last executing test programs:

3.259812931s ago: executing program 1 (id=873):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c200280080001000800000006ef0200010000001ffe02000000000008", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc014)

2.957632204s ago: executing program 1 (id=874):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x1, 0x1000000}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
socket$alg(0x26, 0x5, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000780)=""/212, 0xd4}], 0x1}, 0x3ff}], 0x4000300, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x7, 0xfff, 0x8, 0x1, 0x1, 0x3, 0x9}, &(0x7f0000000040)={0x5, 0xc92d, 0x80000001, 0x7, 0x7, 0x3, 0x3, 0xfffffffffffffffe}, &(0x7f0000000080)={0x8001, 0x400000000, 0x6, 0x80, 0x3, 0x9, 0x0, 0x8}, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000140)={&(0x7f0000000100)={[0x5]}, 0x8})

2.759837889s ago: executing program 3 (id=877):
r0 = socket(0xa, 0x5, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
r2 = epoll_create(0x3ff)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x3})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, 0xffffffffffffffff, &(0x7f0000000280))
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000400)={0x158, r1, 0x2, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x4c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x28, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @device_b}, {0xa}]}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}]}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x64, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @broadcast}, {0xa}]}]}, 0x158}}, 0x4000)
listen(r0, 0x267)
recvfrom$rose(r0, &(0x7f00000002c0)=""/5, 0x5, 0x101, &(0x7f0000000300)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @null}, 0x1c)
bind$inet6(r0, &(0x7f0000000380)={0xa, 0x4e23, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xfffffff7}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003400)={0x10, 0x2, &(0x7f0000003200)=@raw=[@call={0x85, 0x0, 0x0, 0x8b}, @exit], &(0x7f0000003240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xc01)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000050000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000002a97850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r4}, 0xc)

2.657206516s ago: executing program 1 (id=879):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000003000100000000003f000000110000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, 0x0, 0x0}, 0x20)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000200)=0x2, 0x43)
ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0x1)
unshare(0x40040000)
shutdown(r1, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000700000006000000000000070000000000000000c45f00"], 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000080)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x100000001, 0x4, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xfffffffffffffffc, 0x9, 0x0, 0xfffffffffffffffd, 0x7fffffff}, 0x0, 0x0)
listen(r0, 0x558d)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x3a)
r5 = epoll_create(0x4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000240)={0xb0000000})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000062013c00000000009500"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd27, 0x0, {0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8}, [@FRA_DST={0x8, 0x1, @rand_addr=0x64010100}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x901}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

2.59750823s ago: executing program 2 (id=880):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x48005)
readv(r0, &(0x7f00000006c0)=[{&(0x7f0000001580)=""/4096, 0x1000}, {0x0}], 0x2)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)

2.09697496s ago: executing program 0 (id=888):
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bind$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000080), r2)
sendfile(r0, r1, 0x0, 0xffffffff000)
recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000001500)=""/136, 0x88}], 0x2e}, 0xffffffff}], 0x1, 0x32, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, 0x0, &(0x7f0000001480))
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000200)={'ip6tnl0\x00', {0x2, 0x4e24, @private=0xa010102}})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x78, 0x24, 0xf0b, 0x70bd2a, 0x2001, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5, 0xd}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x3b, 0x2, {{0xff, 0xec2, 0x5, 0x2, 0x400}, 0x10000, 0x1, 0x7ff, 0x6, 0xe, 0x14, 0x1f, 0x1b, 0x4, 0x2, {0x6, 0x19d, 0xa9, 0x8, 0x7743, 0xfd1}}}}]}, 0x78}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r7, 0x11c, 0x3, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9)
sendmsg$NFT_MSG_GETRULE(r6, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000780)={0x20, 0x7, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x48054)
sendmmsg(r5, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000240))
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)={0x20, r8, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0x20}}, 0x0)

1.801837584s ago: executing program 3 (id=890):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

