last executing test programs:

21.6872904s ago: executing program 3 (id=1985):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c000f001000010400"/20, @ANYRES32=0x0, @ANYBLOB="03000000000000001c0012800c0001006d6163766c616e000c000280080008"], 0x4c}}, 0x0)

21.624444176s ago: executing program 3 (id=1988):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x2000000, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100030000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r4, 0x400454d0, 0x9)
r5 = socket$inet6(0xa, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
unshare(0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r6, r7, 0x2}, 0x10)
socket$inet_dccp(0x2, 0x6, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20200000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r9, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_KEY_SEQ={0x12, 0xa, "771918b1f379273cd73e98e72568"}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x4)
unshare(0x0)
unshare(0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, 0x3, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x0)
syz_extract_tcp_res(&(0x7f00000003c0), 0x7, 0xffffff00)

20.679984059s ago: executing program 3 (id=2000):
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="5c00022000"})

20.423090827s ago: executing program 3 (id=2005):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0xe4f, 0xb}, 0x48)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f00000001c0)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000003c0)={'#! ', '', [], 0xa, "0f65212cfcbc5a061a655d0b786c6887152dd1dbbf3c1063b1177e4dcc23a549afc3d56eb7594f8bc9a4d4f268a09fcd25005015d12dd23f8896f055450d25d6a6de4d74cff07e6718d0a57728c2b319a57866c526a445ff414f9397034ff93f3f1af0aff6a80a355cb646c7f1d156b8d57f0a4a0a52bf0b720b1d"}, 0x7f)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0)
unshare(0x22020400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0x800c6613, 0x20ffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r5, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
socket$inet(0x2, 0x80001, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3800000056000300000000f700000000070200007104b74c87e1ecca38e97cb6ac3c9548e6ac3e999652c23f44889c3f5fb43fc4f5bbbfeaa9cb69a06acc2ef8f0e2f3cb8cab1d525adde5fe1fef157fa371f6f373604ea05ae279b49cd468aa806f9c36f7d5ab1361072fbed5e9372d10f040099bfd061b97acf866b390ebd85ec98fb2eeb4ae1ac5d81d794137ffe03d9bbe6208eb18bbc9ae335e2a54224647b19a29c60de38ddd99be7fdd57874fac1c3d1b0de2f6fb533e44315dbf4de76d48026dd9606440ea0e442c25da89951c452ff2cd7c1308eda591b603c9a9c88ac216a4128b254d8510a59eb3d0c81744e0a2f8899cc0378e7309c8186f22ff6f81bfa928810a6153deab2a730451f64d603c92a89b25479d4ac37d974b749066a430de98cfcc80933a77d0bc6aa136c27593f04f6f7fd54409e6d641a23472db679fac114dfff0843009a21dcdd0955e68c6a064b7132b78ca992ce16becdba0c98aca974f996316eb3755ed359a512b2cadc148ca7518", @ANYRES8, @ANYRES16=r7], 0x38}}, 0x0)
pipe(&(0x7f0000000140)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = socket$inet_udp(0x2, 0x2, 0x0)
close(r10)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r9, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r8, 0x0, r10, 0x0, 0x4ffe2, 0x0)
bind$alg(r7, &(0x7f00000002c0)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f00000004c0)="025ffd7c075ca1a01d971bf52e4bd22cddae67b3fef91248620859c1263d3796bc13979734cb71e874240d0462e0296d48d7cb88ad6a36ca859ef49199d62519d1579e1a197e6806500cb66b853be75ba0f89d5d335f67921b8c03b0e46ca2e161fed17aacd205cb83afffa3a1fdb722a8a2fe81eb376653904807927637653af80c8e523452e300db5e4fa2b7ef3d17e8860825faebd650a47da7579b6a096aa79045c58f4fc148202ec289d626114fe6881974c34c4c6ef876494ced528c006652551dc376bc895cb84c07ae76561582d84f1bec3b9de66f869d961d6644c614b9e057daa510", 0xe7)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r11, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000008c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="0100000000000000000017000000400030802000018008000100030000000c000500000000000000000005000200000000001400040052491482bcf25ca337af363e4a4ac77c05000200290000000c0006000100000001000000"], 0x60}}, 0x800)

19.57473714s ago: executing program 3 (id=2005):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0xe4f, 0xb}, 0x48)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f00000001c0)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000003c0)={'#! ', '', [], 0xa, "0f65212cfcbc5a061a655d0b786c6887152dd1dbbf3c1063b1177e4dcc23a549afc3d56eb7594f8bc9a4d4f268a09fcd25005015d12dd23f8896f055450d25d6a6de4d74cff07e6718d0a57728c2b319a57866c526a445ff414f9397034ff93f3f1af0aff6a80a355cb646c7f1d156b8d57f0a4a0a52bf0b720b1d"}, 0x7f)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0)
unshare(0x22020400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0x800c6613, 0x20ffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r5, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
socket$inet(0x2, 0x80001, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3800000056000300000000f700000000070200007104b74c87e1ecca38e97cb6ac3c9548e6ac3e999652c23f44889c3f5fb43fc4f5bbbfeaa9cb69a06acc2ef8f0e2f3cb8cab1d525adde5fe1fef157fa371f6f373604ea05ae279b49cd468aa806f9c36f7d5ab1361072fbed5e9372d10f040099bfd061b97acf866b390ebd85ec98fb2eeb4ae1ac5d81d794137ffe03d9bbe6208eb18bbc9ae335e2a54224647b19a29c60de38ddd99be7fdd57874fac1c3d1b0de2f6fb533e44315dbf4de76d48026dd9606440ea0e442c25da89951c452ff2cd7c1308eda591b603c9a9c88ac216a4128b254d8510a59eb3d0c81744e0a2f8899cc0378e7309c8186f22ff6f81bfa928810a6153deab2a730451f64d603c92a89b25479d4ac37d974b749066a430de98cfcc80933a77d0bc6aa136c27593f04f6f7fd54409e6d641a23472db679fac114dfff0843009a21dcdd0955e68c6a064b7132b78ca992ce16becdba0c98aca974f996316eb3755ed359a512b2cadc148ca7518", @ANYRES8, @ANYRES16=r7], 0x38}}, 0x0)
pipe(&(0x7f0000000140)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = socket$inet_udp(0x2, 0x2, 0x0)
close(r10)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r9, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r8, 0x0, r10, 0x0, 0x4ffe2, 0x0)
bind$alg(r7, &(0x7f00000002c0)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f00000004c0)="025ffd7c075ca1a01d971bf52e4bd22cddae67b3fef91248620859c1263d3796bc13979734cb71e874240d0462e0296d48d7cb88ad6a36ca859ef49199d62519d1579e1a197e6806500cb66b853be75ba0f89d5d335f67921b8c03b0e46ca2e161fed17aacd205cb83afffa3a1fdb722a8a2fe81eb376653904807927637653af80c8e523452e300db5e4fa2b7ef3d17e8860825faebd650a47da7579b6a096aa79045c58f4fc148202ec289d626114fe6881974c34c4c6ef876494ced528c006652551dc376bc895cb84c07ae76561582d84f1bec3b9de66f869d961d6644c614b9e057daa510", 0xe7)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r11, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000008c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="0100000000000000000017000000400030802000018008000100030000000c000500000000000000000005000200000000001400040052491482bcf25ca337af363e4a4ac77c05000200290000000c0006000100000001000000"], 0x60}}, 0x800)

10.138304251s ago: executing program 3 (id=2005):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0xe4f, 0xb}, 0x48)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f00000001c0)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000003c0)={'#! ', '', [], 0xa, "0f65212cfcbc5a061a655d0b786c6887152dd1dbbf3c1063b1177e4dcc23a549afc3d56eb7594f8bc9a4d4f268a09fcd25005015d12dd23f8896f055450d25d6a6de4d74cff07e6718d0a57728c2b319a57866c526a445ff414f9397034ff93f3f1af0aff6a80a355cb646c7f1d156b8d57f0a4a0a52bf0b720b1d"}, 0x7f)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0)
unshare(0x22020400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0x800c6613, 0x20ffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r5, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
socket$inet(0x2, 0x80001, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3800000056000300000000f700000000070200007104b74c87e1ecca38e97cb6ac3c9548e6ac3e999652c23f44889c3f5fb43fc4f5bbbfeaa9cb69a06acc2ef8f0e2f3cb8cab1d525adde5fe1fef157fa371f6f373604ea05ae279b49cd468aa806f9c36f7d5ab1361072fbed5e9372d10f040099bfd061b97acf866b390ebd85ec98fb2eeb4ae1ac5d81d794137ffe03d9bbe6208eb18bbc9ae335e2a54224647b19a29c60de38ddd99be7fdd57874fac1c3d1b0de2f6fb533e44315dbf4de76d48026dd9606440ea0e442c25da89951c452ff2cd7c1308eda591b603c9a9c88ac216a4128b254d8510a59eb3d0c81744e0a2f8899cc0378e7309c8186f22ff6f81bfa928810a6153deab2a730451f64d603c92a89b25479d4ac37d974b749066a430de98cfcc80933a77d0bc6aa136c27593f04f6f7fd54409e6d641a23472db679fac114dfff0843009a21dcdd0955e68c6a064b7132b78ca992ce16becdba0c98aca974f996316eb3755ed359a512b2cadc148ca7518", @ANYRES8, @ANYRES16=r7], 0x38}}, 0x0)
pipe(&(0x7f0000000140)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = socket$inet_udp(0x2, 0x2, 0x0)
close(r10)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r9, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r8, 0x0, r10, 0x0, 0x4ffe2, 0x0)
bind$alg(r7, &(0x7f00000002c0)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f00000004c0)="025ffd7c075ca1a01d971bf52e4bd22cddae67b3fef91248620859c1263d3796bc13979734cb71e874240d0462e0296d48d7cb88ad6a36ca859ef49199d62519d1579e1a197e6806500cb66b853be75ba0f89d5d335f67921b8c03b0e46ca2e161fed17aacd205cb83afffa3a1fdb722a8a2fe81eb376653904807927637653af80c8e523452e300db5e4fa2b7ef3d17e8860825faebd650a47da7579b6a096aa79045c58f4fc148202ec289d626114fe6881974c34c4c6ef876494ced528c006652551dc376bc895cb84c07ae76561582d84f1bec3b9de66f869d961d6644c614b9e057daa510", 0xe7)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r11, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000008c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="0100000000000000000017000000400030802000018008000100030000000c000500000000000000000005000200000000001400040052491482bcf25ca337af363e4a4ac77c05000200290000000c0006000100000001000000"], 0x60}}, 0x800)

2.122937089s ago: executing program 1 (id=2227):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f00000001c0)={0x0, 0x400300, &(0x7f0000000180)={&(0x7f0000000000)={0x20, r2, 0xb03, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}]}]}, 0x20}, 0x1, 0xffa6}, 0x0)

1.766970492s ago: executing program 1 (id=2231):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000071120e000000000095000070c88e3b00558ab81379d5b53ac0b6a3cd2554058927a23f96148eef6eb4a90bef0771c5fc3fbc5693990921d9b8b3098063bdffb296893584e3c56bb6caac4e3b0f769ea5fc7f139d888a6b9f3c3bd9829a8503480293682b5add6f782a1ca966ed1292c3461d8219239b58d7fd8686b07ad14c809ef04c1ad6f64384e389698907a2b8cf2ea21be30aa04a343d000000000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000440)='iocost_iocg_forgive_debt\x00'}, 0x10)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000002100)=0x10)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0xf, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_DREG={0x8}, @NFTA_BYTEORDER_SIZE={0x8}, @NFTA_BYTEORDER_SREG={0x8}, @NFTA_BYTEORDER_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd8}}, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r3 = socket$inet(0x2, 0x3, 0x9)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x8, 0x3, 0x418, 0x1c0, 0x40000, 0x198, 0x0, 0x198, 0x380, 0x358, 0x358, 0x380, 0x358, 0x3, 0x0, {[{{@ip={@multicast2, @loopback, 0x0, 0x0, 'vcan0\x00', 'wg1\x00'}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831866346c88621039b284c3ff45c42995560a99952bed40cf5a8b9fb6133db7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a7dbaae5592e8b15900000100", 0x8}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0x1c0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:system_cron_spool_t:s0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x478)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000200)={'#! ', './file0'}, 0xb)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r4, 0x40189429, &(0x7f0000000640)={0x0, 0x8, 0x9})
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x10001, 0x0, 0x1, 0x7fffffff}, 0x48)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xa, &(0x7f0000000180)=0x8, 0x4)
ioctl$sock_TIOCINQ(r5, 0x541b, &(0x7f0000000000))
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f0000000340)={'ip6_vti0\x00', <r6=>0x0, 0x29, 0xc1, 0x2, 0x0, 0x65, @loopback, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x40, 0x40, 0x7fff, 0x8}})
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, &(0x7f0000000400)={0x1, 0x1, 0xfd, r6, 0x4}, 0xc)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="30000000390009000000000000000010020000000000000010000180c9b6c6a3304743a6"], 0x30}}, 0x0)

1.389899387s ago: executing program 4 (id=2239):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0x2, 0x4e24, 0x0, @local, 0xd00}, 0x1c)

1.251271654s ago: executing program 1 (id=2241):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="620ac4ff000000007110be000000030095"], &(0x7f0000000480)='GPL\x00'}, 0x90)

1.211494911s ago: executing program 4 (id=2242):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000002000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0x100e, 0x2, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x1200, 0x0, 0x0}, 0x50)

1.174733365s ago: executing program 1 (id=2243):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x0, 0x30}, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000003c0)={0x0, 0x2}, 0x8)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f00000004c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[], 0x2df)
sendmmsg$inet6(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000240)='4', 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0x900000000000000, 0x0, 0x0)

1.087157346s ago: executing program 4 (id=2244):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r3 = socket$nl_rdma(0x10, 0x3, 0x14) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0xd, &(0x7f0000000bc0)=@framed={{}, [@exit, @exit, @cb_func={0x18, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x38}, @map_fd, @map_idx, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffff8}]}, &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x2}, 0x90) (async)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="7000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000480012800b0001006272696467650000380002800800050001000000080004"], 0x70}}, 0x0) (async)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000)=0x1, 0xfef2) (async)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x9, &(0x7f0000000040), 0x4)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="b00000000314010027bd7000ffdbdf250900020073797a310000000008004100727865001400330070696d726567000000000000000000000900020073797a300000000008004100736977001400330076657468315f746f5f627269646765000900020073797a310000000008004100727865001400330076657468315f766c616e000000000000090002"], 0xb0}}, 0x0) (async, rerun: 32)
r6 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
setsockopt(r6, 0x0, 0x2, &(0x7f0000000040)='>', 0x1) (async, rerun: 32)
getsockopt$bt_hci(r6, 0x0, 0x2, 0x0, &(0x7f0000000000)) (async, rerun: 32)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000b80)={0x2c, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0)
sendmmsg$inet(r2, &(0x7f0000002cc0)=[{{&(0x7f0000000300)={0x2, 0x4e24, @private}, 0x10, 0x0, 0x0, &(0x7f0000002ec0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x3, [{0x1, 0x2}]}]}}}], 0x18}}], 0x1, 0x0) (async)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000001c0)={<r7=>r1}, &(0x7f0000000200)=0x10)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00'})
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x1f, &(0x7f0000000040)={r7, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x34}}}, 0x81, 0x3}, &(0x7f0000000100)=0x90)

975.571236ms ago: executing program 4 (id=2247):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)={@map=r0, 0xffffffffffffffff, 0x2b, 0x0, 0x0, @prog_fd}, 0x20)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0xffffffffffffff05, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ec0000002100390d0000000000000000ac141400000000000000000000000000e0000002000000000000000000000000000000000000cacc5bbcfdea7476a148", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100ff010000000000000000000000000001ffffffff000000000000000000000000ac1414aa000000000000000000000000ac141400000000000000000000000000000000000000000000000200ff0100000000000000000000000000017f000001000000000000000000000000fe800000000000000000000000000000ac1e000100"/164], 0xec}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r5, 0x10d, 0x10, &(0x7f0000000000)={@empty}, 0x14)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r4)
sendmsg$IEEE802154_ASSOCIATE_REQ(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="422cfd6b68c5ad3c61d7e27070f0bb28d68634a495a0f978da9cffe786c3879c80399e9c449f92c729daf83b78567a9b967039e60df26c310cd9b812b18ecd370a85f36aa6bcbb738bde1924840e9cc4cc2285c62d30243dd332986d1cc106a3add0184c87ed4faa8148063611a37f1ed4db049ce143f3687358f7868fd8543f9c", @ANYRES16=r6, @ANYBLOB="01000000000000000000010000000500070000000000050011000000000006000a00000000000c0009000000000000000000", @ANYRES8=r2, @ANYRES16=r1, @ANYRESOCT=r1, @ANYRES8=r1], 0x38}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000002018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000045090100000003709500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x100b, &(0x7f0000001e40)=""/4107}, 0x90)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r7, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, r6, 0x4, 0x71bd27, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x810)
setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f00000000c0)={0x9, 0x1f, 0x7ff}, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b708000000000000a50a000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

918.35088ms ago: executing program 4 (id=2249):
sendmsg$802154_dgram(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="680000001000390400"/20, @ANYRES32=r4, @ANYBLOB="e3eb000000000000480012800b000100697036746e6c000038000280140003000001000000000000000000000000000006000f00000000000600beb93ef22c06caa90900040000000500040000000000"], 0x68}}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000700000009500000000000000267ce5fb6c2d6a2d61a8cd686c3492ae5f2b306d7ddf13e10216fb069b1f9bd89abf25448e85a7c997a76e15b2d075ea2f39d60af832c2b0"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x7, 0x0, &(0x7f0000000100)="e0b9547ed387db", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0xa, @remote={0xac, 0x1c}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty}}}], 0x20, 0x2000000}}], 0x1, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r2)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000008c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x33, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x24, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000500000000000000de49000018110000", @ANYRES32, @ANYBLOB="b75de51a54aae6e177d63867c32c13448177e51279500ceab6da0bb853a2da15f5e4d460d01e1e4856f7e6010bba557b741d0d6ee0623181d85560c827", @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000509000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000950000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018100000", @ANYRES32, @ANYBLOB="0000000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x9, 0xe2, &(0x7f0000000700)=""/226, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x40000008, 0x9b, 0x200}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r6], &(0x7f0000000980), 0x10, 0xfffffff8}, 0x90)
r7 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r7, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="140000000000000000000000070000009404d8d619d100003c000000000000000000000007000000071b47ffffffffac1e000100000000ac1414aaac1e0001e0000002c20346070b00ffffff"], 0x58}}], 0x1, 0x0)
r8 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendto$inet6(r8, 0x0, 0x0, 0x2400c844, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x28, 0x5, 0x0)
r10 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r10, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r10, 0x0)
connect$vsock_stream(r9, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r11, 0x29, 0x0, 0x0, 0x0)
sendmmsg$inet6(r9, &(0x7f0000000940), 0x3ffffffffffff3c, 0x0)
close(r10)
close(r9)

810.220602ms ago: executing program 4 (id=2252):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xd, 0x0, 0x4, 0x8000007, 0x0, r0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x80)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
getsockopt$WPAN_SECURITY(r2, 0x0, 0x1, 0x0, &(0x7f00000005c0))
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
close(r5)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet6(r7, &(0x7f00000004c0)={&(0x7f0000000240)={0xa, 0x4e20, 0xfffffeff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c, &(0x7f0000000a80)=[{&(0x7f0000000540)="9bf1f09739467ab877451f38a19d996953c0012be381117a72880bfa9352b37f743df0562ed7bc9bc129a01abd5188df5298612739c7281c914f67c104e06ae1fff5641beadd3542d2eea8d6acf39144c16e5092291a2c86c4398c84d5ee8b8b536da9ed30abb616447ca615810accd731d941687447708c8bd3034b36e5faa67c2557136574838f79934bda2fdce7bc0f98194cecf23a386c23926dc2c64f13d34f1c1b81eda316c63f32b98d0a5d9e01aed2435f41ff", 0xb7}, {&(0x7f0000000800)="94b3f8d395653087498efbfa8f3f8d05d8efc0f71f5e572ee17166715c86e9366c21e2faad2809e1b2665bb95b6d445a48c3138cefe1dc904204385eb982479979b5287b094f96bff1d9196c2a95dbb369dfd6586d75c87407c750dc0d79a670634d1af274156ab8eed643b3a76e3a43e2da1993f182bd6eaa7a93ae6eae24f25b71cec66adfc74a3311ab87a6b878cc30aee2678b35dcc0032c7436cc6a61a97879e8d7f6041c4a44a817e672232c66e534e769fe56cce757968221725697c2c8ac6ef4f669ef11c2bce677befd4c56803be4470d61a94a4e848d87e66fca8da41d5dc3f6ecc8cf749ef31d", 0xec}, {&(0x7f00000002c0)="f16f26b761043b97813d626f5ad0dacde09f5062de189113b6cce67c49937b580d408fdc001a6a733ae4a66dd025f879be76282e0c3f62184ec8dcfb3ade3d5ce3a804ed327f927fa0b3ba0951b4b66ef58518adc272ae352c31d736568de47597b85aea6f81c9e38348e5d1d631d3348ce7c26279c4fa1f1999c6", 0x7b}, {&(0x7f0000000940)="c51843fa6ecf629b4bf23843b0af912e54dc7746cd33d5cf5299aaecdccc7a39480cf78ca74c6f589c79ea6e31c13693d51a98e997e6df1e2727cc573c72eeee44b080e21a1682414ac51d7627292961e4ac376079879be87394bc3d856e3ebc337f37dd86fdf6d348015138fc840e93504cb317841c4e290c560e663862c3cab85d72645110ef08b85b18619eb920a47eb10775441542ed57", 0x99}, {&(0x7f0000000a00)="6d0d2571155673f6215b2eb6496a541f402decd51e4f5c597775d7a69790cb4d4a1af1609e8cc499a60416c94ffb319bb4cf35724a61ef506acb3c4653e19bbb34a7ad687af5a0ae12230b61745c076f9019353ff4d00a4ab02d80d4b2502c1243df6015bfd80c7ca7b982d71c2801", 0x6f}, {&(0x7f0000000400)="e36983fc8564dd697d8ba42ca59f9f690bfe73af253b5a5923b6ace3dbae253a85fd81e186acb52255beef5c6bc3879eeccb6e898378bf", 0x37}], 0x6, &(0x7f0000000b00)=[@rthdr_2292={{0x78, 0x29, 0x39, {0x4c, 0xc, 0x0, 0x25, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @mcast1, @ipv4={'\x00', '\xff\xff', @local}, @private2={0xfc, 0x2, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}]}}}, @dstopts_2292={{0x20, 0x29, 0x4, {0x6c, 0x0, '\x00', [@pad1, @pad1]}}}, @rthdrdstopts={{0x70, 0x29, 0x37, {0x4, 0xa, '\x00', [@calipso={0x7, 0x40, {0x1, 0xe, 0x9, 0x1, [0x9, 0x7, 0x7, 0x7, 0x100000001, 0x9ba, 0x6]}}, @pad1, @enc_lim={0x4, 0x1, 0xf8}, @enc_lim={0x4, 0x1, 0x1}, @jumbo, @enc_lim={0x4, 0x1, 0x20}]}}}, @rthdr={{0x28, 0x29, 0x39, {0x87, 0x2, 0x0, 0x1, 0x0, [@dev={0xfe, 0x80, '\x00', 0x36}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0xb3}}], 0x148}, 0x10000095)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='nv\x00', 0x3)
sendmmsg$inet(r6, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a91d750e168350685e0f4f079d2d8e79be174ef9355b70719c712c5d15d2e7505a8696b5", 0xb8}, {&(0x7f0000000180)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20d7f7f7343067fd40cdd4b16742e94b62f4eb1c5d9f56ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1b40955e9a59cf0e5e8ac68c27da3d542ae", 0xb7}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef3", 0xde}, {&(0x7f0000000440)="fff5c0293353db83a683db60266a3867d03f740f4f0a7bafe7be9b2bac0bf1b2019dbde5f640c897ac57789fb8490642b47a96f0d03ec69d1f6e90e86be7fb3ef9e76969438283b0", 0x48}], 0x4}}], 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r6, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

