: left promiscuous mode
[  171.569585][   T53] veth1_macvtap: left promiscuous mode
[  171.578716][   T53] veth0_macvtap: left promiscuous mode
[  171.591666][   T53] veth1_vlan: left promiscuous mode
[  171.599007][   T53] veth0_vlan: left promiscuous mode
[  171.615778][   T53] veth1_macvtap: left promiscuous mode
[  171.623715][   T53] veth0_macvtap: left promiscuous mode
[  171.630088][   T53] veth1_vlan: left promiscuous mode
[  171.635888][   T53] veth0_vlan: left promiscuous mode
[  171.651309][   T53] veth1_macvtap: left promiscuous mode
[  171.657120][   T53] veth0_macvtap: left promiscuous mode
[  171.673178][   T53] veth1_vlan: left promiscuous mode
[  171.678539][   T53] veth0_vlan: left promiscuous mode
[  171.786109][   T53] infiniband syz0: set down
[  171.848397][ T6470] trusted_key: syz.1.252 sent an empty control message without MSG_MORE.
[  172.380359][   T53] team0 (unregistering): Port device team_slave_1 removed
[  172.423558][   T53] team0 (unregistering): Port device team_slave_0 removed
[  172.830440][ T1105] smc: removing ib device syz0
[  173.612123][   T53] team0 (unregistering): Port device team_slave_1 removed
[  173.653497][   T53] team0 (unregistering): Port device team_slave_0 removed
[  174.367355][   T53] team0 (unregistering): Port device team_slave_1 removed
[  174.409240][   T53] team0 (unregistering): Port device team_slave_0 removed
[  175.095345][   T53] team0 (unregistering): Port device team_slave_1 removed
[  175.134827][   T53] team0 (unregistering): Port device team_slave_0 removed
[  175.501932][ T6246] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.510969][ T6246] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.521135][ T6246] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.531610][ T6246] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.566840][ T5284] lo speed is unknown, defaulting to 1000
[  175.568064][ T6469] IPVS: Error connecting to the multicast addr
[  175.614114][ T6442] bridge0: left promiscuous mode
[  175.634414][ T6248] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.716865][ T6244] veth0_vlan: entered promiscuous mode
[  175.753930][ T6244] veth1_vlan: entered promiscuous mode
[  175.942057][ T6475] syzkaller0: entered promiscuous mode
[  175.951836][ T6475] syzkaller0: entered allmulticast mode
[  175.985705][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.985902][ T6244] veth0_macvtap: entered promiscuous mode
[  176.004819][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.065218][ T6244] veth1_macvtap: entered promiscuous mode
[  176.120853][  T956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.130979][  T956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.586241][ T6244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.609268][ T6244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.622386][ T6244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.633763][ T6244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.644026][ T6244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.654837][ T6244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.676827][ T6244] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.780603][ T6244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.802478][ T6244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.812408][ T6244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.822951][ T6244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.832857][ T6244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.843376][ T6244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.854530][ T6244] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.864767][ T6244] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.873816][ T6244] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.883201][ T6244] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.891929][ T6244] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.066019][ T6248] veth0_vlan: entered promiscuous mode
[  178.154540][ T6248] veth1_vlan: entered promiscuous mode
[  178.183738][ T6248] veth0_macvtap: entered promiscuous mode
[  178.211215][ T6495] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  178.212015][ T6494] netlink: 84 bytes leftover after parsing attributes in process `syz.3.256'.
[  178.249244][  T956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.256318][ T6248] veth1_macvtap: entered promiscuous mode
[  178.263906][  T956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.330121][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.334330][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.338193][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.357185][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.367397][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.378065][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.388397][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.399362][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.409333][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.419839][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.431338][ T6248] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.443416][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.454076][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.464035][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.474537][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.484466][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.495541][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.505840][ T6248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.516496][ T6248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.528044][ T6248] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.542280][ T6248] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.551020][ T6248] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.560087][ T6248] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.568933][ T6248] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.718163][ T1112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.729854][ T1112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.819591][ T6506] netlink: 'syz.0.257': attribute type 12 has an invalid length.
[  178.840479][  T956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.848870][ T6506] netlink: 197276 bytes leftover after parsing attributes in process `syz.0.257'.
[  178.911848][  T956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.010963][ T6513] netlink: 76 bytes leftover after parsing attributes in process `syz.3.260'.
[  179.098932][ T1112] Dead loop on virtual device ipvlan0, fix it urgently!
[  179.165432][ T1112] Dead loop on virtual device ipvlan0, fix it urgently!
[  179.193275][ T1112] Dead loop on virtual device ipvlan0, fix it urgently!
[  179.231762][ T6522] netlink: 28 bytes leftover after parsing attributes in process `syz.2.261'.
[  179.268536][ T6527] xt_hashlimit: max too large, truncated to 1048576
[  179.272609][ T6522] netlink: 28 bytes leftover after parsing attributes in process `syz.2.261'.
[  179.299598][ T6522] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  179.355184][ T6522] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  179.406324][   T47] Dead loop on virtual device ipvlan0, fix it urgently!
[  180.225418][ T6560] veth0_to_bond: entered promiscuous mode
[  180.259460][ T6560] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  180.302888][ T6561] Cannot find add_set index 0 as target
[  180.442085][ T6559] delete_channel: no stack
[  180.547423][ T6567] bridge0: entered promiscuous mode
[  180.547662][ T6570] netlink: 76 bytes leftover after parsing attributes in process `syz.2.275'.
[  180.570871][ T6569] netlink: 128 bytes leftover after parsing attributes in process `syz.4.277'.
[  180.628795][ T6570] ÊüðÿG: entered promiscuous mode
[  180.642419][ T6572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.276'.
[  180.736684][ T6570] netlink: 20 bytes leftover after parsing attributes in process `syz.2.275'.
[  180.969056][ T6566] bridge0: left promiscuous mode
[  180.978063][ T6576] tipc: Failed to obtain node identity
[  181.001624][ T6576] tipc: Enabling of bearer <ib:ip_vti0> rejected, failed to enable media
[  181.170625][ T6586] netlink: 'syz.0.281': attribute type 2 has an invalid length.
[  181.674180][  T956] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  181.841018][ T6620] netlink: 105108 bytes leftover after parsing attributes in process `syz.1.294'.
[  181.907846][ T6620] netlink: 'syz.1.294': attribute type 1 has an invalid length.
[  183.088450][    C1] Dead loop on virtual device ipvlan0, fix it urgently!
[  183.778527][ T6646] bridge0: entered promiscuous mode
[  183.824019][ T6647] bridge0: left promiscuous mode
[  183.838149][ T6668] xt_NFQUEUE: number of total queues is 0
[  183.953905][  T956] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  183.986919][ T6674] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  184.186109][ T6684] __nla_validate_parse: 3 callbacks suppressed
[  184.186130][ T6684] netlink: 48 bytes leftover after parsing attributes in process `syz.4.306'.
[  184.201493][ T6683] tipc: Started in network mode
[  184.228492][ T6683] tipc: Node identity 1, cluster identity 4711
[  184.244435][ T6683] tipc: Node number set to 1
[  184.320650][ T6691] FAULT_INJECTION: forcing a failure.
[  184.320650][ T6691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.356790][ T6691] CPU: 0 UID: 0 PID: 6691 Comm: syz.2.309 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  184.367534][ T6691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.377620][ T6691] Call Trace:
[  184.380925][ T6691]  <TASK>
[  184.383880][ T6691]  dump_stack_lvl+0x241/0x360
[  184.388584][ T6691]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.393821][ T6691]  ? __pfx__printk+0x10/0x10
[  184.398448][ T6691]  ? __pfx_lock_release+0x10/0x10
[  184.403514][ T6691]  should_fail_ex+0x3b0/0x4e0
[  184.408227][ T6691]  _copy_from_user+0x2f/0xe0
[  184.412854][ T6691]  __sys_bpf+0x1a4/0x810
[  184.417126][ T6691]  ? __pfx___sys_bpf+0x10/0x10
[  184.421953][ T6691]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  184.427968][ T6691]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.434335][ T6691]  ? do_syscall_64+0x100/0x230
[  184.439121][ T6691]  __x64_sys_bpf+0x7c/0x90
[  184.443558][ T6691]  do_syscall_64+0xf3/0x230
[  184.448079][ T6691]  ? clear_bhb_loop+0x35/0x90
[  184.450819][ T6695] FAULT_INJECTION: forcing a failure.
[  184.450819][ T6695] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.452761][ T6691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.452792][ T6691] RIP: 0033:0x7f845bf7dff9
[  184.452810][ T6691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.495712][ T6691] RSP: 002b:00007f845cdc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  184.504145][ T6691] RAX: ffffffffffffffda RBX: 00007f845c136058 RCX: 00007f845bf7dff9
[  184.512109][ T6691] RDX: 0000000000000020 RSI: 0000000020000280 RDI: 0000000000000004
[  184.520075][ T6691] RBP: 00007f845cdc7090 R08: 0000000000000000 R09: 0000000000000000
[  184.528040][ T6691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.536012][ T6691] R13: 0000000000000000 R14: 00007f845c136058 R15: 00007ffd4d55f5e8
[  184.543995][ T6691]  </TASK>
[  184.548724][ T6695] CPU: 1 UID: 0 PID: 6695 Comm: syz.0.313 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  184.559355][ T6695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.569453][ T6695] Call Trace:
[  184.572751][ T6695]  <TASK>
[  184.575694][ T6695]  dump_stack_lvl+0x241/0x360
[  184.580399][ T6695]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.585625][ T6695]  ? __pfx__printk+0x10/0x10
[  184.590248][ T6695]  ? __pfx_lock_release+0x10/0x10
[  184.595315][ T6695]  should_fail_ex+0x3b0/0x4e0
[  184.600034][ T6695]  _copy_from_iter+0x1ed/0x1d60
[  184.604912][ T6695]  ? __virt_addr_valid+0x183/0x530
[  184.610057][ T6695]  ? __pfx_lock_release+0x10/0x10
[  184.615122][ T6695]  ? __alloc_skb+0x28f/0x440
[  184.619737][ T6695]  ? __pfx__copy_from_iter+0x10/0x10
[  184.625052][ T6695]  ? __virt_addr_valid+0x183/0x530
[  184.630176][ T6695]  ? __virt_addr_valid+0x183/0x530
[  184.635283][ T6695]  ? __virt_addr_valid+0x45f/0x530
[  184.640392][ T6695]  ? __check_object_size+0x48e/0x900
[  184.645689][ T6695]  netlink_sendmsg+0x73d/0xcb0
[  184.650473][ T6695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.655754][ T6695]  ? aa_sock_msg_perm+0x91/0x160
[  184.660687][ T6695]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.665975][ T6695]  __sock_sendmsg+0x221/0x270
[  184.670671][ T6695]  ____sys_sendmsg+0x52a/0x7e0
[  184.675438][ T6695]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.680748][ T6695]  __sys_sendmsg+0x292/0x380
[  184.685348][ T6695]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.690481][ T6695]  ? __pfx_vfs_write+0x10/0x10
[  184.695264][ T6695]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.701597][ T6695]  ? do_syscall_64+0x100/0x230
[  184.706361][ T6695]  ? do_syscall_64+0xb6/0x230
[  184.711034][ T6695]  do_syscall_64+0xf3/0x230
[  184.715533][ T6695]  ? clear_bhb_loop+0x35/0x90
[  184.720206][ T6695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.726099][ T6695] RIP: 0033:0x7fd32b97dff9
[  184.730507][ T6695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.750118][ T6695] RSP: 002b:00007fd32c773038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.758536][ T6695] RAX: ffffffffffffffda RBX: 00007fd32bb35f80 RCX: 00007fd32b97dff9
[  184.766506][ T6695] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  184.774471][ T6695] RBP: 00007fd32c773090 R08: 0000000000000000 R09: 0000000000000000
[  184.782439][ T6695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.790407][ T6695] R13: 0000000000000000 R14: 00007fd32bb35f80 R15: 00007ffc99cecd18
[  184.798396][ T6695]  </TASK>
[  185.160687][ T6717] netlink: 24 bytes leftover after parsing attributes in process `syz.2.318'.
[  185.328959][ T6726] delete_channel: no stack
[  185.400289][ T6728] syzkaller1: entered promiscuous mode
[  185.417711][ T6728] syzkaller1: entered allmulticast mode
[  185.475139][ T6732] netlink: 'syz.1.325': attribute type 21 has an invalid length.
[  185.507548][ T6736] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  185.572058][ T6736] netlink: 4 bytes leftover after parsing attributes in process `syz.3.327'.
[  186.010843][ T6735] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  186.526964][ T6781] netlink: 'syz.1.343': attribute type 1 has an invalid length.
[  186.629040][ T6788] netlink: 'syz.4.344': attribute type 10 has an invalid length.
[  186.638200][ T6788] netlink: 148 bytes leftover after parsing attributes in process `syz.4.344'.
[  186.851877][ T6795] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  186.881113][ T6795] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  186.908939][ T6795] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  186.921670][ T6795] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  187.440802][ T6814] netlink: 84 bytes leftover after parsing attributes in process `syz.2.355'.
[  187.524777][ T6814] netlink: 40 bytes leftover after parsing attributes in process `syz.2.355'.
[  187.540052][ T6823] netlink: 128 bytes leftover after parsing attributes in process `syz.0.358'.
[  188.174517][ T6847] netlink: 60 bytes leftover after parsing attributes in process `syz.3.366'.
[  188.190039][ T6847] unsupported nlmsg_type 40
[  188.320124][ T6851] netlink: 16 bytes leftover after parsing attributes in process `syz.0.368'.
[  188.337024][ T6854] netlink: 16 bytes leftover after parsing attributes in process `syz.3.369'.
[  188.366228][ T6851] wg2: entered promiscuous mode
[  188.386753][ T6851] team0: Device wg2 is of different type
[  188.815219][ T6873] FAULT_INJECTION: forcing a failure.
[  188.815219][ T6873] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.833428][ T6874] tipc: Started in network mode
[  188.838352][ T6874] tipc: Node identity ac1414aa, cluster identity 4711
[  188.876793][ T6873] CPU: 0 UID: 0 PID: 6873 Comm: syz.4.374 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  188.887449][ T6873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  188.897533][ T6873] Call Trace:
[  188.900829][ T6873]  <TASK>
[  188.903783][ T6873]  dump_stack_lvl+0x241/0x360
[  188.908490][ T6873]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.913719][ T6873]  ? __pfx__printk+0x10/0x10
[  188.918345][ T6873]  ? snprintf+0xda/0x120
[  188.922615][ T6873]  should_fail_ex+0x3b0/0x4e0
[  188.927322][ T6873]  _copy_to_user+0x2f/0xb0
[  188.931764][ T6873]  simple_read_from_buffer+0xca/0x150
[  188.934958][ T6874] tipc: Enabled bearer <udp:s>, priority 10
[  188.937147][ T6873]  proc_fail_nth_read+0x1e9/0x250
[  188.948067][ T6873]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  188.953652][ T6873]  ? rw_verify_area+0x55e/0x6f0
[  188.958528][ T6873]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  188.964106][ T6873]  vfs_read+0x201/0xbc0
[  188.968286][ T6873]  ? __pfx_lock_release+0x10/0x10
[  188.973342][ T6873]  ? __pfx_vfs_read+0x10/0x10
[  188.978049][ T6873]  ? __fget_files+0x3f3/0x470
[  188.982755][ T6873]  ? fdget_pos+0x24e/0x320
[  188.987199][ T6873]  ksys_read+0x183/0x2b0
[  188.991462][ T6873]  ? __pfx_ksys_read+0x10/0x10
[  188.996246][ T6873]  ? do_syscall_64+0x100/0x230
[  189.001031][ T6873]  ? do_syscall_64+0xb6/0x230
[  189.005734][ T6873]  do_syscall_64+0xf3/0x230
[  189.010260][ T6873]  ? clear_bhb_loop+0x35/0x90
[  189.014959][ T6873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.020874][ T6873] RIP: 0033:0x7fa1cdd7ca3c
[  189.025305][ T6873] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  189.044936][ T6873] RSP: 002b:00007fa1cec5c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  189.053479][ T6873] RAX: ffffffffffffffda RBX: 00007fa1cdf35f80 RCX: 00007fa1cdd7ca3c
[  189.061479][ T6873] RDX: 000000000000000f RSI: 00007fa1cec5c0a0 RDI: 0000000000000004
[  189.069473][ T6873] RBP: 00007fa1cec5c090 R08: 0000000000000000 R09: 0000000000000000
[  189.077470][ T6873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  189.085465][ T6873] R13: 0000000000000000 R14: 00007fa1cdf35f80 R15: 00007ffc8dab5078
[  189.093485][ T6873]  </TASK>
[  189.633412][ T6900] __nla_validate_parse: 1 callbacks suppressed
[  189.633432][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.384'.
[  189.706897][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.384'.
[  189.885690][ T6902] netlink: 'syz.3.385': attribute type 10 has an invalid length.
[  189.904240][ T6902] netlink: 2 bytes leftover after parsing attributes in process `syz.3.385'.
[  189.943103][ T6902] team0: entered promiscuous mode
[  189.948450][   T47] tipc: Node number set to 2886997162
[  189.954908][ T6902] team_slave_0: entered promiscuous mode
[  189.970278][ T6902] team_slave_1: entered promiscuous mode
[  189.978057][ T6902] bridge0: port 3(team0) entered blocking state
[  189.984968][ T6902] bridge0: port 3(team0) entered disabled state
[  189.994893][ T6902] team0: entered allmulticast mode
[  190.001727][ T6912] dccp_close: ABORT with 1 bytes unread
[  190.014356][ T6902] team_slave_0: entered allmulticast mode
[  190.029976][ T6902] team_slave_1: entered allmulticast mode
[  190.072399][ T6902] bridge0: port 3(team0) entered blocking state
[  190.078926][ T6902] bridge0: port 3(team0) entered forwarding state
[  190.317381][ T6928] netlink: 'syz.0.395': attribute type 1 has an invalid length.
[  190.340196][ T6928] netlink: 'syz.0.395': attribute type 4 has an invalid length.
[  190.361971][ T6932] FAULT_INJECTION: forcing a failure.
[  190.361971][ T6932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.389668][ T6928] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.395'.
[  190.409799][ T6932] CPU: 1 UID: 0 PID: 6932 Comm: syz.1.397 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  190.420462][ T6932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  190.430550][ T6932] Call Trace:
[  190.433858][ T6932]  <TASK>
[  190.436806][ T6932]  dump_stack_lvl+0x241/0x360
[  190.441513][ T6932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.446749][ T6932]  ? __pfx__printk+0x10/0x10
[  190.451374][ T6932]  ? __pfx_lock_release+0x10/0x10
[  190.456440][ T6932]  should_fail_ex+0x3b0/0x4e0
[  190.461152][ T6932]  _copy_from_iter+0x1ed/0x1d60
[  190.466031][ T6932]  ? __virt_addr_valid+0x183/0x530
[  190.471171][ T6932]  ? __pfx_lock_release+0x10/0x10
[  190.476241][ T6932]  ? __alloc_skb+0x28f/0x440
[  190.480858][ T6932]  ? __pfx__copy_from_iter+0x10/0x10
[  190.486189][ T6932]  ? __virt_addr_valid+0x183/0x530
[  190.491340][ T6932]  ? __virt_addr_valid+0x183/0x530
[  190.496476][ T6932]  ? __virt_addr_valid+0x45f/0x530
[  190.501616][ T6932]  ? __check_object_size+0x48e/0x900
[  190.506938][ T6932]  netlink_sendmsg+0x73d/0xcb0
[  190.511729][ T6932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.517022][ T6932]  ? aa_sock_msg_perm+0x91/0x160
[  190.521967][ T6932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.527256][ T6932]  __sock_sendmsg+0x221/0x270
[  190.531944][ T6932]  ____sys_sendmsg+0x52a/0x7e0
[  190.536711][ T6932]  ? __pfx_____sys_sendmsg+0x10/0x10
[  190.542001][ T6932]  __sys_sendmsg+0x292/0x380
[  190.546585][ T6932]  ? __pfx___sys_sendmsg+0x10/0x10
[  190.551698][ T6932]  ? __pfx_vfs_write+0x10/0x10
[  190.556470][ T6932]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  190.562911][ T6932]  ? do_syscall_64+0x100/0x230
[  190.567670][ T6932]  ? do_syscall_64+0xb6/0x230
[  190.572349][ T6932]  do_syscall_64+0xf3/0x230
[  190.576863][ T6932]  ? clear_bhb_loop+0x35/0x90
[  190.581569][ T6932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.587459][ T6932] RIP: 0033:0x7fc6c9b7dff9
[  190.591869][ T6932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.611494][ T6932] RSP: 002b:00007fc6ca8e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.619941][ T6932] RAX: ffffffffffffffda RBX: 00007fc6c9d35f80 RCX: 00007fc6c9b7dff9
[  190.627918][ T6932] RDX: 0000000000000000 RSI: 0000000020006ac0 RDI: 0000000000000004
[  190.635887][ T6932] RBP: 00007fc6ca8e2090 R08: 0000000000000000 R09: 0000000000000000
[  190.643859][ T6932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.651821][ T6932] R13: 0000000000000000 R14: 00007fc6c9d35f80 R15: 00007ffd8fd03e48
[  190.659806][ T6932]  </TASK>
[  190.683306][    C1] Dead loop on virtual device ipvlan0, fix it urgently!
[  190.981323][ T6938] veth2: entered promiscuous mode
[  190.994338][ T6938] veth2: entered allmulticast mode
[  191.960165][ T6988] netlink: 'syz.4.417': attribute type 1 has an invalid length.
[  191.975554][ T6988] netlink: 9348 bytes leftover after parsing attributes in process `syz.4.417'.
[  191.984895][ T6988] netlink: 'syz.4.417': attribute type 1 has an invalid length.
[  192.214885][ T7000] FAULT_INJECTION: forcing a failure.