1.73369048s ago: executing program 4 (id=891):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe000000008500000028000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def4"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.665295076s ago: executing program 4 (id=892):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000015000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet(0x2, 0x3, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff})
getsockopt$sock_buf(r2, 0x1, 0x1c, &(0x7f00000000c0)=""/35, &(0x7f0000000100)=0x23)
bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(md5)\x00'}, 0x58)
r3 = socket(0x39, 0x800, 0x10)
r4 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
write(r4, &(0x7f00000005c0)="13d6c6c041", 0x5)
sendmsg$nl_route(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)=@getroute={0x14, 0x1a, 0x100, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$kcm(0x2b, 0x1, 0x0)
listen(r7, 0x6)
setsockopt$sock_attach_bpf(r7, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r7)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r3, 0x89f8, &(0x7f00000004c0)={'syztnl2\x00', &(0x7f0000000600)={'sit0\x00', <r8=>r5, 0x10, 0x20, 0x8001, 0x7, {{0x3c, 0x4, 0x1, 0x6, 0xf0, 0x68, 0x0, 0xb0, 0x4, 0x0, @broadcast, @remote, {[@ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x1c, 0x41, 0x3, 0x6, [{@multicast2, 0x8}, {@multicast2, 0xdab7}, {@multicast1, 0x7}]}, @timestamp_prespec={0x44, 0x4c, 0xa5, 0x3, 0x4, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4}, {@local, 0xfffffffb}, {@private=0xa010100, 0xa9b9}, {@private=0xa010102, 0x400}, {@empty, 0x8001}, {@private=0xa010101}, {@loopback, 0x3f56}, {@multicast2, 0x9}, {@multicast1, 0x291}]}, @cipso={0x86, 0x1e, 0x0, [{0x0, 0x4, '&t'}, {0xa, 0x2}, {0x1, 0x2}, {0x5, 0x10, "a3f420ce5fd45a4350115db890da"}]}, @ssrr={0x89, 0x1b, 0x7d, [@empty, @private=0xa010100, @rand_addr=0x64010101, @local, @remote, @multicast2]}, @timestamp_addr={0x44, 0x1c, 0x79, 0x1, 0x6, [{@broadcast, 0x5}, {@remote, 0xb}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}]}, @lsrr={0x83, 0x17, 0x80, [@multicast2, @broadcast, @private=0xa010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @noop]}}}}})
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettfilter={0x44, 0x2e, 0x200, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0xffe0, 0x5}, {0xfff3, 0xfff3}, {0x0, 0xffff}}, [{0x8, 0xb, 0xdc}, {0x8, 0xb, 0x10}, {0x8, 0xb, 0xc}, {0x8}]}, 0x44}}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000002900)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="600000000206050000000000000000000000000005000400000000000900020073797a320000000014000780050015001300000008001240000000000500050002000000050001000600000014000300686173683a69702c706f72742c69700062f7f25025603007c74afda8eee9c09832a0983f572d6c5a86e1b5f8d912c33ab4b1a879ee45d429fe4f00f4fc7794477aa9b0e6cba7439301e44b6358a8f8f61369e7113a2feb3f8a132f8497b2f9782215f3ea08fac7d699bf3c1c49227c8fae77300a7b0d00b97747d75ed044547c4474ca3dc8aa411286f3f60b054ce64771e2750e81ee7ad4aff4573c5cb3854aac8dc70b8c32c48bc7187615bd8a6c4fe8cd5df56cc37cf3326642cae11ccae40acce61202bd0d85fc83e3b1c9197b560c4e9d6010de57fc6580a8f417040636f014b78d3dcdc65e5b9b4114"], 0x60}}, 0x40000010)