568.518668ms ago: executing program 0 (id=2254):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00\x00d', 0x20, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0xc, 0x40, 0x4, "92aa1ef27b023fa4"}]}}}}}}}}, 0x0)

546.176652ms ago: executing program 2 (id=2255):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@private2, 0x0, 0x0, 0x2000000000903}, 0x20)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x4380000, @remote}, 0x1c)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="5c00000512006bab9e3fe3d86e17aa31070000007ea60864160af365da8fb21a38001d008fbd983247f07251ca60bc24eab556a71a251e6182949a3651f60a84c9f4d4938037e786a6d0bdd7fcf50e450998530000000080bcc7f874", 0x5c}], 0x1, 0x0, 0x0, 0x1f000008}, 0x0)

439.333596ms ago: executing program 0 (id=2256):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000640)="140000002a000b6c8cff00f90429fc60010f5ddf", 0x14}], 0x1}, 0xfffc)

436.753305ms ago: executing program 2 (id=2257):
r0 = socket(0x2, 0x3, 0x9)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}, 0x48}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x20}}], 0x2, 0x0)

420.804993ms ago: executing program 0 (id=2258):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x3c1, 0x3, 0x510, 0x0, 0x18c, 0x203, 0x328, 0x1903002c, 0x440, 0x2e0, 0x2e0, 0x440, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x328, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@NFQUEUE3={0x28}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a5)

415.13489ms ago: executing program 2 (id=2259):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@setneightbl={0xb4, 0x43, 0x1, 0x0, 0x0, {0x2}, [@NDTA_GC_INTERVAL={0xc}, @NDTA_PARMS={0x18, 0x6, 0x0, 0x1, [@NDTPA_LOCKTIME={0xc}, @NDTPA_APP_PROBES={0x8}]}, @NDTA_NAME={0x9, 0x1, '&/\\-\x00'}, @NDTA_PARMS={0x60, 0x6, 0x0, 0x1, [@NDTPA_UCAST_PROBES={0x8}, @NDTPA_MCAST_REPROBES={0x8}, @NDTPA_PROXY_QLEN={0x8}, @NDTPA_QUEUE_LEN={0x8}, @NDTPA_PROXY_QLEN={0x8}, @NDTPA_IFINDEX={0x8}, @NDTPA_DELAY_PROBE_TIME={0xc}, @NDTPA_PROXY_DELAY={0xc}, @NDTPA_IFINDEX={0x8}, @NDTPA_ANYCAST_DELAY={0xc}]}, @NDTA_THRESH1={0xfffffffffffffce0}, @NDTA_THRESH2={0x8}]}, 0xb4}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'syztnl2\x00', <r2=>0x0, 0x2f, 0x6, 0xaa, 0x80000001, 0x5, @mcast2, @rand_addr=' \x01\x00', 0x1, 0x0, 0x4, 0xdee0}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000200)={'syztnl2\x00', r2, 0x4, 0x4, 0xff, 0xee, 0xbea4bba250098e5d, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x80, 0x20, 0x3000000}})

161.111651ms ago: executing program 0 (id=2260):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x18, 0x1, 0x1, 0x101, 0x0, 0x0, {0x60, 0x0, 0x9}, [@CTA_FILTER={0x4}]}, 0x18}}, 0x0)

160.749875ms ago: executing program 2 (id=2261):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x8, 0x5}, 0x48)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000080)={0x0, 0x7, 0xdc, 0x3ff, 0x7, 0x1, 0x1, 0xfffffffe, {<r2=>0x0, @in6={{0xa, 0x4e23, 0x6, @local, 0xfff}}, 0x1, 0x7, 0x5a2, 0xcba6, 0x401}}, &(0x7f0000000140)=0xb0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r4, 0x0, 0x9, 0x910, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote}, 0x1c)
ioctl$FS_IOC_GETFSLABEL(r3, 0x81009431, &(0x7f0000000240))
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r2, 0x9, 0x10000}, &(0x7f00000001c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xc, 0x9, 0x0, 0x1, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x4, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

158.671984ms ago: executing program 1 (id=2262):
sendmsg$802154_dgram(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="680000001000390400"/20, @ANYRES32=r4, @ANYBLOB="e3eb000000000000480012800b000100697036746e6c000038000280140003000001000000000000000000000000000006000f00000000000600beb93ef22c06caa90900040000000500040000000000"], 0x68}}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000700000009500000000000000267ce5fb6c2d6a2d61a8cd686c3492ae5f2b306d7ddf13e10216fb069b1f9bd89abf25448e85a7c997a76e15b2d075ea2f39d60af832c2b0"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x7, 0x0, &(0x7f0000000100)="e0b9547ed387db", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0xa, @remote={0xac, 0x1c}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty}}}], 0x20, 0x2000000}}], 0x1, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r2)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000008c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x33, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x24, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000500000000000000de49000018110000", @ANYRES32, @ANYBLOB="b75de51a54aae6e177d63867c32c13448177e51279500ceab6da0bb853a2da15f5e4d460d01e1e4856f7e6010bba557b741d0d6ee0623181d85560c827", @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000509000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000950000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018100000", @ANYRES32, @ANYBLOB="0000000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x9, 0xe2, &(0x7f0000000700)=""/226, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x40000008, 0x9b, 0x200}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r6], &(0x7f0000000980), 0x10, 0xfffffff8}, 0x90)
r7 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r7, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="140000000000000000000000070000009404d8d619d100003c000000000000000000000007000000071b47ffffffffac1e000100000000ac1414aaac1e0001e0000002c20346070b00ffffff"], 0x58}}], 0x1, 0x0)
r8 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendto$inet6(r8, 0x0, 0x0, 0x2400c844, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x28, 0x5, 0x0)
r10 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r10, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r10, 0x0)
connect$vsock_stream(r9, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r11, 0x29, 0x0, 0x0, 0x0)
sendmmsg$inet6(r9, &(0x7f0000000940), 0x3ffffffffffff3c, 0x0)
close(r10)
close(r9)

158.084508ms ago: executing program 2 (id=2263):
socket$inet6(0xa, 0x800000000000002, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @dev, @local}, &(0x7f0000000340)=0xc)
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10)
socket$inet(0x2, 0x80001, 0x84)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000001f00)={'sit0\x00', &(0x7f00000004c0)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @rand_addr=0x64010101}}}})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[], 0x0}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30000000004c000000060a010400000000000000000100000008000b40000000000900010073797a3000000000240004802000018007000100727400001400028008000140000000150800024000000001140000001100010000000000000000000800000a"], 0xd4}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000680)={'#! ', './file0', [{0x20, 'sit0\x00'}, {0x20, '$:,)'}, {0x20, '+,'}, {0x20, '\x17&\t\b9\x1az\xe3\xcd\xf0S\xdd\x87\'/\x95\xa0e$\x1c\xce\xd1\xc9\x85b\x18b\xf1\xear`\xe8\x19\xdf\x96\xf8\xed \x9b\x8a\xb3<r\xf0\x9a\xb8\xfd\xf0/\xbf\x143\xf9\xb5\x1e\xe8\x00H\xff\xa6\xd0\xe2\x88\xe3\x06~\'\xb8\xfa>9\xa9$\xf1\x87\xd5s\x9f8\xeb\x98T:L\xa8\x9fu\x8d\xb6SQ\xec|a-\x84\xffH6\x1a7\x13\x9e9m\x80\x8b=r\xe2\xba?Ed\x1eW\xfd\xd5\xea2/\xaf\xd3\x81\xe7=\f\x9f`+\xd9\x9aF\x877\x9d\xb9\xc3\xe4y\xe9\xaf\x88\xd9\xe0\n1\xbfYNu\xcb\x88/)\x13\x90\x89e\x8fA\xcf@\x90\xcb{hd'}, {0x20, '})(\x1f-*'}, {0x20, '\x00'}, {0x20, '\x1d\x1bU!\xe5\x18\xd2\xf2\xe1L\xdd\x98\x1a\xba\x1b\'\x10r\xf2\x00\x1d\xee[P\xabV1-r\xc6\xb0r?\xcb\xff\xb3j\v4\x9f\xa0\r\xad\xdf\xbd\xa58\xe2\x1ftW\x11\xed\x7f\xab\xc5I\xb4\b\x04\xc3g\x0f/H\x12\xb2\xa9\x1f\x13P\x8a\xbc\x80d\xaf\xf2\a\xd9\x18\xa5W\x0e\xb1\x9fN\x99\xf30('}, {0x20, 'tunl0\x00'}]}, 0x12d)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r5}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
bpf$BPF_PROG_QUERY(0x1e, &(0x7f0000000240)={@cgroup, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000440)=0x1f)
ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000080)={0x2000000000000241, &(0x7f0000000400)=[{0x6, 0x7}, {0xfff, 0x20, 0x46, 0x401}, {0x7, 0xe0, 0x6}, {0x1ff, 0x6, 0x40}, {0x5, 0xf8, 0x81, 0xc000000}, {0x4, 0x3f, 0x8, 0x20}]})
write$ppp(0xffffffffffffffff, &(0x7f00000002c0)="1627", 0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1a, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="380700000000000000000000000000001811000030d9778869e6a480080d36ed6dd6fd653b9db9f9f62ebef7c4041eb6e56b0ef80e6fcb1ff131", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000031000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet(0x2, 0x0, 0x84)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r7}, 0x38)

111.196134ms ago: executing program 0 (id=2264):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe4, 0xe4, 0x9, [@fwd={0x6}, @ptr={0xc, 0x0, 0x0, 0x2, 0x4}, @restrict={0xd}, @ptr={0x8, 0x0, 0x0, 0x2, 0x2}, @var={0x3, 0x0, 0x0, 0xe, 0x1, 0x1}, @union={0x10, 0x7, 0x0, 0x5, 0x0, 0x6, [{0xe, 0x0, 0x6}, {0x0, 0x5, 0x400}, {0x2, 0x2, 0x8}, {0x8}, {0x2, 0x4, 0x8}, {0x10, 0x0, 0x7}, {0x10, 0x1, 0x101}]}, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x9, 0x2}, {0x7, 0x5}, {0x9, 0x5}, {0x8000, 0x4}, {0x9, 0x5}]}, @int={0xd, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xd, 0x1}]}, {0x0, [0x2e, 0x30, 0x5f, 0x61, 0x0, 0x2e, 0x61]}}, &(0x7f0000000240)=""/22, 0x105, 0x16, 0x0, 0x8}, 0x20)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000480), 0x8)
ioctl$PPPIOCSFLAGS1(r3, 0x40047459, &(0x7f00000004c0)=0x20008)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180008000000003e13e0eb43000000f4281bd7234ab2024a8f67d60d317e9d00000000000085000000"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000002fd300000000001200000008ffee0000000000f40006000500000018000180140048eee1eb616d5f736c6176655f3000"/65], 0x3c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000180)={0x77359400}, 0x10)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
getsockopt$bt_BT_CHANNEL_POLICY(r7, 0x112, 0x4, 0x0, &(0x7f00000000c0))
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x2}}}, @TCA_EGRESS_BLOCK={0x8}]}, 0x44}}, 0x0)

68.349228ms ago: executing program 1 (id=2265):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="340008006800010000070000000000000a0000000000000006000700000000000c0007"], 0x34}}, 0x0)