[  192.214885][ T7000] name failslab, interval 1, probability 0, space 0, times 0
[  192.249701][ T7000] CPU: 0 UID: 0 PID: 7000 Comm: syz.4.421 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  192.260353][ T7000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  192.270527][ T7000] Call Trace:
[  192.273833][ T7000]  <TASK>
[  192.276792][ T7000]  dump_stack_lvl+0x241/0x360
[  192.281504][ T7000]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.286727][ T7000]  ? __pfx__printk+0x10/0x10
[  192.291364][ T7000]  ? __kmalloc_node_noprof+0xb7/0x440
[  192.296774][ T7000]  ? __pfx___might_resched+0x10/0x10
[  192.302098][ T7000]  should_fail_ex+0x3b0/0x4e0
[  192.306816][ T7000]  should_failslab+0xac/0x100
[  192.311523][ T7000]  __kmalloc_node_noprof+0xdf/0x440
[  192.316758][ T7000]  ? vmemdup_user+0x42/0x1c0
[  192.321389][ T7000]  vmemdup_user+0x42/0x1c0
[  192.325833][ T7000]  map_get_next_key+0x1c4/0x5e0
[  192.330721][ T7000]  __sys_bpf+0x72e/0x810
[  192.334994][ T7000]  ? __pfx___sys_bpf+0x10/0x10
[  192.339794][ T7000]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  192.345807][ T7000]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  192.352174][ T7000]  ? do_syscall_64+0x100/0x230
[  192.356973][ T7000]  __x64_sys_bpf+0x7c/0x90
[  192.361423][ T7000]  do_syscall_64+0xf3/0x230
[  192.365952][ T7000]  ? clear_bhb_loop+0x35/0x90
[  192.370666][ T7000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.376594][ T7000] RIP: 0033:0x7fa1cdd7dff9
[  192.381039][ T7000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.389819][ T7005] FAULT_INJECTION: forcing a failure.
[  192.389819][ T7005] name failslab, interval 1, probability 0, space 0, times 0
[  192.400647][ T7000] RSP: 002b:00007fa1cec5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  192.400675][ T7000] RAX: ffffffffffffffda RBX: 00007fa1cdf35f80 RCX: 00007fa1cdd7dff9
[  192.400688][ T7000] RDX: 0000000000000020 RSI: 0000000020000280 RDI: 0000000000000004
[  192.400700][ T7000] RBP: 00007fa1cec5c090 R08: 0000000000000000 R09: 0000000000000000
[  192.400712][ T7000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.400724][ T7000] R13: 0000000000000000 R14: 00007fa1cdf35f80 R15: 00007ffc8dab5078
[  192.400752][ T7000]  </TASK>
[  192.484547][ T7005] CPU: 1 UID: 0 PID: 7005 Comm: syz.3.422 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  192.495212][ T7005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  192.505297][ T7005] Call Trace:
[  192.508605][ T7005]  <TASK>
[  192.511561][ T7005]  dump_stack_lvl+0x241/0x360
[  192.516271][ T7005]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.521491][ T7005]  ? __pfx__printk+0x10/0x10
[  192.526114][ T7005]  ? ref_tracker_alloc+0x332/0x490
[  192.531228][ T7005]  should_fail_ex+0x3b0/0x4e0
[  192.535912][ T7005]  ? skb_clone+0x20c/0x390
[  192.540326][ T7005]  should_failslab+0xac/0x100
[  192.545002][ T7005]  ? skb_clone+0x20c/0x390
[  192.549412][ T7005]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  192.554787][ T7005]  skb_clone+0x20c/0x390
[  192.559030][ T7005]  __netlink_deliver_tap+0x3cc/0x7c0
[  192.564326][ T7005]  ? netlink_deliver_tap+0x2e/0x1b0
[  192.569527][ T7005]  netlink_deliver_tap+0x19d/0x1b0
[  192.574642][ T7005]  netlink_unicast+0x7c4/0x990
[  192.579413][ T7005]  ? __pfx_netlink_unicast+0x10/0x10
[  192.584697][ T7005]  ? __virt_addr_valid+0x183/0x530
[  192.589895][ T7005]  ? __check_object_size+0x48e/0x900
[  192.595179][ T7005]  netlink_sendmsg+0x8e4/0xcb0
[  192.599974][ T7005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.605278][ T7005]  ? aa_sock_msg_perm+0x91/0x160
[  192.610225][ T7005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.615514][ T7005]  __sock_sendmsg+0x221/0x270
[  192.620202][ T7005]  ____sys_sendmsg+0x52a/0x7e0
[  192.624979][ T7005]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.630276][ T7005]  __sys_sendmsg+0x292/0x380
[  192.634865][ T7005]  ? __pfx___sys_sendmsg+0x10/0x10
[  192.639980][ T7005]  ? __pfx_vfs_write+0x10/0x10
[  192.644760][ T7005]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  192.651089][ T7005]  ? do_syscall_64+0x100/0x230
[  192.655848][ T7005]  ? do_syscall_64+0xb6/0x230
[  192.660518][ T7005]  do_syscall_64+0xf3/0x230
[  192.665036][ T7005]  ? clear_bhb_loop+0x35/0x90
[  192.669723][ T7005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.675630][ T7005] RIP: 0033:0x7f857037dff9
[  192.680050][ T7005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.699653][ T7005] RSP: 002b:00007f85710e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.708064][ T7005] RAX: ffffffffffffffda RBX: 00007f8570535f80 RCX: 00007f857037dff9
[  192.716052][ T7005] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  192.724051][ T7005] RBP: 00007f85710e3090 R08: 0000000000000000 R09: 0000000000000000
[  192.732033][ T7005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.740003][ T7005] R13: 0000000000000000 R14: 00007f8570535f80 R15: 00007ffd9617add8
[  192.747987][ T7005]  </TASK>
[  193.153507][ T7027] FAULT_INJECTION: forcing a failure.
[  193.153507][ T7027] name failslab, interval 1, probability 0, space 0, times 0
[  193.183381][ T7027] CPU: 0 UID: 0 PID: 7027 Comm: syz.2.434 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  193.194037][ T7027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  193.204122][ T7027] Call Trace:
[  193.207421][ T7027]  <TASK>
[  193.210370][ T7027]  dump_stack_lvl+0x241/0x360
[  193.215080][ T7027]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.220298][ T7027]  ? __pfx__printk+0x10/0x10
[  193.224904][ T7027]  should_fail_ex+0x3b0/0x4e0
[  193.229589][ T7027]  should_failslab+0xac/0x100
[  193.234281][ T7027]  ? sctp_add_bind_addr+0x89/0x3a0
[  193.239431][ T7027]  __kmalloc_cache_noprof+0x6c/0x2c0
[  193.244754][ T7027]  sctp_add_bind_addr+0x89/0x3a0
[  193.249719][ T7027]  sctp_copy_local_addr_list+0x311/0x500
[  193.255379][ T7027]  ? sctp_copy_local_addr_list+0xab/0x500
[  193.261126][ T7027]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  193.267295][ T7027]  ? sctp_v6_is_any+0x60/0x70
[  193.271973][ T7027]  sctp_bind_addr_copy+0xad/0x3b0
[  193.276991][ T7027]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  193.283337][ T7027]  sctp_connect_new_asoc+0x2f3/0x6c0
[  193.288675][ T7027]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  193.294490][ T7027]  ? sctp_sendmsg+0xbb9/0x3520
[  193.299260][ T7027]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  193.305062][ T7027]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  193.310605][ T7027]  sctp_sendmsg+0x219a/0x3520
[  193.315293][ T7027]  ? __pfx_sctp_sendmsg+0x10/0x10
[  193.320322][ T7027]  ? __pfx_aa_sk_perm+0x10/0x10
[  193.325171][ T7027]  ? inet_sendmsg+0x330/0x390
[  193.329849][ T7027]  __sock_sendmsg+0x1a6/0x270
[  193.334529][ T7027]  __sys_sendto+0x39b/0x4f0
[  193.339035][ T7027]  ? __pfx___sys_sendto+0x10/0x10
[  193.344075][ T7027]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  193.350060][ T7027]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  193.356393][ T7027]  __x64_sys_sendto+0xde/0x100
[  193.361241][ T7027]  do_syscall_64+0xf3/0x230
[  193.365742][ T7027]  ? clear_bhb_loop+0x35/0x90
[  193.370413][ T7027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.376310][ T7027] RIP: 0033:0x7f845bf7dff9
[  193.380720][ T7027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.400330][ T7027] RSP: 002b:00007f845cde8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  193.408743][ T7027] RAX: ffffffffffffffda RBX: 00007f845c135f80 RCX: 00007f845bf7dff9
[  193.416710][ T7027] RDX: 0000000000000001 RSI: 0000000020001080 RDI: 0000000000000006
[  193.424676][ T7027] RBP: 00007f845cde8090 R08: 000000002005ffe4 R09: 000000000000001c
[  193.432654][ T7027] R10: 0000000004048800 R11: 0000000000000246 R12: 0000000000000002
[  193.440636][ T7027] R13: 0000000000000000 R14: 00007f845c135f80 R15: 00007ffd4d55f5e8
[  193.448633][ T7027]  </TASK>
[  193.473983][   T55] Bluetooth: hci9: command 0x0405 tx timeout
[  194.523768][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  194.530293][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  194.587804][ T7083] netlink: 9412 bytes leftover after parsing attributes in process `syz.1.456'.
[  194.694828][ T7091] netlink: 24 bytes leftover after parsing attributes in process `syz.1.456'.
[  195.082982][ T7113] netlink: 8 bytes leftover after parsing attributes in process `syz.0.466'.
[  195.220472][ T7118] netlink: 8 bytes leftover after parsing attributes in process `syz.1.469'.
[  195.337240][ T7126] netlink: 20 bytes leftover after parsing attributes in process `syz.0.473'.
[  195.437147][ T7132] mac80211_hwsim hwsim31 wlan0: entered promiscuous mode
[  195.444932][ T7132] macsec1: entered promiscuous mode
[  195.450304][ T7132] macsec1: entered allmulticast mode
[  195.455767][ T7132] mac80211_hwsim hwsim31 wlan0: entered allmulticast mode
[  195.504329][ T7138] batman_adv: batadv0: Adding interface: ipvlan1
[  195.552897][ T7138] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.698959][ T7138] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active
[  196.334959][ T7161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.483'.
[  196.372712][ T7161] netlink: 12 bytes leftover after parsing attributes in process `syz.4.483'.
[  196.686737][ T7167] 8021q: adding VLAN 0 to HW filter on device bond1
[  196.778140][ T7181] tipc: Started in network mode
[  196.787786][ T7181] tipc: Node identity ac1414aa, cluster identity 4711
[  196.801580][ T7181] tipc: Enabled bearer <udp:s>, priority 10
[  197.131964][ T7172] netlink: 'syz.0.487': attribute type 2 has an invalid length.
[  197.345139][ T7210] dccp_close: ABORT with 1 bytes unread
[  197.913963][ T7227] netlink: 52 bytes leftover after parsing attributes in process `syz.2.504'.
[  197.923254][ T7227] netlink: 52 bytes leftover after parsing attributes in process `syz.2.504'.
[  197.947053][ T5272] tipc: Node number set to 2886997162
[  197.959609][ T7227] netlink: 16 bytes leftover after parsing attributes in process `syz.2.504'.
[  197.980747][ T7227] netlink: 4 bytes leftover after parsing attributes in process `syz.2.504'.
[  198.243686][ T7248] FAULT_INJECTION: forcing a failure.
[  198.243686][ T7248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.257554][ T7248] CPU: 0 UID: 0 PID: 7248 Comm: syz.0.511 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  198.268156][ T7248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  198.278213][ T7248] Call Trace:
[  198.281485][ T7248]  <TASK>
[  198.284411][ T7248]  dump_stack_lvl+0x241/0x360
[  198.289092][ T7248]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.294282][ T7248]  ? __pfx__printk+0x10/0x10
[  198.298874][ T7248]  ? snprintf+0xda/0x120
[  198.303112][ T7248]  should_fail_ex+0x3b0/0x4e0
[  198.307791][ T7248]  _copy_to_user+0x2f/0xb0
[  198.312212][ T7248]  simple_read_from_buffer+0xca/0x150
[  198.317596][ T7248]  proc_fail_nth_read+0x1e9/0x250
[  198.322624][ T7248]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  198.328174][ T7248]  ? rw_verify_area+0x55e/0x6f0
[  198.333027][ T7248]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  198.338579][ T7248]  vfs_read+0x201/0xbc0
[  198.342740][ T7248]  ? __pfx_lock_release+0x10/0x10
[  198.347766][ T7248]  ? __pfx_vfs_read+0x10/0x10
[  198.352444][ T7248]  ? __fget_files+0x3f3/0x470
[  198.357122][ T7248]  ? fdget_pos+0x24e/0x320
[  198.361534][ T7248]  ksys_read+0x183/0x2b0
[  198.365782][ T7248]  ? __pfx_ksys_read+0x10/0x10
[  198.370545][ T7248]  ? do_syscall_64+0x100/0x230
[  198.375308][ T7248]  ? do_syscall_64+0xb6/0x230
[  198.379982][ T7248]  do_syscall_64+0xf3/0x230
[  198.384478][ T7248]  ? clear_bhb_loop+0x35/0x90
[  198.389150][ T7248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.395053][ T7248] RIP: 0033:0x7fd32b97ca3c
[  198.399470][ T7248] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  198.419076][ T7248] RSP: 002b:00007fd32c773030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  198.427514][ T7248] RAX: ffffffffffffffda RBX: 00007fd32bb35f80 RCX: 00007fd32b97ca3c
[  198.435490][ T7248] RDX: 000000000000000f RSI: 00007fd32c7730a0 RDI: 0000000000000007
[  198.443460][ T7248] RBP: 00007fd32c773090 R08: 0000000000000000 R09: 0000000000000000
[  198.451431][ T7248] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  198.459399][ T7248] R13: 0000000000000000 R14: 00007fd32bb35f80 R15: 00007ffc99cecd18
[  198.467383][ T7248]  </TASK>
[  198.704635][ T7259] bridge_slave_0: left allmulticast mode
[  198.719493][ T7259] bridge_slave_0: left promiscuous mode
[  198.738638][ T7259] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.751756][ T7259] bridge_slave_1: left allmulticast mode
[  198.763879][ T7259] bridge_slave_1: left promiscuous mode
[  198.771449][ T7259] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.818781][ T7259] bond0: (slave bond_slave_0): Releasing backup interface
[  198.850898][ T7259] bond0: (slave bond_slave_1): Releasing backup interface
[  198.876457][ T7275] FAULT_INJECTION: forcing a failure.
[  198.876457][ T7275] name failslab, interval 1, probability 0, space 0, times 0
[  198.890052][ T7275] CPU: 1 UID: 0 PID: 7275 Comm: syz.0.522 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  198.900651][ T7275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  198.910710][ T7275] Call Trace:
[  198.914002][ T7275]  <TASK>
[  198.916934][ T7275]  dump_stack_lvl+0x241/0x360
[  198.921610][ T7275]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.926805][ T7275]  ? __pfx__printk+0x10/0x10
[  198.931400][ T7275]  should_fail_ex+0x3b0/0x4e0
[  198.936088][ T7275]  ? skb_clone+0x20c/0x390
[  198.940508][ T7275]  should_failslab+0xac/0x100
[  198.945187][ T7275]  ? skb_clone+0x20c/0x390
[  198.949596][ T7275]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  198.954975][ T7275]  skb_clone+0x20c/0x390
[  198.959213][ T7275]  ? dev_queue_xmit_nit+0x220/0xc10
[  198.964414][ T7275]  dev_queue_xmit_nit+0x419/0xc10
[  198.969457][ T7275]  ? dev_queue_xmit_nit+0x2b/0xc10
[  198.974571][ T7275]  ? validate_xmit_skb+0x9f9/0x1120
[  198.979769][ T7275]  dev_hard_start_xmit+0x15f/0x7e0
[  198.984889][ T7275]  ? __pfx_validate_xmit_skb+0x10/0x10
[  198.990364][ T7275]  __dev_queue_xmit+0x1b11/0x3ed0
[  198.995407][ T7275]  ? kasan_save_track+0x51/0x80
[  199.000273][ T7275]  ? do_syscall_64+0xf3/0x230
[  199.004948][ T7275]  ? __dev_queue_xmit+0x2da/0x3ed0
[  199.010061][ T7275]  ? __pfx___dev_queue_xmit+0x10/0x10
[  199.015457][ T7275]  ? __copy_skb_header+0x437/0x5b0
[  199.020585][ T7275]  ? __asan_memcpy+0x40/0x70
[  199.025169][ T7275]  ? __copy_skb_header+0x437/0x5b0
[  199.030292][ T7275]  ? __skb_clone+0x454/0x6c0
[  199.034906][ T7275]  ? skb_clone+0x240/0x390
[  199.039319][ T7275]  __netlink_deliver_tap+0x54d/0x7c0
[  199.044625][ T7275]  ? netlink_deliver_tap+0x2e/0x1b0
[  199.049850][ T7275]  netlink_deliver_tap+0x19d/0x1b0
[  199.054963][ T7275]  netlink_unicast+0x7c4/0x990
[  199.059744][ T7275]  ? __pfx_netlink_unicast+0x10/0x10
[  199.065024][ T7275]  ? __virt_addr_valid+0x183/0x530
[  199.070146][ T7275]  ? __check_object_size+0x48e/0x900
[  199.075461][ T7275]  netlink_sendmsg+0x8e4/0xcb0
[  199.080230][ T7275]  ? __pfx_netlink_sendmsg+0x10/0x10
[  199.085526][ T7275]  ? aa_sock_msg_perm+0x91/0x160
[  199.090480][ T7275]  ? __pfx_netlink_sendmsg+0x10/0x10
[  199.095766][ T7275]  __sock_sendmsg+0x221/0x270
[  199.100441][ T7275]  ____sys_sendmsg+0x52a/0x7e0
[  199.105241][ T7275]  ? __pfx_____sys_sendmsg+0x10/0x10
[  199.110551][ T7275]  __sys_sendmsg+0x292/0x380
[  199.115145][ T7275]  ? __pfx___sys_sendmsg+0x10/0x10
[  199.120259][ T7275]  ? __pfx_vfs_write+0x10/0x10
[  199.125062][ T7275]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  199.131402][ T7275]  ? do_syscall_64+0x100/0x230
[  199.136175][ T7275]  ? do_syscall_64+0xb6/0x230
[  199.140858][ T7275]  do_syscall_64+0xf3/0x230
[  199.145357][ T7275]  ? clear_bhb_loop+0x35/0x90
[  199.150040][ T7275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.155935][ T7275] RIP: 0033:0x7fd32b97dff9
[  199.160347][ T7275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.179969][ T7275] RSP: 002b:00007fd32c773038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.188406][ T7275] RAX: ffffffffffffffda RBX: 00007fd32bb35f80 RCX: 00007fd32b97dff9
[  199.196394][ T7275] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  199.204388][ T7275] RBP: 00007fd32c773090 R08: 0000000000000000 R09: 0000000000000000
[  199.212361][ T7275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.220341][ T7275] R13: 0000000000000000 R14: 00007fd32bb35f80 R15: 00007ffc99cecd18
[  199.228335][ T7275]  </TASK>
[  199.266089][ T7259] team0: Port device team_slave_0 removed
[  199.287766][ T7259] team0: Port device team_slave_1 removed
[  199.294237][ T7259] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.301666][ T7259] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.314661][ T7259] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.323385][ T7259] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.409332][ T7277] netlink: 'syz.3.521': attribute type 11 has an invalid length.
[  199.905255][ T7310] __nla_validate_parse: 1 callbacks suppressed
[  199.905275][ T7310] netlink: 8 bytes leftover after parsing attributes in process `syz.4.533'.
[  199.914983][ T7309] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  199.973304][ T7316] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  199.999638][ T7317] netlink: 'syz.0.535': attribute type 9 has an invalid length.
[  200.017450][ T7317] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.535'.
[  200.034819][ T7309] xt_CT: You must specify a L4 protocol and not use inversions on it
[  200.202175][ T7319] netlink: 'syz.0.535': attribute type 9 has an invalid length.
[  200.289553][ T7319] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.535'.
[  200.422091][ T7335] netlink: 'syz.3.539': attribute type 4 has an invalid length.
[  200.467791][ T7335] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.539'.
[  200.481275][ T7330] netlink: 56 bytes leftover after parsing attributes in process `syz.4.538'.
[  200.541537][ T7329] sock: sock_timestamping_bind_phc: sock not bind to device
[  200.895016][ T7359] erspan0: entered promiscuous mode
[  200.905757][ T7359] Dead loop on virtual device ipvlan0, fix it urgently!
[  201.122650][ T7369] netlink: 8 bytes leftover after parsing attributes in process `syz.3.549'.
[  201.197172][ T7373] FAULT_INJECTION: forcing a failure.
[  201.197172][ T7373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.218034][ T7373] CPU: 0 UID: 0 PID: 7373 Comm: syz.1.552 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  201.228677][ T7373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  201.238762][ T7373] Call Trace:
[  201.242058][ T7373]  <TASK>
[  201.245006][ T7373]  dump_stack_lvl+0x241/0x360
[  201.249715][ T7373]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.254944][ T7373]  ? __pfx__printk+0x10/0x10
[  201.259574][ T7373]  ? __pfx_lock_release+0x10/0x10
[  201.264629][ T7373]  ? validate_chain+0x11e/0x5920
[  201.269595][ T7373]  ? validate_chain+0x11e/0x5920
[  201.274574][ T7373]  should_fail_ex+0x3b0/0x4e0
[  201.279301][ T7373]  _copy_from_user+0x2f/0xe0
[  201.283923][ T7373]  do_sys_poll+0x249/0x1600
[  201.288456][ T7373]  ? mark_lock+0x9a/0x360
[  201.292815][ T7373]  ? __pfx_validate_chain+0x10/0x10
[  201.298054][ T7373]  ? _parse_integer_limit+0x1b5/0x200
[  201.303457][ T7373]  ? __pfx_do_sys_poll+0x10/0x10
[  201.308423][ T7373]  ? mark_lock+0x9a/0x360
[  201.312780][ T7373]  ? mark_lock+0x9a/0x360
[  201.317188][ T7373]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  201.323451][ T7373]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  201.330071][ T7373]  ? ktime_get_ts64+0xa8/0x2b0
[  201.334863][ T7373]  ? lockdep_hardirqs_on+0x99/0x150
[  201.340116][ T7373]  ? __pfx_timespec64_add_safe+0x10/0x10
[  201.345786][ T7373]  __se_sys_poll+0x1c5/0x400
[  201.350405][ T7373]  ? __pfx___se_sys_poll+0x10/0x10
[  201.355563][ T7373]  ? do_syscall_64+0x100/0x230
[  201.360353][ T7373]  ? do_syscall_64+0xb6/0x230
[  201.365061][ T7373]  do_syscall_64+0xf3/0x230
[  201.369593][ T7373]  ? clear_bhb_loop+0x35/0x90
[  201.374295][ T7373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.380219][ T7373] RIP: 0033:0x7fc6c9b7dff9
[  201.384654][ T7373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.404290][ T7373] RSP: 002b:00007fc6ca8e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  201.412740][ T7373] RAX: ffffffffffffffda RBX: 00007fc6c9d35f80 RCX: 00007fc6c9b7dff9
[  201.420747][ T7373] RDX: 0000000000000081 RSI: 0000000000000001 RDI: 0000000020000300
[  201.428857][ T7373] RBP: 00007fc6ca8e2090 R08: 0000000000000000 R09: 0000000000000000
[  201.436857][ T7373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.444858][ T7373] R13: 0000000000000000 R14: 00007fc6c9d35f80 R15: 00007ffd8fd03e48
[  201.452874][ T7373]  </TASK>
[  201.729517][ T7359] syz.3.549 (7359) used greatest stack depth: 6712 bytes left
[  202.064027][ T7402] openvswitch: netlink: Actions may not be safe on all matching packets
[  202.156396][ T7406] batman_adv: batadv0: Adding interface: ipvlan1
[  202.202374][ T7406] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.301927][ T7418] netlink: 76 bytes leftover after parsing attributes in process `syz.4.569'.