1.571355257s ago: executing program 2 (id=893):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f00000000c0)=0x4, 0x4)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)={0x140, 0xb, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x2}, [@IPSET_ATTR_ADT={0x20, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz0\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}}]}, @IPSET_ATTR_ADT={0x2c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x6}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x6}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz0\x00'}}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x20, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x8, 0x1a, 'drr\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz2\x00'}}]}, @IPSET_ATTR_ADT={0x8c, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0xd, 0x1a, 'connmark\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x6}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @broadcast}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x20}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x8}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x400}}]}, @IPSET_ATTR_ADT={0x1c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x2}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x3}}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x140}, 0x1, 0x0, 0x0, 0x8040}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x37}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200, 0x10000000}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="5800000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="000000000800000024001200000000006d6163766c616e001400028008000900ffffffff0800010004400000140035006d6163766c616e300000000000000000"], 0x58}}, 0x8000)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x5, 0xb}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x24000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.570826769s ago: executing program 3 (id=894):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRESDEC], 0x48)
close(r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000800000000000000000000000850000002700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB="fc000000190001000000000000000000ac1414bb000000000000000000000000e0000001000000000000000000000000000000000000000002000000000000004848ccb8a1da9c50c42fa43347e72a33ecfb925928b235b37b3944669741487cc25a4ec35d992ffd99243eea6204e6b308b5b4bab4bb2aa2ff43a2fe2b7172b76503a3a13f358a7ca88619673d3a", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044000800e0000001000000000000000000000000000000002b00000000000000ff02000000000000000000000000000100"/180], 0xfc}}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x4d)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000400)='rpcgss_svc_seqno_low\x00', r3}, 0xfffffea7)
close(0x3)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x2, 0x4, 0x3c8, 0x0, 0x1f8, 0x108, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, 0xffffff00, 0xff, 0x4, 0x0, {@empty, {[0xff, 0x0, 0xff]}}, {@mac=@broadcast, {[0x0, 0xff, 0xff, 0xff, 0xff]}}, 0x8, 0x5, 0x6, 0xfff9, 0x2, 0x3, 'syzkaller0\x00', 'ipvlan1\x00', {0xff}, {}, 0x0, 0x124}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x4db, {0x4000000000000000}}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc)
shutdown(r5, 0x1)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r7, @ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r9 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r9, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x8, 0x0, 0x0, 0x82, 0xca, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r9, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000040))

1.448064758s ago: executing program 1 (id=895):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f00000000c0)=0x4, 0x4)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)={0x140, 0xb, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x2}, [@IPSET_ATTR_ADT={0x20, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz0\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x5, 0x1a, '\x00'}}]}, @IPSET_ATTR_ADT={0x2c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x6}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x6}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz0\x00'}}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x20, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x8, 0x1a, 'drr\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAMEREF={0x9, 0x13, 'syz2\x00'}}]}, @IPSET_ATTR_ADT={0x8c, 0x8, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0xd, 0x1a, 'connmark\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @local}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x6}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_ETHER={0xa, 0x11, @broadcast}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x20}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x8}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x400}}]}, @IPSET_ATTR_ADT={0x1c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x2}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x3}}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x140}, 0x1, 0x0, 0x0, 0x8040}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x37}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200, 0x10000000}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="5800000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="000000000800000024001200000000006d6163766c616e001400028008000900ffffffff0800010004400000140035006d6163766c616e300000000000000000"], 0x58}}, 0x8000)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x5, 0xb}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x24000000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.361140976s ago: executing program 4 (id=896):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c2", 0x17)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003c80)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
recvmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000001b40)=""/164, 0xa4}], 0x1}, 0x23}], 0x2, 0x40000100, 0x0)

1.182859674s ago: executing program 3 (id=897):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030e000000000700000000000004000900a0000000e9255bb992464e73a02159d3720df19f7a1dfec30000000003000600000000000200000000000000000000000000000002000100000000fffffffb160000"], 0x70}, 0x1, 0x7}, 0x0)

1.106081073s ago: executing program 4 (id=898):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525757cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd853eb3f12225bfcca581f04f317c8301b43267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800b3c26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f7e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c662003"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.105421388s ago: executing program 2 (id=899):
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x1c)