2.830673ms ago: executing program 2 (id=2266):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, 0x0, 0xa)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000003f80)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000000680)="31f7c654fa47f3155d6b073d0ecd10fdf5cc46a95a4e6193278dc55a0bc7cd449140656010a098b446173641652c0fb8dcdd851d2dc611543d8e1bc10c4f87b7975de95687ba419eb8e3a936d3ec777b197ce24815740630ceefe2d44d69e880e5f8497232475f5dc762d5fbb9eb939f709a94ef371584a8ea119e00f6d63f44067627c2ad473fc344812de0c67bd56b03e68a2835cedca1f75e930ec6be6df33a28dcbd21f7046781d3e250c8bc18ada8b76cd94e46fb34ad1549d36f7d27235d8541f336959236fd56486d99451bc7b1b6d875abef7abe6b90aa9c14b8e1665f70f6d755a9bed11fb45724f5b859b9456c7a75771998e809f9eecdc3aefa3c9c43512edc51d5e1e4e3ce36f4dbab2b6b9405f3f15870df1438da57aadcb109b6f4e134ccf51ac6f56407ce203bb2a8d292a9abf622b24c8afaec244b59e3ef03cf0ce7ac8f55e010325b20464d82f89cb93d97dd6a30380f92298cd6fccae850815707e59330737ba88630e3c3e15f6fec26ddb458c3b78c71e10f8d17152d24209251ec5fb0562f975e31bd8c9463c24f84252a8c89a4611a4263d39d8a9f1ae4b7458511ab15ec1b3749dca8771870b3cdbda3394d72da64f5691c2f5489251e1a010f00ada7c8c19075156fd9ba582e4cc4ceb0abe27e3addfa68d5f57f2810919bef9a2a028ec893d983dea1e3d0efb4e6c9d93b3b601ef62367fb1e82b87cd88f85f689f698aafbb3989c55e5c964e73df77a7212cc7fd9689e0fbfcba0a926dbc4418b03f7b529f373230fe6d423794bd11fe433ede3e05f247da9a1774cf9f08aa460c6d067fa5a02fbbdcf0298fdb5c536dc3996b2c6f3255b7eb4f0620e38dfd07f8da316cf385ae7fabfb5972bb15646265701400391f8b008739fd44d367e4c0d09cec2b2463b9dd0f10baa3ebf18feb3eee54b596b8144432bc1aba50be06b2b41880b5116504b18a31bfd2dcdba8b417905cfef85b2c5295d10ba26ff05039715d5af5fae54b0cfc424b90e521693a998b967c2864c55b3e0307ff0fa0c0d73f064ab1ba4753d41f866b339c66acc3b226121d75a98f1d2db0cadadd6decd40bc0e436fbfdf7fa8c73a255627d5802a360ce17e6a31bfc0b26a0b571ed289b0706815ed73aeb9d67182791ed2ca3e00f794a1523eab54896f57cbfacef58ff103e84408d6187d36ee0df2c1700a238c6ac0bf34bd08fc375a1354c6d9079b18c01c64e8bbced086e949f556ff914faf93c57e6e7a140bf0b0b496cbf7a7700d1cbb080e24cdaa58da05497f435931999804bbe7fea01f8dd4c11791ea4f6ddfc321406ba0b9033cdfe5ff43827610a43ad3b29728121a33692572051260eaffbd228b00d2489424984a3798da58c8bb2386b6bfedc66addf3e5b60bfab2c7ead83018987f13e1b8752fb4a51a8695b2d40aa60fee4200dc5cdd1ef8bed715e1283d996bb303100a428fd96b51102c401b2004ac8cef3309cee5552665278327f3f89c5794da0b7a18e0b7cf25ce7e6c2eaa46105549a339fe8213140d6cf5418ec0277ad51c4d385a5e0bb1c3a831cb5121de686fd23600ee6be681466793192415bc72cd5a5ee101befb91bd5479ade540f6cd86ca8d9c279270d11b411d52a649ef72e19d24f2c5d32de29d178ba4fbff9c6833a1774cd026fe3a0ae8b9f76afffe15e9fa5eef8f6cbecd56212ba67575e73391fb37b82d42f3372252f59e4851a3eaf20f0cdae80050245b59874100fd251cf8835007c36c986e172765d28ae639fdfa8a975ce89e237523f965b5cf238a8319c3560d7921d4c08586b2d63bdf5cbd60395ba3f85a0aebb34a198fe6f82d1e1d792c6d1bfdb5d87054a74115cb80b3003cbef82d87f4a73cf9d11be15aba23a4e98debab98d1b1db33416ed1dac5eb85938a9ca0b2bbda7ed9a818a2b0978112c7ee2944070ce29091e9edda94919e48ef7afe3a13c10d56c792ca25069427a48d1a114c0c1619644704ea16fb2e697b3fa0fe1fa0b1429b594114e6479b2d1d3627934990cefcd72d088e8c40077280b1d7655ac3e86f442d7424b82934bc1ee532b803e33298d4f13aecc3da5ea201628121012398f3c971028964c7bf1dfefd00bd8f7fcc47cbcc66a3fd090c49eaa3db2b0c0debdcc748c1fdd745cd389e1a176b1d002f0ec590d829d60f8f2a3c1d0036f279655636962aecaaed7784cf7a6cc5c86b5f1d4c9d49d6b272f80066b29dc4b852969031390fcbc8cc8a6d7a6b19b2dee393ef5903e3a94cf9f23a3685a2031a603dec3871e6167978e9b42d8570e77abeaa7ab294bbd1563c1b4b8523d131b81d725df2bcd2040edf411d8d7cf848e48f3a2735daef86c3c25d2801af0733f203dc3ce8e2b433955d0b83b21f799f8032b5bfaf919bcfd40ec2714a6b6e81f2554292a408f85ab06aa87744b7b1c5d140442fd7d846993a749c01167cc73377fe75f0ed4e9f1f2cbaa7e46c8ffea9b471f4b334e6c4a9d25339a1bb23f0c591bc61695f577061a399713fea61efac520b47f5c4813f2bfdd55ab632fc0aa7d7dccd862ff1374e9fbd43202574d52e78e6b087a92c34733e4dd76994dc5555c51990bb76d3df49d4d78ff083b7b9613050c0adb8960c99b102c985f811c702500159b6e8bfb9b3cdd67d0cfe8d931c24ee21c372ea4821f6d53549ed8929684284aa5ec5cc24a2c9835a39c4b191ec2f6ef6e3b199fee8cf8f92425a4b7425d0d837772106f5d0e07ee602128e9ab3cbc3b4b8702950860d5b4891173dbc19513c0d349858a93e806c90d5383994b389fe37d2238df6d3ef4209f066bfb6ecd9934d9bf66aa26c9fce9b408f318d13408e18d938f238b61a5a2323240d8e1d4a65b4900d75faabf16d8057d7e3b63a565fb8389767e6fca1ab0cf2f0c2c7496f3a7b8c2238a5f8543192789c64b50d8a0a75a17869ddfb28fd604482a796d75111da79f9acb5983afe6bd667949ae4d492605b87dc77dd53e02179935fe3c66e1c2c88f57994e3de7f3a679f0f7ce50280101e47c1e98fc35d00ba29fec48695894557599dd7f20e6d5905c45a4ef2d4a1a1f6fc0ea3d614c184c1eb6176493fc5ff281cc165c6b459fc0dad73fe530964c7917a05af42cad3b81d88b591b51308b0ec295640c9fff70f7617872436d7fcb7bfc95429ff7a9bb715f80a6a4dd0fc5b2a8ef69205b23060966d5e089a7c13ba8275e5f0652efdf79cf097647f171cca00bcec25ce1426ded5439dad0f50ff246321a845cfbab3dfcac24664a89099f25d4190c197674a2350a9a288988ab469526469d1df6cf133a9f563982d0bfffa63ef18890ab5d0e1cdd481504a4845c50e60be5587ec739f26f9585a2ba136fbc0b3f83e1a76c4200bda820b35d1b612f00935a591b939356d64a9b654c2cf063f107e10884d067d262ffe2d3c6d4611ee838e111540e6d7ede21aaf130b645d18cadc5877ada3b10779a5c2a79a0072b7be285b16c97edef51e74754e54621ab05134b87d1847dfb6aa1bd1b6a334cb23d77277369f3541fdff40ef66ba825b7d8bedf6f283d5d47bc789f69abbc7df0dc48cde61944572bae2e284d972b48adb886bb6d0e414ff0a2b8a4a2f43ccd53a2a0d7332295cb7f512ffb6ff4b5d34bdbbcbe6c53b4a89170356f9eea6c86b15ea3863b1d9703b89105f8f612bd75060bc06d571ae0731c2da8377d8bb24d9325528cea465d8f405db629f9ab0fdd5d2845b6946f56dca7609af92b08b596f932799f5e0c683b611cea2cc7a6f4d423529ae2dfac34bb2d2d119b7415e38717ea9ed7a3985ae4b00cdc5d57e4e47c00a9b39274b13abbd3f827cfe84a56cc0e5f541b9ab58cf1d44665c6b31c3c6886731530b399604e57e049b5a78ce658161723ac47bda190209b56ea1663fe98c25c1ae6486a4f93a06574d33c3085c79578b2ec40bb30796c0dd3dd3365fbbeffbcf295393bb91521f2de0358d3d3a4505e038ae80a49c3187bfbc3f5d37f3b9fe916ad7722a39d2ce7c37358efc031dfd12e5ca6160f36082226ea3caea02f2fa0c7c3d15e13907a8e818fa0c75e65ac646ad6c046ea5a421593e038ff58625961f7af6e2ca43ae37a38871ef9ad561f67bc92a24fad4388cbd6e5723497db6b023e9315c2ae9d360b3563a562fd99fa69efb8e99ebf6f4a8356a46c341599b619733f72f09677b1f811e0f1ec3135520c9f0c013beb3d1b797dca89fbaa12c73dd335c307078dbf8c771913de7d6b7919dd6e4c473cb714928bbf01c48d5a491e082c21182583f3108e2ab0ead50d810b4d2c4a46c7be61d2007613e2766754333e4a672af650e10659fe46d36d272ae242a401d119a867194a32e8af058ea973a99b6c6c88453dca29072e3920317907008a076a76b36d10f6c9ef0115780a9eb08d74e36356e280b19095f91c90fb687eaded25b53f3e98a6df26cc000c2e332fc7e50186dafcfaca36d475bcac14fa393ad203f8239c1365a88bd4dce921dc1628e666e83ec3ce3b65dfeebb593a1e8869a0bcd6573e4c043b8662e803a5cad746c3ca11db8ce2cad4302e71b8cf08965d75c08fd6c578121b8c01b98e5da7b3337b581892adb672a8c33f92935540dd21322b3278aa99a94ec018a2a0be140cad0a710269d4363dffd4f55b9544e7f5bbb48c0cd580cf6dd60fa556d5b7349db1dd74f29bb69991f8b07abe84b6a85ec90fe41ccaa756cd1d1a834be3aa4012f64d621f7198b0dee1bfdef72ba5cd1fe1591e0cb8d084b44f7b2cd1f29d83ed58e446fe2728e1e4230a74d8aae0cd8af138b55cdf64b65df4f681a81c5dee0db7d9a63ae7321c9bffa2fa70606a31ce07d22ed4af56e8bec01a53b14c952ba7a05d7591151b6f86ce984c06bcca4028cc3ef59cf050eab87804700ddaf9f1d269c7c44d50d5bfcba4f2e4c884680091978dbe2453f120d2f3c38880cb1ac6b7f48a2a0b63510e0f31152957c8f60a3a6573189b916e74abf4dd6b1b0da583d3e2f3d0c87883effd4eb1cdb2ad0aadcce64bb9e05ced3adaaa23ea8f01aeb81768ac5af3becda2a06fc240dab8e246409efdc8b21e1524542bf46a8d75b289de21d01771cc571e7fe0eb97eeb4fd77ae6f4d7a292414147fe0b63d294049ade940f97e91ffc95ebf752a403a52fddaa027afbc056ff92958081580dc2cee1f17e21c3f064dd5ceb4a4c853b8d30e90920f88f34ea1f07c5f84aeb87919d403cd2a746a7402697fffed094a852a53a5b5af0ad4390e36122975cfadb4114b7add9dbf925c8f71127b4e712111094378afcf8f7cf38be98c9ef27102e0f6b787d876a91499215ebb57b7798034a5c543f18a08824d9776b6a68b05e21289951c3320cc6b575f5f99da7bd398b4451c3ded849fda37f6b4981b83b199c15867d1e490b06d956d4fa81f1ac8a5935e1a35158d392c21c936efbe3c717bdf38509589bbf7065b5fd487dd276b86fde2c69fbb105d02802c55f06d30099e389cc90a24b8e05fd40d6a420444d611d27e283f59adcd064422cf3734cf1a8125e1979b9c7daca257bbf99b120872c40582c53ce827d62909ada4a2dbdf28044753232196df619864d762df6e1f5395d41ee6e3e52638711344972dcf6b09eb3d22ae40fe99f608fb51e02a4523eaa85894ded66c16531c61b145df0761d0294d6ef741208965ca5435a8858c31ecf1635b28759faaa57dc3e01a1d8b720b2adcd9c16ce45f0fa9a768f70d854ec71caedcd9bde86226695bb83a0801eefbd173be46fe97b548ed2b1db6803d1e688a2", 0x1000}, {&(0x7f00000000c0)="979724ed4b1868e12abd2935970be14c239afb7348f82c73610c365c944d5329b0afcd49297b9c4707cba827684a366aa82aef1157b140c534f1f0dcc3b434a95e06072c0acc13844ec383f651371264f9805f8b0c511d57fa6f70fe53a0837d82a8a365eb06ce05db706630049b81ca36eb83f57f550cc1483c76716c944cac180d4598acc78fbd2b0245c8cd61dccd", 0x90}, {&(0x7f0000000200)="4da70eca34692e9bb343e2afd4e689e560b68f48b38225ab4c6c536b3f6b88845596a47800a73dfc5890c4bff8950b97cb47c54b1f80a2aea661b376ef5a0041519802d6009fa94bc9045207f771bff2338a7dd7b208344ec8b2dfa57b75b980472e8dcdaa54673000ceab736e6be27224c79149a4572be115970e5b131802296e8061041e5ca1562d7ff35f2164c3221f4dc06497db116b58852e9e175bbc7583be1f743aefc404346cba0d1442f2289291c3fac27d6f0b8cf14a3152f36a0ce083dec69475fb4ddd2b33db63bccd1222a79fbf193ac1872df1d9aadb184219081be94e4cd75129d6", 0xe9}, {&(0x7f0000000000)="7c7b3bbbac", 0x5}, {&(0x7f0000000300)="129549d559fa3924eef8a71242d9826cb002786462efb0e4d267df1f4e90d3013e805ad6ad125d5b689bc1530adc7528fad40952eba498a73ac1e9eb14f070eea5bd9abe40cdc2f6d8658b241e19bdf3420176db0ce84f22b541be885286e175b2f65047fe9b2e3617e1111f82e9a97f7b0547ded35200cc0c3cdaea476342eabe21716ac4d6bd208577023e18682119a16876faf74a4a96b50ec35a05ac8102dcd57d5303fa1c092e6655bdbc96dc313cebc882", 0xb4}, {&(0x7f00000003c0)="ca7d9d7e220a3e42bff558de821b705029f6909780fa436c2bfe9363f8ae6f88dac9ea175758f8ecc0f1529f30e5e80d7ffffeb7405b1ad4122026711e1c7a45025a8ae68b4384b831551780789120449aada7", 0x53}, {&(0x7f0000000040)="5d370ae9048525980d2ee382f5ffd41d0fec06", 0x13}, {&(0x7f00000004c0)="6fb59a0214de53c76b2ba0ae2bfcadf1582a4e96dade113f273f10ab7b046a3b3956872663dd2544de6a6afc3136e2330b2bd41a6f0fe6aa24d1e5a87b1e44463fa96dc51d25042b0c2f605116dee192048be14a021da0c671d611315d02a1b0934b27be3f3894c13080ebdb4392fb1dc9fa8996b5b5900ece85deb3419944171d5babc039", 0x85}], 0x8, &(0x7f0000001700)=[{0x18, 0x101, 0x0, "14"}, {0x80, 0x118, 0x0, "39903515eace40371dc551980bed135d89de50c6e3bf95d802bc488b8c11832974788fbdcb9cf3cb1385d8b9fd0a1d92a8ccb0d8482ee4c320d78d1c7e6bee3292c9a44a195c5e1600694a62f8f2201a1bb4e44c2d59dd9fcffcddd658f98758101117e23f81d6ec01e057fcd6817cb6"}, {0xe0, 0x103, 0x0, "5fc765be351f4903f872f3212a4842295ef75255941147878ca2de18e1f1d5af1e0fc780b88d0664f80867b7f9edfd5352587d97a8a92e5951988505237a9c03628f9738b83f17e83db39edef4d04e4c3a2c310bf39b38e4cff8012180d620f1d981002dba5d97bc806f1a41b52ce742d1f54210202306abce767baf3ea29bd37d3578f2cd20e1868b18f58b0edb72f1b9e994804f0de335e1f70b1a2164299483c90e85c74eb50de7693698171b2469a42e79f9246cc3d95380abb725193259bcd9e09ae6acc7cce176"}, {0xc8, 0x3a, 0x0, "b5c80ff71597f9dc390aa78c21ee4bff9c3625357524e97420ca404a02568deb50bf809fbd096ced445ad943bcc7d41be7a64ba868756489ecc204e6dd80eed7dc529a8f0652fddaac6eccfa5ab40ed3ce26328c213a4a4965f54f0cba07144ca5509b35477bfe668b16fcea5a0dcc03065e44306d30eb4c704e1a4b2e5f3d8890e28eadc31cc5de0634e1f9c73e966c454a235e47ac1e46ffeb401c230f643438e532b12b9055c566861290bef03a894fc990cbc8f4"}, {0x20, 0x10b, 0x0, "f758022c89a9b9bcfde4"}, {0x88, 0xe2, 0x0, "9017801884134436facc1821b5da5e5f02e03d01c9e05c65eec2c917dbfa872b9047eaddfac555ce17a28ba3b37a354cd4ddedfd08f40bfdec316855cc5b85800164e07d4b3cb1d580731c13d64ed95a7de7977e93d64d3884607ade8252cbb280a0809cb4eb6469fd43f6d0c5ed7bcf2a88b3"}, {0xb8, 0x10b, 0x0, "064260255dbc33dbb71e68ff46e213d26cd6c48e66a148ba963fdb513683187a13941d72a8dae68620b73def26495e40f11a942a7e8dd1af0126c5ff37d59b5f2cea901cc23f4a2aba92474fb264da64e83b87e3327e23e2634ef99d215870657c8194ce4a0e403fe02788ae8d4c3027d080c87ee04c7e0499763b0ca36b932887d742808ae67e58bbdddeaf714edfcbceee4f93b41d2be7fa8ef4749d68ec9fea53502d22c2c3"}, {0xd8, 0x110, 0x0, "8e077a9d2a20bef1d070f07ccb1f267d89bb132293fbe4712ba3140756d2fafbd57fa46e27bad0cce768fb99a676cfb02e734029af63600a6b86b961cee52c3da8826748b077b14be541a308eb83f2b3387a6c60ade8e884ce73f9e4858dcefd932db1e5de5cf1e4230cad5a1f26cf9a41f1ac34b149b030fac8c7133a6af5fa016bf9c44269edd81d91e95df243b9f500ed6251b019f3e94b6f2af587e155664036356d5d7492a5b8f9d266af4f3572b53f8e4276af91124f9a6aeb3ca49ec4b90a25b1"}, {0x78, 0x103, 0x0, "67ed0dc903aac6b1b7bd3af7e487b638ec0c7b65bc98a9e811a2443684de9dbb08779e5d44e8f4db7436b0e2a055d6fa005d488524ef4c369b93e557b7da098d4fd21b15d3cb95d87d9dbb92ccd1f73b43b50ad5f9dfbd816b700ab1012e7d396e66962587ab"}, {0x98, 0x119, 0x0, "78aadfb36838c95225aa3d0719fde32eab9ffd28ff0c58595eb5ddf382baa4613a52e8547e959292622a98a2baa37fc96df674a9f4bed943b34520fe697f2841f2bcbcc1ad810c7a61f65552421ad5e02eb83134c42a7516c310fef1c366b56dc12ee897c76594f1a0392cb00eb840b57981bb0c3743a52f8a3146d0eda0d0ed04b6b7"}], 0x588}}, {{&(0x7f0000001cc0)=@ax25={{0x3, @default}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @default]}, 0x80, &(0x7f00000023c0), 0x0, &(0x7f0000002480)=[{0x78, 0x0, 0x0, "e14278e63b9c8083ede42784bdfeb8ecbd80c26e569d2382c1eebf5f84bdbaa0c0ac50b474f517d0b27951c4b2cd1028c6f18424b1ad69512209aed055eb614884ce62d9472c3d1b1ac4cfa995d9cd358fc071562f702241c830e28bf7175e0bbaad"}, {0xd0, 0x0, 0x0, "7c75401214e75920bb0b029313af0366fee4f5df9cc44a358351f0b1a827d781e3ec23649c9eadc14c1565ddfc3c8bde3c7b07dbb77f203c76a1fe8edca9f389c6a630bb1fb9c0c85d8a966d400d768b28fc81a71a3a4b86a7a7cd985beca0d6f1dbae80559a32d2979c9cf3f6ff93017f6220930f4f52c1651d26be5b9d4fa041f833f540df9e0deecbed26b748487b03b35016f46728c1aa53a29de1ac09c5663b1b2fee916d5f09140ccf74c7ec15c0ead9a5d03fe85f64a91946611e8eab"}, {0x40, 0x0, 0x0, "00328e8f994a4ea9e02149f202ada246c9b406a410758aeee1d11a66e77858a25d82d8815983bff8b2137131"}, {0x48, 0x0, 