[  202.310584][ T7406] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active
[  202.366342][ T7418] Êü: entered promiscuous mode
[  202.380823][ T7421] netlink: 468 bytes leftover after parsing attributes in process `syz.1.570'.
[  202.400583][ T7418] Bluetooth: MGMT ver 1.23
[  202.413045][ T7421] netlink: 40 bytes leftover after parsing attributes in process `syz.1.570'.
[  202.658837][ T7427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.572'.
[  202.762966][ T7427] netlink: 'syz.1.572': attribute type 1 has an invalid length.
[  202.959515][ T7437] openvswitch: netlink: Missing key (keys=400040, expected=200000)
[  203.087193][ T7440] FAULT_INJECTION: forcing a failure.
[  203.087193][ T7440] name failslab, interval 1, probability 0, space 0, times 0
[  203.112954][ T7440] CPU: 1 UID: 0 PID: 7440 Comm: syz.0.576 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  203.123651][ T7440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  203.133737][ T7440] Call Trace:
[  203.137037][ T7440]  <TASK>
[  203.139980][ T7440]  dump_stack_lvl+0x241/0x360
[  203.144687][ T7440]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.149908][ T7440]  ? __pfx__printk+0x10/0x10
[  203.154530][ T7440]  ? __kmalloc_node_track_caller_noprof+0xb2/0x440
[  203.161066][ T7440]  ? __pfx___might_resched+0x10/0x10
[  203.166396][ T7440]  should_fail_ex+0x3b0/0x4e0
[  203.171112][ T7440]  should_failslab+0xac/0x100
[  203.175822][ T7440]  __kmalloc_node_track_caller_noprof+0xda/0x440
[  203.182194][ T7440]  ? __request_module+0x2d5/0x650
[  203.187256][ T7440]  ? __request_module+0x2b9/0x650
[  203.192329][ T7440]  kstrdup+0x3a/0x80
[  203.196272][ T7440]  __request_module+0x2d5/0x650
[  203.201167][ T7440]  ? __pfx___request_module+0x10/0x10
[  203.206588][ T7440]  ? __up_read+0x2c2/0x6b0
[  203.211057][ T7440]  alg_bind+0x28b/0x570
[  203.215261][ T7440]  __sys_bind+0x22d/0x2d0
[  203.219631][ T7440]  ? __pfx___sys_bind+0x10/0x10
[  203.224538][ T7440]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  203.230912][ T7440]  ? do_syscall_64+0x100/0x230
[  203.235714][ T7440]  __x64_sys_bind+0x7a/0x90
[  203.240260][ T7440]  do_syscall_64+0xf3/0x230
[  203.244796][ T7440]  ? clear_bhb_loop+0x35/0x90
[  203.249505][ T7440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.255435][ T7440] RIP: 0033:0x7fd32b97dff9
[  203.259877][ T7440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.279530][ T7440] RSP: 002b:00007fd32c773038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  203.287982][ T7440] RAX: ffffffffffffffda RBX: 00007fd32bb35f80 RCX: 00007fd32b97dff9
[  203.295986][ T7440] RDX: 0000000000000058 RSI: 00000000200000c0 RDI: 0000000000000005
[  203.303993][ T7440] RBP: 00007fd32c773090 R08: 0000000000000000 R09: 0000000000000000
[  203.311995][ T7440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.319998][ T7440] R13: 0000000000000000 R14: 00007fd32bb35f80 R15: 00007ffc99cecd18
[  203.328017][ T7440]  </TASK>
[  203.410206][ T7444] netlink: 'syz.1.578': attribute type 1 has an invalid length.
[  203.573500][ T7450] netlink: 'syz.0.580': attribute type 11 has an invalid length.
[  204.324130][ T7488] netlink: 'syz.2.595': attribute type 11 has an invalid length.
[  204.531667][ T7499] sctp: [Deprecated]: syz.0.599 (pid 7499) Use of int in max_burst socket option deprecated.
[  204.531667][ T7499] Use struct sctp_assoc_value instead
[  204.725016][ T7505] IPVS: set_ctl: invalid protocol: 115 172.20.20.38:20002
[  204.889603][ T7518] netlink: 'syz.0.608': attribute type 11 has an invalid length.
[  205.194825][ T7534] __nla_validate_parse: 11 callbacks suppressed
[  205.194846][ T7534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.614'.
[  205.987030][ T7556] netlink: 'syz.3.620': attribute type 11 has an invalid length.
[  206.001619][ T7545] FAULT_INJECTION: forcing a failure.
[  206.001619][ T7545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.015271][ T7545] CPU: 1 UID: 0 PID: 7545 Comm: syz.0.617 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  206.025896][ T7545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  206.035980][ T7545] Call Trace:
[  206.039287][ T7545]  <TASK>
[  206.042246][ T7545]  dump_stack_lvl+0x241/0x360
[  206.046958][ T7545]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.052263][ T7545]  ? __pfx__printk+0x10/0x10
[  206.056888][ T7545]  ? snprintf+0xda/0x120
[  206.061168][ T7545]  should_fail_ex+0x3b0/0x4e0
[  206.065883][ T7545]  _copy_to_user+0x2f/0xb0
[  206.070326][ T7545]  simple_read_from_buffer+0xca/0x150
[  206.075731][ T7545]  proc_fail_nth_read+0x1e9/0x250
[  206.080788][ T7545]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  206.086369][ T7545]  ? rw_verify_area+0x55e/0x6f0
[  206.091259][ T7545]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  206.096840][ T7545]  vfs_read+0x201/0xbc0
[  206.101015][ T7545]  ? __pfx_lock_release+0x10/0x10
[  206.106050][ T7545]  ? __pfx_vfs_read+0x10/0x10
[  206.110735][ T7545]  ? __fget_files+0x3f3/0x470
[  206.115415][ T7545]  ? fdget_pos+0x24e/0x320
[  206.119829][ T7545]  ksys_read+0x183/0x2b0
[  206.124068][ T7545]  ? __pfx_ksys_read+0x10/0x10
[  206.128824][ T7545]  ? do_syscall_64+0x100/0x230
[  206.133589][ T7545]  ? do_syscall_64+0xb6/0x230
[  206.138268][ T7545]  do_syscall_64+0xf3/0x230
[  206.142774][ T7545]  ? clear_bhb_loop+0x35/0x90
[  206.147445][ T7545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.153340][ T7545] RIP: 0033:0x7fd32b97ca3c
[  206.157753][ T7545] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  206.177355][ T7545] RSP: 002b:00007fd32c773030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  206.185768][ T7545] RAX: ffffffffffffffda RBX: 00007fd32bb35f80 RCX: 00007fd32b97ca3c
[  206.193734][ T7545] RDX: 000000000000000f RSI: 00007fd32c7730a0 RDI: 0000000000000004
[  206.201698][ T7545] RBP: 00007fd32c773090 R08: 0000000000000000 R09: 0000000000000000
[  206.209662][ T7545] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[  206.217627][ T7545] R13: 0000000000000000 R14: 00007fd32bb35f80 R15: 00007ffc99cecd18
[  206.225608][ T7545]  </TASK>
[  206.229546][    C1] Dead loop on virtual device ipvlan0, fix it urgently!
[  206.335692][ T7566] netlink: 'syz.2.624': attribute type 1 has an invalid length.
[  206.343801][ T7566] netlink: 9352 bytes leftover after parsing attributes in process `syz.2.624'.
[  206.363160][ T7566] netlink: 'syz.2.624': attribute type 1 has an invalid length.
[  206.370952][ T7566] netlink: 12 bytes leftover after parsing attributes in process `syz.2.624'.
[  206.550287][ T7570] netlink: 8 bytes leftover after parsing attributes in process `syz.4.626'.
[  206.705183][ T7578] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.836855][ T7586] FAULT_INJECTION: forcing a failure.
[  206.836855][ T7586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.850126][   T55] Bluetooth: hci9: command 0x0405 tx timeout
[  206.862449][ T7586] CPU: 0 UID: 0 PID: 7586 Comm: syz.2.630 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  206.873089][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  206.883212][ T7586] Call Trace:
[  206.886512][ T7586]  <TASK>
[  206.889456][ T7586]  dump_stack_lvl+0x241/0x360
[  206.894155][ T7586]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.899377][ T7586]  ? __pfx__printk+0x10/0x10
[  206.903999][ T7586]  ? snprintf+0xda/0x120
[  206.908267][ T7586]  should_fail_ex+0x3b0/0x4e0
[  206.912978][ T7586]  _copy_to_user+0x2f/0xb0
[  206.917422][ T7586]  simple_read_from_buffer+0xca/0x150
[  206.922828][ T7586]  proc_fail_nth_read+0x1e9/0x250
[  206.927884][ T7586]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  206.933462][ T7586]  ? rw_verify_area+0x55e/0x6f0
[  206.938339][ T7586]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  206.943917][ T7586]  vfs_read+0x201/0xbc0
[  206.948104][ T7586]  ? __pfx_lock_release+0x10/0x10
[  206.953163][ T7586]  ? __pfx_vfs_read+0x10/0x10
[  206.957878][ T7586]  ? __fget_files+0x3f3/0x470
[  206.962587][ T7586]  ? fdget_pos+0x24e/0x320
[  206.967027][ T7586]  ksys_read+0x183/0x2b0
[  206.971299][ T7586]  ? __pfx_ksys_read+0x10/0x10
[  206.976096][ T7586]  ? do_syscall_64+0x100/0x230
[  206.980880][ T7586]  ? do_syscall_64+0xb6/0x230
[  206.985580][ T7586]  do_syscall_64+0xf3/0x230
[  206.990111][ T7586]  ? clear_bhb_loop+0x35/0x90
[  206.994818][ T7586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.000739][ T7586] RIP: 0033:0x7f845bf7ca3c
[  207.005175][ T7586] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  207.024808][ T7586] RSP: 002b:00007f845cde8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  207.033258][ T7586] RAX: ffffffffffffffda RBX: 00007f845c135f80 RCX: 00007f845bf7ca3c
[  207.041254][ T7586] RDX: 000000000000000f RSI: 00007f845cde80a0 RDI: 0000000000000006
[  207.049255][ T7586] RBP: 00007f845cde8090 R08: 0000000000000000 R09: 0000000000000000
[  207.057254][ T7586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  207.065255][ T7586] R13: 0000000000000000 R14: 00007f845c135f80 R15: 00007ffd4d55f5e8
[  207.073268][ T7586]  </TASK>
[  207.085419][ T7603] netlink: 8 bytes leftover after parsing attributes in process `syz.0.635'.
[  207.231642][ T7578] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.273430][ T7599] netlink: 8 bytes leftover after parsing attributes in process `syz.0.635'.
[  207.299730][ T7599] netlink: 32 bytes leftover after parsing attributes in process `syz.0.635'.
[  207.419791][ T7616] netlink: 20 bytes leftover after parsing attributes in process `syz.3.633'.
[  207.519436][ T7578] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.571649][ T7623] batman_adv: batadv0: Adding interface: ipvlan1
[  207.579694][ T7623] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.638558][ T7623] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active
[  207.709056][ T7630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.641'.
[  207.721230][ T7630] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  207.734636][ T7629] netlink: 8 bytes leftover after parsing attributes in process `syz.4.642'.
[  207.776075][ T7578] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.986848][ T7578] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  208.002093][ T7578] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  208.033251][ T7578] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  208.048888][ T7578] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.875856][ T7674] netlink: 'syz.4.656': attribute type 5 has an invalid length.
[  210.611102][ T7687] batman_adv: batadv0: Adding interface: ipvlan1
[  210.639653][ T7687] batman_adv: batadv0: The MTU of interface ipvlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.672114][ T7687] batman_adv: batadv0: Not using interface ipvlan1 (retrying later): interface not active
[  210.871251][ T7705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.662'.
[  210.935837][ T7691] netlink: 'syz.2.662': attribute type 1 has an invalid length.
[  210.995218][ T7691] netlink: 224 bytes leftover after parsing attributes in process `syz.2.662'.
[  211.414463][ T7722] netlink: 40 bytes leftover after parsing attributes in process `syz.3.672'.
[  211.428433][ T7729] xt_NFQUEUE: number of total queues is 0
[  211.980528][ T7755] ip6t_REJECT: ECHOREPLY is not supported
[  212.068994][ T7750] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.682'.
[  212.421716][ T7772] netlink: 28 bytes leftover after parsing attributes in process `syz.3.687'.
[  212.437368][ T7771] xt_NFQUEUE: number of total queues is 0
[  212.569115][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.1.679'.
[  212.935035][ T7792] bridge0: entered promiscuous mode
[  213.047116][ T7798] netlink: 8 bytes leftover after parsing attributes in process `syz.1.697'.
[  213.281006][ T7804] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  213.343528][ T7791] bridge0: left promiscuous mode
[  213.487917][ T7811] xt_NFQUEUE: number of total queues is 0
[  213.546804][ T7813] netlink: 16 bytes leftover after parsing attributes in process `syz.1.703'.
[  213.864362][ T7826] bridge0: entered promiscuous mode
[  213.950026][ T7832] netlink: 8 bytes leftover after parsing attributes in process `syz.3.710'.
[  214.046779][   T55] Bluetooth: hci9: command 0x0405 tx timeout
[  214.113392][ T7823] bridge0: left promiscuous mode
[  214.320289][ T7837] netlink: 8 bytes leftover after parsing attributes in process `syz.2.713'.
[  214.336473][ T7837] tc_dump_action: action bad kind
[  214.348325][ T7847] xt_NFQUEUE: number of total queues is 0
[  214.547352][ T7854] FAULT_INJECTION: forcing a failure.
[  214.547352][ T7854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.644412][ T7854] CPU: 1 UID: 0 PID: 7854 Comm: syz.2.718 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  214.655078][ T7854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  214.665158][ T7854] Call Trace:
[  214.668454][ T7854]  <TASK>
[  214.671399][ T7854]  dump_stack_lvl+0x241/0x360
[  214.676105][ T7854]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.681323][ T7854]  ? __pfx__printk+0x10/0x10
[  214.685945][ T7854]  ? aa_label_sk_perm+0x4f3/0x6c0
[  214.691002][ T7854]  should_fail_ex+0x3b0/0x4e0
[  214.695721][ T7854]  _copy_from_user+0x2f/0xe0
[  214.700341][ T7854]  copy_from_sockptr+0x62/0xa0
[  214.705136][ T7854]  packet_setsockopt+0xcac/0x1970
[  214.710182][ T7854]  ? __pfx_packet_setsockopt+0x10/0x10
[  214.715674][ T7854]  ? aa_sk_perm+0x96d/0xab0
[  214.720202][ T7854]  ? __pfx_lock_acquire+0x10/0x10
[  214.725250][ T7854]  ? __fget_files+0x29/0x470
[  214.729860][ T7854]  ? aa_sock_opt_perm+0x79/0x120
[  214.734826][ T7854]  ? __pfx_packet_setsockopt+0x10/0x10
[  214.740310][ T7854]  do_sock_setsockopt+0x3af/0x720
[  214.745363][ T7854]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  214.750928][ T7854]  ? __fget_files+0x29/0x470
[  214.755544][ T7854]  ? __fget_files+0x3f3/0x470
[  214.760243][ T7854]  ? __fget_files+0x29/0x470
[  214.764864][ T7854]  __sys_setsockopt+0x1a2/0x250
[  214.769737][ T7854]  __x64_sys_setsockopt+0xb5/0xd0
[  214.774784][ T7854]  do_syscall_64+0xf3/0x230
[  214.779300][ T7854]  ? clear_bhb_loop+0x35/0x90
[  214.783999][ T7854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.789923][ T7854] RIP: 0033:0x7f845bf7dff9
[  214.794360][ T7854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.813995][ T7854] RSP: 002b:00007f845cde8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  214.822448][ T7854] RAX: ffffffffffffffda RBX: 00007f845c135f80 RCX: 00007f845bf7dff9
[  214.830452][ T7854] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000003
[  214.838458][ T7854] RBP: 00007f845cde8090 R08: 0000000000000008 R09: 0000000000000000
[  214.846464][ T7854] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  214.854472][ T7854] R13: 0000000000000000 R14: 00007f845c135f80 R15: 00007ffd4d55f5e8
[  214.862506][ T7854]  </TASK>
[  215.213286][ T7878] bridge0: entered promiscuous mode
[  215.368358][ T7888] xt_NFQUEUE: number of total queues is 0
[  215.591686][ T7899] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  215.633322][ T7877] bridge0: left promiscuous mode
[  216.261200][ T7924] xt_NFQUEUE: number of total queues is 0
[  216.812740][ T7936] __nla_validate_parse: 5 callbacks suppressed
[  216.812759][ T7936] netlink: 84 bytes leftover after parsing attributes in process `syz.2.744'.
[  216.959591][ T7936] netlink: 40 bytes leftover after parsing attributes in process `syz.2.744'.
[  216.987224][ T7943] bridge0: entered promiscuous mode
[  217.051337][ T7943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.746'.
[  217.333832][ T7939] bridge0: left promiscuous mode
[  217.443716][ T7963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.755'.
[  218.403226][ T7992] netlink: 'syz.0.762': attribute type 1 has an invalid length.
[  218.417047][ T7992] netlink: 9348 bytes leftover after parsing attributes in process `syz.0.762'.
[  218.428849][ T7992] netlink: 'syz.0.762': attribute type 1 has an invalid length.
[  218.454989][ T7992] netlink: 108 bytes leftover after parsing attributes in process `syz.0.762'.
[  218.726820][ T7997] sctp: [Deprecated]: syz.0.763 (pid 7997) Use of struct sctp_assoc_value in delayed_ack socket option.
[  218.726820][ T7997] Use struct sctp_sack_info instead
[  219.792734][ T7994] smc: net device ip6_vti0 applied user defined pnetid SYZ0
[  220.001109][ T8012] netlink: 12 bytes leftover after parsing attributes in process `syz.1.769'.
[  220.019087][ T8012] netlink: 'syz.1.769': attribute type 1 has an invalid length.
[  220.035332][ T8008] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  220.058540][ T8013] bridge0: entered promiscuous mode
[  220.133571][ T8013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.766'.
[  220.293443][ T8004] bridge0: left promiscuous mode
[  220.639596][ T8041] ip6gretap0: vlans aren't supported yet for dev_uc|mc_add()
[  220.741313][ T8041] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  220.820868][ T8050] batman_adv: batadv0: Removing interface: ipvlan1
[  220.876375][ T8053] netlink: 'syz.2.780': attribute type 4 has an invalid length.
[  220.915314][ T8056] FAULT_INJECTION: forcing a failure.
[  220.915314][ T8056] name failslab, interval 1, probability 0, space 0, times 0
[  220.964760][ T8056] CPU: 1 UID: 0 PID: 8056 Comm: syz.4.781 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  220.975413][ T8056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  220.985498][ T8056] Call Trace:
[  220.988794][ T8056]  <TASK>
[  220.991740][ T8056]  dump_stack_lvl+0x241/0x360
[  220.996454][ T8056]  ? __pfx_dump_stack_lvl+0x10/0x10
[  221.001676][ T8056]  ? __pfx__printk+0x10/0x10
[  221.006301][ T8056]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  221.011789][ T8056]  ? __pfx___might_resched+0x10/0x10
[  221.017105][ T8056]  should_fail_ex+0x3b0/0x4e0
[  221.021815][ T8056]  should_failslab+0xac/0x100
[  221.026519][ T8056]  ? __add_metainfo+0x77/0x340
[  221.031388][ T8056]  __kmalloc_cache_noprof+0x6c/0x2c0
[  221.036705][ T8056]  __add_metainfo+0x77/0x340
[  221.041322][ T8056]  populate_metalist+0x15c/0x220
[  221.046298][ T8056]  tcf_ife_init+0xa46/0xfd0
[  221.050848][ T8056]  ? __pfx_tcf_ife_init+0x10/0x10
[  221.055919][ T8056]  ? __asan_memcpy+0x40/0x70
[  221.060534][ T8056]  ? __pfx_tcf_ife_init+0x10/0x10
[  221.065577][ T8056]  tcf_action_init_1+0x5d7/0x890
[  221.070535][ T8056]  ? nla_strscpy+0x100/0x180
[  221.075150][ T8056]  ? __pfx_tcf_action_init_1+0x10/0x10
[  221.080634][ T8056]  ? _raw_read_unlock+0x28/0x50
[  221.085508][ T8056]  ? tc_action_load_ops+0x26d/0x590
[  221.090746][ T8056]  ? __nla_parse+0x40/0x60
[  221.095191][ T8056]  tcf_action_init+0x2e4/0x940
[  221.099994][ T8056]  ? __pfx_tcf_action_init+0x10/0x10
[  221.105361][ T8056]  ? apparmor_capable+0x13b/0x1b0
[  221.110418][ T8056]  tc_ctl_action+0x47d/0xcf0
[  221.115045][ T8056]  ? __pfx_tc_ctl_action+0x10/0x10
[  221.120211][ T8056]  ? trace_contention_end+0x3c/0x120
[  221.125519][ T8056]  ? __mutex_lock+0x2ef/0xd70
[  221.130227][ T8056]  ? __pfx___mutex_lock+0x10/0x10
[  221.135280][ T8056]  ? __pfx_tc_ctl_action+0x10/0x10
[  221.140417][ T8056]  rtnetlink_rcv_msg+0x73f/0xcf0
[  221.145381][ T8056]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  221.150519][ T8056]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  221.155996][ T8056]  ? ref_tracker_free+0x643/0x7e0
[  221.161027][ T8056]  netlink_rcv_skb+0x1e3/0x430
[  221.165796][ T8056]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  221.171257][ T8056]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  221.176556][ T8056]  ? netlink_deliver_tap+0x2e/0x1b0
[  221.181758][ T8056]  netlink_unicast+0x7f6/0x990
[  221.186530][ T8056]  ? __pfx_netlink_unicast+0x10/0x10
[  221.191817][ T8056]  ? __virt_addr_valid+0x183/0x530
[  221.196939][ T8056]  ? __check_object_size+0x48e/0x900
[  221.202235][ T8056]  netlink_sendmsg+0x8e4/0xcb0
[  221.207003][ T8056]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.212294][ T8056]  ? aa_sock_msg_perm+0x91/0x160
[  221.217236][ T8056]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.222515][ T8056]  __sock_sendmsg+0x221/0x270
[  221.227199][ T8056]  ____sys_sendmsg+0x52a/0x7e0
[  221.231969][ T8056]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.237262][ T8056]  __sys_sendmsg+0x292/0x380
[  221.241852][ T8056]  ? __pfx___sys_sendmsg+0x10/0x10
[  221.246969][ T8056]  ? __pfx_vfs_write+0x10/0x10
[  221.251751][ T8056]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  221.258082][ T8056]  ? do_syscall_64+0x100/0x230
[  221.262848][ T8056]  ? do_syscall_64+0xb6/0x230
[  221.267610][ T8056]  do_syscall_64+0xf3/0x230
[  221.272112][ T8056]  ? clear_bhb_loop+0x35/0x90
[  221.276786][ T8056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.282685][ T8056] RIP: 0033:0x7fa1cdd7dff9
[  221.287095][ T8056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.306706][ T8056] RSP: 002b:00007fa1cec5c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.315122][ T8056] RAX: ffffffffffffffda RBX: 00007fa1cdf35f80 RCX: 00007fa1cdd7dff9
[  221.323090][ T8056] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  221.331080][ T8056] RBP: 00007fa1cec5c090 R08: 0000000000000000 R09: 0000000000000000
[  221.339046][ T8056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.347012][ T8056] R13: 0000000000000000 R14: 00007fa1cdf35f80 R15: 00007ffc8dab5078
[  221.354993][ T8056]  </TASK>
[  221.628756][ T8071] bridge0: entered promiscuous mode
[  221.722913][ T8075] netlink: 8 bytes leftover after parsing attributes in process `syz.1.785'.