1.076811211s ago: executing program 1 (id=900):
socket$inet6(0xa, 0x3, 0x6f1)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket$inet6(0xa, 0x3, 0xff)
sendmsg$inet6(r2, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x0, 0x0, @empty, 0x9}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000100)="daffc38b69363a52fe8000000000000021845a91f64fddcf51f405595faeea41974ed607dc94ce", 0x27}, {&(0x7f00000001c0)="01", 0x1}], 0x2}, 0xb00)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40937}, 0x20000004)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8982, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000240)=0x10040, 0x4)
connect$bt_sco(r0, &(0x7f0000000000), 0x8)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c58b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
ioctl$FS_IOC_GETFSLABEL(r4, 0x400452c8, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_int(r6, 0x1, 0x2a, &(0x7f0000000000), 0x4)
socket$netlink(0x10, 0x3, 0xe)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16, @ANYBLOB="010000000000000000002c000000040001"], 0x18}}, 0x20000050)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="4504bf3b032318c32276711651699da6a2067e63c20782bdf80bcac681a84b221407dce1b594281505820e5873e2b5fee12a9ec0478f6a5e73b93a9058390a95ce39bf3dc52f53d9e0ffc4b54af5a667c5739c047295bdc2ebd6b80cec43bc13a2e1c283c2efe5a9cc960e417c3a95b3db7420d53f747e7b1c674f8033c444c77f4083a3aae4b1ceab", 0x89)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002"], 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x0)
recvmmsg(r6, &(0x7f0000001140), 0x700, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r8, 0x0, 0x7}, 0x18)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_percpu\x00', 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000540), r9)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000040000000400000004"], 0x48)

1.001339601s ago: executing program 3 (id=901):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414"], 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x1, 0x1000000}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
socket$alg(0x26, 0x5, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000780)=""/212, 0xd4}], 0x1}, 0x3ff}], 0x4000300, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x7, 0xfff, 0x8, 0x1, 0x1, 0x3, 0x9}, &(0x7f0000000040)={0x5, 0xc92d, 0x80000001, 0x7, 0x7, 0x3, 0x3, 0xfffffffffffffffe}, &(0x7f0000000080)={0x8001, 0x400000000, 0x6, 0x80, 0x3, 0x9, 0x0, 0x8}, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000140)={&(0x7f0000000100)={[0x5]}, 0x8})

982.286524ms ago: executing program 4 (id=902):
r0 = socket(0xa, 0x5, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
r2 = epoll_create(0x3ff)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000240)={0x3})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, 0xffffffffffffffff, &(0x7f0000000280))
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000400)={0x158, r1, 0x2, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC_ADDRS={0x4c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_MAC_ADDRS={0x28, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @device_b}, {0xa}]}, @NL80211_ATTR_MAC_ADDRS={0x1c, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}]}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x64, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @broadcast}, {0xa}]}]}, 0x158}}, 0x4000)
listen(r0, 0x267)
recvfrom$rose(r0, &(0x7f00000002c0)=""/5, 0x5, 0x101, &(0x7f0000000300)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @null}, 0x1c)
bind$inet6(r0, &(0x7f0000000380)={0xa, 0x4e23, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xfffffff7}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003400)={0x10, 0x2, &(0x7f0000003200)=@raw=[@call={0x85, 0x0, 0x0, 0x8b}, @exit], &(0x7f0000003240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xc01)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000050000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000002a97850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r4}, 0xc)