0x0, "5909f8e9151b1a3799c7ccebe24ba83f14d3b1f0fd6c6d16226d08052888dc84dab1d98277c2dc65fedeb13d75ff1c688d81fd0a47"}, {0xc0, 0x0, 0x0, "9f74c5a2f53efbe9593accc785a8dda0999d02faf2aa9dfa4ac69a2da6c097f2267145b390beab78f3b60f2d3d8f9ad1ce3be4c4920b3d4dd5510174b42da7550414b7a9a8d69af6ff5f71de8056878b16d94faae6409460557d52bbad17d0b2cd601d7352f49bedcd3ee2da3fa6c03d3a0b197a049d4f400850d28f326d8e650fb1db28cf80095ffbdaf11877a96a2d07be7d4468eea045858ba891bb96f0a6c6270ec41eaca63b7d18d8"}, {0x90, 0x0, 0x0, "7482c8cf5f8b6e53103162866badf5065aac5d0b33ebea1319919daf5bd1060558d5a1abd6be392c1bd85a14e92408a913b2c9a4fff880c2ad5bd24ecd52f74df35439b721b337dd32a7572355a945e62318dde41466aaccc3fe785e9a4ce1aedfc998ac9c3016a9f6119cdf3fa537f1f0f61b431623eddb67"}], 0x320}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f00000027c0)="cceb51e6e73319e1011ee97ac8dd2db8f4d46a1df702a294529c60609d301a9197401fe515ad4690b75dcbbd5cd7246cf6f89d77599af9795ff2cb8dc97bbe3775727957dad6fe0f7a989ecfa229e3e1df852ef483357036c51e204a572ecf32f816b758f8f5e4358cb069a3f8d5a29cf8e3589bfa69c4f07028710d779947c6fd9fb9c16a0f38700d739ac78059b741bb61d4e771e8a6ec8ce2bc6b3e720aca6821d5ff35b25feb1ca1a82a", 0xac}, {&(0x7f0000002880)="b1274e4ad74f4d1c87ed32c0e9d09ed806d9c47a9a42fda156029b2fb4560dc5040bbe25904265860508bbfa586458afb33ed03834f71bae2e77b7a64a219eae20929edd3605c2be9d1eaf1f9978631a57107468b8f8a915019f18dd3fabcda49da9d632505855e069fc602ae01754161b5292800a92bca598d34e85ba9b69f79f3975e1b98218a7393b55581584f605cb2d8eebc4e99f4e89370a6bbf44d8a9fcc70f434793bf9b901ab8e57420a49e980f86db33083adf180d60151fa9c90d50887fa1cd3248a0ca752110bf214b9150b4c99526fb17dc17e50c153f4b5973876cbeddf4cc848a3c0d5cb3a31753e9eaae4ac7e3984c11766d9541b745308b8174d24eddbdb3f7c8d9bce72eb69190c04818f511ff5d113b33946e3e01a80a0a60911a7d033d4328db0931b0c7c7893e788e87f4efcdd3da15391e80c4124db50deb2d4367e205c147085555a6f2a4b3796840880cc4fbeab9f70a34839d6bc46ac33d0db8f02ad7affaeb2b0cfdc4f191fe0fe9720c8cbd9ca4b74d35c199fd3e6b70641ff967715cd2c7e454e84aa57f030e8e55b22f512f4cf237552a2ef7bc24a92fdb0d8c29f17799d0d6608475e718f62a7aada09caf0433ae514d5c936d79a4d235abcf32b56dc0b250c35aa490a764b77b78d8582840df6d9646b887485241efc1f5903b0ab09adfba0a91e8f9e515b7cbca9405d5ac2b56ccfb34c86fdd3e4a190983d7958de099e6156283972b2b46d2a1e884784360e003592d89a3a1b3ef7ac44d8263a5a2e6d7496e08a91952848d3bae509b76d1b20a7e0845a04c75f8dd96ba60bcd2a55cf3ceddb5d6e3ea63f6c7cd2163f0333e54aba4cb02c33f8fd5294be91d79e1dad25ca34588e55e7f0a5a472d73dfaf4239d102d0b0b68f514ff811957996fd1ca5e474d8cd779f6780ce27de29021ce8830209dc445c39135014504e014ee66b9b70813f6b25dca1d8f00e2c41ceb6449d7bfd2e4b19694f805a169dfdd9e54b026869af25ed83378edb44a2803b275c1b476394197261e6d023b113ad805664649c11e51534162b8e0f7ec846756fdeb8640658f83c2da977665bafbdba204cfa6b94434e4a104784f8219037aaad8962f365eb0239f95d8e726c5ea68902812b95a9e25239c7af0757db328f79e4ed3f4bd1dbc6860d1e091778bbac4f19e805f369b78f67300e45ee0c27f6fe8aea8d7e50518825c0a717ee8fa7de4a1eeacfe46bece3f8d43fede7647f7e8cb7e382dd6603d6a26361bd4d822236a48f7609c3107a5e37ab7e1f22d327cf9717c12ff39a81c3fbba074a858f6fe77e58c2da27b6824484e445d84cff09460b836a080634ec02a832959203c8be262df9c242626d8f2d5b03db5b0d18b342b5271b0c9c65a71a9552a230f64da074481f7c4465ece2982701b6990074e160a0b7ac8e9293ce0abe63f1381b397040df46463f3ddaee71ee67a75617030bb4f069729a56fe01bcf31c46f3532bd6fef85cfd4cbd98f69367f174d567cb949f86f799c8e31cf234932989a49893e5e329589ff7d134cac1dc3ed9e99d1c4e67d7a5e6e439bcd895ceb14917c9c6a1b5d69770ffef02e87cb36b9348ff7208ea3e2a2243fd6d0f8e97e84f033b6ac72420728f2df1e6101d2827f09d6b9d1e9907569af51208b0c7d4308915da838ffa74f40b900ca97165ad5eb1ce18a7f35f1abcad6d7ef3b9458414b96f23351c8327e556c6ab4cbcd261283cefd9303b9dd66f339444321e46bcac52d46da3914a3fd1cdff8074331eb9fdd27057d476a39030a27e4d42313ed13b51cae94e7530460b531c10d1fef4e6603ce247477b3ef623e3c23d6b2608da3ee7026db500e5993c6cda030524ef402aab2137f6ac1126547744af52b269f44dc197877a7914f5ea5b35dac932264bbeb7992360d95b53081004fe292d07ee86b53f454cda0988249f52797d0b23a51636423959fd4b625ff96364db04227611fa06b45d1892edc056b7ecdfc0495546efa6df6ef940090db2dbfeccad972b47300716274a6db2f05c8e5eca9818f7e276782102798d845f818ae15e31962655759f5ebf863e7e058b91d96bd7b11ac401a1d3a2b4a93b0a68342daf225e35c2e68a72fc66e02d4d79f6a4bf9155f13bcb75a7947228610100c09a02382ed9c0475800c7bbf4fb530aca35cf86b52217149dc9f39480b3b1135951fdd3a7267cf23faa056ea838b966462fcc99810cb699f51a20f7b50cb4480940aa20ba41e35ba16ed86af431a299dd3191ead96aaae7c10c68db19cca278edc9a8d3f0893df6d3d293a0b8a19a484edeed9a1c6e95dccd425000cb72fabef6507a3afe40ec098a6d1058f6a760acb7fc5a6f6b13eae761d149fc9e8986883ad4de145372dfea8739c4512399a9058310c88d8ad50431ce23648f211299d5954a375f66c940fa3f3ec3b75024f55e718cc9dae502b99d751167aac469a14888ffe9f96e9969c73c0b9bc7d41ccb375a1a3dcc4b862560512791956e36c8428cff558665867a50a5f8378fe71d6d920d6a0b67e58d8b8f5f00f426d6b1a9c189bdee150bcadc8637d3e676bc660977bfa50dcf35d0636ccc6fe5a344186b4daa794e12552d5f8b0798ac6a3686dab4c87e73c9d9b71454b276e47bfb24d421e61f62d0bb15bb74d110819821241fbf89bec79cba50c5203d1a4dd197dc855c85ba04f5755a56974a8243359a07dfd5c1fb74697a29ec0d408019227e4a1fa45c09aec363b9d5826edc4a5df289e5bc6204060560122a780de81220a52caaad04ad3dcf7c108b43761afd6d1746b2eb4e13555a057c008233993c0e19b01e59c34c91eb51f7fcc052d32afa9785bf593568bf324fb48810a6aa04dbd1e2cfa63527c8d4f793b62c777872fe485f9356a156976d7d48fcf272a772c513469ef7736b9ca18d3a022aee1f8632a5db3d3a9bf494a02fcfcc7d5ada878fb1c7cf3da56ec86c04f8b6eedfc8d6c5d1929162f26a0aa40490f9d4329c0bd4cc38879a4ecab6a1a39aff6c557931d9774e2f9f56b6a518f3d329593ec4a5024cd338791086926fc3374304ca4388f60a5142cc8c515386022bf44cb26b7af8414e4fe8156c1c2fab5e848e7c19eb0d5321e3fcd6eef3882d0ea1978ed7b7642a9501d2850bd7f78e9e09fd4ba188cbc13f74f88cf147593e11ed5986c61bc8e01204a83cc94d549bf1868aef43f132b67a5cd6551dbcfdff3bde5e929bd0c9831d0efa2d147d13a52e9f10496bfc27747ae852b7feb552aafbc48450dc079311e23428a1d8b6fd37be423c31355fc2ea09a50f843c4682a346d8783c55c94b9b4724c63a84ed033998960988f5a15cab7cfe2a57e23b13f329580816705e44fc99d41d6147f0702a7ee09fcd6a2bf2f239ca94055a319c2f2e2a5f6c49a0088a2010b85c45cbb1e3d05a612d243a6169554af81f1e55c73f27a30f73b0e6cd0e759eed45da63a8b361b6fbe45ed5b17f1c0317678936f6e7bfb237046194e7312842ca1c39beaf9de98372a70f6fd98849548b914da7924854be4617997220a7479cf9b291e7bdb495a938dcc9fcb5cfc0e7c5a4b132c87e87ffc70b0965707dd61eb8df03e11fb6d4be4c3bddf9c35268da70fe3419dd25cfa7adf85c8ba1541f28ecfff4ce3163363f3b9f4d491fdac3ce823cf732bb7a374175d56d4479720962685c15289779a0072b4b674f60d05ba0592efab73cb8c2a83db38dd1733e7a23345120b732a7a956d080886fa7a390f07574f9b46eb9277153473f2f3e3990313d00a1fcbed73159197ff27c46e3c85babadf1e5fa80af4db43bb5b3ec283992f067e78a5abff61582d84a76b75fa0d89057507e6738ad36e997ef33a2e907b652e21d2bd990e62b08b1363a0c3661c79980c252b182c743c1364c12bbacc1c3641123bd6bc98b58888aa08f7d71ea13284a0517e9e9a8e15ba356c13e041ea8fd32c0e0de2702157ce0f616b99160d3f5a6d38b0e2e576c4c23f2412358543b607bd62ba77b2eccf24e81274de1c817b5de474e0c42508fc502bb162a31de6b0a4b894bcdad00c131b9c79ffaf3cfdfb786181228d357fe99c61c31d37ede55ce6dab0d5c6b57d3f2a9b0b546ed27cdda330672622e6b2ea6ac881c8089d8b8914d2af6eb2dfb63a288a6021947dea0b57a46239f05afaa966f483d178d078e962f9bf51f9317b8d6a9dd115f692763ead2a2fb7d8418fe2bf3368e735134bd3ad848c1a9e6194c0353c2e225dcb49cbcac13b95a08bb469851523ec52c461924de4c733582dc2970e571ae7b11f7bae38367ebfc926d9acc38706e9df310d75903aeadcb4ba0a3c5ba7907415a08360f8668b6c79ed93a19dd74dd48e2d42bef2e658329f8b1c9145c93ccca6dacdfccad236873fb3975e48cc1a1ce957dc1c946c60502a1ec886b8efe71e5ea19a410bc7e52c955adc7cc3a1e371cd11288bfba6738c9fd91a43a76bfdf833c584f53028788332c1305cb4e355209651613cdcf0137d5986da7cef4f6a8f644575bf58880e671226e71390fcc1f7522aa46fdcaa3de9d400ddaf5fdbfa80e732e61bc90e6d8ade23c556c647b5050da8c5cb40a8ad5a227dae87fb362dd320341a932338db67ad1586c934382011bb60df29c5ea8d2908b61d4c58acd99228d88f1c716c447f3e4cf916526995dd6b4a3e721cb0ec1abf2a7ef7216ae28cd3dcba12fa98216e67881893bb5ed1bf148115a182db14247aecae2eb50188113a9aa6dacb1801705f13b7300606e4f798c3011f1f06a8f32fe54c2ff851b3e13b9a8a50ccf5db0eeab82482bc2503c76049317d6d09d5d79cc6a29a7c350d7c97da4072f924676662069ddc82cb8e338d877b8cb2a2e2e0461f805534d768233d17ccbf2151e0d7a262732a98a0a20dad4b062a77fd44e9472e49f2a00afc712450161cc16ddcbb1f43fa6a1122e9227edc9fccf689e434305b52ffe1d1ac13e77a8678fba7dec030e56819407cfe3660abcd2f75d2978e37634fbf53a469c49f956c36ce28148d84036f7430ec8e526291c1e21620ce4da0a9da63b4338f9c6fe188ebac3c68c46c3f1d3e3a9a5227a02fb0579786a2cfd00c484ddfd9713f7a5e4cd062ce70c4a02f562333e8edeae5ac2cf4cf824b699e21aac58710fea607046149559db67219f9921fa70f3b931239101a9bb7d29fb8e4e4802a4ca91967e3ba39e3e8664fb530684071ca198ba9da9933694156f6e18ea7d3a5bf98250e5b74466ee92a12a3ed7dd9115ef4518b0934612b91a20af66ae93c1a7fbf00bf378c01e26d19ea3423ab1d94938cc9825cdc01c344ea6c84298791d61f1b2cf7f3c1dff56f1d16f560a817d336f2326558b763791f2528471b625768bb0c527be66b15b78439b9b52e76e0bc159bbbef340548e10c11e89e51b2bf503b6d759558bd9af083ab9c6175f090bb69489d4535acc99449969b320ac70864586d825bbac2d38062fe4fd566d58c860ffb2c90597812bafff7798acd7bbed01d7b16c364c89e51140189a69747fd2f2cfe59f045867dfa31a865ac98f0c38a999c1f6fdc5c0ab2bd264a17d1889fdf0c0bbdaa7d854d05080cd13c535f2d41f9eb541640b5545b7ab1b61aa8bebdea8ab720e81f7a934d07dc5a07f00d762ad5402fec056a015706909cb32afda5612e472f59e0b4f90bb834b6a0e6be2752a2001493c2cfc5363aab5c7312061a6d544298a473807472d85f533685c5ecef4b6a2f5a3217e8c559e6d78aca45faf81ab8a9ad8210d3030c6d8", 0x1000}, {&(0x7f0000003880)="126fba896c01c0540c6a6bdb7213c88cbc3e2495dec422525a414d4c7dbf7b465e262577d2007dbbea8716309c780aa241785628ede3e18ea38a627f125a325162920efc48ac20c80464adf8d7b8cea41bc9b6e7fedb88556decf2f51a22370fafc30bec96e3b793122ba52f614a4b9c72b5ddcb13c3f2023e381557d0646602f6879404b861bf75df81b75ccbd00928693063fd4c0f0433574e696d44fe7b57e45ced920ce354958c0210389f653aa1fb48566686268fc2ff5b939965971a7ab27f20a37af03141a98e17207f9e719372fe16c2da9ef2d0639169d219ceb2af5abd9f58940f428c9ef6dacfb0330b46ee", 0xf1}, {&(0x7f0000000580)="ce5389ea3337a6764ed427406507ab72b77e1398403302ce6a1a4731cb5ba7862191ce817140b912a4b5ac42a91d2fd6655d014051b0321ebb", 0xffffff78}, {&(0x7f0000003980)="c49296489d288cf3f37b7a69b50d2e3018cc281c50ac4992ea1ccefd1a6542a05c24eccabb3bec74571525cc81bdd3f9991e808d41536661057626acbb3282411b655794c0ea3e842c57c40fe381f6bc23b83cb5f0cf6f203b4567fa5426d2beca568647cdbdf940a08e802ff477a7c4156b071569835c8e19698e8207ae72fb29d72bd331103bbc742f1d979268f546d9a4e1175d83eb506e2b2ef73be2b0a478a240dc7e22c88512f90ee43445d46368929ccc043faa48151a3c8533c35a9d8d036812661606ebc06f739f702f34e2a89bc8c0378fa929ffa4a0b0428083029777eb1d6755896229fcb74d39798629a6f57ca8d05dbecbd4d4eb6fd9", 0xfd}, {&(0x7f0000003a80)="e87f615961ac9508877f352852", 0xd}, {&(0x7f0000003ac0)="cbb848383e41490a7f481ae7e162b28edf9978b2b628ce56c31ae2a60b9a56540f17ad58cb7b90f9", 0x28}], 0x7, &(0x7f0000003b80)=[{0x68, 0x0, 0x0, "c2a46b3778e16840dc29953ea5280b42886188ed24373479e02a99d25d13ab9dc47a5587773551d953cef3ee86fea44e8758e7c21bc28dcb5306f0f1d8c97a0b5ea9a43fbe21be35c3c2b6e9a34ee71a5e7e"}, {0xa0, 0x0, 0x0, "8383fe5ca1e5a62c0da6f83d3d98a806ca56dab53e6d3e94cb8fe9dc087201977f878183af1a3efa7a9574f5bbac92eed1a71304aad02f2aff024ee6c752a885933e06475dfb3582b71b660d999733f0401d36ecaa0cf928bdb85747c32e225c3ea7043d8b8431ca88d7f668a33834ff614fe55c5d6a1f9d89f1178cc72b7d4126bf68bb09a217968a"}], 0x108}}, {{&(0x7f0000003cc0)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}}, 0x80, &(0x7f0000003f40)=[{&(0x7f0000003d40)="53cc22afb69ecfea9afc023a98d4954d8c8cf3ad679419bb53a4f770d5717e7835353c73fe897a52213198a386ab3e6fb71d3d045d9531d7e264472f7a9bdfe09727d45a3da40e0ae062dd13c91a0916bbbcb5e00d5994595653de40a0b71adb2781d98715c984acf56dd0a6ab2a4100d89a2820396d61c44b70c16ff17ed8242e5faffcb25474b6367e393787f94a515c0283a99ce0f96c38978b6a26018f30f6ab4416264dc785317721c10b693a7bfaf0a9d40c165fd2d117c0d4b38a79e8", 0xc0}, {&(0x7f0000003e00)="d8c2939a89d61eaa2dff25527cc10e748bc589bc96f10c433c99c3dbc897291234339a3e0d6e8ff9a37200bf15903f13bb654929a735f12b21e2d602e93f0c398f82a87385ba2cea0b411421c6467d72182b5f6e2da966d1d62507ae6a239975720fc1f5c6515c2b77a6fec4a3a95e00f4bc37", 0x73}, {&(0x7f0000003e80)="2bb1e1bd6d8da02146fdd77c104b59a53928611220a77a37eb36eb0896708a9ad941a00461fa535f4bf473956babf8ff16f630034423525308e919643f5ec2511d79132f0db22f2410cfa101630633215e1b5f346bd35f9c64b189508148623c342287bedfe10c6c1f904ffca2d1eb45021197c9d0a6cfee186a79dae804b029805e3c1f894b188062ed604401f1af58fba04457b2e61acd9e2e80", 0x9b}], 0x3}}], 0x4, 0x2400c0c0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$alg(0x26, 0x5, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
getsockopt$ax25_int(r5, 0x101, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
epoll_create1(0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
pipe(&(0x7f0000000100))
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r7 = socket(0xa, 0x3, 0x4)
getsockopt$nfc_llcp(r7, 0x29, 0x24, 0x0, 0x20000000)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0xa4, 0x10, 0x403, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88abed27}, [@IFLA_LINKINFO={0x74, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x64, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x6, 0x1}}, @IFLA_VLAN_INGRESS_QOS={0x3a}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0xaf}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x62}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x45}}]}, @IFLA_VLAN_EGRESS_QOS={0x4}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x0, 0x1}}, @IFLA_VLAN_INGRESS_QOS={0x0, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0x0, 0x1, {0x8, 0x43}}, @IFLA_VLAN_QOS_MAPPING={0x0, 0x1, {0x3f, 0x5}}, @IFLA_VLAN_QOS_MAPPING={0x0, 0x1, {0xffff, 0x80}}, @IFLA_VLAN_QOS_MAPPING={0x0, 0x1, {0x9, 0x5}}, @IFLA_VLAN_QOS_MAPPING={0x0, 0x1, {0x3c71, 0x4}}, @IFLA_VLAN_QOS_MAPPING={0x0, 0x1, {0x6, 0xff800}}, @IFLA_VLAN_QOS_MAPPING={0x0, 0x1, {0x100, 0x401}}]}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0xa4}}, 0x0)