[  221.963149][ T8069] bridge0: left promiscuous mode
[  222.112514][ T8092] xt_limit: Overflow, try lower: 0/0
[  222.498639][ T8112] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.798'.
[  222.508376][ T8112] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  222.548915][ T8120] netlink: 64 bytes leftover after parsing attributes in process `syz.3.800'.
[  222.686659][ T8122] batman_adv: batadv0: Removing interface: ipvlan1
[  222.717709][ T8129] netlink: 168 bytes leftover after parsing attributes in process `syz.4.802'.
[  222.754597][ T8124] netlink: 20 bytes leftover after parsing attributes in process `syz.3.800'.
[  222.996963][ T8141] netlink: 'syz.4.807': attribute type 21 has an invalid length.
[  223.005107][ T8141] netlink: 132 bytes leftover after parsing attributes in process `syz.4.807'.
[  223.199290][ T8145] dccp_close: ABORT with 1 bytes unread
[  223.894764][ T8166] FAULT_INJECTION: forcing a failure.
[  223.894764][ T8166] name failslab, interval 1, probability 0, space 0, times 0
[  223.936569][ T8166] CPU: 1 UID: 0 PID: 8166 Comm: syz.1.816 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  223.947221][ T8166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  223.957282][ T8166] Call Trace:
[  223.960558][ T8166]  <TASK>
[  223.963489][ T8166]  dump_stack_lvl+0x241/0x360
[  223.968175][ T8166]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.973382][ T8166]  ? __pfx__printk+0x10/0x10
[  223.977988][ T8166]  should_fail_ex+0x3b0/0x4e0
[  223.982671][ T8166]  should_failslab+0xac/0x100
[  223.987477][ T8166]  ? sctp_add_bind_addr+0x89/0x3a0
[  223.992600][ T8166]  __kmalloc_cache_noprof+0x6c/0x2c0
[  223.997895][ T8166]  sctp_add_bind_addr+0x89/0x3a0
[  224.002838][ T8166]  sctp_copy_local_addr_list+0x311/0x500
[  224.008467][ T8166]  ? sctp_copy_local_addr_list+0xab/0x500
[  224.014184][ T8166]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  224.020341][ T8166]  ? sctp_v6_is_any+0x60/0x70
[  224.025024][ T8166]  sctp_bind_addr_copy+0xad/0x3b0
[  224.030045][ T8166]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  224.036376][ T8166]  sctp_connect_new_asoc+0x2f3/0x6c0
[  224.041664][ T8166]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  224.047469][ T8166]  ? sctp_sendmsg+0xbb9/0x3520
[  224.052242][ T8166]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  224.058289][ T8166]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  224.063852][ T8166]  sctp_sendmsg+0x219a/0x3520
[  224.068546][ T8166]  ? __pfx_sctp_sendmsg+0x10/0x10
[  224.073575][ T8166]  ? __pfx_aa_sk_perm+0x10/0x10
[  224.078429][ T8166]  ? inet_sendmsg+0x330/0x390
[  224.083109][ T8166]  __sock_sendmsg+0x1a6/0x270
[  224.087788][ T8166]  __sys_sendto+0x39b/0x4f0
[  224.092293][ T8166]  ? __pfx___sys_sendto+0x10/0x10
[  224.097343][ T8166]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  224.103331][ T8166]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  224.109672][ T8166]  __x64_sys_sendto+0xde/0x100
[  224.114434][ T8166]  do_syscall_64+0xf3/0x230
[  224.118932][ T8166]  ? clear_bhb_loop+0x35/0x90
[  224.123608][ T8166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.129502][ T8166] RIP: 0033:0x7fc6c9b7dff9
[  224.133913][ T8166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.153857][ T8166] RSP: 002b:00007fc6ca8e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  224.162278][ T8166] RAX: ffffffffffffffda RBX: 00007fc6c9d35f80 RCX: 00007fc6c9b7dff9
[  224.170256][ T8166] RDX: 0000000000000001 RSI: 0000000020001080 RDI: 0000000000000006
[  224.178311][ T8166] RBP: 00007fc6ca8e2090 R08: 000000002005ffe4 R09: 000000000000001c
[  224.186308][ T8166] R10: 0000000004048800 R11: 0000000000000246 R12: 0000000000000002
[  224.194289][ T8166] R13: 0000000000000000 R14: 00007fc6c9d35f80 R15: 00007ffd8fd03e48
[  224.202283][ T8166]  </TASK>
[  224.239880][ T8169] batadv0: entered promiscuous mode
[  224.258088][ T8169] macsec1: entered promiscuous mode
[  224.345794][ T8169] batadv0: left promiscuous mode
[  224.399928][ T8177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.819'.
[  224.473866][ T8182] FAULT_INJECTION: forcing a failure.
[  224.473866][ T8182] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.488829][ T8182] CPU: 1 UID: 0 PID: 8182 Comm: syz.1.821 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  224.499466][ T8182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  224.509564][ T8182] Call Trace:
[  224.512871][ T8182]  <TASK>
[  224.515831][ T8182]  dump_stack_lvl+0x241/0x360
[  224.520556][ T8182]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.525792][ T8182]  ? __pfx__printk+0x10/0x10
[  224.530429][ T8182]  ? snprintf+0xda/0x120
[  224.534708][ T8182]  should_fail_ex+0x3b0/0x4e0
[  224.539430][ T8182]  _copy_to_user+0x2f/0xb0
[  224.543885][ T8182]  simple_read_from_buffer+0xca/0x150
[  224.549305][ T8182]  proc_fail_nth_read+0x1e9/0x250
[  224.554819][ T8182]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.560406][ T8182]  ? rw_verify_area+0x55e/0x6f0
[  224.565288][ T8182]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.570881][ T8182]  vfs_read+0x201/0xbc0
[  224.575071][ T8182]  ? __pfx_lock_release+0x10/0x10
[  224.580141][ T8182]  ? __pfx_vfs_read+0x10/0x10
[  224.584868][ T8182]  ? __fget_files+0x3f3/0x470
[  224.589598][ T8182]  ? fdget_pos+0x24e/0x320
[  224.594140][ T8182]  ksys_read+0x183/0x2b0
[  224.598419][ T8182]  ? __pfx_ksys_read+0x10/0x10
[  224.603217][ T8182]  ? do_syscall_64+0x100/0x230
[  224.608015][ T8182]  ? do_syscall_64+0xb6/0x230
[  224.612721][ T8182]  do_syscall_64+0xf3/0x230
[  224.617249][ T8182]  ? clear_bhb_loop+0x35/0x90
[  224.621959][ T8182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.627892][ T8182] RIP: 0033:0x7fc6c9b7ca3c
[  224.632334][ T8182] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  224.651975][ T8182] RSP: 002b:00007fc6ca8c1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  224.660414][ T8182] RAX: ffffffffffffffda RBX: 00007fc6c9d36058 RCX: 00007fc6c9b7ca3c
[  224.668391][ T8182] RDX: 000000000000000f RSI: 00007fc6ca8c10a0 RDI: 0000000000000004
[  224.676370][ T8182] RBP: 00007fc6ca8c1090 R08: 0000000000000000 R09: 0000000000000000
[  224.684344][ T8182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.692314][ T8182] R13: 0000000000000001 R14: 00007fc6c9d36058 R15: 00007ffd8fd03e48
[  224.700301][ T8182]  </TASK>
[  225.196004][ T8215] netlink: 'syz.2.834': attribute type 4 has an invalid length.
[  225.205868][ T8215] netlink: 17 bytes leftover after parsing attributes in process `syz.2.834'.
[  225.497095][ T8235] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.840'.
[  225.539208][ T8237] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.841'.
[  225.650334][ T8241] netlink: 20 bytes leftover after parsing attributes in process `syz.2.843'.
[  225.922568][ T8256] tc_dump_action: action bad kind
[  226.198502][ T8271] netlink: 'syz.1.856': attribute type 2 has an invalid length.
[  226.258496][ T8271] xt_bpf: check failed: parse error
[  226.349395][ T8278] netlink: 'syz.3.858': attribute type 6 has an invalid length.
[  226.377940][ T8278] netlink: 'syz.3.858': attribute type 5 has an invalid length.
[  227.698665][ T8352] xt_NFQUEUE: number of total queues is 0
[  227.918940][ T8362] gre1: entered promiscuous mode
[  227.927976][ T8362] gre1: entered allmulticast mode
[  228.366052][ T8384] xt_NFQUEUE: number of total queues is 0
[  228.660985][ T8399] __nla_validate_parse: 12 callbacks suppressed
[  228.661004][ T8399] netlink: 12 bytes leftover after parsing attributes in process `syz.4.902'.
[  228.886940][ T8415] xt_NFQUEUE: number of total queues is 0
[  228.908464][ T8417] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.910'.
[  228.976105][ T8417] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.910'.
[  229.012908][ T8422] FAULT_INJECTION: forcing a failure.
[  229.012908][ T8422] name failslab, interval 1, probability 0, space 0, times 0
[  229.047852][ T8417] openvswitch: netlink: Message has 18430 unknown bytes.
[  229.055748][ T8422] CPU: 1 UID: 0 PID: 8422 Comm: syz.2.912 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  229.066381][ T8422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  229.076460][ T8422] Call Trace:
[  229.079745][ T8422]  <TASK>
[  229.082689][ T8422]  dump_stack_lvl+0x241/0x360
[  229.087387][ T8422]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.092584][ T8422]  ? __pfx__printk+0x10/0x10
[  229.097185][ T8422]  should_fail_ex+0x3b0/0x4e0
[  229.101864][ T8422]  should_failslab+0xac/0x100
[  229.106539][ T8422]  ? sctp_add_bind_addr+0x89/0x3a0
[  229.111646][ T8422]  __kmalloc_cache_noprof+0x6c/0x2c0
[  229.116942][ T8422]  sctp_add_bind_addr+0x89/0x3a0
[  229.121906][ T8422]  sctp_copy_local_addr_list+0x311/0x500
[  229.127588][ T8422]  ? sctp_copy_local_addr_list+0xab/0x500
[  229.133317][ T8422]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  229.139481][ T8422]  ? sctp_v6_is_any+0x60/0x70
[  229.144168][ T8422]  sctp_bind_addr_copy+0xad/0x3b0
[  229.149191][ T8422]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  229.155524][ T8422]  sctp_connect_new_asoc+0x2f3/0x6c0
[  229.160811][ T8422]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  229.166619][ T8422]  ? sctp_sendmsg+0xbb9/0x3520
[  229.171388][ T8422]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  229.177196][ T8422]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  229.182747][ T8422]  sctp_sendmsg+0x219a/0x3520
[  229.187438][ T8422]  ? __pfx_sctp_sendmsg+0x10/0x10
[  229.192466][ T8422]  ? __pfx_aa_sk_perm+0x10/0x10
[  229.197316][ T8422]  ? inet_sendmsg+0x330/0x390
[  229.201997][ T8422]  __sock_sendmsg+0x1a6/0x270
[  229.206676][ T8422]  __sys_sendto+0x39b/0x4f0
[  229.211178][ T8422]  ? __pfx___sys_sendto+0x10/0x10
[  229.216216][ T8422]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  229.222204][ T8422]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  229.228537][ T8422]  __x64_sys_sendto+0xde/0x100
[  229.233301][ T8422]  do_syscall_64+0xf3/0x230
[  229.237800][ T8422]  ? clear_bhb_loop+0x35/0x90
[  229.242476][ T8422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.248367][ T8422] RIP: 0033:0x7f845bf7dff9
[  229.252776][ T8422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.272376][ T8422] RSP: 002b:00007f845cde8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  229.280793][ T8422] RAX: ffffffffffffffda RBX: 00007f845c135f80 RCX: 00007f845bf7dff9
[  229.288762][ T8422] RDX: 0000000000000001 RSI: 0000000020001080 RDI: 0000000000000006
[  229.296732][ T8422] RBP: 00007f845cde8090 R08: 000000002005ffe4 R09: 000000000000001c
[  229.304700][ T8422] R10: 0000000004048800 R11: 0000000000000246 R12: 0000000000000002
[  229.312665][ T8422] R13: 0000000000000000 R14: 00007f845c135f80 R15: 00007ffd4d55f5e8
[  229.320647][ T8422]  </TASK>
[  229.432624][ T8432] netlink: 'syz.2.916': attribute type 1 has an invalid length.
[  229.756525][ T8454] xt_NFQUEUE: number of total queues is 0
[  229.964104][ T8466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.930'.
[  230.012848][ T8466] tc_dump_action: action bad kind
[  230.376242][ T8482] netlink: 'syz.4.936': attribute type 9 has an invalid length.
[  230.411670][ T8482] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.936'.
[  230.496651][ T8492] netlink: 'syz.4.936': attribute type 9 has an invalid length.
[  230.509579][ T8490] xt_NFQUEUE: number of total queues is 0
[  230.520320][ T8492] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.936'.
[  230.545767][ T8494] netlink: 'syz.3.941': attribute type 10 has an invalid length.
[  230.594573][ T8494] bridge0: port 3(team0) entered disabled state
[  230.616414][ T8494] team0: left allmulticast mode
[  230.626953][ T8494] team_slave_0: left allmulticast mode
[  230.639951][ T8494] team_slave_1: left allmulticast mode
[  230.645697][ T8494] team0: left promiscuous mode
[  230.650951][ T8494] team_slave_0: left promiscuous mode
[  230.656887][ T8494] team_slave_1: left promiscuous mode
[  230.662705][ T8494] bridge0: port 3(team0) entered disabled state
[  230.676657][ T8494] 8021q: adding VLAN 0 to HW filter on device team0
[  230.685063][ T8494] bond0: (slave team0): Enslaving as an active interface with an up link
[  230.812736][ T8505] netlink: 20 bytes leftover after parsing attributes in process `syz.3.943'.
[  230.821765][ T8505] netlink: 112 bytes leftover after parsing attributes in process `syz.3.943'.
[  230.856155][ T8505] netlink: 20 bytes leftover after parsing attributes in process `syz.3.943'.
[  230.964147][ T8514] netlink: 'syz.0.948': attribute type 12 has an invalid length.
[  230.981148][ T8514] netlink: 132 bytes leftover after parsing attributes in process `syz.0.948'.
[  231.024971][ T8513] vlan2: entered promiscuous mode
[  231.048276][ T8513] vlan2: entered allmulticast mode
[  231.072620][ T8513] xfrm0: entered allmulticast mode
[  231.098362][ T8513] xfrm0: entered promiscuous mode
[  231.118560][ T8513] team0: Port device vlan2 added
[  231.207500][ T8530] xt_connbytes: Forcing CT accounting to be enabled
[  231.651957][ T8564] --map-set only usable from mangle table
[  232.064973][ T8591] bond_slave_0: entered promiscuous mode
[  232.071120][ T8591] bond_slave_1: entered promiscuous mode
[  232.104156][ T8591] macsec1: entered promiscuous mode
[  232.110916][ T8591] bond0: entered promiscuous mode
[  232.132124][ T8591] macsec1: entered allmulticast mode
[  232.139913][ T8591] bond0: entered allmulticast mode
[  232.173001][ T8591] bond_slave_0: entered allmulticast mode
[  232.192752][ T8591] bond_slave_1: entered allmulticast mode
[  232.250197][ T8591] bond0: left allmulticast mode
[  232.269660][ T8591] bond_slave_0: left allmulticast mode
[  232.279083][ T8591] bond_slave_1: left allmulticast mode
[  232.286310][ T8591] bond0: left promiscuous mode
[  232.291692][ T8591] bond_slave_0: left promiscuous mode
[  232.297177][ T8591] bond_slave_1: left promiscuous mode
[  232.639004][ T8625] tipc: Started in network mode
[  232.690120][ T8625] tipc: Node identity ac14140f, cluster identity 4711
[  232.721610][ T8625] tipc: New replicast peer: 255.255.255.255
[  232.747786][ T8625] tipc: Enabled bearer <udp:syz2>, priority 10
[  232.774873][ T8635] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  232.806635][   T35] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  232.940024][ T8637] netlink: 'syz.4.991': attribute type 4 has an invalid length.
[  232.965080][ T8637] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  232.988465][ T8639] netlink: 'syz.0.990': attribute type 10 has an invalid length.
[  232.991788][   T29] audit: type=1107 audit(1728407665.477:2): pid=8636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ILÌ'
[  233.051802][ T8639] team0: Port device geneve1 added
[  233.058261][ T8643] netlink: 'syz.2.992': attribute type 11 has an invalid length.
[  233.204994][ T8651] FAULT_INJECTION: forcing a failure.
[  233.204994][ T8651] name failslab, interval 1, probability 0, space 0, times 0
[  233.218071][ T8651] CPU: 0 UID: 0 PID: 8651 Comm: syz.0.994 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  233.228695][ T8651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  233.238777][ T8651] Call Trace:
[  233.242083][ T8651]  <TASK>
[  233.245035][ T8651]  dump_stack_lvl+0x241/0x360
[  233.249749][ T8651]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.254978][ T8651]  ? __pfx__printk+0x10/0x10
[  233.259620][ T8651]  should_fail_ex+0x3b0/0x4e0
[  233.264333][ T8651]  should_failslab+0xac/0x100
[  233.269035][ T8651]  ? sctp_add_bind_addr+0x89/0x3a0
[  233.274174][ T8651]  __kmalloc_cache_noprof+0x6c/0x2c0
[  233.279494][ T8651]  sctp_add_bind_addr+0x89/0x3a0
[  233.284465][ T8651]  sctp_copy_local_addr_list+0x311/0x500
[  233.290130][ T8651]  ? sctp_copy_local_addr_list+0xab/0x500
[  233.295879][ T8651]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  233.302049][ T8651]  ? sctp_v6_is_any+0x60/0x70
[  233.306731][ T8651]  sctp_bind_addr_copy+0xad/0x3b0
[  233.311749][ T8651]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  233.318197][ T8651]  sctp_connect_new_asoc+0x2f3/0x6c0
[  233.323505][ T8651]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  233.329329][ T8651]  ? sctp_sendmsg+0xbb9/0x3520
[  233.334099][ T8651]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  233.339905][ T8651]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  233.345445][ T8651]  sctp_sendmsg+0x219a/0x3520
[  233.350136][ T8651]  ? __pfx_sctp_sendmsg+0x10/0x10
[  233.355164][ T8651]  ? __pfx_aa_sk_perm+0x10/0x10
[  233.360012][ T8651]  ? inet_sendmsg+0x330/0x390
[  233.364700][ T8651]  __sock_sendmsg+0x1a6/0x270
[  233.369375][ T8651]  __sys_sendto+0x39b/0x4f0
[  233.373879][ T8651]  ? __pfx___sys_sendto+0x10/0x10
[  233.378920][ T8651]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  233.384900][ T8651]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  233.391229][ T8651]  __x64_sys_sendto+0xde/0x100
[  233.395988][ T8651]  do_syscall_64+0xf3/0x230
[  233.400486][ T8651]  ? clear_bhb_loop+0x35/0x90
[  233.405157][ T8651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.411053][ T8651] RIP: 0033:0x7fd32b97dff9
[  233.415465][ T8651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.435081][ T8651] RSP: 002b:00007fd32c773038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  233.443500][ T8651] RAX: ffffffffffffffda RBX: 00007fd32bb35f80 RCX: 00007fd32b97dff9
[  233.451474][ T8651] RDX: 0000000000000001 RSI: 0000000020001080 RDI: 0000000000000006
[  233.459442][ T8651] RBP: 00007fd32c773090 R08: 000000002005ffe4 R09: 000000000000001c
[  233.467409][ T8651] R10: 0000000004048800 R11: 0000000000000246 R12: 0000000000000002
[  233.475382][ T8651] R13: 0000000000000000 R14: 00007fd32bb35f80 R15: 00007ffc99cecd18
[  233.483366][ T8651]  </TASK>
[  233.556414][ T8660] netlink: 'syz.0.999': attribute type 2 has an invalid length.