0s ago: executing program 0 (id=2267):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f00000024c0)={0xa, 0x7, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x8}, 0x20)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000500050007000000000008000900000000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000500050007000000000008000900000000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x700, 0x0, 0x0) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x700, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff03c}, {0x6}]}, 0x10) (async)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff03c}, {0x6}]}, 0x10)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x24c1}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x18, 0x5, 0x0, 0x1, [@IFLA_BRPORT_STATE={0x5}, @IFLA_BRPORT_LEARNING={0x5}, @IFLA_BRPORT_FLUSH={0x4}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4800}, 0x0)

kernel console output (not intermixed with test programs):

ists on: batadv_slave_1
[  110.329754][ T7199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.380912][ T7199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.400957][ T7199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.423057][ T7199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.452738][ T7494] netlink: 24 bytes leftover after parsing attributes in process `syz.0.814'.
[  110.454248][ T7199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.479496][ T7199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.492455][ T7199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.521387][ T7199] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.546988][ T7199] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.568816][ T7199] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.605085][ T7199] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.613928][ T7199] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.871926][ T6445] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.898692][ T6445] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.943483][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.954493][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.008575][ T7524] Dead loop on virtual device ipvlan1, fix it urgently!
[  111.022530][ T7524] A link change request failed with some changes committed already. Interface veth1_to_team may have been left with an inconsistent configuration, please check.
[  111.044826][ T7525] netlink: 16 bytes leftover after parsing attributes in process `syz.0.823'.
[  111.154548][ T7532] netlink: 'syz.4.827': attribute type 3 has an invalid length.
[  111.180252][ T7530] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  111.296599][ T7540] vxcan1: tx address claim with different name
[  111.855200][ T5102] Bluetooth: hci1: command tx timeout
[  111.867005][ T7576] x_tables: unsorted underflow at hook 4
[  112.001723][ T7587] FAULT_INJECTION: forcing a failure.
[  112.001723][ T7587] name failslab, interval 1, probability 0, space 0, times 0
[  112.020571][ T7588] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  112.062502][ T7587] CPU: 0 PID: 7587 Comm: syz.4.847 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  112.072642][ T7587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  112.082722][ T7587] Call Trace:
[  112.086024][ T7587]  <TASK>
[  112.089065][ T7587]  dump_stack_lvl+0x241/0x360
[  112.093769][ T7587]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.098990][ T7587]  ? __pfx__printk+0x10/0x10
[  112.103623][ T7587]  should_fail_ex+0x3b0/0x4e0
[  112.108331][ T7587]  ? sctp_add_bind_addr+0x89/0x3a0
[  112.113457][ T7587]  should_failslab+0x9/0x20
[  112.117962][ T7587]  kmalloc_trace_noprof+0x6c/0x2c0
[  112.123072][ T7587]  sctp_add_bind_addr+0x89/0x3a0
[  112.128012][ T7587]  sctp_copy_local_addr_list+0x311/0x500
[  112.133639][ T7587]  ? sctp_copy_local_addr_list+0xab/0x500
[  112.139350][ T7587]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  112.145501][ T7587]  ? sctp_v4_is_any+0x35/0x60
[  112.150176][ T7587]  sctp_bind_addr_copy+0xad/0x3b0
[  112.155199][ T7587]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  112.161609][ T7587]  sctp_connect_new_asoc+0x2f3/0x6c0
[  112.166888][ T7587]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  112.172680][ T7587]  ? sctp_sendmsg+0xbb9/0x3520
[  112.177477][ T7587]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  112.183014][ T7587]  ? security_sctp_bind_connect+0x90/0xb0
[  112.188734][ T7587]  sctp_sendmsg+0x219a/0x3520
[  112.193421][ T7587]  ? __pfx_sctp_sendmsg+0x10/0x10
[  112.198440][ T7587]  ? __pfx_aa_sk_perm+0x10/0x10
[  112.203281][ T7587]  ? iovec_from_user+0x1b0/0x240
[  112.208215][ T7587]  ? inet_sendmsg+0x330/0x390
[  112.212890][ T7587]  __sock_sendmsg+0x1a6/0x270
[  112.217559][ T7587]  ____sys_sendmsg+0x525/0x7d0
[  112.222327][ T7587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  112.227623][ T7587]  __sys_sendmmsg+0x3b2/0x740
[  112.232300][ T7587]  ? __pfx___sys_sendmmsg+0x10/0x10
[  112.237519][ T7587]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  112.243401][ T7587]  ? ksys_write+0x23e/0x2c0
[  112.247985][ T7587]  ? __pfx_lock_release+0x10/0x10
[  112.253009][ T7587]  ? vfs_write+0x7c4/0xc90
[  112.257422][ T7587]  ? __mutex_unlock_slowpath+0x21d/0x750
[  112.263053][ T7587]  ? __pfx_vfs_write+0x10/0x10
[  112.267826][ T7587]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  112.273797][ T7587]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  112.280115][ T7587]  ? do_syscall_64+0x100/0x230
[  112.284876][ T7587]  __x64_sys_sendmmsg+0xa0/0xb0
[  112.289765][ T7587]  do_syscall_64+0xf3/0x230
[  112.294258][ T7587]  ? clear_bhb_loop+0x35/0x90
[  112.298928][ T7587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.304811][ T7587] RIP: 0033:0x7fcb04775b99
[  112.309219][ T7587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.328835][ T7587] RSP: 002b:00007fcb055ab048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  112.337238][ T7587] RAX: ffffffffffffffda RBX: 00007fcb04903fa0 RCX: 00007fcb04775b99
[  112.345205][ T7587] RDX: 0000000000000002 RSI: 0000000020000a80 RDI: 0000000000000003
[  112.353170][ T7587] RBP: 00007fcb055ab0a0 R08: 0000000000000000 R09: 0000000000000000
[  112.361130][ T7587] R10: 0000000000004810 R11: 0000000000000246 R12: 0000000000000002
[  112.369087][ T7587] R13: 000000000000000b R14: 00007fcb04903fa0 R15: 00007ffdd5943018
[  112.377059][ T7587]  </TASK>
[  112.676163][ T7610] __nla_validate_parse: 3 callbacks suppressed
[  112.676182][ T7610] netlink: 188 bytes leftover after parsing attributes in process `syz.2.860'.
[  112.695526][ T7610] netlink: 'syz.2.860': attribute type 1 has an invalid length.
[  112.715195][ T7610] netlink: 20 bytes leftover after parsing attributes in process `syz.2.860'.
[  112.805346][ T7617] netlink: 12 bytes leftover after parsing attributes in process `syz.4.861'.
[  112.814331][ T7617] netlink: zone id is out of range
[  112.887925][ T7616] delete_channel: no stack
[  113.007708][ T7630] netlink: 'syz.0.866': attribute type 1 has an invalid length.
[  113.176012][ T7637] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  113.377406][ T7643] netlink: 28 bytes leftover after parsing attributes in process `syz.4.872'.
[  113.474177][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  113.655308][ T7647] netlink: 44 bytes leftover after parsing attributes in process `syz.4.874'.
[  113.669042][ T7647] netlink: 48 bytes leftover after parsing attributes in process `syz.4.874'.
[  113.759601][ T7649] macvlan2: entered allmulticast mode
[  113.815462][ T5101] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  113.827032][ T5101] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  113.835987][ T5101] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  113.850236][ T5101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  113.870689][ T5101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  113.885358][ T5101] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  114.022483][ T7664] atomic_op ffff88802d93b998 conn xmit_atomic 0000000000000000
[  114.226896][ T7673] Dead loop on virtual device ipvlan1, fix it urgently!
[  114.241308][ T7654] chnl_net:caif_netlink_parms(): no params data found
[  114.252253][ T7675] Bluetooth: MGMT ver 1.22
[  114.260590][ T7675] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  114.390898][ T7654] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.400865][ T7654] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.415931][ T7654] bridge_slave_0: entered allmulticast mode
[  114.423668][ T7654] bridge_slave_0: entered promiscuous mode
[  114.437752][ T7654] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.445201][ T7654] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.452457][ T7654] bridge_slave_1: entered allmulticast mode
[  114.460723][ T7654] bridge_slave_1: entered promiscuous mode
[  114.512622][ T7654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.527665][ T7654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.562584][ T7654] team0: Port device team_slave_0 added
[  114.572388][ T7654] team0: Port device team_slave_1 added
[  114.619576][ T7654] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.627524][ T7654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.662380][ T7654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.678620][ T7654] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.685952][ T7654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.712458][ T7654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  114.786774][ T7654] hsr_slave_0: entered promiscuous mode
[  114.793881][ T7654] hsr_slave_1: entered promiscuous mode
[  114.812037][ T7654] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  114.838394][ T7654] Cannot create hsr debugfs directory
[  114.946604][ T7695] netlink: 24 bytes leftover after parsing attributes in process `syz.3.891'.
[  114.973030][ T7698] netlink: 'syz.0.893': attribute type 2 has an invalid length.
[  114.982587][ T6445] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.082842][ T7700] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  115.083286][ T7695] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  115.102454][ T7695] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  115.169830][ T7696] xt_bpf: check failed: parse error
[  115.198240][ T6445] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.331598][ T6445] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.449908][ T6445] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.613961][ T6445] batadv0: left allmulticast mode
[  115.618613][ T7718] netlink: 104 bytes leftover after parsing attributes in process `syz.1.899'.
[  115.620260][ T6445] batadv0: left promiscuous mode
[  115.633356][ T6445] bridge0: port 3(batadv0) entered disabled state
[  115.637307][ T7719] x_tables: duplicate underflow at hook 4
[  115.679778][ T6445] bridge_slave_1: left allmulticast mode
[  115.686746][ T6445] bridge_slave_1: left promiscuous mode
[  115.700307][ T6445] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.711688][ T6445] bridge_slave_0: left allmulticast mode
[  115.717671][ T6445] bridge_slave_0: left promiscuous mode
[  115.723500][ T6445] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.807265][ T7726] netlink: 'syz.0.900': attribute type 1 has an invalid length.
[  115.941242][ T5101] Bluetooth: hci3: command tx timeout
[  116.177419][ T6445] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  116.188674][ T6445] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  116.203472][ T6445] bond0 (unregistering): Released all slaves
[  116.240962][ T7723] netlink: 12 bytes leftover after parsing attributes in process `syz.1.901'.
[  116.264765][ T7725] netlink: 4 bytes leftover after parsing attributes in process `syz.1.901'.
[  116.451075][ T7739] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  116.632413][ T7745] geneve2: entered promiscuous mode
[  116.638880][ T7745] geneve2: entered allmulticast mode
[  116.675449][ T7747] xt_bpf: check failed: parse error
[  116.884514][ T7750] gretap0: entered promiscuous mode
[  116.923495][ T6445] hsr_slave_0: left promiscuous mode
[  116.930908][ T6445] hsr_slave_1: left promiscuous mode
[  116.939393][ T6445] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.947457][ T6445] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.957147][ T6445] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.964709][ T6445] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.987939][ T6445] dummy0: left promiscuous mode
[  116.993283][ T6445] veth1_macvtap: left promiscuous mode
[  117.000596][ T6445] veth0_macvtap: left promiscuous mode
[  117.006414][ T6445] veth1_vlan: left promiscuous mode
[  117.011733][ T6445] veth0_vlan: left promiscuous mode
[  117.112051][ T6445] team0 (unregistering): Port device vlan2 removed
[  117.435796][ T6445] team0 (unregistering): Port device team_slave_0 removed
[  117.823895][ T7760] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  117.947350][ T7767] syz.3.915: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  117.968393][ T7767] CPU: 0 PID: 7767 Comm: syz.3.915 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  117.978415][ T7767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  117.988488][ T7767] Call Trace:
[  117.991781][ T7767]  <TASK>
[  117.994728][ T7767]  dump_stack_lvl+0x241/0x360
[  117.996657][ T7654] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  117.999413][ T7767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.999459][ T7767]  ? __pfx__printk+0x10/0x10
[  118.015930][ T7767]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  118.022374][ T7767]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  118.028914][ T7767]  warn_alloc+0x278/0x410
[  118.033276][ T7767]  ? stack_depot_save_flags+0x29/0x830
[  118.038756][ T7767]  ? __vmalloc_node_range_noprof+0x10b/0x1460
[  118.044822][ T7767]  ? __pfx_warn_alloc+0x10/0x10
[  118.049674][ T7767]  ? kasan_save_track+0x3f/0x80
[  118.054517][ T7767]  ? __kasan_kmalloc+0x98/0xb0
[  118.059276][ T7767]  ? xsk_setsockopt+0x598/0x950
[  118.064125][ T7767]  ? do_sock_setsockopt+0x3af/0x720
[  118.069318][ T7767]  ? __sys_setsockopt+0x1ae/0x250
[  118.074339][ T7767]  ? __x64_sys_setsockopt+0xb5/0xd0
[  118.079536][ T7767]  ? do_syscall_64+0xf3/0x230
[  118.084206][ T7767]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.090272][ T7767]  __vmalloc_node_range_noprof+0x130/0x1460
[  118.096203][ T7767]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  118.102524][ T7767]  ? __kasan_kmalloc+0x98/0xb0
[  118.107279][ T7767]  ? xskq_create+0x54/0x170
[  118.111781][ T7767]  vmalloc_user_noprof+0x74/0x80
[  118.116711][ T7767]  ? xskq_create+0xb6/0x170
[  118.121209][ T7767]  xskq_create+0xb6/0x170
[  118.125541][ T7767]  xsk_init_queue+0xa1/0x100
[  118.130132][ T7767]  xsk_setsockopt+0x598/0x950
[  118.135154][ T7767]  ? __pfx_xsk_setsockopt+0x10/0x10
[  118.140522][ T7767]  ? __pfx_lock_acquire+0x10/0x10
[  118.145536][ T7767]  ? aa_sock_opt_perm+0x79/0x120
[  118.150474][ T7767]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  118.156010][ T7767]  ? security_socket_setsockopt+0x87/0xb0
[  118.161721][ T7767]  ? __pfx_xsk_setsockopt+0x10/0x10
[  118.166913][ T7767]  do_sock_setsockopt+0x3af/0x720
[  118.171940][ T7767]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  118.177492][ T7767]  ? __fget_files+0x29/0x470
[  118.182082][ T7767]  ? __fget_files+0x3f6/0x470
[  118.186769][ T7767]  __sys_setsockopt+0x1ae/0x250
[  118.191618][ T7767]  __x64_sys_setsockopt+0xb5/0xd0
[  118.196642][ T7767]  do_syscall_64+0xf3/0x230
[  118.201135][ T7767]  ? clear_bhb_loop+0x35/0x90
[  118.205807][ T7767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.211864][ T7767] RIP: 0033:0x7f7695975b99
[  118.216271][ T7767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.235871][ T7767] RSP: 002b:00007f76966c5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  118.244282][ T7767] RAX: ffffffffffffffda RBX: 00007f7695b03fa0 RCX: 00007f7695975b99
[  118.252246][ T7767] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  118.260206][ T7767] RBP: 00007f76959f677e R08: 000000000000001c R09: 0000000000000000
[  118.268167][ T7767] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  118.276137][ T7767] R13: 000000000000000b R14: 00007f7695b03fa0 R15: 00007ffc933ed318
[  118.284115][ T7767]  </TASK>
[  118.296799][ T5101] Bluetooth: hci3: command tx timeout
[  118.304705][ T7767] Mem-Info:
[  118.310039][ T7654] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  118.331283][ T7654] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  118.356937][ T7767] active_anon:3075 inactive_anon:0 isolated_anon:0
[  118.356937][ T7767]  active_file:1517 inactive_file:38270 isolated_file:0
[  118.356937][ T7767]  unevictable:768 dirty:160 writeback:0
[  118.356937][ T7767]  slab_reclaimable:10482 slab_unreclaimable:93083
[  118.356937][ T7767]  mapped:13083 shmem:1269 pagetables:650
[  118.356937][ T7767]  sec_pagetables:0 bounce:0
[  118.356937][ T7767]  kernel_misc_reclaimable:0
[  118.356937][ T7767]  free:1406609 free_pcp:2458 free_cma:0
[  118.359300][ T7776] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  118.438298][ T7654] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  118.457489][ T7767] Node 0 active_anon:12400kB inactive_anon:0kB active_file:6068kB inactive_file:153404kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52332kB dirty:1036kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10148kB pagetables:2600kB sec_pagetables:0kB all_unreclaimable? no
[  118.515256][ T7767] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  118.560440][ T7767] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  118.613123][ T7767] lowmem_reserve[]: 0 2571 2571 0 0
[  118.648514][ T7767] Node 0 DMA32 free:1658604kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:12256kB inactive_anon:0kB active_file:6068kB inactive_file:155092kB unevictable:1536kB writepending:3032kB present:3129332kB managed:2659864kB mlocked:0kB bounce:0kB free_pcp:11604kB local_pcp:2404kB free_cma:0kB
[  118.684150][ T7654] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.702012][ T7767] lowmem_reserve[]: 0 0 0 0 0
[  118.720054][ T7767] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:312kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  118.728073][ T7654] 8021q: adding VLAN 0 to HW filter on device team0
[  118.760781][ T7784] netlink: 'syz.1.920': attribute type 1 has an invalid length.
[  118.768062][ T7767] lowmem_reserve[]: 0 0 0 0 0
[  118.770990][ T7784] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.920'.
[  118.773271][ T7767] Node 1 Normal free:3947384kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:752kB local_pcp:0kB free_cma:0kB
[  118.841453][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.848652][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.907279][ T5176] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.914419][ T5176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.932627][ T7767] lowmem_reserve[]: 0 0 0 0 0
[  118.943731][ T7767] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  118.987019][ T7767] Node 0 DMA32: 429*4kB (UME) 370*8kB (UM) 117*16kB (UME) 223*32kB (UME) 148*64kB (UME) 62*128kB (UME) 24*256kB (UME) 46*512kB (UM) 18*1024kB (UME) 11*2048kB (UM) 383*4096kB (UM) = 1670516kB
[  119.017567][ T7767] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  119.030252][ T7767] Node 1 Normal: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (M) 2*128kB (U) 2*256kB (UM) 4*512kB (UM) 0*1024kB 2*2048kB (U) 962*4096kB (M) = 3947384kB
[  119.083176][ T7767] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  119.103100][ T7654] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  119.113779][ T7767] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  119.150159][ T7767] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  119.180765][ T7767] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  119.220702][ T7767] 41070 total pagecache pages
[  119.245587][ T7767] 0 pages in swap cache
[  119.253671][ T7767] Free swap  = 124996kB
[  119.260983][ T7767] Total swap = 124996kB
[  119.288202][ T7767] 2097051 pages RAM
[  119.292062][ T7767] 0 pages HighMem/MovableOnly
[  119.315199][ T7767] 400875 pages reserved
[  119.319770][ T7767] 0 pages cma reserved
[  119.451173][ T7812] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  119.523286][ T7654] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.695411][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  119.742328][ T7654] veth0_vlan: entered promiscuous mode
[  119.767071][ T7654] veth1_vlan: entered promiscuous mode
[  119.791403][ T7826] netlink: 256 bytes leftover after parsing attributes in process `syz.1.931'.
[  119.820202][ T7826] netlink: 44 bytes leftover after parsing attributes in process `syz.1.931'.
[  119.869212][ T7654] veth0_macvtap: entered promiscuous mode
[  119.884176][ T7831] 8021q: VLANs not supported on lo
[  119.899004][ T7654] veth1_macvtap: entered promiscuous mode
[  119.927347][ T7831] 
: renamed from gretap0
[  120.010636][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.053137][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.083102][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.104636][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.123380][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.137575][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.148243][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.159329][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.173878][ T7654] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.193038][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.206204][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.219847][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.248286][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.267903][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.279827][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.291551][ T7654] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.313103][ T7654] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.338266][ T5101] Bluetooth: hci3: command tx timeout
[  120.351879][ T7654] batman_adv: batadv0: Interface activated: batadv_slave_1
[  120.454039][ T7856] netlink: 248 bytes leftover after parsing attributes in process `syz.0.936'.
[  120.481320][ T7654] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.527548][ T7654] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.567709][ T7654] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.598324][ T7654] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.663644][ T7865] netlink: 16 bytes leftover after parsing attributes in process `syz.3.938'.
[  120.735112][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  120.935668][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.966697][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.047564][ T6445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.061558][ T6445] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.076238][ T7882] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  121.311372][ T7893] netlink: 28 bytes leftover after parsing attributes in process `syz.1.945'.
[  121.482513][ T7907] netlink: 16 bytes leftover after parsing attributes in process `syz.3.949'.
[  121.737540][ T7923] netlink: 32 bytes leftover after parsing attributes in process `syz.4.959'.
[  121.775106][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  121.817650][ T7927] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  121.841288][ T7929] netlink: 192 bytes leftover after parsing attributes in process `syz.3.961'.
[  121.959585][ T7934] netlink: 'syz.3.963': attribute type 3 has an invalid length.
[  122.008973][ T7936] netlink: 16 bytes leftover after parsing attributes in process `syz.3.965'.
[  122.095824][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  122.195042][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  122.361872][ T7955] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (3)
[  122.397815][ T7961] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  122.415215][ T5101] Bluetooth: hci3: command tx timeout
[  122.467105][ T7955] netlink: 'syz.0.971': attribute type 3 has an invalid length.
[  122.474795][ T7955] netlink: 'syz.0.971': attribute type 1 has an invalid length.
[  122.545175][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  122.629269][ T7955] can: request_module (can-proto-0) failed.
[  122.666040][ T7978] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  122.673044][ T7978] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  122.679753][ T7978] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  122.686226][ T7978] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  122.800371][ T7981] netlink: 'syz.1.979': attribute type 10 has an invalid length.
[  122.808580][ T7981] netem: change failed
[  123.119639][ T8001] ip6tnl1: entered promiscuous mode
[  123.125984][ T8001] ip6tnl1: entered allmulticast mode
[  123.168419][ T8004] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  123.347328][ T8008] IPVS: set_ctl: invalid protocol: 0 172.20.20.0:0
[  123.890223][ T8054] __nla_validate_parse: 11 callbacks suppressed
[  123.890243][ T8054] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1007'.
[  124.158493][ T8068] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1011'.
[  124.194236][ T8068] Êü: entered promiscuous mode
[  124.220704][ T8074] netlink: 'syz.4.1013': attribute type 3 has an invalid length.
[  124.224077][ T8075] netlink: 'syz.3.1014': attribute type 11 has an invalid length.
[  124.236931][ T8074] netlink: 'syz.4.1013': attribute type 3 has an invalid length.
[  124.249961][ T8074] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1013'.
[  124.353145][ T8082] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1013'.
[  124.429716][ T8086] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1017'.
[  124.462516][ T8088] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1018'.
[  124.751879][ T8109] netlink: 'syz.3.1023': attribute type 10 has an invalid length.
[  124.784438][ T8109] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1023'.
[  125.032843][ T8123] syzkaller0: tun_chr_ioctl cmd 1074025681
[  125.129987][ T8135] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  125.163756][ T8137] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1035'.
[  125.283446][ T8142] xt_hashlimit: max too large, truncated to 1048576
[  125.467667][ T8150] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1041'.
[  125.496790][ T8150] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1041'.
[  125.886458][  T783] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.092996][ T8186] vlan2: entered promiscuous mode
[  126.100259][ T8186] team0: entered promiscuous mode
[  126.106495][ T8186] team_slave_0: entered promiscuous mode
[  126.114010][ T8186] team_slave_1: entered promiscuous mode
[  126.120931][ T8186] vlan2: entered allmulticast mode
[  126.139784][ T8186] team0: entered allmulticast mode
[  126.159651][ T8186] team_slave_0: entered allmulticast mode
[  126.167492][ T8186] team_slave_1: entered allmulticast mode
[  126.176444][    C0] net_ratelimit: 55 callbacks suppressed
[  126.176461][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  126.185734][ T8195] blk-mq: reduced tag depth (128 -> 64)
[  126.314019][ T8202] bridge0: port 2(bridge_slave_1) entered listening state
[  126.630115][ T8225] veth1_macvtap: left promiscuous mode
[  126.640815][ T8225] macsec0: entered promiscuous mode
[  126.649503][ T8225] macsec0: entered allmulticast mode
[  126.715390][ T8225] veth1_macvtap: entered promiscuous mode
[  126.729508][ T8225] veth1_macvtap: entered allmulticast mode
[  126.741968][ T8225] macsec0: left promiscuous mode
[  126.753000][ T8225] macsec0: left allmulticast mode
[  126.771687][ T8225] veth1_macvtap: left allmulticast mode
[  126.773333][ T8233] dccp_invalid_packet: P.type (CLOSE) not Data || [Data]Ack, while P.X == 0
[  126.835877][ T8244] sctp: [Deprecated]: syz.0.1071 (pid 8244) Use of struct sctp_assoc_value in delayed_ack socket option.
[  126.835877][ T8244] Use struct sctp_sack_info instead
[  127.064369][ T8252] openvswitch: netlink: Key type 29 is not supported
[  127.215026][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  127.455983][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  127.574033][ T8289] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  127.648246][ T8292] netlink: 'syz.4.1089': attribute type 1 has an invalid length.
[  127.870891][ T8296] netlink: 'syz.0.1093': attribute type 5 has an invalid length.
[  128.165162][ T8324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.172935][ T8326] netlink: 'syz.2.1104': attribute type 1 has an invalid length.
[  128.192685][ T8326] netlink: 'syz.2.1104': attribute type 1 has an invalid length.
[  128.202255][ T8326] netlink: 'syz.2.1104': attribute type 2 has an invalid length.
[  128.255183][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.347545][ T8330] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  128.495003][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.748727][ T8347] netlink: 'syz.2.1110': attribute type 1 has an invalid length.
[  129.295247][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.326764][ T8380] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  129.396460][ T8398] netlink: 'syz.3.1119': attribute type 33 has an invalid length.
[  129.535016][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.761120][ T8420] sctp: [Deprecated]: syz.0.1125 (pid 8420) Use of int in max_burst socket option.
[  129.761120][ T8420] Use struct sctp_assoc_value instead
[  129.910221][ T8426] vlan0: entered promiscuous mode
[  129.994838][ T8432] openvswitch: netlink: Missing key (keys=100000040, expected=2000)
[  130.022167][ T8434] __nla_validate_parse: 13 callbacks suppressed
[  130.022187][ T8434] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1134'.
[  130.022751][ T8432] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1132'.
[  130.257378][ T8442] mac80211_hwsim hwsim17 wlan0: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  130.519929][ T8452] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1140'.
[  130.826638][ T8470] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1147'.
[  130.896802][ T8472] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1149'.
[  130.952977][ T8472] ip6tnl1: entered promiscuous mode
[  130.968311][ T8472] ip6tnl1: entered allmulticast mode
[  131.045399][ T8481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.169947][ T8485] netlink: 'syz.3.1155': attribute type 1 has an invalid length.
[  131.179479][ T8485] netlink: 'syz.3.1155': attribute type 2 has an invalid length.
[  131.215259][ T8488] net_ratelimit: 5 callbacks suppressed
[  131.215277][ T8488] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  131.259437][ T8490] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1154'.
[  131.297099][    C0] Dead loop on virtual device ipvlan1, fix it urgently!
[  131.374983][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  131.527025][ T8481] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1152'.
[  131.538536][ T8481] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes.
[  132.044290][ T8501] netlink: 'syz.0.1158': attribute type 2 has an invalid length.
[  132.367398][ T8508] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  132.804009][ T8514] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1160'.
[  133.147085][ T8534] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1166'.
[  133.163314][ T8537] netlink: 'syz.3.1168': attribute type 13 has an invalid length.
[  133.195647][ T8539] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1169'.
[  133.224122][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[  133.287591][ T8546] syz.1.1172: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  133.304513][ T8546] CPU: 1 PID: 8546 Comm: syz.1.1172 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  133.314619][ T8546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  133.324698][ T8546] Call Trace:
[  133.328017][ T8546]  <TASK>
[  133.330958][ T8546]  dump_stack_lvl+0x241/0x360
[  133.335666][ T8546]  ? __pfx_dump_stack_lvl+0x10/0x10
[  133.340899][ T8546]  ? __pfx__printk+0x10/0x10
[  133.345521][ T8546]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  133.351966][ T8546]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  133.358490][ T8546]  warn_alloc+0x278/0x410
[  133.362836][ T8546]  ? stack_depot_save_flags+0x29/0x830
[  133.368312][ T8546]  ? __vmalloc_node_range_noprof+0x10b/0x1460
[  133.374407][ T8546]  ? __pfx_warn_alloc+0x10/0x10
[  133.379282][ T8546]  ? kasan_save_track+0x3f/0x80
[  133.384143][ T8546]  ? __kasan_kmalloc+0x98/0xb0
[  133.389007][ T8546]  ? xsk_setsockopt+0x598/0x950
[  133.393871][ T8546]  ? do_sock_setsockopt+0x3af/0x720
[  133.399165][ T8546]  ? __sys_setsockopt+0x1ae/0x250
[  133.404199][ T8546]  ? __x64_sys_setsockopt+0xb5/0xd0
[  133.409405][ T8546]  ? do_syscall_64+0xf3/0x230
[  133.414084][ T8546]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.420169][ T8546]  __vmalloc_node_range_noprof+0x130/0x1460
[  133.426102][ T8546]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  133.432443][ T8546]  ? __kasan_kmalloc+0x98/0xb0
[  133.437221][ T8546]  ? xskq_create+0x54/0x170
[  133.441738][ T8546]  vmalloc_user_noprof+0x74/0x80
[  133.446682][ T8546]  ? xskq_create+0xb6/0x170
[  133.451202][ T8546]  xskq_create+0xb6/0x170
[  133.455546][ T8546]  xsk_init_queue+0xa1/0x100
[  133.460154][ T8546]  xsk_setsockopt+0x598/0x950
[  133.464859][ T8546]  ? __pfx_xsk_setsockopt+0x10/0x10
[  133.470072][ T8546]  ? __pfx_lock_acquire+0x10/0x10
[  133.475191][ T8546]  ? aa_sock_opt_perm+0x79/0x120
[  133.480143][ T8546]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  133.485696][ T8546]  ? security_socket_setsockopt+0x87/0xb0
[  133.491425][ T8546]  ? __pfx_xsk_setsockopt+0x10/0x10
[  133.496632][ T8546]  do_sock_setsockopt+0x3af/0x720
[  133.501683][ T8546]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  133.507241][ T8546]  ? __fget_files+0x29/0x470
[  133.511840][ T8546]  ? __fget_files+0x3f6/0x470
[  133.516627][ T8546]  __sys_setsockopt+0x1ae/0x250
[  133.521491][ T8546]  __x64_sys_setsockopt+0xb5/0xd0
[  133.526540][ T8546]  do_syscall_64+0xf3/0x230
[  133.531052][ T8546]  ? clear_bhb_loop+0x35/0x90
[  133.535819][ T8546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.541719][ T8546] RIP: 0033:0x7fe330375b99
[  133.546139][ T8546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.565735][ T8546] RSP: 002b:00007fe3310df048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  133.574141][ T8546] RAX: ffffffffffffffda RBX: 00007fe330503fa0 RCX: 00007fe330375b99
[  133.582102][ T8546] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  133.590075][ T8546] RBP: 00007fe3303f677e R08: 000000000000001c R09: 0000000000000000
[  133.598038][ T8546] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  133.605997][ T8546] R13: 000000000000000b R14: 00007fe330503fa0 R15: 00007fff1479e418
[  133.613979][ T8546]  </TASK>
[  133.638837][ T8546] Mem-Info:
[  133.642203][ T8546] active_anon:3127 inactive_anon:0 isolated_anon:0
[  133.642203][ T8546]  active_file:1534 inactive_file:38381 isolated_file:0
[  133.642203][ T8546]  unevictable:768 dirty:178 writeback:0
[  133.642203][ T8546]  slab_reclaimable:10975 slab_unreclaimable:99746
[  133.642203][ T8546]  mapped:13125 shmem:1227 pagetables:691
[  133.642203][ T8546]  sec_pagetables:0 bounce:0
[  133.642203][ T8546]  kernel_misc_reclaimable:0
[  133.642203][ T8546]  free:1401415 free_pcp:522 free_cma:0
[  133.712895][ T8546] Node 0 active_anon:12208kB inactive_anon:0kB active_file:6136kB inactive_file:153448kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52400kB dirty:708kB writeback:0kB shmem:3372kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10668kB pagetables:2564kB sec_pagetables:0kB all_unreclaimable? no
[  133.754510][ T8546] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  133.790952][ T8546] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  133.818827][ T8546] lowmem_reserve[]: 0 2571 2571 0 0
[  133.824707][ T8546] Node 0 DMA32 free:1641844kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:12464kB inactive_anon:0kB active_file:6136kB inactive_file:153136kB unevictable:1536kB writepending:708kB present:3129332kB managed:2659864kB mlocked:0kB bounce:0kB free_pcp:1928kB local_pcp:768kB free_cma:0kB
[  133.873967][ T8546] lowmem_reserve[]: 0 0 0 0 0
[  133.883235][ T8546] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:312kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  133.923602][ T8546] lowmem_reserve[]: 0 0 0 0 0
[  133.932898][ T8546] Node 1 Normal free:3948136kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  133.969820][ T8546] lowmem_reserve[]: 0 0 0 0 0
[  133.974669][ T8546] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  133.992876][ T8546] Node 0 DMA32: 212*4kB (UME) 218*8kB (UME) 126*16kB (UME) 132*32kB (UME) 66*64kB (UME) 45*128kB (UME) 10*256kB (ME) 26*512kB (UM) 17*1024kB (UME) 13*2048kB (UM) 382*4096kB (UM) = 1643392kB
[  134.020173][ T8546] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  134.037736][ T8546] Node 1 Normal: 8*4kB (U) 5*8kB (U) 8*16kB (U) 1*32kB (U) 6*64kB (UM) 4*128kB (U) 2*256kB (UM) 4*512kB (UM) 0*1024kB 2*2048kB (U) 962*4096kB (M) = 3948136kB
[  134.071952][ T8546] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.084340][ T8566] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.105944][ T8546] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  134.125420][ T8546] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.143713][ T8546] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  134.153652][ T8546] 41164 total pagecache pages
[  134.159504][ T8546] 0 pages in swap cache
[  134.163676][ T8546] Free swap  = 124996kB
[  134.193291][ T8546] Total swap = 124996kB
[  134.202667][ T8546] 2097051 pages RAM
[  134.206765][ T8546] 0 pages HighMem/MovableOnly
[  134.211491][ T8546] 400875 pages reserved
[  134.216098][ T8546] 0 pages cma reserved
[  134.257522][ T8399] wlan0: Trigger new scan to find an IBSS to join
[  134.482148][ T8592] netlink: 'syz.1.1190': attribute type 1 has an invalid length.
[  134.490871][ T8592] netlink: 'syz.1.1190': attribute type 1 has an invalid length.
[  134.498129][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  134.868008][ T8604] FAULT_INJECTION: forcing a failure.
[  134.868008][ T8604] name failslab, interval 1, probability 0, space 0, times 0
[  134.899544][ T8604] CPU: 0 PID: 8604 Comm: syz.2.1193 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  134.909835][ T8604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  134.919909][ T8604] Call Trace:
[  134.923199][ T8604]  <TASK>
[  134.926142][ T8604]  dump_stack_lvl+0x241/0x360
[  134.930848][ T8604]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.936066][ T8604]  ? __pfx__printk+0x10/0x10
[  134.940684][ T8604]  ? netlink_insert+0x10b7/0x14b0
[  134.945727][ T8604]  should_fail_ex+0x3b0/0x4e0
[  134.950426][ T8604]  ? __alloc_skb+0x1c3/0x440
[  134.955051][ T8604]  should_failslab+0x9/0x20
[  134.959591][ T8604]  kmem_cache_alloc_node_noprof+0x71/0x320
[  134.965428][ T8604]  __alloc_skb+0x1c3/0x440
[  134.969870][ T8604]  ? __pfx___alloc_skb+0x10/0x10
[  134.974830][ T8604]  ? netlink_autobind+0xd6/0x2f0
[  134.979783][ T8604]  ? netlink_autobind+0x2b0/0x2f0
[  134.984817][ T8604]  netlink_sendmsg+0x638/0xcb0
[  134.989614][ T8604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.994898][ T8604]  ? __import_iovec+0x536/0x820
[  134.999834][ T8604]  ? aa_sock_msg_perm+0x91/0x160
[  135.004779][ T8604]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  135.010050][ T8604]  ? security_socket_sendmsg+0x87/0xb0
[  135.015507][ T8604]  ? __pfx_netlink_sendmsg+0x10/0x10
[  135.020786][ T8604]  __sock_sendmsg+0x221/0x270
[  135.025631][ T8604]  ____sys_sendmsg+0x525/0x7d0
[  135.030393][ T8604]  ? __pfx_____sys_sendmsg+0x10/0x10
[  135.035680][ T8604]  __sys_sendmsg+0x2b0/0x3a0
[  135.040262][ T8604]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.045365][ T8604]  ? vfs_write+0x7c4/0xc90
[  135.049801][ T8604]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  135.056143][ T8604]  ? do_syscall_64+0x100/0x230
[  135.060897][ T8604]  ? do_syscall_64+0xb6/0x230
[  135.065571][ T8604]  do_syscall_64+0xf3/0x230
[  135.070062][ T8604]  ? clear_bhb_loop+0x35/0x90
[  135.074729][ T8604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.080612][ T8604] RIP: 0033:0x7fc95a775b99
[  135.085016][ T8604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.104609][ T8604] RSP: 002b:00007fc95b4e6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.113013][ T8604] RAX: ffffffffffffffda RBX: 00007fc95a903fa0 RCX: 00007fc95a775b99
[  135.120977][ T8604] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004
[  135.128935][ T8604] RBP: 00007fc95b4e60a0 R08: 0000000000000000 R09: 0000000000000000
[  135.136893][ T8604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.144854][ T8604] R13: 000000000000000b R14: 00007fc95a903fa0 R15: 00007fffb675e408
[  135.152829][ T8604]  </TASK>
[  135.157085][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  135.166275][ T8575] Bluetooth: Found 0 CAPI controller(s) on device 10:aa:aa:aa:aa:aa
[  135.390685][ T8627] __nla_validate_parse: 12 callbacks suppressed
[  135.390705][ T8627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1202'.
[  135.408725][ T8629] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1204'.
[  135.445251][ T8627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1202'.
[  135.475301][ T8633] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1200'.
[  135.498338][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1202'.
[  135.544589][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1202'.
[  135.561546][ T8638] netlink: 'syz.2.1205': attribute type 1 has an invalid length.
[  135.588148][ T8638] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1205'.
[  135.615335][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1202'.
[  135.628313][ T8638] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1205'.
[  135.664950][   T29] audit: type=1804 audit(1719743722.314:9): pid=8643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1208" name="/root/syzkaller.dbI3c4/70/cgroup.controllers" dev="sda1" ino=1974 res=1 errno=0
[  135.840448][ T8655] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  135.854684][ T8656] No such timeout policy "syz0"
[  136.019358][ T8674] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1218'.
[  136.097302][ T8681] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  136.105088][ T8681] IPv6: NLM_F_CREATE should be set when creating new route
[  136.112311][ T8681] IPv6: NLM_F_CREATE should be set when creating new route
[  136.174998][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.215238][ T8686] xt_bpf: check failed: parse error
[  136.504468][ T8704] EXT4-fs warning (device sda1): verify_group_input:162: Bad blocks count 0
[  136.663117][ T8711] batadv_slave_1: entered promiscuous mode
[  136.709929][ T8713] netlink: 'syz.2.1234': attribute type 11 has an invalid length.
[  136.742491][   T29] audit: type=1804 audit(1719743723.394:10): pid=8711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1235" name="/root/syzkaller.Ir5nnJ/275/cgroup.controllers" dev="sda1" ino=1962 res=1 errno=0
[  136.780925][ T8721] bond0: option use_carrier: invalid value (215)
[  136.807371][ T8710] batadv_slave_1: left promiscuous mode
[  136.974564][ T8731] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  137.014160][ T8731] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  137.050147][ T8731] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  137.215180][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  137.681799][ T8772] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.222245][ T8800] team0: Port device team_slave_0 removed
[  138.233220][ T8800] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  138.255040][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.309483][ T8807] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  138.745003][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.886679][ T8836] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.045252][ T8836] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.109797][ T8851] netlink: 'syz.2.1285': attribute type 11 has an invalid length.
[  139.193635][ T8836] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.294986][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  139.304936][ T8394] wlan0: Trigger new scan to find an IBSS to join
[  139.316112][ T8836] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.573020][ T8836] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.612612][ T8836] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.670004][ T8836] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.731501][ T8836] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.774975][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.272326][ T8394] wlan0: Creating new IBSS network, BSSID 66:39:22:9d:56:c3
[  140.317281][ T8917] Cannot find set identified by id 0 to match
[  140.336772][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.470851][ T8926] __nla_validate_parse: 79 callbacks suppressed
[  140.470872][ T8926] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1312'.
[  140.772329][ T8945] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1320'.
[  140.877788][ T8951] bridge0: port 3(team0) entered blocking state
[  140.905885][ T8951] bridge0: port 3(team0) entered disabled state
[  140.941425][ T8951] bridge0: port 3(team0) entered blocking state
[  140.947917][ T8951] bridge0: port 3(team0) entered forwarding state
[  141.192767][ T8964] netlink: 'syz.3.1329': attribute type 29 has an invalid length.
[  141.205423][ T8964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1329'.
[  141.230842][ T8964] netlink: 'syz.3.1329': attribute type 29 has an invalid length.
[  141.241244][ T8964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1329'.
[  141.281058][ T8967] IPVS: Error connecting to the multicast addr
[  141.374971][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.471312][ T8977] team0: entered promiscuous mode
[  141.478097][ T8977] team_slave_0: entered promiscuous mode
[  141.484126][ T8977] team_slave_1: entered promiscuous mode
[  141.494416][ T8973] team0: left promiscuous mode
[  141.499969][ T8973] team_slave_0: left promiscuous mode
[  141.508506][ T8973] team_slave_1: left promiscuous mode
[  141.514434][ T8976] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1333'.
[  141.585225][ T8981] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1336'.
[  141.619628][ T8989] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1338'.
[  141.705107][ T8999] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1341'.
[  141.824754][ T9003] netlink: 'syz.3.1342': attribute type 3 has an invalid length.
[  142.014648][ T9011] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1347'.
[  142.075211][ T9011] geneve2: entered promiscuous mode
[  142.080468][ T9011] geneve2: entered allmulticast mode
[  142.112218][ T9018] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1348'.
[  142.142107][ T9018] sctp: [Deprecated]: syz.4.1348 (pid 9018) Use of struct sctp_assoc_value in delayed_ack socket option.
[  142.142107][ T9018] Use struct sctp_sack_info instead
[  142.225151][ T9022] FAULT_INJECTION: forcing a failure.
[  142.225151][ T9022] name failslab, interval 1, probability 0, space 0, times 0
[  142.273381][ T9022] CPU: 1 PID: 9022 Comm: syz.1.1350 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  142.283491][ T9022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  142.293651][ T9022] Call Trace:
[  142.296937][ T9022]  <TASK>
[  142.299870][ T9022]  dump_stack_lvl+0x241/0x360
[  142.304555][ T9022]  ? __pfx_dump_stack_lvl+0x10/0x10
[  142.309755][ T9022]  ? __pfx__printk+0x10/0x10
[  142.314396][ T9022]  should_fail_ex+0x3b0/0x4e0
[  142.319086][ T9022]  ? hash_ip_create+0x7a9/0x1670
[  142.324021][ T9022]  should_failslab+0x9/0x20
[  142.328521][ T9022]  kmalloc_trace_noprof+0x6c/0x2c0
[  142.333630][ T9022]  hash_ip_create+0x7a9/0x1670
[  142.338392][ T9022]  ? __pfx_lock_acquire+0x10/0x10
[  142.343416][ T9022]  ? __pfx_hash_ip_create+0x10/0x10
[  142.348612][ T9022]  ? __nla_parse+0x40/0x60
[  142.353036][ T9022]  ? __pfx_hash_ip_create+0x10/0x10
[  142.358261][ T9022]  ip_set_create+0xa5c/0x1900
[  142.362932][ T9022]  ? ip_set_create+0x45e/0x1900
[  142.367775][ T9022]  ? __mutex_trylock_common+0x2/0x2e0
[  142.373158][ T9022]  ? __pfx_ip_set_create+0x10/0x10
[  142.378265][ T9022]  ? trace_contention_end+0x3c/0x120
[  142.383568][ T9022]  ? nfnetlink_rcv_msg+0x225/0x1180
[  142.388768][ T9022]  nfnetlink_rcv_msg+0xbec/0x1180
[  142.393805][ T9022]  ? nfnetlink_rcv_msg+0x225/0x1180
[  142.399016][ T9022]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  142.404485][ T9022]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  142.410463][ T9022]  ? ____sys_sendmsg+0x525/0x7d0
[  142.414979][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.415404][ T9022]  netlink_rcv_skb+0x1e3/0x430
[  142.428247][ T9022]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  142.433709][ T9022]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  142.439001][ T9022]  ? apparmor_capable+0x138/0x1b0
[  142.444113][ T9022]  ? bpf_lsm_capable+0x9/0x10
[  142.448786][ T9022]  ? security_capable+0x90/0xb0
[  142.453637][ T9022]  nfnetlink_rcv+0x297/0x2a90
[  142.458319][ T9022]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  142.464034][ T9022]  ? __dev_queue_xmit+0x2da/0x3e90
[  142.469142][ T9022]  ? __dev_queue_xmit+0x1763/0x3e90
[  142.474341][ T9022]  ? kasan_save_track+0x51/0x80
[  142.479191][ T9022]  ? do_syscall_64+0xf3/0x230
[  142.483860][ T9022]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  142.488963][ T9022]  ? __dev_queue_xmit+0x2da/0x3e90
[  142.494160][ T9022]  ? __pfx___dev_queue_xmit+0x10/0x10
[  142.499543][ T9022]  ? ref_tracker_free+0x643/0x7e0
[  142.504564][ T9022]  ? __asan_memcpy+0x40/0x70
[  142.509154][ T9022]  ? __pfx_ref_tracker_free+0x10/0x10
[  142.514537][ T9022]  ? netlink_deliver_tap+0x2e/0x1b0
[  142.519730][ T9022]  ? skb_clone+0x240/0x390
[  142.524144][ T9022]  ? __pfx_lock_release+0x10/0x10
[  142.529158][ T9022]  ? __netlink_deliver_tap+0x77e/0x7c0
[  142.534615][ T9022]  ? netlink_deliver_tap+0x2e/0x1b0
[  142.539804][ T9022]  netlink_unicast+0x7f0/0x990
[  142.544565][ T9022]  ? __pfx_netlink_unicast+0x10/0x10
[  142.549838][ T9022]  ? __virt_addr_valid+0x183/0x520
[  142.554948][ T9022]  ? __check_object_size+0x49c/0x900
[  142.560226][ T9022]  ? bpf_lsm_netlink_send+0x9/0x10
[  142.565335][ T9022]  netlink_sendmsg+0x8e4/0xcb0
[  142.570101][ T9022]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.575380][ T9022]  ? __import_iovec+0x536/0x820
[  142.580221][ T9022]  ? aa_sock_msg_perm+0x91/0x160
[  142.585153][ T9022]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  142.590426][ T9022]  ? security_socket_sendmsg+0x87/0xb0
[  142.595881][ T9022]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.601158][ T9022]  __sock_sendmsg+0x221/0x270
[  142.605832][ T9022]  ____sys_sendmsg+0x525/0x7d0
[  142.610597][ T9022]  ? __pfx_____sys_sendmsg+0x10/0x10
[  142.615891][ T9022]  __sys_sendmsg+0x2b0/0x3a0
[  142.620476][ T9022]  ? __pfx___sys_sendmsg+0x10/0x10
[  142.625577][ T9022]  ? vfs_write+0x7c4/0xc90
[  142.630019][ T9022]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  142.636338][ T9022]  ? do_syscall_64+0x100/0x230
[  142.641095][ T9022]  ? do_syscall_64+0xb6/0x230
[  142.645765][ T9022]  do_syscall_64+0xf3/0x230
[  142.650258][ T9022]  ? clear_bhb_loop+0x35/0x90
[  142.654930][ T9022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.660819][ T9022] RIP: 0033:0x7fe330375b99
[  142.665228][ T9022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.684821][ T9022] RSP: 002b:00007fe3310df048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.693230][ T9022] RAX: ffffffffffffffda RBX: 00007fe330503fa0 RCX: 00007fe330375b99
[  142.701191][ T9022] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  142.709155][ T9022] RBP: 00007fe3310df0a0 R08: 0000000000000000 R09: 0000000000000000
[  142.717115][ T9022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.725077][ T9022] R13: 000000000000000b R14: 00007fe330503fa0 R15: 00007fff1479e418
[  142.733052][ T9022]  </TASK>
[  142.947946][ T9039] syz.4.1357[9039] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.948085][ T9039] syz.4.1357[9039] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.993310][ T9041] netlink: 'syz.0.1359': attribute type 63 has an invalid length.
[  143.413500][ T9058] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  143.455584][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.204411][ T9125] netlink: 'syz.2.1384': attribute type 4 has an invalid length.
[  144.308074][ T9134] netlink: 'syz.3.1392': attribute type 1 has an invalid length.
[  144.494990][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.144052][ T9168] netlink: 'syz.1.1403': attribute type 2 has an invalid length.
[  145.535044][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.945111][ T9193] __nla_validate_parse: 12 callbacks suppressed
[  145.945131][ T9193] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1412'.
[  146.076618][ T9210] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1412'.
[  146.202086][ T9219] xt_bpf: check failed: parse error
[  146.362336][ T9233] netlink: 'syz.2.1424': attribute type 1 has an invalid length.
[  146.405609][ T9233] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1424'.
[  146.569596][ T9243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1431'.
[  146.575290][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.821420][ T9262] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1438'.
[  147.197969][ T9281] netlink: 'syz.4.1447': attribute type 12 has an invalid length.
[  147.221029][ T9281] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1447'.
[  147.256294][ T5140] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  147.449766][ T9301] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1456'.
[  147.450091][ T9299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1455'.
[  147.475317][ T9301] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  147.493772][ T9301] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  147.558687][ T9308] FAULT_INJECTION: forcing a failure.
[  147.558687][ T9308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.572879][ T9308] CPU: 1 PID: 9308 Comm: syz.3.1459 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  147.582982][ T9308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  147.593054][ T9308] Call Trace:
[  147.596348][ T9308]  <TASK>
[  147.599288][ T9308]  dump_stack_lvl+0x241/0x360
[  147.603989][ T9308]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.609207][ T9308]  ? __pfx__printk+0x10/0x10
[  147.613820][ T9308]  ? __pfx_lock_release+0x10/0x10
[  147.614963][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.618851][ T9308]  should_fail_ex+0x3b0/0x4e0
[  147.631644][ T9308]  _copy_from_user+0x2f/0xe0
[  147.636250][ T9308]  copy_msghdr_from_user+0xae/0x680
[  147.641473][ T9308]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  147.647313][ T9308]  __sys_sendmsg+0x23d/0x3a0
[  147.651926][ T9308]  ? __pfx___sys_sendmsg+0x10/0x10
[  147.657074][ T9308]  ? vfs_write+0x7c4/0xc90
[  147.661525][ T9308]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  147.667847][ T9308]  ? do_syscall_64+0x100/0x230
[  147.672605][ T9308]  ? do_syscall_64+0xb6/0x230
[  147.677271][ T9308]  do_syscall_64+0xf3/0x230
[  147.681765][ T9308]  ? clear_bhb_loop+0x35/0x90
[  147.686436][ T9308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.692319][ T9308] RIP: 0033:0x7f7695975b99
[  147.696727][ T9308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.716332][ T9308] RSP: 002b:00007f76966c5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.724736][ T9308] RAX: ffffffffffffffda RBX: 00007f7695b03fa0 RCX: 00007f7695975b99
[  147.732701][ T9308] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  147.740662][ T9308] RBP: 00007f76966c50a0 R08: 0000000000000000 R09: 0000000000000000
[  147.748621][ T9308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.756584][ T9308] R13: 000000000000000b R14: 00007f7695b03fa0 R15: 00007ffc933ed318
[  147.764557][ T9308]  </TASK>
[  147.780744][ T5140] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  147.827219][ T9312] xt_TCPMSS: Only works on TCP SYN packets
[  147.842254][ T9314] xt_CT: You must specify a L4 protocol and not use inversions on it
[  148.243075][ T9340] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  148.249716][ T9340] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  148.309540][ T9341] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1469'.
[  148.387872][ T9334] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1469'.
[  148.585062][ T9356] netlink: 'syz.4.1478': attribute type 2 has an invalid length.
[  148.597728][ T9356] netlink: 'syz.4.1478': attribute type 2 has an invalid length.
[  148.620698][ T9356] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  148.630545][ T9356] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  148.644373][ T9356] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  148.654962][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  148.784134][ T9372] netlink: zone id is out of range
[  148.790768][ T9372] netlink: zone id is out of range
[  148.797739][ T9372] netlink: zone id is out of range
[  148.811256][ T9372] netlink: zone id is out of range
[  148.823044][ T9372] netlink: zone id is out of range
[  148.861138][ T9372] netlink: set zone limit has 4 unknown bytes
[  149.641109][ T9419] lo: Caught tx_queue_len zero misconfig
[  149.855285][    C0] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.602891][ T9446] netlink: 'syz.1.1511': attribute type 2 has an invalid length.
[  151.029365][ T9475] netlink: 'syz.3.1520': attribute type 4 has an invalid length.
[  151.399541][ T9502] __nla_validate_parse: 4 callbacks suppressed
[  151.399588][ T9502] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1531'.
[  151.534746][ T9513] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1534'.
[  151.768650][ T9517] netlink: 'syz.2.1538': attribute type 1 has an invalid length.
[  151.785099][ T9517] netlink: 88156 bytes leftover after parsing attributes in process `syz.2.1538'.
[  151.926093][ T9528] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1544'.
[  151.945840][ T9528] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1544'.
[  152.050326][ T9539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1544'.
[  152.186967][ T9547] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1551'.
[  152.252631][ T9554] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1553'.
[  152.554263][ T9571] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1561'.
[  152.770175][ T9587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1566'.
[  152.815229][    C0] net_ratelimit: 3 callbacks suppressed
[  152.815248][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  153.776649][   T29] audit: type=1804 audit(1719743740.434:11): pid=9647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1586" name="/root/syzkaller.kqoJ4p/350/cgroup.controllers" dev="sda1" ino=1975 res=1 errno=0
[  153.855107][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  154.521704][ T9682] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  154.781343][ T9700] openvswitch: netlink: ufid size 8952 bytes exceeds the range (1, 16)
[  154.895048][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.123161][ T9723] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.126545][ T9722] syzkaller1: entered promiscuous mode
[  155.139432][ T9722] syzkaller1: entered allmulticast mode
[  155.542574][ T9741] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  156.056804][ T9768] netlink: 'syz.3.1632': attribute type 11 has an invalid length.
[  156.085433][ T9768] netlink: 'syz.3.1632': attribute type 11 has an invalid length.
[  156.109510][ T9768] debugfs: Directory 'netdev:' with parent 'phy16' already present!
[  156.174980][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.381638][ T9795] ieee802154 phy1 wpan1: encryption failed: -22
[  156.504622][ T5140] IPVS: starting estimator thread 0...
[  156.615675][ T9808] IPVS: using max 22 ests per chain, 52800 per kthread
[  156.692829][ T9819] dummy0: entered promiscuous mode
[  156.713861][ T9819] batman_adv: batadv0: Adding interface: macvtap1
[  156.740496][ T9819] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.766540][ T9819] batman_adv: batadv0: Interface activated: macvtap1
[  156.973531][ T9834] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.999872][ T9837] bond_slave_0: entered promiscuous mode
[  157.005661][ T9837] bond_slave_1: entered promiscuous mode
[  157.062574][ T9831] bond_slave_0: left promiscuous mode