[  233.762345][    T9] tipc: Node number set to 2886997007
[  234.010919][ T8692] netlink: 'syz.0.1009': attribute type 21 has an invalid length.
[  234.034578][ T8692] __nla_validate_parse: 12 callbacks suppressed
[  234.034600][ T8692] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1009'.
[  234.226033][ T8705] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1014'.
[  234.244014][ T8701] macvlan2: entered promiscuous mode
[  234.260779][ T8701] team_slave_0: entered promiscuous mode
[  234.266544][ T8701] team_slave_1: entered promiscuous mode
[  234.274084][ T8707] FAULT_INJECTION: forcing a failure.
[  234.274084][ T8707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.303152][ T8707] CPU: 0 UID: 0 PID: 8707 Comm: syz.0.1016 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  234.307182][ T8701] team0: entered promiscuous mode
[  234.313865][ T8707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  234.313883][ T8707] Call Trace:
[  234.313891][ T8707]  <TASK>
[  234.313900][ T8707]  dump_stack_lvl+0x241/0x360
[  234.313934][ T8707]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.313952][ T8707]  ? __pfx__printk+0x10/0x10
[  234.313979][ T8707]  ? __pfx_lock_release+0x10/0x10
[  234.335092][ T8701] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  234.335276][ T8707]  should_fail_ex+0x3b0/0x4e0
[  234.358055][ T8701] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  234.361551][ T8707]  _copy_from_user+0x2f/0xe0
[  234.361585][ T8707]  copy_msghdr_from_user+0xae/0x680
[  234.384764][ T8707]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  234.390652][ T8707]  __sys_sendmsg+0x22d/0x380
[  234.395283][ T8707]  ? __pfx___sys_sendmsg+0x10/0x10
[  234.400443][ T8707]  ? __pfx_vfs_write+0x10/0x10
[  234.405254][ T8707]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  234.411616][ T8707]  ? do_syscall_64+0x100/0x230
[  234.416414][ T8707]  ? do_syscall_64+0xb6/0x230
[  234.421110][ T8707]  do_syscall_64+0xf3/0x230
[  234.425628][ T8707]  ? clear_bhb_loop+0x35/0x90
[  234.430335][ T8707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.436262][ T8707] RIP: 0033:0x7fd32b97dff9
[  234.440700][ T8707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.460338][ T8707] RSP: 002b:00007fd32c773038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  234.468787][ T8707] RAX: ffffffffffffffda RBX: 00007fd32bb35f80 RCX: 00007fd32b97dff9
[  234.476791][ T8707] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[  234.484793][ T8707] RBP: 00007fd32c773090 R08: 0000000000000000 R09: 0000000000000000
[  234.492791][ T8707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.500792][ T8707] R13: 0000000000000000 R14: 00007fd32bb35f80 R15: 00007ffc99cecd18
[  234.508808][ T8707]  </TASK>
[  234.542442][ T8710] IPVS: length: 156 != 24
[  234.655339][ T8720] delete_channel: no stack
[  234.660189][ T8720] delete_channel: no stack
[  234.953546][ T8728] netlink: 'syz.0.1024': attribute type 4 has an invalid length.
[  234.961208][ T8738] FAULT_INJECTION: forcing a failure.
[  234.961208][ T8738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.005555][ T8738] CPU: 0 UID: 0 PID: 8738 Comm: syz.1.1026 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  235.016298][ T8738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  235.026386][ T8738] Call Trace:
[  235.029687][ T8738]  <TASK>
[  235.032635][ T8738]  dump_stack_lvl+0x241/0x360
[  235.037342][ T8738]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.042567][ T8738]  ? __pfx__printk+0x10/0x10
[  235.047186][ T8738]  ? __pfx_lock_release+0x10/0x10
[  235.052238][ T8738]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  235.058273][ T8738]  should_fail_ex+0x3b0/0x4e0
[  235.062986][ T8738]  _copy_from_user+0x2f/0xe0
[  235.067603][ T8738]  copy_bpf_fprog_from_user+0x167/0x450
[  235.073184][ T8738]  ? __pfx_copy_bpf_fprog_from_user+0x10/0x10
[  235.079291][ T8738]  sk_setsockopt+0x1b36/0x33b0
[  235.084084][ T8738]  ? __pfx_sk_setsockopt+0x10/0x10
[  235.089223][ T8738]  ? aa_sk_perm+0x96d/0xab0
[  235.093753][ T8738]  ? __pfx_aa_sk_perm+0x10/0x10
[  235.098627][ T8738]  ? __pfx_lock_acquire+0x10/0x10
[  235.103674][ T8738]  ? __fget_files+0x29/0x470
[  235.108280][ T8738]  ? aa_sock_opt_perm+0x79/0x120
[  235.113243][ T8738]  do_sock_setsockopt+0x2fb/0x720
[  235.118288][ T8738]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  235.123830][ T8738]  ? __fget_files+0x29/0x470
[  235.128414][ T8738]  ? __fget_files+0x3f3/0x470
[  235.133084][ T8738]  ? __fget_files+0x29/0x470
[  235.137680][ T8738]  __sys_setsockopt+0x1a2/0x250
[  235.142528][ T8738]  __x64_sys_setsockopt+0xb5/0xd0
[  235.147546][ T8738]  do_syscall_64+0xf3/0x230
[  235.152041][ T8738]  ? clear_bhb_loop+0x35/0x90
[  235.156720][ T8738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.162617][ T8738] RIP: 0033:0x7fc6c9b7dff9
[  235.167026][ T8738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.186627][ T8738] RSP: 002b:00007fc6ca8c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  235.195039][ T8738] RAX: ffffffffffffffda RBX: 00007fc6c9d36058 RCX: 00007fc6c9b7dff9
[  235.203004][ T8738] RDX: 0000000000000033 RSI: 0000000000000001 RDI: 0000000000000003
[  235.210967][ T8738] RBP: 00007fc6ca8c1090 R08: 0000000000000010 R09: 0000000000000000
[  235.218932][ T8738] R10: 00000000200a2000 R11: 0000000000000246 R12: 0000000000000001
[  235.226895][ T8738] R13: 0000000000000000 R14: 00007fc6c9d36058 R15: 00007ffd8fd03e48
[  235.234876][ T8738]  </TASK>
[  235.487441][ T8751] macsec0: entered promiscuous mode
[  235.514581][ T8751] macvlan1: entered promiscuous mode
[  235.587677][ T8751] macvlan1: left promiscuous mode
[  235.596798][ T8754] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1034'.
[  235.644175][ T8754] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1034'.
[  235.673938][ T8754] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1034'.
[  235.828246][ T8763] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1039'.
[  235.860065][ T8763] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1039'.
[  235.887560][ T8763] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1039'.
[  236.294247][ T8778] ªªªªª=: renamed from bond0 (while UP)
[  236.446771][ T8785] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1049'.
[  236.463009][ T8788] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1051'.
[  236.507536][ T8785] xt_hashlimit: invalid interval
[  236.550104][ T8791] delete_channel: no stack
[  236.628623][ T8797] netlink: 'syz.4.1054': attribute type 10 has an invalid length.
[  236.731667][ T8797] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  237.386119][ T8840] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes.
[  237.555443][ T8852] netlink: 'syz.1.1070': attribute type 8 has an invalid length.
[  237.777791][ T1112] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  238.880432][ T8927] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  239.114700][ T8945] __nla_validate_parse: 13 callbacks suppressed
[  239.114719][ T8945] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1103'.
[  239.266019][ T8949] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1105'.
[  239.569427][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.601004][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.803549][ T8981] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1114'.
[  239.888770][ T8983] sctp: [Deprecated]: syz.3.1119 (pid 8983) Use of struct sctp_assoc_value in delayed_ack socket option.
[  239.888770][ T8983] Use struct sctp_sack_info instead
[  239.939746][ T8984] sctp: [Deprecated]: syz.3.1119 (pid 8984) Use of struct sctp_assoc_value in delayed_ack socket option.
[  239.939746][ T8984] Use struct sctp_sack_info instead
[  240.010614][ T8983] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1119'.
[  240.068182][ T8998] netlink: 220 bytes leftover after parsing attributes in process `syz.4.1125'.
[  240.139506][ T9002] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  240.167597][ T9003] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1123'.
[  240.220190][ T9009] xt_policy: output policy not valid in PREROUTING and INPUT
[  240.441526][ T9020] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1130'.
[  240.493862][ T9018] mac80211_hwsim hwsim27 wlan0: entered promiscuous mode
[  240.525692][ T9018] macsec0: entered allmulticast mode
[  240.533533][ T9018] mac80211_hwsim hwsim27 wlan0: entered allmulticast mode
[  240.545689][ T9018] mac80211_hwsim hwsim27 wlan0: left allmulticast mode
[  240.553569][ T9018] mac80211_hwsim hwsim27 wlan0: left promiscuous mode
[  240.724267][ T9036] netlink: 220 bytes leftover after parsing attributes in process `syz.0.1137'.
[  240.954401][ T9049] netlink: 'syz.1.1144': attribute type 1 has an invalid length.
[  241.175595][ T9066] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1147'.
[  241.259652][ T9070] SET target dimension over the limit!
[  241.483143][ T9077] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  241.633035][ T9075] gretap0: refused to change device tx_queue_len
[  241.655370][ T9075] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  241.689834][ T9092] netlink: 'syz.2.1157': attribute type 3 has an invalid length.
[  241.718201][ T9092] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1157'.
[  241.730782][ T9090] netlink: 'syz.4.1156': attribute type 12 has an invalid length.
[  241.988281][ T9102] xt_socket: unknown flags 0x4
[  242.526666][    T9] IPVS: starting estimator thread 0...
[  242.622774][ T9134] IPVS: using max 19 ests per chain, 45600 per kthread
[  242.768547][ T9144] x_tables: duplicate underflow at hook 1
[  242.915912][ T9158] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  242.942947][ T9160] nft_compat: unsupported protocol 1
[  243.066235][ T9162] netlink: 'syz.0.1183': attribute type 2 has an invalid length.
[  243.088302][ T9165] tipc: Started in network mode
[  243.096539][ T9165] tipc: Node identity 000000000000005f0000000000000001, cluster identity 4711
[  243.144190][ T9165] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  243.434453][ T9180] xt_socket: unknown flags 0x4
[  244.067767][ T9211] xt_NFQUEUE: number of total queues is 0
[  244.078487][ T9214] xt_socket: unknown flags 0x4
[  244.128953][ T9212] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  244.155786][ T9217] sit0: entered promiscuous mode
[  244.175902][ T9217] netlink: 'syz.3.1204': attribute type 1 has an invalid length.
[  244.218089][ T9217] __nla_validate_parse: 8 callbacks suppressed
[  244.218108][ T9217] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1204'.
[  244.525282][ T9237] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1209'.
[  244.559009][ T9240] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1211'.
[  244.638827][ T9244] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1212'.
[  244.705321][ T9244] bridge0: entered promiscuous mode
[  244.722459][ T9244] macsec3: entered promiscuous mode
[  244.742459][ T9244] macsec3: entered allmulticast mode
[  244.747797][ T9244] bridge0: entered allmulticast mode
[  244.801393][ T9244] bridge0: left allmulticast mode
[  244.852469][ T9244] bridge0: left promiscuous mode
[  244.931769][ T9256] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  245.312701][ T9269] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1223'.
[  245.395347][ T9275] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1225'.
[  245.441463][ T9275] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  245.464015][ T9280] FAULT_INJECTION: forcing a failure.
[  245.464015][ T9280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.467526][ T9275] vlan2: entered promiscuous mode
[  245.492894][ T9280] CPU: 0 UID: 0 PID: 9280 Comm: syz.1.1226 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  245.503720][ T9280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.513804][ T9280] Call Trace:
[  245.517106][ T9280]  <TASK>
[  245.520050][ T9280]  dump_stack_lvl+0x241/0x360
[  245.524755][ T9280]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.529970][ T9280]  ? __pfx__printk+0x10/0x10
[  245.534590][ T9280]  ? __pfx_lock_release+0x10/0x10
[  245.539649][ T9280]  should_fail_ex+0x3b0/0x4e0
[  245.544357][ T9280]  _copy_from_user+0x2f/0xe0
[  245.548975][ T9280]  copy_msghdr_from_user+0xae/0x680
[  245.554211][ T9280]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  245.560062][ T9280]  __sys_sendmsg+0x22d/0x380
[  245.564686][ T9280]  ? __pfx___sys_sendmsg+0x10/0x10
[  245.569829][ T9280]  ? __pfx_vfs_write+0x10/0x10
[  245.574636][ T9280]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  245.580993][ T9280]  ? do_syscall_64+0x100/0x230
[  245.585788][ T9280]  ? do_syscall_64+0xb6/0x230
[  245.590493][ T9280]  do_syscall_64+0xf3/0x230
[  245.595024][ T9280]  ? clear_bhb_loop+0x35/0x90
[  245.599725][ T9280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.605651][ T9280] RIP: 0033:0x7fc6c9b7dff9
[  245.610088][ T9280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.629726][ T9280] RSP: 002b:00007fc6ca8e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.638174][ T9280] RAX: ffffffffffffffda RBX: 00007fc6c9d35f80 RCX: 00007fc6c9b7dff9
[  245.646176][ T9280] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  245.654175][ T9280] RBP: 00007fc6ca8e2090 R08: 0000000000000000 R09: 0000000000000000
[  245.662172][ T9280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.670168][ T9280] R13: 0000000000000000 R14: 00007fc6c9d35f80 R15: 00007ffd8fd03e48
[  245.678180][ T9280]  </TASK>
[  245.689363][ T9284] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  245.729976][ T9290] netlink: 4104 bytes leftover after parsing attributes in process `syz.3.1230'.
[  245.762444][ T9290] openvswitch: netlink: Message has 8 unknown bytes.
[  246.116165][ T9301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1236'.
[  246.146391][ T9299] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1234'.
[  246.187699][ T9299] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  246.189201][ T9304] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1235'.
[  246.420663][ T9317] bridge0: port 3(vlan3) entered blocking state
[  246.458121][ T9317] bridge0: port 3(vlan3) entered disabled state
[  246.475324][ T9317] vlan3: entered allmulticast mode
[  246.503097][ T9317] vlan3: left allmulticast mode
[  246.527146][ T9324] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  246.550565][ T9324] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  246.911330][ T9349] tc_dump_action: action bad kind
[  246.960470][ T9344] xt_nfacct: accounting object `syz1' does not exists
[  247.278588][ T9364] BUG: Bad page state in process syz.2.1253  pfn:783f6
[  247.285893][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880783f6dc0 pfn:0x783f6
[  247.296042][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  247.303234][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  247.311847][ T9364] raw: ffff8880783f6dc0 0000000000000001 00000000ffffffff 0000000000000000
[  247.320492][ T9364] page dumped because: page_pool leak
[  247.325929][ T9364] page_owner tracks the page as allocated
[  247.331994][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213677894, free_ts 247206304879
[  247.349098][ T9364]  post_alloc_hook+0x1f3/0x230
[  247.353945][ T9364]  get_page_from_freelist+0x3045/0x3190
[  247.359519][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  247.364788][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  247.370276][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  247.376331][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  247.381590][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  247.387044][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  247.392485][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  247.397456][ T9364]  __sys_bpf+0x48d/0x810
[  247.401724][ T9364]  __x64_sys_bpf+0x7c/0x90
[  247.406217][ T9364]  do_syscall_64+0xf3/0x230
[  247.410745][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.416709][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  247.423085][ T9364]  free_unref_page+0xcfb/0xf20
[  247.427876][ T9364]  ringbuf_map_free+0xc2/0x120
[  247.432706][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  247.437935][ T9364]  process_scheduled_works+0xa63/0x1850
[  247.443551][ T9364]  worker_thread+0x870/0xd30
[  247.448177][ T9364]  kthread+0x2f0/0x390
[  247.452311][ T9364]  ret_from_fork+0x4b/0x80
[  247.456767][ T9364]  ret_from_fork_asm+0x1a/0x30
[  247.461568][ T9364] Modules linked in:
[  247.465543][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Not tainted 6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  247.476240][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  247.486310][ T9364] Call Trace:
[  247.489585][ T9364]  <TASK>
[  247.492513][ T9364]  dump_stack_lvl+0x241/0x360
[  247.497187][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.502379][ T9364]  ? __pfx_print_modules+0x10/0x10
[  247.507532][ T9364]  ? __lock_acquire+0x1384/0x2050
[  247.512595][ T9364]  bad_page+0x166/0x1b0
[  247.516768][ T9364]  free_unref_page+0xed0/0xf20
[  247.521529][ T9364]  skb_release_data+0x6dc/0x8a0
[  247.526408][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  247.531513][ T9364]  ? packet_rcv+0x159/0x14b0
[  247.536114][ T9364]  packet_rcv+0x16f/0x14b0
[  247.540554][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  247.545412][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  247.551409][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  247.558024][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  247.564538][ T9364]  ? read_tsc+0x9/0x20
[  247.568624][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  247.573829][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  247.580161][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  247.586418][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  247.592754][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  247.599428][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  247.604624][ T9364]  ? __phys_addr+0xba/0x170
[  247.609126][ T9364]  ? build_skb_around+0x111/0x260
[  247.614154][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  247.620064][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  247.625396][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  247.630852][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  247.636759][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  247.642328][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  247.648163][ T9364]  ? synchronize_rcu+0x11b/0x360
[  247.653101][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  247.658401][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  247.664658][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  247.670560][ T9364]  ? _copy_from_user+0xa6/0xe0
[  247.675339][ T9364]  ? bpf_test_init+0x15a/0x180
[  247.680106][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  247.685576][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  247.690954][ T9364]  ? __pfx_lock_release+0x10/0x10
[  247.695984][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  247.701789][ T9364]  ? __fget_files+0x29/0x470
[  247.706385][ T9364]  ? fput+0x1a8/0x230
[  247.710380][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  247.716216][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  247.721163][ T9364]  __sys_bpf+0x48d/0x810
[  247.725408][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  247.730183][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  247.736183][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  247.742540][ T9364]  ? do_syscall_64+0x100/0x230
[  247.747307][ T9364]  __x64_sys_bpf+0x7c/0x90
[  247.751739][ T9364]  do_syscall_64+0xf3/0x230
[  247.756272][ T9364]  ? clear_bhb_loop+0x35/0x90
[  247.760958][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.766883][ T9364] RIP: 0033:0x7f845bf7dff9
[  247.771322][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.790946][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  247.799365][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  247.807354][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  247.815344][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  247.823318][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  247.831305][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  247.839327][ T9364]  </TASK>
[  247.842417][ T9364] Disabling lock debugging due to kernel taint
[  247.848606][ T9364] BUG: Bad page state in process syz.2.1253  pfn:31778
[  247.855499][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x31778
[  247.864321][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  247.871427][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  247.880035][ T9364] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[  247.888621][ T9364] page dumped because: page_pool leak
[  247.893995][ T9364] page_owner tracks the page as allocated
[  247.899690][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213666771, free_ts 247206316804
[  247.916731][ T9364]  post_alloc_hook+0x1f3/0x230
[  247.921510][ T9364]  get_page_from_freelist+0x3045/0x3190
[  247.927062][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  247.932276][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  247.937740][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  247.943648][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  247.948842][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  247.954234][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  247.959606][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  247.964572][ T9364]  __sys_bpf+0x48d/0x810
[  247.968804][ T9364]  __x64_sys_bpf+0x7c/0x90
[  247.973221][ T9364]  do_syscall_64+0xf3/0x230
[  247.977706][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.983614][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  247.989919][ T9364]  free_unref_page+0xcfb/0xf20
[  247.994688][ T9364]  ringbuf_map_free+0xc2/0x120
[  247.999454][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  248.004657][ T9364]  process_scheduled_works+0xa63/0x1850
[  248.010191][ T9364]  worker_thread+0x870/0xd30
[  248.014787][ T9364]  kthread+0x2f0/0x390
[  248.018843][ T9364]  ret_from_fork+0x4b/0x80
[  248.023268][ T9364]  ret_from_fork_asm+0x1a/0x30
[  248.028035][ T9364] Modules linked in:
[  248.031922][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  248.044060][ T9364] Tainted: [B]=BAD_PAGE
[  248.048228][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  248.058294][ T9364] Call Trace:
[  248.061562][ T9364]  <TASK>
[  248.064489][ T9364]  dump_stack_lvl+0x241/0x360
[  248.069158][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.074343][ T9364]  ? __pfx_print_modules+0x10/0x10
[  248.079450][ T9364]  bad_page+0x166/0x1b0
[  248.083594][ T9364]  free_unref_page+0xed0/0xf20
[  248.088346][ T9364]  skb_release_data+0x6dc/0x8a0
[  248.093191][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  248.098201][ T9364]  ? packet_rcv+0x159/0x14b0
[  248.102781][ T9364]  packet_rcv+0x16f/0x14b0
[  248.107190][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  248.112028][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  248.117999][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  248.124596][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  248.131117][ T9364]  ? read_tsc+0x9/0x20
[  248.135180][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  248.140373][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  248.146693][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  248.152842][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  248.159162][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  248.165826][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  248.171067][ T9364]  ? __phys_addr+0xba/0x170
[  248.175587][ T9364]  ? build_skb_around+0x111/0x260
[  248.180604][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  248.186496][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  248.191777][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  248.197232][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  248.203123][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  248.208664][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  248.214467][ T9364]  ? synchronize_rcu+0x11b/0x360
[  248.219394][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  248.224686][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  248.230921][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  248.236812][ T9364]  ? _copy_from_user+0xa6/0xe0
[  248.241570][ T9364]  ? bpf_test_init+0x15a/0x180
[  248.246333][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  248.251801][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  248.257285][ T9364]  ? __pfx_lock_release+0x10/0x10
[  248.262320][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  248.268141][ T9364]  ? __fget_files+0x29/0x470
[  248.272739][ T9364]  ? fput+0x1a8/0x230
[  248.276714][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  248.282524][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  248.287468][ T9364]  __sys_bpf+0x48d/0x810
[  248.291696][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  248.296450][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.302428][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  248.308749][ T9364]  ? do_syscall_64+0x100/0x230
[  248.313499][ T9364]  __x64_sys_bpf+0x7c/0x90
[  248.317902][ T9364]  do_syscall_64+0xf3/0x230
[  248.322395][ T9364]  ? clear_bhb_loop+0x35/0x90
[  248.327063][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.332986][ T9364] RIP: 0033:0x7f845bf7dff9
[  248.337403][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.356998][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  248.365401][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  248.373361][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  248.381322][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  248.389288][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  248.397258][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  248.405222][ T9364]  </TASK>
[  248.408290][ T9364] BUG: Bad page state in process syz.2.1253  pfn:6378a
[  248.415143][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806378abd0 pfn:0x6378a
[  248.425214][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  248.432345][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  248.440917][ T9364] raw: ffff88806378abd0 0000000000000001 00000000ffffffff 0000000000000000
[  248.449505][ T9364] page dumped because: page_pool leak
[  248.454898][ T9364] page_owner tracks the page as allocated
[  248.460597][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213655137, free_ts 247206328885
[  248.477634][ T9364]  post_alloc_hook+0x1f3/0x230
[  248.482410][ T9364]  get_page_from_freelist+0x3045/0x3190
[  248.487944][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  248.493144][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  248.498587][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  248.504488][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  248.509680][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  248.515083][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  248.520443][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  248.525387][ T9364]  __sys_bpf+0x48d/0x810
[  248.529627][ T9364]  __x64_sys_bpf+0x7c/0x90
[  248.534075][ T9364]  do_syscall_64+0xf3/0x230
[  248.538677][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.544580][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  248.550893][ T9364]  free_unref_page+0xcfb/0xf20
[  248.555675][ T9364]  ringbuf_map_free+0xc2/0x120
[  248.560426][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  248.565636][ T9364]  process_scheduled_works+0xa63/0x1850
[  248.571172][ T9364]  worker_thread+0x870/0xd30
[  248.575770][ T9364]  kthread+0x2f0/0x390
[  248.579820][ T9364]  ret_from_fork+0x4b/0x80
[  248.584247][ T9364]  ret_from_fork_asm+0x1a/0x30
[  248.589008][ T9364] Modules linked in:
[  248.592937][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  248.605083][ T9364] Tainted: [B]=BAD_PAGE
[  248.609217][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  248.619283][ T9364] Call Trace:
[  248.622552][ T9364]  <TASK>
[  248.625469][ T9364]  dump_stack_lvl+0x241/0x360
[  248.630148][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.635341][ T9364]  ? __pfx_print_modules+0x10/0x10
[  248.640466][ T9364]  bad_page+0x166/0x1b0
[  248.644618][ T9364]  free_unref_page+0xed0/0xf20
[  248.649371][ T9364]  skb_release_data+0x6dc/0x8a0
[  248.654211][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  248.659222][ T9364]  ? packet_rcv+0x159/0x14b0
[  248.663799][ T9364]  packet_rcv+0x16f/0x14b0
[  248.668211][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  248.673052][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  248.679029][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  248.685611][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  248.692102][ T9364]  ? read_tsc+0x9/0x20