[  157.068133][ T9831] bond_slave_1: left promiscuous mode
[  157.123747][ T9834] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.214998][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.280171][ T9834] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.363706][ T9834] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.405626][ T9860] __nla_validate_parse: 14 callbacks suppressed
[  157.405645][ T9860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1665'.
[  157.422864][ T9860] netlink: 'syz.3.1665': attribute type 12 has an invalid length.
[  157.445765][ T9860] netlink: 'syz.3.1665': attribute type 13 has an invalid length.
[  157.507729][ T9860] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  157.517001][ T9860] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  157.525582][ T9860] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  157.534227][ T9860] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  157.553000][ T9860] vxlan0: entered promiscuous mode
[  157.644431][ T9834] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.668251][ T9834] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.689707][ T9834] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.712688][ T9834] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.792717][ T9884] xt_CT: You must specify a L4 protocol and not use inversions on it
[  157.932108][ T9892] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1678'.
[  157.955311][ T9892] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1678'.
[  157.982075][ T9897] x_tables: ip_tables: osf match: only valid for protocol 6
[  158.184841][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1685'.
[  158.213317][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1685'.
[  158.244300][ T9923] lo speed is unknown, defaulting to 1000
[  158.254362][ T9919] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1687'.
[  158.255280][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.266678][ T9919] bridge0: port 3(team0) entered disabled state
[  158.327446][ T9919] bridge_slave_1: left allmulticast mode
[  158.340209][ T9919] bridge_slave_1: left promiscuous mode
[  158.358707][ T9919] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.394132][ T9919] bridge_slave_0: left allmulticast mode
[  158.394218][ T9933] netlink: 'syz.2.1687': attribute type 4 has an invalid length.
[  158.422331][ T9933] netlink: 'syz.2.1687': attribute type 1 has an invalid length.
[  158.425810][ T9919] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.443314][ T9933] netlink: 88156 bytes leftover after parsing attributes in process `syz.2.1687'.
[  158.561671][ T9923] lo speed is unknown, defaulting to 1000
[  158.585879][ T9923] lo speed is unknown, defaulting to 1000
[  158.734021][ T9946] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  158.847246][ T9953] syz.3.1692 (9953) used obsolete PPPIOCDETACH ioctl
[  158.906742][ T9957] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1693'.
[  159.055422][ T9923] infiniband syz0: set active
[  159.064209][ T9963] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  159.084773][ T9923] infiniband syz0: added lo
[  159.103663][ T9923] syz0: rxe_create_cq: returned err = -12
[  159.117075][  T783] lo speed is unknown, defaulting to 1000
[  159.128212][ T9923] infiniband syz0: Couldn't create ib_mad CQ
[  159.134435][ T9923] infiniband syz0: Couldn't open port 1
[  159.238429][ T9923] RDS/IB: syz0: added
[  159.262202][ T9923] smc: adding ib device syz0 with port count 1
[  159.268804][ T9977] netlink: 'syz.0.1700': attribute type 2 has an invalid length.
[  159.285694][ T9923] smc:    ib device syz0 port 1 has pnetid SYZ1 (user defined)
[  159.295027][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.320045][ T9971] veth0_vlan: entered allmulticast mode
[  159.385512][ T9973] veth0_vlan: left promiscuous mode
[  159.417753][ T9973] veth0_vlan: entered promiscuous mode
[  159.442273][ T9978] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1701'.
[  159.455084][ T5102] Bluetooth: hci3: command 0x0405 tx timeout
[  159.491308][  T783] lo speed is unknown, defaulting to 1000
[  159.501065][ T9981] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1701'.
[  159.531722][ T9923] lo speed is unknown, defaulting to 1000
[  159.806142][T10007] netlink: 'syz.0.1705': attribute type 4 has an invalid length.
[  159.884552][T10006] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  159.929444][T10006] Dead loop on virtual device ipvlan1, fix it urgently!
[  159.941508][T10015] netlink: 'syz.2.1711': attribute type 10 has an invalid length.
[  160.037779][T10015] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  160.111231][T10015] macvlan0: entered promiscuous mode
[  160.132504][T10015] macvlan0: left promiscuous mode
[  160.165721][ T9923] lo speed is unknown, defaulting to 1000
[  160.335011][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.546145][ T9923] lo speed is unknown, defaulting to 1000
[  160.584729][T10006] syz.4.1708 (10006) used greatest stack depth: 6640 bytes left
[  160.844048][ T9923] lo speed is unknown, defaulting to 1000
[  161.215146][ T5102] Bluetooth: hci0: command tx timeout
[  161.224052][ T9923] lo speed is unknown, defaulting to 1000
[  161.375502][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  161.539364][ T5102] Bluetooth: hci3: command 0x0405 tx timeout
[  162.213896][T10127] netlink: 'syz.1.1757': attribute type 5 has an invalid length.
[  162.369287][T10140] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  162.414963][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.686174][T10156] __nla_validate_parse: 22 callbacks suppressed
[  162.686193][T10156] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1770'.
[  162.816661][T10160] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1771'.
[  163.052947][T10171] batadv_slave_1: entered promiscuous mode
[  163.060339][T10172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1775'.
[  163.169112][T10165] batadv_slave_1: left promiscuous mode
[  163.335910][T10186] bridge_slave_0: invalid flags given to default FDB implementation
[  163.384814][T10186] erspan0: entered promiscuous mode
[  163.406532][T10186] erspan0: left promiscuous mode
[  163.454995][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.572674][T10192] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  164.036311][T10212] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.051819][T10212] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.498165][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.524951][T10221] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1789'.
[  164.663227][T10227] ɶƣ0GC¦: entered promiscuous mode
[  164.856858][T10239] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  164.982945][T10242] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1797'.
[  165.011321][T10242] netlink: 'syz.2.1797': attribute type 10 has an invalid length.
[  165.059252][T10242] team0: Device dummy0 failed to register rx_handler
[  165.171206][T10252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1799'.
[  165.237139][T10256] netlink: 'syz.0.1801': attribute type 1 has an invalid length.
[  165.309064][T10256] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1801'.
[  165.331817][T10256] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1801'.
[  165.341525][T10256] netlink: 'syz.0.1801': attribute type 5 has an invalid length.
[  165.357469][T10256] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1801'.
[  165.365730][T10267] netlink: 'syz.2.1804': attribute type 1 has an invalid length.
[  165.374673][T10267] netlink: 'syz.2.1804': attribute type 1 has an invalid length.
[  165.534966][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.570422][T10280] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1808'.
[  165.665942][T10287] netlink: 'syz.4.1812': attribute type 1 has an invalid length.
[  165.693937][T10283] tipc: Can't bind to reserved service type 0
[  165.880582][T10285] netlink: 'syz.2.1810': attribute type 10 has an invalid length.
[  165.908306][T10285] team0: Device dummy0 failed to register rx_handler
[  166.023020][T10315] netlink: 'syz.4.1818': attribute type 1 has an invalid length.
[  166.177475][T10320] netlink: 'syz.2.1822': attribute type 1 has an invalid length.
[  166.210566][T10320] netlink: 'syz.2.1822': attribute type 1 has an invalid length.
[  166.228166][T10328] lo speed is unknown, defaulting to 1000
[  166.419188][T10344] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  166.426227][T10344] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  166.574961][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.736335][ T5102] Bluetooth: hci3: command 0x0405 tx timeout
[  166.804442][T10365] syzkaller0: entered promiscuous mode
[  166.810890][T10365] syzkaller0: entered allmulticast mode
[  166.872783][T10371] xt_TCPMSS: Only works on TCP SYN packets
[  168.815693][T10384] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  168.835487][ T5136] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.905272][ T5136] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.972410][T10417] __nla_validate_parse: 9 callbacks suppressed
[  168.972429][T10417] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1856'.
[  169.226165][T10442] xt_cgroup: path and classid specified
[  169.560828][T10464] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1876'.
[  169.660207][T10475] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1879'.
[  169.775432][ T5140] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.343268][T10502] smc: ib device syz0 ibport 1 erased user defined pnetid SYZ1
[  170.494503][T10517] validate_nla: 2 callbacks suppressed
[  170.494522][T10517] netlink: 'syz.0.1893': attribute type 4 has an invalid length.
[  170.570023][T10515] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1895'.
[  170.783909][T10537] netlink: 210568 bytes leftover after parsing attributes in process `syz.3.1902'.
[  170.807006][T10537] openvswitch: netlink: Message has 4 unknown bytes.
[  170.898849][T10536] syzkaller0: entered promiscuous mode
[  170.907793][T10536] syzkaller0: entered allmulticast mode
[  171.036251][T10549] netlink: 'syz.1.1908': attribute type 1 has an invalid length.
[  171.044169][T10549] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1908'.
[  172.256081][ T8383] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  172.395763][T10543] ipvlan2: entered promiscuous mode
[  172.401108][T10543] ipvlan2: entered allmulticast mode
[  172.406558][T10543] syz_tun: entered allmulticast mode
[  172.574594][T10558] netlink: 'syz.0.1913': attribute type 4 has an invalid length.
[  172.889729][   T29] audit: type=1804 audit(1719743759.544:12): pid=10584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1918" name="/root/syzkaller.dbI3c4/211/cgroup.controllers" dev="sda1" ino=1967 res=1 errno=0
[  172.933573][T10591] atomic_op ffff88807da0c998 conn xmit_atomic 0000000000000000
[  173.005717][T10598] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  173.039848][   T29] audit: type=1804 audit(1719743759.694:13): pid=10598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1923" name="/root/syzkaller.3PQQ8L/207/memory.events" dev="sda1" ino=1974 res=1 errno=0
[  173.072584][   T29] audit: type=1804 audit(1719743759.694:14): pid=10598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1923" name="/root/syzkaller.3PQQ8L/207/memory.events" dev="sda1" ino=1974 res=1 errno=0
[  173.109901][T10603] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1926'.
[  173.127092][   T29] audit: type=1804 audit(1719743759.694:15): pid=10598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1923" name="/root/syzkaller.3PQQ8L/207/memory.events" dev="sda1" ino=1974 res=1 errno=0
[  173.592470][T10634] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  173.602433][T10628] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1933'.
[  173.717301][T10646] ieee802154 phy1 wpan1: encryption failed: -22
[  173.770517][T10647] bond_slave_0: entered promiscuous mode
[  173.776313][T10647] bond_slave_1: entered promiscuous mode
[  173.812688][T10645] bond_slave_0: left promiscuous mode
[  173.818245][T10645] bond_slave_1: left promiscuous mode
[  173.981607][T10660] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1939'.
[  174.003344][T10659] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1940'.
[  174.524524][T10688] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  174.591067][T10691] bond_slave_0: entered promiscuous mode
[  174.596842][T10691] bond_slave_1: entered promiscuous mode
[  174.629871][T10686] bond_slave_0: left promiscuous mode
[  174.635459][T10686] bond_slave_1: left promiscuous mode
[  174.783084][T10706] netlink: 208 bytes leftover after parsing attributes in process `syz.0.1954'.
[  175.120148][T10734] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  175.127462][T10733] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1964'.
[  175.152126][T10736] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1967'.
[  175.177135][T10733] 8021q: adding VLAN 0 to HW filter on device team1
[  175.240591][T10737] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1965'.
[  175.335339][T10743] bond0: option resend_igmp: invalid value (257)
[  175.354582][T10743] bond0: option resend_igmp: allowed values 0 - 255
[  175.491596][T10747] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1971'.
[  175.516062][T10750] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1973'.
[  175.694225][T10764] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1978'.
[  175.777770][T10769] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  175.862599][T10776] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1981'.
[  176.259316][ T5101] Bluetooth: hci2: command 0x0406 tx timeout
[  176.259330][ T5099] Bluetooth: hci0: command 0x0406 tx timeout
[  176.353650][T10794] macvlan0: entered promiscuous mode
[  176.360877][T10794] batadv_slave_0: entered promiscuous mode
[  176.589184][T10816] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  176.693756][T10823] FAULT_INJECTION: forcing a failure.
[  176.693756][T10823] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.717337][T10823] CPU: 0 PID: 10823 Comm: syz.0.1996 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  176.727541][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  176.737615][T10823] Call Trace:
[  176.740912][T10823]  <TASK>
[  176.743857][T10823]  dump_stack_lvl+0x241/0x360
[  176.748564][T10823]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.753786][T10823]  ? __pfx__printk+0x10/0x10
[  176.758411][T10823]  ? __pfx_lock_release+0x10/0x10
[  176.763460][T10823]  ? __lock_acquire+0x1346/0x1fd0
[  176.768508][T10823]  should_fail_ex+0x3b0/0x4e0
[  176.773215][T10823]  _copy_from_user+0x2f/0xe0
[  176.777840][T10823]  ipv6_flowlabel_opt+0x122/0x29c0
[  176.782971][T10823]  ? __lock_acquire+0x1346/0x1fd0
[  176.788028][T10823]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[  176.793608][T10823]  ? mark_lock+0x9a/0x350
[  176.797963][T10823]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  176.803966][T10823]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  176.810317][T10823]  ? __local_bh_enable_ip+0x168/0x200
[  176.815711][T10823]  ? lockdep_hardirqs_on+0x99/0x150
[  176.820943][T10823]  ? __local_bh_enable_ip+0x168/0x200
[  176.826341][T10823]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  176.832069][T10823]  do_ipv6_setsockopt+0xe87/0x3630
[  176.837181][T10823]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  176.842717][T10823]  ? aa_label_sk_perm+0x4f0/0x6d0
[  176.847743][T10823]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  176.853123][T10823]  ? __pfx___might_resched+0x10/0x10
[  176.858402][T10823]  ? __lock_acquire+0x1346/0x1fd0
[  176.863423][T10823]  ? aa_sk_perm+0x967/0xab0
[  176.867920][T10823]  ipv6_setsockopt+0x5c/0x1a0
[  176.872589][T10823]  rawv6_setsockopt+0x327/0x740
[  176.877434][T10823]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  176.882795][T10823]  ? aa_sock_opt_perm+0x79/0x120
[  176.887730][T10823]  ? sock_common_setsockopt+0x37/0xc0
[  176.893098][T10823]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  176.898980][T10823]  do_sock_setsockopt+0x3af/0x720
[  176.904003][T10823]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  176.909539][T10823]  ? __fget_files+0x29/0x470
[  176.914125][T10823]  ? __fget_files+0x3f6/0x470
[  176.918805][T10823]  __sys_setsockopt+0x1ae/0x250
[  176.923655][T10823]  __x64_sys_setsockopt+0xb5/0xd0
[  176.928676][T10823]  do_syscall_64+0xf3/0x230
[  176.933172][T10823]  ? clear_bhb_loop+0x35/0x90
[  176.937862][T10823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.943769][T10823] RIP: 0033:0x7f9b67975b99
[  176.948188][T10823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.967789][T10823] RSP: 002b:00007f9b68732048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  176.976198][T10823] RAX: ffffffffffffffda RBX: 00007f9b67b03fa0 RCX: 00007f9b67975b99
[  176.984167][T10823] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  176.992128][T10823] RBP: 00007f9b687320a0 R08: 0000000000000020 R09: 0000000000000000
[  177.000100][T10823] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  177.008070][T10823] R13: 000000000000000b R14: 00007f9b67b03fa0 R15: 00007ffc0a039178
[  177.016048][T10823]  </TASK>
[  177.187225][T10836] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  177.202505][T10836] (unnamed net_device) (uninitialized): peer notification delay (4) is not a multiple of miimon (7), value rounded to 0 ms
[  177.232308][T10836] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  177.608252][T10854] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  177.788703][T10868] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  177.818830][T10868] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  178.178570][ T5102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  178.189320][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  178.197831][ T5102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  178.206058][ T5102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  178.213945][ T5102] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  178.221586][ T5102] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  178.660033][T10908] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  179.031513][T10923] __nla_validate_parse: 10 callbacks suppressed
[  179.031534][T10923] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2026'.
[  179.213261][ T5102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  179.231089][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  179.245482][ T5102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  179.254129][ T5102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  179.262810][ T5102] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  179.275831][ T5102] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  179.361689][T10933] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2030'.
[  179.464927][T10928] lo speed is unknown, defaulting to 1000
[  179.670102][T10942] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2035'.
[  179.808339][T10946] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2037'.
[  179.813956][T10947] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2036'.
[  179.823770][T10946] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2037'.
[  179.832372][T10947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2036'.
[  179.970584][T10928] chnl_net:caif_netlink_parms(): no params data found
[  179.989634][T10954] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.014838][T10955] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  180.031064][T10957] netlink: 209612 bytes leftover after parsing attributes in process `syz.2.2041'.
[  180.148980][T10961] netlink: 'syz.4.2042': attribute type 1 has an invalid length.
[  180.201467][T10928] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.218291][T10928] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.227754][T10928] bridge_slave_0: entered allmulticast mode
[  180.235656][T10928] bridge_slave_0: entered promiscuous mode
[  180.245601][T10928] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.252928][T10928] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.260715][T10928] bridge_slave_1: entered allmulticast mode
[  180.289372][T10928] bridge_slave_1: entered promiscuous mode
[  180.352043][T10969] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2045'.
[  180.388568][T10975] raw_sendmsg: syz.1.2048 forgot to set AF_INET. Fix it!
[  180.407007][T10928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  180.432705][T10972] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2047'.
[  180.448611][T10928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  180.540441][T10928] team0: Port device team_slave_0 added
[  180.547148][T10979] lo speed is unknown, defaulting to 1000
[  180.557749][T10928] team0: Port device team_slave_1 added
[  180.627405][T10928] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.644626][T10928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.693560][T10928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  180.713565][T10985] netlink: 'syz.2.2051': attribute type 10 has an invalid length.
[  180.722728][T10985] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  180.751161][T10928] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.759402][T10928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.840859][T10928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  181.055009][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.092311][T10928] hsr_slave_0: entered promiscuous mode
[  181.113762][T10928] hsr_slave_1: entered promiscuous mode
[  181.145507][T10928] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  181.154169][T10928] Cannot create hsr debugfs directory
[  181.373797][T11006] netlink: 'syz.0.2056': attribute type 1 has an invalid length.
[  181.376250][ T5095] Bluetooth: hci1: command tx timeout
[  181.719156][T10928] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  181.744975][T10928] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.898411][T10928] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  181.918446][T10928] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.932724][T11030] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  181.994035][T10928] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  182.019429][T10928] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.051688][T11033] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  182.095101][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.106704][T10928] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  182.155549][T10928] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.427380][T10928] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  182.452847][T10928] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  182.477773][T11046] netlink: 'syz.1.2070': attribute type 3 has an invalid length.
[  182.491141][T10928] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  182.528832][T10928] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  182.656864][T11056] netlink: 'syz.1.2073': attribute type 3 has an invalid length.
[  182.790027][T10928] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.814583][T10928] 8021q: adding VLAN 0 to HW filter on device team0
[  182.837576][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.844889][ T5097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.886660][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.893849][ T5097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.930753][T11069] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  183.003255][T10928] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  183.136338][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.383558][T10928] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.456133][ T5095] Bluetooth: hci1: command tx timeout
[  183.500979][T10928] veth0_vlan: entered promiscuous mode
[  183.534328][T10928] veth1_vlan: entered promiscuous mode
[  183.583843][T10928] veth0_macvtap: entered promiscuous mode
[  183.606031][T10928] veth1_macvtap: entered promiscuous mode
[  183.639259][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.658590][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.673502][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.691163][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.702528][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.714261][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.724521][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.735382][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.747401][T10928] batman_adv: batadv0: Interface activated: batadv_slave_0
[  183.759459][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.771107][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.782411][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.793345][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.803752][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.814312][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.825804][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.836463][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.846964][T10928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.858213][T10928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.872079][T10928] batman_adv: batadv0: Interface activated: batadv_slave_1
[  183.897007][T10928] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.909792][T10928] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.919769][T10928] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.928631][T10928] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.042207][T11110] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  184.160740][ T8383] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.175093][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.180585][ T8383] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.249996][ T8390] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.269355][ T8390] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.421047][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  184.548406][T11130] netlink: 'syz.0.2097': attribute type 2 has an invalid length.
[  184.622806][T11133] netlink: 'syz.2.2099': attribute type 3 has an invalid length.
[  184.632348][T11133] __nla_validate_parse: 5 callbacks suppressed
[  184.632365][T11133] netlink: 186268 bytes leftover after parsing attributes in process `syz.2.2099'.
[  184.822282][T11149] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2104'.
[  185.030364][T11160] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2109'.
[  185.041316][T11160] sctp: [Deprecated]: syz.4.2109 (pid 11160) Use of struct sctp_assoc_value in delayed_ack socket option.
[  185.041316][T11160] Use struct sctp_sack_info instead
[  185.130716][T11158] netlink: 9 bytes leftover after parsing attributes in process `syz.0.2108'.
[  185.215140][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.242436][T11158] can: request_module (can-proto-0) failed.
[  185.493301][T11190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  185.523378][T11193] FAULT_INJECTION: forcing a failure.
[  185.523378][T11193] name failslab, interval 1, probability 0, space 0, times 0
[  185.529145][T11190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  185.537245][T11193] CPU: 0 PID: 11193 Comm: syz.0.2118 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  185.556303][T11193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  185.566437][T11193] Call Trace:
[  185.569704][T11193]  <TASK>
[  185.572623][T11193]  dump_stack_lvl+0x241/0x360
[  185.577296][T11193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.582484][T11193]  ? __pfx__printk+0x10/0x10
[  185.587076][T11193]  ? __pfx___might_resched+0x10/0x10
[  185.592354][T11193]  ? dynamic_dname+0x141/0x1b0
[  185.597116][T11193]  should_fail_ex+0x3b0/0x4e0
[  185.601791][T11193]  ? tomoyo_encode+0x26f/0x540
[  185.606547][T11193]  should_failslab+0x9/0x20
[  185.611045][T11193]  __kmalloc_noprof+0xd8/0x400
[  185.615800][T11193]  tomoyo_encode+0x26f/0x540
[  185.620380][T11193]  ? __pfx_sockfs_dname+0x10/0x10
[  185.625395][T11193]  tomoyo_realpath_from_path+0x59e/0x5e0
[  185.631024][T11193]  tomoyo_path_number_perm+0x23a/0x880
[  185.636488][T11193]  ? tomoyo_path_number_perm+0x208/0x880
[  185.642114][T11193]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  185.648119][T11193]  ? __fget_files+0x29/0x470
[  185.652701][T11193]  ? __fget_files+0x3f6/0x470
[  185.657368][T11193]  ? __fget_files+0x29/0x470
[  185.661957][T11193]  security_file_ioctl+0x75/0xb0
[  185.666897][T11193]  __se_sys_ioctl+0x47/0x170
[  185.671480][T11193]  do_syscall_64+0xf3/0x230
[  185.675992][T11193]  ? clear_bhb_loop+0x35/0x90
[  185.680662][T11193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.686546][T11193] RIP: 0033:0x7f9b67975b99
[  185.690951][T11193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.710554][T11193] RSP: 002b:00007f9b68732048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  185.718964][T11193] RAX: ffffffffffffffda RBX: 00007f9b67b03fa0 RCX: 00007f9b67975b99
[  185.726924][T11193] RDX: 0000000000000000 RSI: 00000000000089e4 RDI: 0000000000000004
[  185.734974][T11193] RBP: 00007f9b687320a0 R08: 0000000000000000 R09: 0000000000000000
[  185.742940][T11193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.750901][T11193] R13: 000000000000000b R14: 00007f9b67b03fa0 R15: 00007ffc0a039178
[  185.758873][T11193]  </TASK>
[  185.765272][T11193] ERROR: Out of memory at tomoyo_realpath_from_path.
[  185.911728][T11197] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  185.988028][T11203] FAULT_INJECTION: forcing a failure.
[  185.988028][T11203] name failslab, interval 1, probability 0, space 0, times 0
[  186.002191][T11203] CPU: 1 PID: 11203 Comm: syz.0.2122 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  186.012386][T11203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  186.022462][T11203] Call Trace:
[  186.025755][T11203]  <TASK>
[  186.028697][T11203]  dump_stack_lvl+0x241/0x360
[  186.033374][T11203]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.038568][T11203]  ? __pfx__printk+0x10/0x10
[  186.043157][T11203]  ? __pfx___might_resched+0x10/0x10
[  186.048443][T11203]  should_fail_ex+0x3b0/0x4e0
[  186.053117][T11203]  ? ovs_ct_limit_cmd_set+0x2f9/0xaf0
[  186.058486][T11203]  should_failslab+0x9/0x20
[  186.062984][T11203]  kmalloc_trace_noprof+0x6c/0x2c0