[  248.696226][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  248.701417][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  248.707733][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  248.713889][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  248.720219][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  248.726890][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  248.732090][ T9364]  ? __phys_addr+0xba/0x170
[  248.736599][ T9364]  ? build_skb_around+0x111/0x260
[  248.741611][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  248.747519][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  248.752796][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  248.758244][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  248.764137][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  248.769673][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  248.775491][ T9364]  ? synchronize_rcu+0x11b/0x360
[  248.780418][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  248.785703][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  248.791940][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  248.797832][ T9364]  ? _copy_from_user+0xa6/0xe0
[  248.802603][ T9364]  ? bpf_test_init+0x15a/0x180
[  248.807356][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  248.812807][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  248.818174][ T9364]  ? __pfx_lock_release+0x10/0x10
[  248.823193][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  248.828990][ T9364]  ? __fget_files+0x29/0x470
[  248.833569][ T9364]  ? fput+0x1a8/0x230
[  248.837542][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  248.843346][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  248.848277][ T9364]  __sys_bpf+0x48d/0x810
[  248.852522][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  248.857276][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.863247][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  248.869565][ T9364]  ? do_syscall_64+0x100/0x230
[  248.874329][ T9364]  __x64_sys_bpf+0x7c/0x90
[  248.878744][ T9364]  do_syscall_64+0xf3/0x230
[  248.883231][ T9364]  ? clear_bhb_loop+0x35/0x90
[  248.887894][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.893775][ T9364] RIP: 0033:0x7f845bf7dff9
[  248.898176][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.917772][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  248.926177][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  248.934145][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  248.942107][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  248.950066][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  248.958027][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  248.966021][ T9364]  </TASK>
[  248.969098][ T9364] BUG: Bad page state in process syz.2.1253  pfn:2dd76
[  248.975960][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802dd76f00 pfn:0x2dd76
[  248.986026][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  248.993189][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  249.001770][ T9364] raw: ffff88802dd76f00 0000000000000001 00000000ffffffff 0000000000000000
[  249.010357][ T9364] page dumped because: page_pool leak
[  249.015732][ T9364] page_owner tracks the page as allocated
[  249.021452][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213643787, free_ts 247206341388
[  249.038477][ T9364]  post_alloc_hook+0x1f3/0x230
[  249.043288][ T9364]  get_page_from_freelist+0x3045/0x3190
[  249.048856][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  249.054058][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  249.059501][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  249.065399][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  249.070587][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  249.075967][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  249.081356][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  249.086303][ T9364]  __sys_bpf+0x48d/0x810
[  249.090553][ T9364]  __x64_sys_bpf+0x7c/0x90
[  249.094983][ T9364]  do_syscall_64+0xf3/0x230
[  249.099471][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.105371][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  249.111686][ T9364]  free_unref_page+0xcfb/0xf20
[  249.116457][ T9364]  ringbuf_map_free+0xc2/0x120
[  249.121209][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  249.126410][ T9364]  process_scheduled_works+0xa63/0x1850
[  249.131944][ T9364]  worker_thread+0x870/0xd30
[  249.136563][ T9364]  kthread+0x2f0/0x390
[  249.140620][ T9364]  ret_from_fork+0x4b/0x80
[  249.145049][ T9364]  ret_from_fork_asm+0x1a/0x30
[  249.149808][ T9364] Modules linked in:
[  249.153712][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  249.165851][ T9364] Tainted: [B]=BAD_PAGE
[  249.169983][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  249.180022][ T9364] Call Trace:
[  249.183304][ T9364]  <TASK>
[  249.186222][ T9364]  dump_stack_lvl+0x241/0x360
[  249.190888][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.196084][ T9364]  ? __pfx_print_modules+0x10/0x10
[  249.201187][ T9364]  bad_page+0x166/0x1b0
[  249.205330][ T9364]  free_unref_page+0xed0/0xf20
[  249.210081][ T9364]  skb_release_data+0x6dc/0x8a0
[  249.214919][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  249.219928][ T9364]  ? packet_rcv+0x159/0x14b0
[  249.224507][ T9364]  packet_rcv+0x16f/0x14b0
[  249.228911][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  249.233748][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  249.239718][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  249.246309][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  249.252819][ T9364]  ? read_tsc+0x9/0x20
[  249.256877][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  249.262066][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  249.268379][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  249.274524][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  249.280840][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  249.287556][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  249.292755][ T9364]  ? __phys_addr+0xba/0x170
[  249.297245][ T9364]  ? build_skb_around+0x111/0x260
[  249.302258][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  249.308181][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  249.313458][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  249.318908][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  249.324802][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  249.330358][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  249.336152][ T9364]  ? synchronize_rcu+0x11b/0x360
[  249.341074][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  249.346353][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  249.352590][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  249.358474][ T9364]  ? _copy_from_user+0xa6/0xe0
[  249.363237][ T9364]  ? bpf_test_init+0x15a/0x180
[  249.368011][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  249.373477][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  249.378950][ T9364]  ? __pfx_lock_release+0x10/0x10
[  249.383980][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  249.389781][ T9364]  ? __fget_files+0x29/0x470
[  249.394364][ T9364]  ? fput+0x1a8/0x230
[  249.398363][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  249.404206][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  249.409134][ T9364]  __sys_bpf+0x48d/0x810
[  249.413389][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  249.418163][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  249.424154][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  249.430501][ T9364]  ? do_syscall_64+0x100/0x230
[  249.435264][ T9364]  __x64_sys_bpf+0x7c/0x90
[  249.439695][ T9364]  do_syscall_64+0xf3/0x230
[  249.444200][ T9364]  ? clear_bhb_loop+0x35/0x90
[  249.448863][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.454751][ T9364] RIP: 0033:0x7f845bf7dff9
[  249.459166][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.478777][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  249.487275][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  249.495241][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  249.503207][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  249.511172][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  249.519136][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  249.527105][ T9364]  </TASK>
[  249.530164][ T9364] BUG: Bad page state in process syz.2.1253  pfn:22751
[  249.537100][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888022751f00 pfn:0x22751
[  249.547273][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  249.554421][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  249.563037][ T9364] raw: ffff888022751f00 0000000000000001 00000000ffffffff 0000000000000000
[  249.571630][ T9364] page dumped because: page_pool leak
[  249.577015][ T9364] page_owner tracks the page as allocated
[  249.582731][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213632580, free_ts 247206353031
[  249.599750][ T9364]  post_alloc_hook+0x1f3/0x230
[  249.604541][ T9364]  get_page_from_freelist+0x3045/0x3190
[  249.610076][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  249.615280][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  249.620730][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  249.626645][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  249.631856][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  249.637243][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  249.642622][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  249.647549][ T9364]  __sys_bpf+0x48d/0x810
[  249.651776][ T9364]  __x64_sys_bpf+0x7c/0x90
[  249.656213][ T9364]  do_syscall_64+0xf3/0x230
[  249.660723][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.666639][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  249.672969][ T9364]  free_unref_page+0xcfb/0xf20
[  249.677717][ T9364]  ringbuf_map_free+0xc2/0x120
[  249.682488][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  249.687674][ T9364]  process_scheduled_works+0xa63/0x1850
[  249.693226][ T9364]  worker_thread+0x870/0xd30
[  249.697805][ T9364]  kthread+0x2f0/0x390
[  249.701855][ T9364]  ret_from_fork+0x4b/0x80
[  249.706273][ T9364]  ret_from_fork_asm+0x1a/0x30
[  249.711027][ T9364] Modules linked in:
[  249.714929][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  249.727065][ T9364] Tainted: [B]=BAD_PAGE
[  249.731198][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  249.741238][ T9364] Call Trace:
[  249.744510][ T9364]  <TASK>
[  249.747431][ T9364]  dump_stack_lvl+0x241/0x360
[  249.752097][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.757280][ T9364]  ? __pfx_print_modules+0x10/0x10
[  249.762389][ T9364]  bad_page+0x166/0x1b0
[  249.766536][ T9364]  free_unref_page+0xed0/0xf20
[  249.771285][ T9364]  skb_release_data+0x6dc/0x8a0
[  249.776125][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  249.781134][ T9364]  ? packet_rcv+0x159/0x14b0
[  249.785714][ T9364]  packet_rcv+0x16f/0x14b0
[  249.790119][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  249.794957][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  249.800931][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  249.807519][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  249.814015][ T9364]  ? read_tsc+0x9/0x20
[  249.818082][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  249.823281][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  249.829597][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  249.835741][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  249.842057][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  249.848721][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  249.853908][ T9364]  ? __phys_addr+0xba/0x170
[  249.858407][ T9364]  ? build_skb_around+0x111/0x260
[  249.863433][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  249.869316][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  249.874591][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  249.880040][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  249.885927][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  249.891460][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  249.897255][ T9364]  ? synchronize_rcu+0x11b/0x360
[  249.902186][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  249.907473][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  249.913703][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  249.919583][ T9364]  ? _copy_from_user+0xa6/0xe0
[  249.924337][ T9364]  ? bpf_test_init+0x15a/0x180
[  249.929087][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  249.934534][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  249.939895][ T9364]  ? __pfx_lock_release+0x10/0x10
[  249.944932][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  249.950726][ T9364]  ? __fget_files+0x29/0x470
[  249.955303][ T9364]  ? fput+0x1a8/0x230
[  249.959270][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  249.965067][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  249.969998][ T9364]  __sys_bpf+0x48d/0x810
[  249.974229][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  249.978981][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  249.984959][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  249.991309][ T9364]  ? do_syscall_64+0x100/0x230
[  249.996081][ T9364]  __x64_sys_bpf+0x7c/0x90
[  250.000486][ T9364]  do_syscall_64+0xf3/0x230
[  250.004978][ T9364]  ? clear_bhb_loop+0x35/0x90
[  250.009644][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.015559][ T9364] RIP: 0033:0x7f845bf7dff9
[  250.019981][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.039577][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  250.047993][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  250.055966][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  250.063924][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  250.071895][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  250.079952][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  250.087919][ T9364]  </TASK>
[  250.090978][ T9364] BUG: Bad page state in process syz.2.1253  pfn:29eb7
[  250.097830][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x29eb7
[  250.107901][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  250.115050][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  250.123652][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  250.132245][ T9364] page dumped because: page_pool leak
[  250.137617][ T9364] page_owner tracks the page as allocated
[  250.143336][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213621144, free_ts 247206365249
[  250.160359][ T9364]  post_alloc_hook+0x1f3/0x230
[  250.165136][ T9364]  get_page_from_freelist+0x3045/0x3190
[  250.170674][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  250.175889][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  250.181334][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  250.187264][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  250.192468][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  250.197831][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  250.203229][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  250.208183][ T9364]  __sys_bpf+0x48d/0x810
[  250.212438][ T9364]  __x64_sys_bpf+0x7c/0x90
[  250.216839][ T9364]  do_syscall_64+0xf3/0x230
[  250.221332][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.227247][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  250.233571][ T9364]  free_unref_page+0xcfb/0xf20
[  250.238319][ T9364]  ringbuf_map_free+0xc2/0x120
[  250.243090][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  250.248273][ T9364]  process_scheduled_works+0xa63/0x1850
[  250.253825][ T9364]  worker_thread+0x870/0xd30
[  250.258405][ T9364]  kthread+0x2f0/0x390
[  250.262472][ T9364]  ret_from_fork+0x4b/0x80
[  250.266879][ T9364]  ret_from_fork_asm+0x1a/0x30
[  250.271636][ T9364] Modules linked in:
[  250.275540][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  250.287676][ T9364] Tainted: [B]=BAD_PAGE
[  250.291810][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  250.301854][ T9364] Call Trace:
[  250.305131][ T9364]  <TASK>
[  250.308057][ T9364]  dump_stack_lvl+0x241/0x360
[  250.312738][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.317944][ T9364]  ? __pfx_print_modules+0x10/0x10
[  250.323049][ T9364]  bad_page+0x166/0x1b0
[  250.327195][ T9364]  free_unref_page+0xed0/0xf20
[  250.331945][ T9364]  skb_release_data+0x6dc/0x8a0
[  250.336788][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  250.341803][ T9364]  ? packet_rcv+0x159/0x14b0
[  250.346380][ T9364]  packet_rcv+0x16f/0x14b0
[  250.350821][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  250.355661][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  250.361643][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  250.368237][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  250.374729][ T9364]  ? read_tsc+0x9/0x20
[  250.378785][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  250.383974][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  250.390287][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  250.396431][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  250.402750][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  250.409410][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  250.414595][ T9364]  ? __phys_addr+0xba/0x170
[  250.419082][ T9364]  ? build_skb_around+0x111/0x260
[  250.424094][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  250.429979][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  250.435258][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  250.440706][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  250.446593][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  250.452143][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  250.457956][ T9364]  ? synchronize_rcu+0x11b/0x360
[  250.462884][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  250.468169][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  250.474405][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  250.480295][ T9364]  ? _copy_from_user+0xa6/0xe0
[  250.485050][ T9364]  ? bpf_test_init+0x15a/0x180
[  250.489806][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  250.495261][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  250.500625][ T9364]  ? __pfx_lock_release+0x10/0x10
[  250.505644][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  250.511446][ T9364]  ? __fget_files+0x29/0x470
[  250.516026][ T9364]  ? fput+0x1a8/0x230
[  250.519995][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  250.525792][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  250.530735][ T9364]  __sys_bpf+0x48d/0x810
[  250.534966][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  250.539719][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  250.545691][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  250.552008][ T9364]  ? do_syscall_64+0x100/0x230
[  250.556759][ T9364]  __x64_sys_bpf+0x7c/0x90
[  250.561163][ T9364]  do_syscall_64+0xf3/0x230
[  250.565654][ T9364]  ? clear_bhb_loop+0x35/0x90
[  250.570318][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.576199][ T9364] RIP: 0033:0x7f845bf7dff9
[  250.580605][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.600202][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  250.608610][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  250.616582][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  250.624554][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  250.632513][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  250.640483][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  250.648457][ T9364]  </TASK>
[  250.651522][ T9364] BUG: Bad page state in process syz.2.1253  pfn:79473
[  250.658373][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x79473
[  250.668442][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  250.675559][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  250.684153][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  250.692737][ T9364] page dumped because: page_pool leak
[  250.698092][ T9364] page_owner tracks the page as allocated
[  250.703815][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213609644, free_ts 247206377730
[  250.720834][ T9364]  post_alloc_hook+0x1f3/0x230
[  250.725615][ T9364]  get_page_from_freelist+0x3045/0x3190
[  250.731152][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  250.736351][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  250.741794][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  250.747689][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  250.752892][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  250.758250][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  250.763629][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  250.768552][ T9364]  __sys_bpf+0x48d/0x810
[  250.772800][ T9364]  __x64_sys_bpf+0x7c/0x90
[  250.777206][ T9364]  do_syscall_64+0xf3/0x230
[  250.781689][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.787599][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  250.793926][ T9364]  free_unref_page+0xcfb/0xf20
[  250.798673][ T9364]  ringbuf_map_free+0xc2/0x120
[  250.803437][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  250.808622][ T9364]  process_scheduled_works+0xa63/0x1850
[  250.814174][ T9364]  worker_thread+0x870/0xd30
[  250.818751][ T9364]  kthread+0x2f0/0x390
[  250.822817][ T9364]  ret_from_fork+0x4b/0x80
[  250.827224][ T9364]  ret_from_fork_asm+0x1a/0x30
[  250.831976][ T9364] Modules linked in:
[  250.835873][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  250.848007][ T9364] Tainted: [B]=BAD_PAGE
[  250.852139][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  250.862184][ T9364] Call Trace:
[  250.865457][ T9364]  <TASK>
[  250.868375][ T9364]  dump_stack_lvl+0x241/0x360
[  250.873041][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.878242][ T9364]  ? __pfx_print_modules+0x10/0x10
[  250.883344][ T9364]  bad_page+0x166/0x1b0
[  250.887490][ T9364]  free_unref_page+0xed0/0xf20
[  250.892250][ T9364]  skb_release_data+0x6dc/0x8a0
[  250.897105][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  250.902113][ T9364]  ? packet_rcv+0x159/0x14b0
[  250.906693][ T9364]  packet_rcv+0x16f/0x14b0
[  250.911101][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  250.915937][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  250.921910][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  250.928514][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  250.935008][ T9364]  ? read_tsc+0x9/0x20
[  250.939066][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  250.944256][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  250.950575][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  250.956717][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  250.963030][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  250.969690][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  250.974873][ T9364]  ? __phys_addr+0xba/0x170
[  250.979364][ T9364]  ? build_skb_around+0x111/0x260
[  250.984387][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  250.990271][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  250.995550][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  251.000998][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  251.006882][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  251.012415][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  251.018207][ T9364]  ? synchronize_rcu+0x11b/0x360
[  251.023132][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  251.028405][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  251.034636][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  251.040518][ T9364]  ? _copy_from_user+0xa6/0xe0
[  251.045269][ T9364]  ? bpf_test_init+0x15a/0x180
[  251.050019][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  251.055468][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  251.060837][ T9364]  ? __pfx_lock_release+0x10/0x10
[  251.065870][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  251.071679][ T9364]  ? __fget_files+0x29/0x470
[  251.076259][ T9364]  ? fput+0x1a8/0x230
[  251.080224][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  251.086019][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  251.090960][ T9364]  __sys_bpf+0x48d/0x810
[  251.095195][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  251.099957][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.105951][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  251.112278][ T9364]  ? do_syscall_64+0x100/0x230
[  251.117032][ T9364]  __x64_sys_bpf+0x7c/0x90
[  251.121456][ T9364]  do_syscall_64+0xf3/0x230
[  251.125945][ T9364]  ? clear_bhb_loop+0x35/0x90
[  251.130626][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.136513][ T9364] RIP: 0033:0x7f845bf7dff9
[  251.140912][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.160506][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  251.168918][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  251.176887][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  251.184876][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  251.192842][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.200799][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  251.208771][ T9364]  </TASK>
[  251.211850][ T9364] BUG: Bad page state in process syz.2.1253  pfn:792d6
[  251.218702][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x792d6
[  251.228778][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  251.235925][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  251.244532][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  251.253126][ T9364] page dumped because: page_pool leak
[  251.258474][ T9364] page_owner tracks the page as allocated
[  251.264191][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213598160, free_ts 247206390147
[  251.281206][ T9364]  post_alloc_hook+0x1f3/0x230
[  251.285977][ T9364]  get_page_from_freelist+0x3045/0x3190
[  251.291511][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  251.296716][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  251.302287][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  251.308168][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  251.313368][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  251.318728][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  251.324109][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  251.329038][ T9364]  __sys_bpf+0x48d/0x810
[  251.333286][ T9364]  __x64_sys_bpf+0x7c/0x90
[  251.337685][ T9364]  do_syscall_64+0xf3/0x230
[  251.342212][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.348093][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  251.354436][ T9364]  free_unref_page+0xcfb/0xf20
[  251.359184][ T9364]  ringbuf_map_free+0xc2/0x120
[  251.363947][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  251.369137][ T9364]  process_scheduled_works+0xa63/0x1850
[  251.374731][ T9364]  worker_thread+0x870/0xd30
[  251.379310][ T9364]  kthread+0x2f0/0x390
[  251.383390][ T9364]  ret_from_fork+0x4b/0x80
[  251.387810][ T9364]  ret_from_fork_asm+0x1a/0x30
[  251.392581][ T9364] Modules linked in:
[  251.396480][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  251.408636][ T9364] Tainted: [B]=BAD_PAGE
[  251.412781][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  251.422829][ T9364] Call Trace:
[  251.426097][ T9364]  <TASK>
[  251.429018][ T9364]  dump_stack_lvl+0x241/0x360
[  251.433686][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.438870][ T9364]  ? __pfx_print_modules+0x10/0x10
[  251.443972][ T9364]  bad_page+0x166/0x1b0
[  251.448119][ T9364]  free_unref_page+0xed0/0xf20
[  251.452871][ T9364]  skb_release_data+0x6dc/0x8a0
[  251.457726][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  251.462748][ T9364]  ? packet_rcv+0x159/0x14b0
[  251.467327][ T9364]  packet_rcv+0x16f/0x14b0
[  251.471756][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  251.476607][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  251.482595][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  251.489200][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  251.495693][ T9364]  ? read_tsc+0x9/0x20
[  251.499770][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  251.504982][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  251.511301][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  251.517446][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  251.523763][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  251.530426][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  251.535610][ T9364]  ? __phys_addr+0xba/0x170
[  251.540098][ T9364]  ? build_skb_around+0x111/0x260
[  251.545130][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  251.551014][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  251.556287][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  251.561738][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  251.567622][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  251.573165][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  251.578962][ T9364]  ? synchronize_rcu+0x11b/0x360
[  251.583895][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  251.589170][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  251.595401][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  251.601303][ T9364]  ? _copy_from_user+0xa6/0xe0
[  251.606083][ T9364]  ? bpf_test_init+0x15a/0x180
[  251.610840][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  251.616308][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  251.621674][ T9364]  ? __pfx_lock_release+0x10/0x10
[  251.626693][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  251.632490][ T9364]  ? __fget_files+0x29/0x470
[  251.637066][ T9364]  ? fput+0x1a8/0x230
[  251.641034][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  251.646834][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  251.651762][ T9364]  __sys_bpf+0x48d/0x810
[  251.656013][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  251.660766][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.666738][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  251.673055][ T9364]  ? do_syscall_64+0x100/0x230
[  251.677806][ T9364]  __x64_sys_bpf+0x7c/0x90
[  251.682234][ T9364]  do_syscall_64+0xf3/0x230
[  251.686757][ T9364]  ? clear_bhb_loop+0x35/0x90
[  251.691418][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.697301][ T9364] RIP: 0033:0x7f845bf7dff9
[  251.701702][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.721325][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  251.729749][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  251.737718][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  251.745675][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  251.753631][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.761596][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  251.769572][ T9364]  </TASK>
[  251.772647][ T9364] BUG: Bad page state in process syz.2.1253  pfn:30e73
[  251.779479][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x30e73
[  251.789541][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  251.796662][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  251.805298][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  251.813892][ T9364] page dumped because: page_pool leak
[  251.819243][ T9364] page_owner tracks the page as allocated
[  251.824961][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213586951, free_ts 247206402512
[  251.841994][ T9364]  post_alloc_hook+0x1f3/0x230
[  251.846769][ T9364]  get_page_from_freelist+0x3045/0x3190
[  251.852315][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  251.857498][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  251.862962][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  251.868842][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  251.874044][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  251.879405][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  251.884788][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  251.889712][ T9364]  __sys_bpf+0x48d/0x810
[  251.893957][ T9364]  __x64_sys_bpf+0x7c/0x90
[  251.898356][ T9364]  do_syscall_64+0xf3/0x230
[  251.902856][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.908745][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  251.915081][ T9364]  free_unref_page+0xcfb/0xf20
[  251.919829][ T9364]  ringbuf_map_free+0xc2/0x120
[  251.924592][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  251.929773][ T9364]  process_scheduled_works+0xa63/0x1850
[  251.935322][ T9364]  worker_thread+0x870/0xd30
[  251.939900][ T9364]  kthread+0x2f0/0x390
[  251.943972][ T9364]  ret_from_fork+0x4b/0x80
[  251.948376][ T9364]  ret_from_fork_asm+0x1a/0x30
[  251.953144][ T9364] Modules linked in:
[  251.957022][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  251.969155][ T9364] Tainted: [B]=BAD_PAGE
[  251.973288][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  251.983324][ T9364] Call Trace:
[  251.986586][ T9364]  <TASK>
[  251.989501][ T9364]  dump_stack_lvl+0x241/0x360
[  251.994166][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.999349][ T9364]  ? __pfx_print_modules+0x10/0x10
[  252.004452][ T9364]  bad_page+0x166/0x1b0
[  252.008594][ T9364]  free_unref_page+0xed0/0xf20
[  252.013347][ T9364]  skb_release_data+0x6dc/0x8a0
[  252.018196][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  252.023221][ T9364]  ? packet_rcv+0x159/0x14b0
[  252.027796][ T9364]  packet_rcv+0x16f/0x14b0
[  252.032210][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  252.037061][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  252.043030][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  252.049632][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  252.056144][ T9364]  ? read_tsc+0x9/0x20
[  252.060287][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  252.065480][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  252.071798][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  252.077949][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  252.084264][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  252.090928][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  252.096114][ T9364]  ? __phys_addr+0xba/0x170
[  252.100616][ T9364]  ? build_skb_around+0x111/0x260
[  252.105629][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  252.111521][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  252.116819][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  252.122280][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  252.128184][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  252.133721][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  252.139515][ T9364]  ? synchronize_rcu+0x11b/0x360
[  252.144441][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  252.149715][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  252.155948][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  252.161828][ T9364]  ? _copy_from_user+0xa6/0xe0
[  252.166595][ T9364]  ? bpf_test_init+0x15a/0x180
[  252.171364][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  252.176837][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  252.182207][ T9364]  ? __pfx_lock_release+0x10/0x10
[  252.187224][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  252.193018][ T9364]  ? __fget_files+0x29/0x470
[  252.197592][ T9364]  ? fput+0x1a8/0x230
[  252.201559][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  252.207355][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  252.212301][ T9364]  __sys_bpf+0x48d/0x810
[  252.216536][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  252.221289][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.227259][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.233579][ T9364]  ? do_syscall_64+0x100/0x230
[  252.238328][ T9364]  __x64_sys_bpf+0x7c/0x90
[  252.242729][ T9364]  do_syscall_64+0xf3/0x230
[  252.247223][ T9364]  ? clear_bhb_loop+0x35/0x90
[  252.251902][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.257787][ T9364] RIP: 0033:0x7f845bf7dff9
[  252.262195][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.281799][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  252.290203][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  252.298160][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  252.306119][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  252.314077][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  252.322071][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  252.330050][ T9364]  </TASK>
[  252.333117][ T9364] BUG: Bad page state in process syz.2.1253  pfn:5d170
[  252.339947][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x5d170
[  252.350013][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  252.357151][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  252.365741][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  252.374329][ T9364] page dumped because: page_pool leak
[  252.379679][ T9364] page_owner tracks the page as allocated
[  252.385390][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213575646, free_ts 247206415672
[  252.402407][ T9364]  post_alloc_hook+0x1f3/0x230
[  252.407163][ T9364]  get_page_from_freelist+0x3045/0x3190
[  252.412714][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  252.417899][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  252.423463][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  252.429366][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  252.434585][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  252.439972][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  252.445357][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  252.450284][ T9364]  __sys_bpf+0x48d/0x810
[  252.454535][ T9364]  __x64_sys_bpf+0x7c/0x90
[  252.458934][ T9364]  do_syscall_64+0xf3/0x230
[  252.463439][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.469322][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  252.475645][ T9364]  free_unref_page+0xcfb/0xf20
[  252.480429][ T9364]  ringbuf_map_free+0xc2/0x120
[  252.485197][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  252.490382][ T9364]  process_scheduled_works+0xa63/0x1850
[  252.495942][ T9364]  worker_thread+0x870/0xd30
[  252.500520][ T9364]  kthread+0x2f0/0x390
[  252.504596][ T9364]  ret_from_fork+0x4b/0x80
[  252.509019][ T9364]  ret_from_fork_asm+0x1a/0x30
[  252.513808][ T9364] Modules linked in:
[  252.517704][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  252.529845][ T9364] Tainted: [B]=BAD_PAGE
[  252.533985][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  252.544035][ T9364] Call Trace:
[  252.547387][ T9364]  <TASK>
[  252.550309][ T9364]  dump_stack_lvl+0x241/0x360
[  252.554974][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.560159][ T9364]  ? __pfx_print_modules+0x10/0x10
[  252.565259][ T9364]  bad_page+0x166/0x1b0
[  252.569404][ T9364]  free_unref_page+0xed0/0xf20
[  252.574153][ T9364]  skb_release_data+0x6dc/0x8a0
[  252.578994][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  252.584002][ T9364]  ? packet_rcv+0x159/0x14b0
[  252.588588][ T9364]  packet_rcv+0x16f/0x14b0
[  252.593012][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  252.597849][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  252.603826][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  252.610400][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  252.616897][ T9364]  ? read_tsc+0x9/0x20
[  252.620953][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  252.626161][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  252.632506][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  252.638654][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  252.644970][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  252.651645][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  252.656832][ T9364]  ? __phys_addr+0xba/0x170
[  252.661321][ T9364]  ? build_skb_around+0x111/0x260
[  252.666376][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  252.672265][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  252.677538][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  252.682999][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  252.688885][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  252.694423][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  252.700223][ T9364]  ? synchronize_rcu+0x11b/0x360
[  252.705161][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  252.710437][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  252.716671][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  252.722557][ T9364]  ? _copy_from_user+0xa6/0xe0
[  252.727310][ T9364]  ? bpf_test_init+0x15a/0x180
[  252.732068][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  252.737518][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  252.742885][ T9364]  ? __pfx_lock_release+0x10/0x10
[  252.747900][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  252.753695][ T9364]  ? __fget_files+0x29/0x470
[  252.758288][ T9364]  ? fput+0x1a8/0x230
[  252.762264][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  252.768079][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  252.773008][ T9364]  __sys_bpf+0x48d/0x810
[  252.777262][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  252.782012][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.787982][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.794297][ T9364]  ? do_syscall_64+0x100/0x230
[  252.799054][ T9364]  __x64_sys_bpf+0x7c/0x90
[  252.803467][ T9364]  do_syscall_64+0xf3/0x230
[  252.807955][ T9364]  ? clear_bhb_loop+0x35/0x90
[  252.812618][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.818503][ T9364] RIP: 0033:0x7f845bf7dff9
[  252.822900][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.842494][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  252.850894][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  252.858856][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  252.866818][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  252.874779][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  252.882733][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  252.890695][ T9364]  </TASK>
[  252.893744][ T9364] BUG: Bad page state in process syz.2.1253  pfn:5a2e9
[  252.900572][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x5a2e9
[  252.910641][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  252.917771][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  252.926367][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  252.934958][ T9364] page dumped because: page_pool leak
[  252.940308][ T9364] page_owner tracks the page as allocated
[  252.946020][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213564386, free_ts 247206427987
[  252.963036][ T9364]  post_alloc_hook+0x1f3/0x230
[  252.967793][ T9364]  get_page_from_freelist+0x3045/0x3190
[  252.973347][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  252.978530][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  252.984016][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  252.989895][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  252.995101][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  253.000460][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  253.005846][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  253.010773][ T9364]  __sys_bpf+0x48d/0x810
[  253.015017][ T9364]  __x64_sys_bpf+0x7c/0x90
[  253.019417][ T9364]  do_syscall_64+0xf3/0x230
[  253.023920][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.029811][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  253.036157][ T9364]  free_unref_page+0xcfb/0xf20
[  253.040908][ T9364]  ringbuf_map_free+0xc2/0x120
[  253.045675][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  253.050862][ T9364]  process_scheduled_works+0xa63/0x1850
[  253.056416][ T9364]  worker_thread+0x870/0xd30
[  253.060999][ T9364]  kthread+0x2f0/0x390
[  253.065085][ T9364]  ret_from_fork+0x4b/0x80
[  253.069492][ T9364]  ret_from_fork_asm+0x1a/0x30
[  253.074267][ T9364] Modules linked in:
[  253.078148][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  253.090282][ T9364] Tainted: [B]=BAD_PAGE
[  253.094417][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  253.104480][ T9364] Call Trace:
[  253.107752][ T9364]  <TASK>
[  253.110667][ T9364]  dump_stack_lvl+0x241/0x360
[  253.115332][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.120516][ T9364]  ? __pfx_print_modules+0x10/0x10
[  253.125617][ T9364]  bad_page+0x166/0x1b0
[  253.129759][ T9364]  free_unref_page+0xed0/0xf20
[  253.134511][ T9364]  skb_release_data+0x6dc/0x8a0
[  253.139354][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  253.144367][ T9364]  ? packet_rcv+0x159/0x14b0
[  253.148944][ T9364]  packet_rcv+0x16f/0x14b0
[  253.153378][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  253.158225][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  253.164219][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  253.170798][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  253.177321][ T9364]  ? read_tsc+0x9/0x20
[  253.181375][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  253.186568][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  253.192907][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  253.199049][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  253.205365][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  253.212030][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  253.217222][ T9364]  ? __phys_addr+0xba/0x170
[  253.221732][ T9364]  ? build_skb_around+0x111/0x260
[  253.226740][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  253.232637][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  253.237926][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  253.243382][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  253.249272][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  253.254816][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  253.260635][ T9364]  ? synchronize_rcu+0x11b/0x360
[  253.265559][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  253.270840][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  253.277071][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  253.282950][ T9364]  ? _copy_from_user+0xa6/0xe0
[  253.287703][ T9364]  ? bpf_test_init+0x15a/0x180
[  253.292455][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  253.297899][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  253.303261][ T9364]  ? __pfx_lock_release+0x10/0x10
[  253.308276][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  253.314071][ T9364]  ? __fget_files+0x29/0x470
[  253.318646][ T9364]  ? fput+0x1a8/0x230
[  253.322622][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  253.328438][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  253.333367][ T9364]  __sys_bpf+0x48d/0x810
[  253.337616][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  253.342379][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.348380][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.354712][ T9364]  ? do_syscall_64+0x100/0x230
[  253.359459][ T9364]  __x64_sys_bpf+0x7c/0x90
[  253.363861][ T9364]  do_syscall_64+0xf3/0x230
[  253.368347][ T9364]  ? clear_bhb_loop+0x35/0x90
[  253.373005][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.378891][ T9364] RIP: 0033:0x7f845bf7dff9
[  253.383308][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.402938][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  253.411360][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  253.419345][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  253.427303][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  253.435260][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.443215][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  253.451185][ T9364]  </TASK>
[  253.454243][ T9364] BUG: Bad page state in process syz.2.1253  pfn:28b8c
[  253.461072][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x28b8c
[  253.471140][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  253.478263][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  253.486863][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  253.495444][ T9364] page dumped because: page_pool leak
[  253.500798][ T9364] page_owner tracks the page as allocated
[  253.506511][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213552861, free_ts 247206440339
[  253.523533][ T9364]  post_alloc_hook+0x1f3/0x230
[  253.528290][ T9364]  get_page_from_freelist+0x3045/0x3190
[  253.533839][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  253.539024][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  253.544498][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  253.550382][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  253.555587][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  253.560949][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  253.566346][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  253.571275][ T9364]  __sys_bpf+0x48d/0x810
[  253.575518][ T9364]  __x64_sys_bpf+0x7c/0x90
[  253.579930][ T9364]  do_syscall_64+0xf3/0x230
[  253.584454][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.590347][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  253.597028][ T9364]  free_unref_page+0xcfb/0xf20
[  253.601785][ T9364]  ringbuf_map_free+0xc2/0x120
[  253.606562][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  253.611749][ T9364]  process_scheduled_works+0xa63/0x1850
[  253.617304][ T9364]  worker_thread+0x870/0xd30
[  253.621891][ T9364]  kthread+0x2f0/0x390
[  253.625969][ T9364]  ret_from_fork+0x4b/0x80
[  253.630376][ T9364]  ret_from_fork_asm+0x1a/0x30
[  253.635148][ T9364] Modules linked in:
[  253.639028][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  253.651163][ T9364] Tainted: [B]=BAD_PAGE
[  253.655299][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  253.665339][ T9364] Call Trace:
[  253.668603][ T9364]  <TASK>
[  253.671520][ T9364]  dump_stack_lvl+0x241/0x360
[  253.676183][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.681453][ T9364]  ? __pfx_print_modules+0x10/0x10
[  253.686555][ T9364]  bad_page+0x166/0x1b0
[  253.690697][ T9364]  free_unref_page+0xed0/0xf20
[  253.695447][ T9364]  skb_release_data+0x6dc/0x8a0
[  253.700287][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  253.705382][ T9364]  ? packet_rcv+0x159/0x14b0
[  253.709960][ T9364]  packet_rcv+0x16f/0x14b0
[  253.714366][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  253.719213][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  253.725184][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  253.731758][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  253.738249][ T9364]  ? read_tsc+0x9/0x20
[  253.742315][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  253.747513][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  253.753859][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  253.760091][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  253.766407][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  253.773070][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  253.778254][ T9364]  ? __phys_addr+0xba/0x170
[  253.782742][ T9364]  ? build_skb_around+0x111/0x260
[  253.787750][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  253.793635][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  253.798905][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  253.804352][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  253.810236][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  253.815773][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  253.821569][ T9364]  ? synchronize_rcu+0x11b/0x360
[  253.826516][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  253.831793][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  253.838045][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  253.843933][ T9364]  ? _copy_from_user+0xa6/0xe0
[  253.848684][ T9364]  ? bpf_test_init+0x15a/0x180
[  253.853438][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  253.858909][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  253.864273][ T9364]  ? __pfx_lock_release+0x10/0x10
[  253.869289][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  253.875088][ T9364]  ? __fget_files+0x29/0x470
[  253.879668][ T9364]  ? fput+0x1a8/0x230
[  253.883645][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  253.889449][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  253.894376][ T9364]  __sys_bpf+0x48d/0x810
[  253.898605][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  253.903366][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.909353][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.915669][ T9364]  ? do_syscall_64+0x100/0x230
[  253.920419][ T9364]  __x64_sys_bpf+0x7c/0x90
[  253.924821][ T9364]  do_syscall_64+0xf3/0x230
[  253.929308][ T9364]  ? clear_bhb_loop+0x35/0x90
[  253.933968][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.939850][ T9364] RIP: 0033:0x7f845bf7dff9
[  253.944247][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.963854][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  253.972268][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  253.980226][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  253.988185][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  253.996163][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.004118][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  254.012078][ T9364]  </TASK>
[  254.015150][ T9364] BUG: Bad page state in process syz.2.1253  pfn:6037d
[  254.021986][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x6037d
[  254.032070][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  254.039185][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  254.047781][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  254.056366][ T9364] page dumped because: page_pool leak
[  254.061718][ T9364] page_owner tracks the page as allocated
[  254.067449][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213541044, free_ts 247206452978
[  254.084471][ T9364]  post_alloc_hook+0x1f3/0x230
[  254.089253][ T9364]  get_page_from_freelist+0x3045/0x3190
[  254.094804][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  254.099987][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  254.105465][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  254.111371][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  254.116575][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  254.121942][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  254.127342][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  254.132282][ T9364]  __sys_bpf+0x48d/0x810
[  254.136511][ T9364]  __x64_sys_bpf+0x7c/0x90
[  254.140909][ T9364]  do_syscall_64+0xf3/0x230
[  254.145411][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.151295][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  254.157618][ T9364]  free_unref_page+0xcfb/0xf20
[  254.162389][ T9364]  ringbuf_map_free+0xc2/0x120
[  254.167142][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  254.172342][ T9364]  process_scheduled_works+0xa63/0x1850
[  254.177875][ T9364]  worker_thread+0x870/0xd30
[  254.182473][ T9364]  kthread+0x2f0/0x390
[  254.186524][ T9364]  ret_from_fork+0x4b/0x80
[  254.190926][ T9364]  ret_from_fork_asm+0x1a/0x30
[  254.195695][ T9364] Modules linked in:
[  254.199574][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  254.211708][ T9364] Tainted: [B]=BAD_PAGE
[  254.215843][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.225883][ T9364] Call Trace:
[  254.229149][ T9364]  <TASK>
[  254.232070][ T9364]  dump_stack_lvl+0x241/0x360
[  254.236737][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.241934][ T9364]  ? __pfx_print_modules+0x10/0x10
[  254.247041][ T9364]  bad_page+0x166/0x1b0
[  254.251184][ T9364]  free_unref_page+0xed0/0xf20
[  254.255933][ T9364]  skb_release_data+0x6dc/0x8a0
[  254.260771][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  254.265783][ T9364]  ? packet_rcv+0x159/0x14b0
[  254.270362][ T9364]  packet_rcv+0x16f/0x14b0
[  254.274769][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  254.279693][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  254.285668][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  254.292254][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  254.298759][ T9364]  ? read_tsc+0x9/0x20
[  254.302815][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  254.308004][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  254.314316][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  254.320456][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  254.326768][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  254.333431][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  254.338619][ T9364]  ? __phys_addr+0xba/0x170
[  254.343107][ T9364]  ? build_skb_around+0x111/0x260
[  254.348115][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  254.353997][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  254.359268][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  254.364718][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  254.370606][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  254.376144][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  254.381935][ T9364]  ? synchronize_rcu+0x11b/0x360
[  254.386863][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  254.392138][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  254.398374][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  254.404259][ T9364]  ? _copy_from_user+0xa6/0xe0
[  254.409011][ T9364]  ? bpf_test_init+0x15a/0x180
[  254.413787][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  254.419248][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  254.424624][ T9364]  ? __pfx_lock_release+0x10/0x10
[  254.429672][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  254.435478][ T9364]  ? __fget_files+0x29/0x470
[  254.440074][ T9364]  ? fput+0x1a8/0x230
[  254.444049][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  254.449860][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  254.454793][ T9364]  __sys_bpf+0x48d/0x810
[  254.459030][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  254.463785][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.469763][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  254.476087][ T9364]  ? do_syscall_64+0x100/0x230