[  186.068090][T11203]  ovs_ct_limit_cmd_set+0x2f9/0xaf0
[  186.073295][T11203]  genl_rcv_msg+0xb14/0xec0
[  186.077787][T11203]  ? mark_lock+0x9a/0x350
[  186.082112][T11203]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.087147][T11203]  ? __pfx_lock_acquire+0x10/0x10
[  186.092159][T11203]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  186.097876][T11203]  ? __pfx___might_resched+0x10/0x10
[  186.103161][T11203]  netlink_rcv_skb+0x1e3/0x430
[  186.107919][T11203]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.112936][T11203]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  186.118248][T11203]  ? __netlink_deliver_tap+0x77e/0x7c0
[  186.123724][T11203]  genl_rcv+0x28/0x40
[  186.127702][T11203]  netlink_unicast+0x7f0/0x990
[  186.132569][T11203]  ? __pfx_netlink_unicast+0x10/0x10
[  186.137857][T11203]  ? __virt_addr_valid+0x183/0x520
[  186.142976][T11203]  ? __check_object_size+0x49c/0x900
[  186.148270][T11203]  ? bpf_lsm_netlink_send+0x9/0x10
[  186.153387][T11203]  netlink_sendmsg+0x8e4/0xcb0
[  186.158166][T11203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.163449][T11203]  ? __import_iovec+0x536/0x820
[  186.168301][T11203]  ? aa_sock_msg_perm+0x91/0x160
[  186.173238][T11203]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  186.178520][T11203]  ? security_socket_sendmsg+0x87/0xb0
[  186.183973][T11203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.189246][T11203]  __sock_sendmsg+0x221/0x270
[  186.194009][T11203]  ____sys_sendmsg+0x525/0x7d0
[  186.198784][T11203]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.204078][T11203]  __sys_sendmsg+0x2b0/0x3a0
[  186.208672][T11203]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.213778][T11203]  ? vfs_write+0x7c4/0xc90
[  186.218220][T11203]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  186.224542][T11203]  ? do_syscall_64+0x100/0x230
[  186.229300][T11203]  ? do_syscall_64+0xb6/0x230
[  186.233976][T11203]  do_syscall_64+0xf3/0x230
[  186.238469][T11203]  ? clear_bhb_loop+0x35/0x90
[  186.243156][T11203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.249130][T11203] RIP: 0033:0x7f9b67975b99
[  186.253547][T11203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.273167][T11203] RSP: 002b:00007f9b68732048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.281589][T11203] RAX: ffffffffffffffda RBX: 00007f9b67b03fa0 RCX: 00007f9b67975b99
[  186.289563][T11203] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  186.297530][T11203] RBP: 00007f9b687320a0 R08: 0000000000000000 R09: 0000000000000000
[  186.305493][T11203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  186.313459][T11203] R13: 000000000000000b R14: 00007f9b67b03fa0 R15: 00007ffc0a039178
[  186.321598][T11203]  </TASK>
[  186.514446][T11218] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2129'.
[  186.588140][T11223] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  186.646282][T11225] netlink: 'syz.4.2132': attribute type 10 has an invalid length.
[  186.668045][T11225] batman_adv: batadv0: Adding interface: team0
[  186.674375][T11225] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.704978][T11225] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  186.808232][T11230] FAULT_INJECTION: forcing a failure.
[  186.808232][T11230] name failslab, interval 1, probability 0, space 0, times 0
[  186.821722][T11230] CPU: 0 PID: 11230 Comm: syz.2.2134 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  186.831929][T11230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  186.842082][T11230] Call Trace:
[  186.845350][T11230]  <TASK>
[  186.848265][T11230]  dump_stack_lvl+0x241/0x360
[  186.853013][T11230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.858218][T11230]  ? __pfx__printk+0x10/0x10
[  186.862809][T11230]  ? netlink_insert+0x10b7/0x14b0
[  186.867830][T11230]  should_fail_ex+0x3b0/0x4e0
[  186.872508][T11230]  ? __alloc_skb+0x1c3/0x440
[  186.877102][T11230]  should_failslab+0x9/0x20
[  186.881621][T11230]  kmem_cache_alloc_node_noprof+0x71/0x320
[  186.887434][T11230]  __alloc_skb+0x1c3/0x440
[  186.891854][T11230]  ? __pfx___alloc_skb+0x10/0x10
[  186.896795][T11230]  ? netlink_autobind+0xd6/0x2f0
[  186.901721][T11230]  ? netlink_autobind+0x2b0/0x2f0
[  186.906739][T11230]  netlink_sendmsg+0x638/0xcb0
[  186.911505][T11230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.916790][T11230]  ? __import_iovec+0x536/0x820
[  186.921643][T11230]  ? aa_sock_msg_perm+0x91/0x160
[  186.926581][T11230]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  186.931857][T11230]  ? security_socket_sendmsg+0x87/0xb0
[  186.937312][T11230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.942589][T11230]  __sock_sendmsg+0x221/0x270
[  186.947263][T11230]  ____sys_sendmsg+0x525/0x7d0
[  186.952028][T11230]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.957320][T11230]  __sys_sendmsg+0x2b0/0x3a0
[  186.961905][T11230]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.967010][T11230]  ? vfs_write+0x7c4/0xc90
[  186.971538][T11230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  186.977862][T11230]  ? do_syscall_64+0x100/0x230
[  186.982622][T11230]  ? do_syscall_64+0xb6/0x230
[  186.987295][T11230]  do_syscall_64+0xf3/0x230
[  186.991793][T11230]  ? clear_bhb_loop+0x35/0x90
[  186.996550][T11230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.002437][T11230] RIP: 0033:0x7fc95a775b99
[  187.006843][T11230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.026439][T11230] RSP: 002b:00007fc95b4e6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.034933][T11230] RAX: ffffffffffffffda RBX: 00007fc95a903fa0 RCX: 00007fc95a775b99
[  187.042907][T11230] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  187.050873][T11230] RBP: 00007fc95b4e60a0 R08: 0000000000000000 R09: 0000000000000000
[  187.058837][T11230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.066885][T11230] R13: 000000000000000b R14: 00007fc95a903fa0 R15: 00007fffb675e408
[  187.074865][T11230]  </TASK>
[  187.360303][T11242] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  187.383937][T11245] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2139'.
[  187.393354][T11245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2139'.
[  187.452930][T11245] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2139'.
[  187.798165][ T8395] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.883880][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802bbd4400: rx timeout, send abort
[  187.894556][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88801e33d800: rx timeout, send abort
[  188.158954][ T5102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  188.169173][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  188.181091][ T5102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  188.190113][ T5102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  188.198448][ T5102] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  188.208752][ T5102] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  188.267101][T11273] lo speed is unknown, defaulting to 1000
[  188.393408][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802bbd4400: abort rx timeout. Force session deactivation
[  188.405565][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88801e33d800: abort rx timeout. Force session deactivation
[  188.575098][T11289] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2153'.
[  188.588068][T11289] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2153'.
[  188.732016][T11273] chnl_net:caif_netlink_parms(): no params data found
[  188.791730][T11297] netlink: 'syz.2.2155': attribute type 4 has an invalid length.
[  188.853870][T11273] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.861859][T11273] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.869184][T11273] bridge_slave_0: entered allmulticast mode
[  188.879932][T11273] bridge_slave_0: entered promiscuous mode
[  188.889458][T11273] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.897939][T11273] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.905658][T11273] bridge_slave_1: entered allmulticast mode
[  188.913095][T11273] bridge_slave_1: entered promiscuous mode
[  188.957634][T11273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.971146][T11273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.015845][T11273] team0: Port device team_slave_0 added
[  189.026582][T11273] team0: Port device team_slave_1 added
[  189.064068][T11273] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.082361][T11273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.109922][T11273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.136454][T11273] batman_adv: batadv0: Adding interface: batadv_slave_1
[  189.144294][T11273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.191058][T11273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  189.233373][T11309] vlan1: entered allmulticast mode
[  189.240892][T11309] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  189.260427][T11309] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  189.364627][T11273] hsr_slave_0: entered promiscuous mode
[  189.401692][T11273] hsr_slave_1: entered promiscuous mode
[  189.416842][T11273] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  189.429755][T11273] Cannot create hsr debugfs directory
[  189.888407][ T8395] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.899926][T11343] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.043887][ T8395] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.183037][ T8395] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.257635][ T5102] Bluetooth: hci1: command tx timeout
[  190.606594][T11385] netlink: 'syz.1.2182': attribute type 1 has an invalid length.
[  190.652742][T11382] __nla_validate_parse: 3 callbacks suppressed
[  190.652771][T11382] netlink: 124 bytes leftover after parsing attributes in process `syz.2.2181'.
[  190.676139][T11382] netlink: 124 bytes leftover after parsing attributes in process `syz.2.2181'.
[  190.705428][ T8395] bridge_slave_1: left allmulticast mode
[  190.712784][ T8395] bridge_slave_1: left promiscuous mode
[  190.718634][ T8395] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.732768][ T8395] bridge_slave_0: left allmulticast mode
[  190.745390][ T8395] bridge_slave_0: left promiscuous mode
[  190.752732][ T8395] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.977100][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.135118][ T8395] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.151079][ T8395] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.162808][ T8395] bond0 (unregistering): Released all slaves
[  191.199756][T11396] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2185'.
[  191.649522][T11420] xt_CT: You must specify a L4 protocol and not use inversions on it
[  191.667750][T11422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2194'.
[  191.716340][T11420] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.025002][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.044815][T11432] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  192.101785][ T8395] hsr_slave_0: left promiscuous mode
[  192.118567][ T8395] hsr_slave_1: left promiscuous mode
[  192.127495][ T8395] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  192.137420][ T8395] batman_adv: batadv0: Removing interface: batadv_slave_0
[  192.155980][ T8395] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  192.163580][ T8395] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.209231][ T8395] veth1_macvtap: left promiscuous mode
[  192.214801][ T8395] veth0_macvtap: left promiscuous mode
[  192.235117][ T8395] veth1_vlan: left promiscuous mode
[  192.240635][ T8395] veth0_vlan: left promiscuous mode
[  192.335860][ T5102] Bluetooth: hci1: command tx timeout
[  192.552466][T11439] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2198'.
[  192.735343][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.104109][ T8395] team0 (unregistering): Port device team_slave_1 removed
[  193.148701][ T8395] team0 (unregistering): Port device team_slave_0 removed
[  193.530767][T11436] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2197'.
[  193.552292][T11444] netlink: 'syz.4.2198': attribute type 6 has an invalid length.
[  193.577726][T11444] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2198'.
[  193.593358][T11439] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  193.606027][T11273] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  193.658300][T11273] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  193.678693][T11273] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  193.686793][T11454] netlink: 216 bytes leftover after parsing attributes in process `syz.0.2201'.
[  193.710038][T11273] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  193.721532][T11454] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2201'.
[  193.741881][T11456] netlink: 'syz.1.2203': attribute type 1 has an invalid length.
[  193.754769][T11439] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  193.774982][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.855535][T11458] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  194.059682][T11273] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.078285][T11470] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2210'.
[  194.149209][T11273] 8021q: adding VLAN 0 to HW filter on device team0
[  194.181021][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.189249][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.200364][T11474] FAULT_INJECTION: forcing a failure.
[  194.200364][T11474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.248365][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.255003][T11474] CPU: 1 PID: 11474 Comm: syz.1.2211 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  194.255528][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.265538][T11474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  194.265552][T11474] Call Trace:
[  194.265560][T11474]  <TASK>
[  194.265568][T11474]  dump_stack_lvl+0x241/0x360
[  194.265595][T11474]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.299024][T11474]  ? __pfx__printk+0x10/0x10
[  194.303654][T11474]  should_fail_ex+0x3b0/0x4e0
[  194.308362][T11474]  _copy_from_user+0x2f/0xe0
[  194.312974][T11474]  sctp_setsockopt+0xcc/0x11c0
[  194.317759][T11474]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  194.323663][T11474]  do_sock_setsockopt+0x3af/0x720
[  194.328713][T11474]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  194.334261][T11474]  ? __fget_files+0x29/0x470
[  194.338858][T11474]  ? __fget_files+0x3f6/0x470
[  194.343544][T11474]  __sys_setsockopt+0x1ae/0x250
[  194.348399][T11474]  __x64_sys_setsockopt+0xb5/0xd0
[  194.353421][T11474]  do_syscall_64+0xf3/0x230
[  194.357919][T11474]  ? clear_bhb_loop+0x35/0x90
[  194.362590][T11474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.368474][T11474] RIP: 0033:0x7fe330375b99
[  194.372881][T11474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.392498][T11474] RSP: 002b:00007fe3310be048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  194.400914][T11474] RAX: ffffffffffffffda RBX: 00007fe330504078 RCX: 00007fe330375b99
[  194.408880][T11474] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[  194.416845][T11474] RBP: 00007fe3310be0a0 R08: 000000000000009c R09: 0000000000000000
[  194.425012][T11474] R10: 0000000020000300 R11: 0000000000000246 R12: 0000000000000001
[  194.432971][T11474] R13: 000000000000006e R14: 00007fe330504078 R15: 00007fff1479e418
[  194.440945][T11474]  </TASK>
[  194.474492][ T5102] Bluetooth: hci1: command tx timeout
[  194.520216][T11477] geneve2: entered promiscuous mode
[  194.528280][T11477] geneve2: entered allmulticast mode
[  194.665262][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.668970][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[  194.704805][T11490] openvswitch: netlink: Missing key (keys=100000040, expected=2000)
[  194.815389][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.998501][T11273] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.115538][ T5139] IPVS: starting estimator thread 0...
[  195.139615][T11273] veth0_vlan: entered promiscuous mode
[  195.189574][T11273] veth1_vlan: entered promiscuous mode
[  195.215552][T11508] IPVS: using max 21 ests per chain, 50400 per kthread
[  195.288845][T11273] veth0_macvtap: entered promiscuous mode
[  195.312238][T11273] veth1_macvtap: entered promiscuous mode
[  195.328999][T11515] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  195.347816][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.366128][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.384974][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.414948][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.424803][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.448653][T11517] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.484964][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.494835][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.525268][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.546711][T11273] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.557066][T11522] bridge_slave_1: left allmulticast mode
[  195.583239][T11522] bridge_slave_1: left promiscuous mode
[  195.619646][T11522] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.637099][T11522] bridge_slave_0: left allmulticast mode
[  195.653099][T11522] bridge_slave_0: left promiscuous mode
[  195.663487][T11522] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.695006][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.821645][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.835273][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.855116][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.858986][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.898417][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.916078][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.930355][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.942255][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.953339][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.964390][T11273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.977379][T11273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.990964][T11273] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.053108][T11273] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.075139][T11273] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.091232][T11273] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.112899][T11273] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.294638][T11549] __nla_validate_parse: 4 callbacks suppressed
[  196.294658][T11549] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2235'.
[  196.359588][ T8383] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.376228][ T8399] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.427994][ T8399] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.444645][ T8383] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.495036][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.505642][ T5102] Bluetooth: hci1: command tx timeout
[  196.645837][T11567] x_tables: ip_tables: TCPMSS target: only valid for protocol 6
[  196.735153][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.769994][T11574] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2244'.
[  196.788064][T11577] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.809974][T11574] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2244'.
[  196.830892][T11574] bridge3: entered promiscuous mode
[  196.838431][T11574] bridge3: entered allmulticast mode
[  196.847093][T11580] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2246'.
[  196.894983][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.988466][T11588] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2249'.
[  197.081331][T11592] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  197.241008][T11599] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2253'.
[  197.344544][T11603] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  197.399073][T11605] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  197.470482][T11610] xt_NFQUEUE: number of total queues is 0
[  197.479145][T11612] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2259'.
[  197.535077][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.723735][T11620] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2262'.
[  197.856881][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.866924][   T25] ==================================================================
[  197.875013][   T25] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x8b/0x270
[  197.882751][   T25] Write of size 4 at addr ffff88802d49f080 by task kworker/1:0/25
[  197.890559][   T25] 
[  197.892870][   T25] CPU: 1 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  197.902832][   T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  197.912962][   T25] Workqueue: events sco_sock_timeout
[  197.918246][   T25] Call Trace:
[  197.921512][   T25]  <TASK>
[  197.924430][   T25]  dump_stack_lvl+0x241/0x360
[  197.929105][   T25]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.934292][   T25]  ? __pfx__printk+0x10/0x10
[  197.938877][   T25]  ? _printk+0xd5/0x120
[  197.943028][   T25]  ? __virt_addr_valid+0x183/0x520
[  197.948138][   T25]  ? __virt_addr_valid+0x183/0x520
[  197.953236][   T25]  print_report+0x169/0x550
[  197.957729][   T25]  ? __virt_addr_valid+0x183/0x520
[  197.962918][   T25]  ? __virt_addr_valid+0x183/0x520
[  197.968193][   T25]  ? __virt_addr_valid+0x44e/0x520
[  197.973292][   T25]  ? __phys_addr+0xba/0x170
[  197.977786][   T25]  ? sco_sock_timeout+0x8b/0x270
[  197.982713][   T25]  kasan_report+0x143/0x180
[  197.987208][   T25]  ? __pfx_lock_acquire+0x10/0x10
[  197.992222][   T25]  ? sco_sock_timeout+0x8b/0x270
[  197.997179][   T25]  kasan_check_range+0x282/0x290
[  198.002113][   T25]  sco_sock_timeout+0x8b/0x270
[  198.006866][   T25]  ? process_scheduled_works+0x945/0x1830
[  198.012573][   T25]  process_scheduled_works+0xa2c/0x1830
[  198.018118][   T25]  ? __pfx_process_scheduled_works+0x10/0x10
[  198.024089][   T25]  ? assign_work+0x364/0x3d0
[  198.028752][   T25]  worker_thread+0x86d/0xd50
[  198.033333][   T25]  ? __kthread_parkme+0x169/0x1d0
[  198.038346][   T25]  ? __pfx_worker_thread+0x10/0x10
[  198.043441][   T25]  kthread+0x2f0/0x390
[  198.047499][   T25]  ? __pfx_worker_thread+0x10/0x10
[  198.052600][   T25]  ? __pfx_kthread+0x10/0x10
[  198.057178][   T25]  ret_from_fork+0x4b/0x80
[  198.061581][   T25]  ? __pfx_kthread+0x10/0x10
[  198.066173][   T25]  ret_from_fork_asm+0x1a/0x30
[  198.070932][   T25]  </TASK>
[  198.073934][   T25] 
[  198.076241][   T25] Allocated by task 11273:
[  198.080633][   T25]  kasan_save_track+0x3f/0x80
[  198.085297][   T25]  __kasan_kmalloc+0x98/0xb0
[  198.089871][   T25]  kmalloc_trace_noprof+0x19c/0x2c0
[  198.095057][   T25]  rtnl_newlink+0xf2/0x20a0
[  198.099557][   T25]  rtnetlink_rcv_msg+0x89b/0x1180
[  198.104564][   T25]  netlink_rcv_skb+0x1e3/0x430
[  198.109314][   T25]  netlink_unicast+0x7f0/0x990
[  198.114060][   T25]  netlink_sendmsg+0x8e4/0xcb0
[  198.118808][   T25]  __sock_sendmsg+0x221/0x270
[  198.123467][   T25]  __sys_sendto+0x3a4/0x4f0
[  198.127954][   T25]  __x64_sys_sendto+0xde/0x100
[  198.132703][   T25]  do_syscall_64+0xf3/0x230
[  198.137189][   T25]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.143068][   T25] 
[  198.145378][   T25] Freed by task 11273:
[  198.149423][   T25]  kasan_save_track+0x3f/0x80
[  198.154085][   T25]  kasan_save_free_info+0x40/0x50
[  198.159107][   T25]  poison_slab_object+0xe0/0x150
[  198.164043][   T25]  __kasan_slab_free+0x37/0x60
[  198.168804][   T25]  kfree+0x149/0x360
[  198.172787][   T25]  rtnl_newlink+0x1464/0x20a0
[  198.177548][   T25]  rtnetlink_rcv_msg+0x89b/0x1180
[  198.182572][   T25]  netlink_rcv_skb+0x1e3/0x430
[  198.187338][   T25]  netlink_unicast+0x7f0/0x990
[  198.192089][   T25]  netlink_sendmsg+0x8e4/0xcb0
[  198.196850][   T25]  __sock_sendmsg+0x221/0x270
[  198.201525][   T25]  __sys_sendto+0x3a4/0x4f0
[  198.206019][   T25]  __x64_sys_sendto+0xde/0x100
[  198.210777][   T25]  do_syscall_64+0xf3/0x230
[  198.215268][   T25]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.221149][   T25] 
[  198.223456][   T25] The buggy address belongs to the object at ffff88802d49f000
[  198.223456][   T25]  which belongs to the cache kmalloc-2k of size 2048
[  198.237494][   T25] The buggy address is located 128 bytes inside of
[  198.237494][   T25]  freed 2048-byte region [ffff88802d49f000, ffff88802d49f800)
[  198.251365][   T25] 
[  198.253675][   T25] The buggy address belongs to the physical page:
[  198.260091][   T25] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802d49d000 pfn:0x2d498
[  198.270169][   T25] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  198.278921][   T25] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  198.287512][   T25] page_type: 0xffffefff(slab)
[  198.292280][   T25] raw: 00fff00000000240 ffff888015042000 ffffea0001a19210 ffffea000055ca10
[  198.300867][   T25] raw: ffff88802d49d000 0000000000080007 00000001ffffefff 0000000000000000
[  198.309440][   T25] head: 00fff00000000240 ffff888015042000 ffffea0001a19210 ffffea000055ca10
[  198.318104][   T25] head: ffff88802d49d000 0000000000080007 00000001ffffefff 0000000000000000
[  198.326760][   T25] head: 00fff00000000003 ffffea0000b52601 ffffffffffffffff 0000000000000000
[  198.335415][   T25] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  198.344065][   T25] page dumped because: kasan: bad access detected
[  198.350511][   T25] page_owner tracks the page as allocated
[  198.356207][   T25] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 9834, tgid 9833 (syz.1.1658), ts 157293063429, free_ts 157048045845
[  198.378950][   T25]  post_alloc_hook+0x1f3/0x230
[  198.383710][   T25]  get_page_from_freelist+0x2e4c/0x2f10
[  198.389241][   T25]  __alloc_pages_noprof+0x256/0x6c0
[  198.394420][   T25]  alloc_slab_page+0x5f/0x120
[  198.399083][   T25]  allocate_slab+0x5a/0x2f0
[  198.403680][   T25]  ___slab_alloc+0xcd1/0x14b0
[  198.408345][   T25]  __slab_alloc+0x58/0xa0
[  198.412662][   T25]  kmalloc_node_track_caller_noprof+0x281/0x440
[  198.418900][   T25]  kmalloc_reserve+0x111/0x2a0
[  198.423661][   T25]  __alloc_skb+0x1f3/0x440
[  198.428071][   T25]  rtmsg_ifinfo_build_skb+0x84/0x260
[  198.433347][   T25]  unregister_netdevice_many_notify+0xe71/0x1d20
[  198.439671][   T25]  unregister_netdevice_queue+0x303/0x370
[  198.445383][   T25]  nsim_destroy+0x180/0x5c0
[  198.449877][   T25]  __nsim_dev_port_del+0x14b/0x1b0
[  198.454975][   T25]  nsim_dev_reload_destroy+0x28a/0x490
[  198.460422][   T25] page last free pid 5094 tgid 5094 stack trace:
[  198.466731][   T25]  free_unref_page+0xd22/0xea0
[  198.471483][   T25]  __put_partials+0xeb/0x130
[  198.476060][   T25]  put_cpu_partial+0x17c/0x250
[  198.480811][   T25]  __slab_free+0x2ea/0x3d0
[  198.485210][   T25]  qlist_free_all+0x9e/0x140
[  198.489869][   T25]  kasan_quarantine_reduce+0x14f/0x170
[  198.495316][   T25]  __kasan_slab_alloc+0x23/0x80
[  198.500162][   T25]  __kmalloc_node_noprof+0x1d2/0x440
[  198.505434][   T25]  __vmalloc_node_range_noprof+0x5dd/0x1460
[  198.511314][   T25]  vzalloc_noprof+0x79/0x90
[  198.515888][   T25]  alloc_counters+0xd7/0x740
[  198.520461][   T25]  do_ipt_get_ctl+0xecc/0x1810
[  198.525209][   T25]  nf_getsockopt+0x299/0x2c0
[  198.529784][   T25]  ip_getsockopt+0x222/0x2e0
[  198.534355][   T25]  tcp_getsockopt+0x163/0x1c0
[  198.539020][   T25]  do_sock_getsockopt+0x373/0x850
[  198.544033][   T25] 
[  198.546348][   T25] Memory state around the buggy address:
[  198.551957][   T25]  ffff88802d49ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  198.560001][   T25]  ffff88802d49f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  198.568043][   T25] >ffff88802d49f080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  198.576090][   T25]                    ^
[  198.580150][   T25]  ffff88802d49f100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  198.588208][   T25]  ffff88802d49f180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  198.596249][   T25] ==================================================================
[  198.605802][   T25] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  198.613013][   T25] CPU: 1 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-rc5-syzkaller-01115-g30972a4ea092 #0
[  198.622990][   T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  198.633037][   T25] Workqueue: events sco_sock_timeout
[  198.638323][   T25] Call Trace:
[  198.641590][   T25]  <TASK>
[  198.644512][   T25]  dump_stack_lvl+0x241/0x360
[  198.649181][   T25]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.654363][   T25]  ? __pfx__printk+0x10/0x10
[  198.658945][   T25]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  198.664917][   T25]  ? vscnprintf+0x5d/0x90
[  198.669235][   T25]  panic+0x349/0x860
[  198.673121][   T25]  ? check_panic_on_warn+0x21/0xb0
[  198.678222][   T25]  ? __pfx_panic+0x10/0x10
[  198.682635][   T25]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  198.688519][   T25]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  198.694398][   T25]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  198.700716][   T25]  check_panic_on_warn+0x86/0xb0
[  198.705646][   T25]  ? sco_sock_timeout+0x8b/0x270
[  198.710573][   T25]  end_report+0x77/0x160
[  198.714806][   T25]  kasan_report+0x154/0x180
[  198.719299][   T25]  ? __pfx_lock_acquire+0x10/0x10
[  198.724310][   T25]  ? sco_sock_timeout+0x8b/0x270
[  198.729239][   T25]  kasan_check_range+0x282/0x290
[  198.734166][   T25]  sco_sock_timeout+0x8b/0x270
[  198.738920][   T25]  ? process_scheduled_works+0x945/0x1830
[  198.744623][   T25]  process_scheduled_works+0xa2c/0x1830
[  198.750164][   T25]  ? __pfx_process_scheduled_works+0x10/0x10
[  198.756132][   T25]  ? assign_work+0x364/0x3d0
[  198.760726][   T25]  worker_thread+0x86d/0xd50
[  198.765311][   T25]  ? __kthread_parkme+0x169/0x1d0
[  198.770324][   T25]  ? __pfx_worker_thread+0x10/0x10
[  198.775420][   T25]  kthread+0x2f0/0x390
[  198.779473][   T25]  ? __pfx_worker_thread+0x10/0x10
[  198.784572][   T25]  ? __pfx_kthread+0x10/0x10
[  198.789146][   T25]  ret_from_fork+0x4b/0x80
[  198.793549][   T25]  ? __pfx_kthread+0x10/0x10
[  198.798125][   T25]  ret_from_fork_asm+0x1a/0x30
[  198.802885][   T25]  </TASK>
[  198.806108][   T25] Kernel Offset: disabled
[  198.810420][   T25] Rebooting in 86400 seconds..