[  254.480837][ T9364]  __x64_sys_bpf+0x7c/0x90
[  254.485240][ T9364]  do_syscall_64+0xf3/0x230
[  254.489738][ T9364]  ? clear_bhb_loop+0x35/0x90
[  254.494565][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.500448][ T9364] RIP: 0033:0x7f845bf7dff9
[  254.504862][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.524475][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  254.532882][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  254.540840][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  254.548794][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  254.556752][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.564706][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  254.572673][ T9364]  </TASK>
[  254.575725][ T9364] BUG: Bad page state in process syz.2.1253  pfn:1e2f4
[  254.582573][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801e2f4500 pfn:0x1e2f4
[  254.592650][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  254.599750][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  254.608356][ T9364] raw: ffff88801e2f4500 0000000000000001 00000000ffffffff 0000000000000000
[  254.616944][ T9364] page dumped because: page_pool leak
[  254.622330][ T9364] page_owner tracks the page as allocated
[  254.628030][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213529378, free_ts 247206465320
[  254.645054][ T9364]  post_alloc_hook+0x1f3/0x230
[  254.649811][ T9364]  get_page_from_freelist+0x3045/0x3190
[  254.655364][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  254.660547][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  254.666006][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  254.671887][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  254.677127][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  254.682513][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  254.687877][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  254.692816][ T9364]  __sys_bpf+0x48d/0x810
[  254.697043][ T9364]  __x64_sys_bpf+0x7c/0x90
[  254.701456][ T9364]  do_syscall_64+0xf3/0x230
[  254.705984][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.711865][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  254.718188][ T9364]  free_unref_page+0xcfb/0xf20
[  254.722953][ T9364]  ringbuf_map_free+0xc2/0x120
[  254.727705][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  254.732909][ T9364]  process_scheduled_works+0xa63/0x1850
[  254.738441][ T9364]  worker_thread+0x870/0xd30
[  254.743031][ T9364]  kthread+0x2f0/0x390
[  254.747081][ T9364]  ret_from_fork+0x4b/0x80
[  254.751482][ T9364]  ret_from_fork_asm+0x1a/0x30
[  254.756256][ T9364] Modules linked in:
[  254.760138][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  254.772278][ T9364] Tainted: [B]=BAD_PAGE
[  254.776425][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.786480][ T9364] Call Trace:
[  254.789746][ T9364]  <TASK>
[  254.792664][ T9364]  dump_stack_lvl+0x241/0x360
[  254.797332][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.802536][ T9364]  ? __pfx_print_modules+0x10/0x10
[  254.807637][ T9364]  bad_page+0x166/0x1b0
[  254.811783][ T9364]  free_unref_page+0xed0/0xf20
[  254.816533][ T9364]  skb_release_data+0x6dc/0x8a0
[  254.821377][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  254.826399][ T9364]  ? packet_rcv+0x159/0x14b0
[  254.830977][ T9364]  packet_rcv+0x16f/0x14b0
[  254.835383][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  254.840218][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  254.846186][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  254.852761][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  254.859249][ T9364]  ? read_tsc+0x9/0x20
[  254.863305][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  254.868488][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  254.874809][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  254.880953][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  254.887272][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  254.893935][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  254.899121][ T9364]  ? __phys_addr+0xba/0x170
[  254.903610][ T9364]  ? build_skb_around+0x111/0x260
[  254.908622][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  254.914510][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  254.919781][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  254.925229][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  254.931111][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  254.936646][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  254.942450][ T9364]  ? synchronize_rcu+0x11b/0x360
[  254.947389][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  254.952668][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  254.958900][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  254.964796][ T9364]  ? _copy_from_user+0xa6/0xe0
[  254.969551][ T9364]  ? bpf_test_init+0x15a/0x180
[  254.974313][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  254.979774][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  254.985159][ T9364]  ? __pfx_lock_release+0x10/0x10
[  254.990177][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  254.996003][ T9364]  ? __fget_files+0x29/0x470
[  255.000605][ T9364]  ? fput+0x1a8/0x230
[  255.004579][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  255.010388][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  255.015329][ T9364]  __sys_bpf+0x48d/0x810
[  255.019566][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  255.024316][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  255.030383][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  255.036701][ T9364]  ? do_syscall_64+0x100/0x230
[  255.041451][ T9364]  __x64_sys_bpf+0x7c/0x90
[  255.045854][ T9364]  do_syscall_64+0xf3/0x230
[  255.050383][ T9364]  ? clear_bhb_loop+0x35/0x90
[  255.055063][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.060946][ T9364] RIP: 0033:0x7f845bf7dff9
[  255.065346][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.084943][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  255.093343][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  255.101311][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  255.109283][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  255.117240][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.125194][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  255.133155][ T9364]  </TASK>
[  255.136210][ T9364] BUG: Bad page state in process syz.2.1253  pfn:5fae0
[  255.143062][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805fae0000 pfn:0x5fae0
[  255.153163][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  255.160260][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  255.168851][ T9364] raw: ffff88805fae0000 0000000000000001 00000000ffffffff 0000000000000000
[  255.177447][ T9364] page dumped because: page_pool leak
[  255.182843][ T9364] page_owner tracks the page as allocated
[  255.188541][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213517577, free_ts 247206478046
[  255.205569][ T9364]  post_alloc_hook+0x1f3/0x230
[  255.210326][ T9364]  get_page_from_freelist+0x3045/0x3190
[  255.215887][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  255.221071][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  255.226531][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  255.232451][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  255.237642][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  255.243052][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  255.248434][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  255.253375][ T9364]  __sys_bpf+0x48d/0x810
[  255.257601][ T9364]  __x64_sys_bpf+0x7c/0x90
[  255.262017][ T9364]  do_syscall_64+0xf3/0x230
[  255.266526][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.272513][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  255.278841][ T9364]  free_unref_page+0xcfb/0xf20
[  255.283606][ T9364]  ringbuf_map_free+0xc2/0x120
[  255.288376][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  255.293600][ T9364]  process_scheduled_works+0xa63/0x1850
[  255.299145][ T9364]  worker_thread+0x870/0xd30
[  255.303736][ T9364]  kthread+0x2f0/0x390
[  255.307788][ T9364]  ret_from_fork+0x4b/0x80
[  255.312218][ T9364]  ret_from_fork_asm+0x1a/0x30
[  255.316985][ T9364] Modules linked in:
[  255.320868][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  255.333003][ T9364] Tainted: [B]=BAD_PAGE
[  255.337137][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  255.347175][ T9364] Call Trace:
[  255.350438][ T9364]  <TASK>
[  255.353360][ T9364]  dump_stack_lvl+0x241/0x360
[  255.358025][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.363214][ T9364]  ? __pfx_print_modules+0x10/0x10
[  255.368313][ T9364]  bad_page+0x166/0x1b0
[  255.372455][ T9364]  free_unref_page+0xed0/0xf20
[  255.377203][ T9364]  skb_release_data+0x6dc/0x8a0
[  255.382038][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  255.387046][ T9364]  ? packet_rcv+0x159/0x14b0
[  255.391630][ T9364]  packet_rcv+0x16f/0x14b0
[  255.396039][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  255.400875][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  255.406845][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  255.413419][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  255.419907][ T9364]  ? read_tsc+0x9/0x20
[  255.423962][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  255.429149][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  255.435462][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  255.441617][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  255.447950][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  255.454633][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  255.459998][ T9364]  ? __phys_addr+0xba/0x170
[  255.464503][ T9364]  ? build_skb_around+0x111/0x260
[  255.469514][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  255.475405][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  255.480698][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  255.486153][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  255.492128][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  255.497681][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  255.503487][ T9364]  ? synchronize_rcu+0x11b/0x360
[  255.508415][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  255.513690][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  255.520027][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  255.525909][ T9364]  ? _copy_from_user+0xa6/0xe0
[  255.530662][ T9364]  ? bpf_test_init+0x15a/0x180
[  255.535413][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  255.540860][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  255.546219][ T9364]  ? __pfx_lock_release+0x10/0x10
[  255.551234][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  255.557028][ T9364]  ? __fget_files+0x29/0x470
[  255.561606][ T9364]  ? fput+0x1a8/0x230
[  255.565578][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  255.571374][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  255.576303][ T9364]  __sys_bpf+0x48d/0x810
[  255.580535][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  255.585287][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  255.591257][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  255.597585][ T9364]  ? do_syscall_64+0x100/0x230
[  255.602341][ T9364]  __x64_sys_bpf+0x7c/0x90
[  255.606743][ T9364]  do_syscall_64+0xf3/0x230
[  255.611230][ T9364]  ? clear_bhb_loop+0x35/0x90
[  255.615891][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.621772][ T9364] RIP: 0033:0x7f845bf7dff9
[  255.626172][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.645898][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  255.654303][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  255.662262][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  255.670219][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  255.678180][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.686136][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  255.694100][ T9364]  </TASK>
[  255.697167][ T9364] BUG: Bad page state in process syz.2.1253  pfn:30243
[  255.704035][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888030243af8 pfn:0x30243
[  255.714103][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  255.721202][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  255.729794][ T9364] raw: ffff888030243af8 0000000000000001 00000000ffffffff 0000000000000000
[  255.738382][ T9364] page dumped because: page_pool leak
[  255.743748][ T9364] page_owner tracks the page as allocated
[  255.749471][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213505903, free_ts 247206490683
[  255.766491][ T9364]  post_alloc_hook+0x1f3/0x230
[  255.771247][ T9364]  get_page_from_freelist+0x3045/0x3190
[  255.776796][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  255.781977][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  255.787436][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  255.793332][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  255.798521][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  255.803915][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  255.809290][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  255.814229][ T9364]  __sys_bpf+0x48d/0x810
[  255.818458][ T9364]  __x64_sys_bpf+0x7c/0x90
[  255.822876][ T9364]  do_syscall_64+0xf3/0x230
[  255.827370][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.833269][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  255.839574][ T9364]  free_unref_page+0xcfb/0xf20
[  255.844339][ T9364]  ringbuf_map_free+0xc2/0x120
[  255.849086][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  255.854283][ T9364]  process_scheduled_works+0xa63/0x1850
[  255.859814][ T9364]  worker_thread+0x870/0xd30
[  255.864403][ T9364]  kthread+0x2f0/0x390
[  255.868453][ T9364]  ret_from_fork+0x4b/0x80
[  255.872893][ T9364]  ret_from_fork_asm+0x1a/0x30
[  255.877644][ T9364] Modules linked in:
[  255.881523][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  255.893658][ T9364] Tainted: [B]=BAD_PAGE
[  255.897790][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  255.907834][ T9364] Call Trace:
[  255.911097][ T9364]  <TASK>
[  255.914013][ T9364]  dump_stack_lvl+0x241/0x360
[  255.918681][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.923864][ T9364]  ? __pfx_print_modules+0x10/0x10
[  255.928990][ T9364]  bad_page+0x166/0x1b0
[  255.933134][ T9364]  free_unref_page+0xed0/0xf20
[  255.937892][ T9364]  skb_release_data+0x6dc/0x8a0
[  255.942746][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  255.947754][ T9364]  ? packet_rcv+0x159/0x14b0
[  255.952339][ T9364]  packet_rcv+0x16f/0x14b0
[  255.956744][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  255.961577][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  255.967549][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  255.974124][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  255.980612][ T9364]  ? read_tsc+0x9/0x20
[  255.984669][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  255.989851][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  255.996162][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  256.002314][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  256.002511][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  256.008641][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  256.008667][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  256.026709][ T9364]  ? __phys_addr+0xba/0x170
[  256.031198][ T9364]  ? build_skb_around+0x111/0x260
[  256.036207][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  256.042088][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  256.047362][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  256.052814][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  256.058696][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  256.064231][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  256.070024][ T9364]  ? synchronize_rcu+0x11b/0x360
[  256.074948][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  256.080220][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  256.086458][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  256.092359][ T9364]  ? _copy_from_user+0xa6/0xe0
[  256.097110][ T9364]  ? bpf_test_init+0x15a/0x180
[  256.101872][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  256.107342][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  256.112730][ T9364]  ? __pfx_lock_release+0x10/0x10
[  256.117753][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  256.123550][ T9364]  ? __fget_files+0x29/0x470
[  256.128127][ T9364]  ? fput+0x1a8/0x230
[  256.132093][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  256.137914][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  256.142840][ T9364]  __sys_bpf+0x48d/0x810
[  256.147068][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  256.151819][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  256.157835][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  256.164152][ T9364]  ? do_syscall_64+0x100/0x230
[  256.168899][ T9364]  __x64_sys_bpf+0x7c/0x90
[  256.173300][ T9364]  do_syscall_64+0xf3/0x230
[  256.177791][ T9364]  ? clear_bhb_loop+0x35/0x90
[  256.182453][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.188341][ T9364] RIP: 0033:0x7f845bf7dff9
[  256.192740][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.212347][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  256.220750][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  256.228708][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  256.236665][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  256.244624][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.252581][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  256.260545][ T9364]  </TASK>
[  256.263602][ T9364] BUG: Bad page state in process syz.2.1253  pfn:5f755
[  256.270432][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033165000 pfn:0x5f755
[  256.280503][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  256.287622][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  256.296216][ T9364] raw: ffff888033165000 0000000000000001 00000000ffffffff 0000000000000000
[  256.304802][ T9364] page dumped because: page_pool leak
[  256.310179][ T9364] page_owner tracks the page as allocated
[  256.315907][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213494398, free_ts 247206503226
[  256.333022][ T9364]  post_alloc_hook+0x1f3/0x230
[  256.337794][ T9364]  get_page_from_freelist+0x3045/0x3190
[  256.343358][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  256.348543][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  256.354001][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  256.359882][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  256.365095][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  256.370460][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  256.375841][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  256.380769][ T9364]  __sys_bpf+0x48d/0x810
[  256.385041][ T9364]  __x64_sys_bpf+0x7c/0x90
[  256.389471][ T9364]  do_syscall_64+0xf3/0x230
[  256.393984][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.399867][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  256.406209][ T9364]  free_unref_page+0xcfb/0xf20
[  256.410965][ T9364]  ringbuf_map_free+0xc2/0x120
[  256.415746][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  256.420933][ T9364]  process_scheduled_works+0xa63/0x1850
[  256.426490][ T9364]  worker_thread+0x870/0xd30
[  256.431078][ T9364]  kthread+0x2f0/0x390
[  256.435156][ T9364]  ret_from_fork+0x4b/0x80
[  256.439562][ T9364]  ret_from_fork_asm+0x1a/0x30
[  256.444354][ T9364] Modules linked in:
[  256.448254][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  256.460392][ T9364] Tainted: [B]=BAD_PAGE
[  256.464526][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  256.474569][ T9364] Call Trace:
[  256.477840][ T9364]  <TASK>
[  256.480782][ T9364]  dump_stack_lvl+0x241/0x360
[  256.485448][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.490631][ T9364]  ? __pfx_print_modules+0x10/0x10
[  256.495733][ T9364]  bad_page+0x166/0x1b0
[  256.499879][ T9364]  free_unref_page+0xed0/0xf20
[  256.504625][ T9364]  skb_release_data+0x6dc/0x8a0
[  256.509463][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  256.514472][ T9364]  ? packet_rcv+0x159/0x14b0
[  256.519054][ T9364]  packet_rcv+0x16f/0x14b0
[  256.523464][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  256.528305][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  256.534274][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  256.540852][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  256.547343][ T9364]  ? read_tsc+0x9/0x20
[  256.551404][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  256.556590][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  256.562903][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  256.569044][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  256.575356][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  256.582033][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  256.587239][ T9364]  ? __phys_addr+0xba/0x170
[  256.591737][ T9364]  ? build_skb_around+0x111/0x260
[  256.596757][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  256.602669][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  256.607975][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  256.613432][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  256.619332][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  256.624893][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  256.630691][ T9364]  ? synchronize_rcu+0x11b/0x360
[  256.635612][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  256.640888][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  256.647133][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  256.653016][ T9364]  ? _copy_from_user+0xa6/0xe0
[  256.657769][ T9364]  ? bpf_test_init+0x15a/0x180
[  256.662526][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  256.667984][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  256.673381][ T9364]  ? __pfx_lock_release+0x10/0x10
[  256.678400][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  256.684195][ T9364]  ? __fget_files+0x29/0x470
[  256.688773][ T9364]  ? fput+0x1a8/0x230
[  256.692758][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  256.698554][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  256.703479][ T9364]  __sys_bpf+0x48d/0x810
[  256.707710][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  256.712464][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  256.718443][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  256.724807][ T9364]  ? do_syscall_64+0x100/0x230
[  256.729561][ T9364]  __x64_sys_bpf+0x7c/0x90
[  256.733963][ T9364]  do_syscall_64+0xf3/0x230
[  256.738452][ T9364]  ? clear_bhb_loop+0x35/0x90
[  256.743129][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.749010][ T9364] RIP: 0033:0x7f845bf7dff9
[  256.753411][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.773004][ T9364] RSP: 002b:00007f845cda6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  256.781406][ T9364] RAX: ffffffffffffffda RBX: 00007f845c136130 RCX: 00007f845bf7dff9
[  256.789364][ T9364] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  256.797344][ T9364] RBP: 00007f845bff0296 R08: 0000000000000000 R09: 0000000000000000
[  256.805305][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.813260][ T9364] R13: 0000000000000000 R14: 00007f845c136130 R15: 00007ffd4d55f5e8
[  256.821222][ T9364]  </TASK>
[  256.824296][ T9364] BUG: Bad page state in process syz.2.1253  pfn:2cb8a
[  256.831143][ T9364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802cb8ac00 pfn:0x2cb8a
[  256.841210][ T9364] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  256.848332][ T9364] raw: 00fff00000000000 dead000000000040 ffff8880751cf000 0000000000000000
[  256.856920][ T9364] raw: ffff88802cb8ac00 0000000000000001 00000000ffffffff 0000000000000000
[  256.865509][ T9364] page dumped because: page_pool leak
[  256.870860][ T9364] page_owner tracks the page as allocated
[  256.876573][ T9364] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 9364, tgid 9355 (syz.2.1253), ts 247213482994, free_ts 247206515764
[  256.893598][ T9364]  post_alloc_hook+0x1f3/0x230
[  256.898354][ T9364]  get_page_from_freelist+0x3045/0x3190
[  256.903903][ T9364]  __alloc_pages_noprof+0x256/0x6c0
[  256.909085][ T9364]  alloc_pages_bulk_noprof+0x729/0xd40
[  256.914549][ T9364]  __page_pool_alloc_pages_slow+0x122/0x690
[  256.920429][ T9364]  page_pool_alloc_pages+0xd0/0x1c0
[  256.925635][ T9364]  bpf_test_run_xdp_live+0x950/0x2160
[  256.931004][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  256.936394][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  256.941319][ T9364]  __sys_bpf+0x48d/0x810
[  256.945566][ T9364]  __x64_sys_bpf+0x7c/0x90
[  256.949967][ T9364]  do_syscall_64+0xf3/0x230
[  256.954475][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.960357][ T9364] page last free pid 1105 tgid 1105 stack trace:
[  256.966680][ T9364]  free_unref_page+0xcfb/0xf20
[  256.971442][ T9364]  ringbuf_map_free+0xc2/0x120
[  256.976238][ T9364]  bpf_map_free_deferred+0xe4/0x100
[  256.981420][ T9364]  process_scheduled_works+0xa63/0x1850
[  256.986976][ T9364]  worker_thread+0x870/0xd30
[  256.991553][ T9364]  kthread+0x2f0/0x390
[  256.995648][ T9364]  ret_from_fork+0x4b/0x80
[  257.000054][ T9364]  ret_from_fork_asm+0x1a/0x30
[  257.004832][ T9364] Modules linked in:
[  257.008716][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.2.1253 Tainted: G    B              6.12.0-rc1-syzkaller-00280-g489cee4caeba #0
[  257.020851][ T9364] Tainted: [B]=BAD_PAGE
[  257.024990][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  257.035035][ T9364] Call Trace:
[  257.038299][ T9364]  <TASK>
[  257.041216][ T9364]  dump_stack_lvl+0x241/0x360
[  257.045884][ T9364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  257.051070][ T9364]  ? __pfx_print_modules+0x10/0x10
[  257.056176][ T9364]  bad_page+0x166/0x1b0
[  257.060322][ T9364]  free_unref_page+0xed0/0xf20
[  257.065076][ T9364]  skb_release_data+0x6dc/0x8a0
[  257.069923][ T9364]  sk_skb_reason_drop+0x1c9/0x380
[  257.074936][ T9364]  ? packet_rcv+0x159/0x14b0
[  257.079519][ T9364]  packet_rcv+0x16f/0x14b0
[  257.083927][ T9364]  ? __pfx_packet_rcv+0x10/0x10
[  257.088768][ T9364]  __netif_receive_skb_list_core+0x8b7/0x980
[  257.094741][ T9364]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  257.101320][ T9364]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  257.107811][ T9364]  ? read_tsc+0x9/0x20
[  257.111955][ T9364]  ? timekeeping_get_ns+0x2c0/0x420
[  257.117145][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  257.123464][ T9364]  netif_receive_skb_list_internal+0xa51/0xe30
[  257.129607][ T9364]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  257.135925][ T9364]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  257.142593][ T9364]  ? __pfx_eth_type_trans+0x10/0x10
[  257.147779][ T9364]  ? __phys_addr+0xba/0x170
[  257.152277][ T9364]  ? build_skb_around+0x111/0x260
[  257.157302][ T9364]  ? __xdp_build_skb_from_frame+0x338/0x650
[  257.163205][ T9364]  netif_receive_skb_list+0x55/0x4b0
[  257.168503][ T9364]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  257.173959][ T9364]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  257.179843][ T9364]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  257.185381][ T9364]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  257.191197][ T9364]  ? synchronize_rcu+0x11b/0x360
[  257.196125][ T9364]  ? __pfx_synchronize_rcu+0x10/0x10
[  257.201404][ T9364]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  257.207635][ T9364]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  257.213520][ T9364]  ? _copy_from_user+0xa6/0xe0
[  257.218274][ T9364]  ? bpf_test_init+0x15a/0x180
[  257.223025][ T9364]  ? xdp_convert_md_to_buff+0x5b/0x330
[  257.228472][ T9364]  bpf_prog_test_run_xdp+0x805/0x11e0
[  257.233845][ T9364]  ? __pfx_lock_release+0x10/0x10
[  257.238883][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  257.244678][ T9364]  ? __fget_files+0x29/0x470
[  257.249258][ T9364]  ? fput+0x1a8/0x230
[  257.253229][ T9364]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  257.259037][ T9364]  bpf_prog_test_run+0x2e4/0x360
[  257.263972][ T9364]  __sys_bpf+0x48d/0x810
[  257.268200][ T9364]  ? __pfx___sys_bpf+0x10/0x10
[  257.272955][ T9364]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  257.278923][ T9364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  257.285237][ T9364]  ? do_syscall_64+0x100/0x230
[  257.289985][ T9364]  __x64_sys_bpf+0x7c/0x90
[  257.294388][ T9364]  do_syscall_64+0xf3/0x230
[  257.298876][ T9364]  ? clear_bhb_loop+0x35/0x90
[  257.303538][ T9364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.309418][ T9364] RIP: 0033:0x7f845bf7dff9