885.869166ms ago: executing program 2 (id=903):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r0, &(0x7f0000000000)="edf178c321efa1913d2c6811aa33a7dd02174f", 0x13, 0x8001, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@ipv4_deladdr={0x44, 0x15, 0x8, 0x70bd27, 0x25dfdbfd, {0x2, 0x78, 0x8, 0xff, r2}, [@IFA_BROADCAST={0x8, 0x4, @multicast1}, @IFA_RT_PRIORITY={0x8, 0x9, 0x4}, @IFA_FLAGS={0x8, 0x8, 0x20}, @IFA_LABEL={0x14, 0x3, 'xfrm0\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000044)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000001c0)={<r3=>0x0, 0x81}, &(0x7f0000000200)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000240)={r3, 0x3a, 0x17, "860e2915943218f3ba9423230538c17f8a7fa7b6723f84"}, 0x1f)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000280)={0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000002c0)=0x2c)
sendto$unix(0xffffffffffffffff, &(0x7f0000000300)="da8bd17217ad0e8af8575a143369fdaa3ab4b2ee1329d36d90a1ea227678781954ac5c81ea2bf770c67b95dc307c0aca9ffb8982d999b3cfc832e1db4364f8bc51d086f9f777742a00235da883ec2108b3885560feeaf6dc594990259265021b398170f4d9cc8372bc910e62d7", 0x6d, 0x20008044, &(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f0000000400), 0x1)
syz_open_procfs$namespace(0x0, &(0x7f0000000440)='ns/pid\x00')
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000580)={0x4, 0x8, 0x5, 0x10}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000640)='cpuacct.usage_all\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@bloom_filter={0x1e, 0x7, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x18, '\x00', 0x0, r5, 0x4, 0x2, 0x3, 0x4, @void, @value, @void, @value}, 0x50)
socket(0x26, 0x800, 0xfffffff7)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)=@gettclass={0x24, 0x2a, 0x8, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x4, 0xffff}, {0xf, 0xc}, {0x3, 0x8}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x40)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0x7, &(0x7f0000000800)={0x5, 0x1ff, 0x10000, 0x7fff}, 0x10)
syz_init_net_socket$bt_rfcomm(0x1f, 0x889665c76b060756, 0x3)
openat$cgroup_devices(r5, &(0x7f0000000840)='devices.deny\x00', 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001e00)={&(0x7f0000000880)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001c80)=[{&(0x7f00000008c0)="eae4fa318dbf800abd85f05f71835c00dc46e7da738a3a8204925742a27bf082daf4abf9bf24cb9b22722c67ef869cbb01c16027d211c8d88b548e6c669ab31a0a9e96ba11564b659c18eb7dce26286051e216d1762b8f33053d8b3ca0fda334564d26d9fd9a061d812787768bace9d753ff2d26838cd65e927dd81ca6b516bb68b42c121449fc9ffdd41889f341bdc79ae671acad904b50572ad6504b0ec91093782230d03fb00faa85a48e5097f0d870f343", 0xb3}, {&(0x7f0000000980)="5726bd30903f4870757de2a8deb1792cca070bf3b35bef7ed68e7c242caef71267bd02e5cd4e2f1bf476f01ba51e23c787b0b0baf8dc35752a908296b5d3d7fd0843c08d6e4ee89bdd9ff9c401a981cf48c17716ce75ac9371275ad601085fa8d51f7f20727ded7cab064a01995060c7a7e8f231866539150002f7c7d01a99395dfe51f2049793d33bb48ddea53386616e8dbaed87c60897abfe616c63225940d06c5e3f379e53d40cf7d302557dad50ab35693f2c7fd6c2d8ad", 0xba}, {&(0x7f0000000a40)="0015732b1347cddc8ca252d4deb30814aee0f93f95042a405b79a467e6cfdb91f538493682985b80d9344789f2ab103eb2a7cdc96a65f3058041ff610f0b4e81e9d2aafc41f34da1cc1389de45bd00259652111c5d2f34c6fcdad5d89e9269f99f2607154cec7527883841dd651c5f3255694d59f7246b29f2834162e71372210879c95c413a8b46fb51cc7e1301223be6d294130ba983b2dbbb304403e937681c40cdcdd3f321ffa6f385cfac8daac0a20814", 0xb3}, {&(0x7f0000000b00)="5ef039964cfaea5da3b1e510402ff8015f08b426e276983c3e203d2b23d70da880dcebaf1d39dbf8572b50827acdfbcea7195bfa2e4b95e35b9df1e2d94b", 0x3e}, {&(0x7f0000000b40)="9fa921b0d5e83ebbddc807e8d3b0c8c082cefac744b3a2946d7224e00f4e857335cc123f0dd69f1330e6bfa8d1cbe99396a7f52cbe72856595a34c83afd39b83d84e005ca7dbd5c2e1b4dd3600cfa8", 0x4f}, {&(0x7f0000000bc0)="7de534b75d31287e84d9c87e687ac42d79fc603244ea26a822296fafdb07506cb2f1904153be7c0de922a7122104fe1bc9f509784c8e0cdfe6b59eb022fabb74014d51f65f36a2f2482ad906c7de1a979341a4ee0744f52da12abad03b3ac2fb4c30ae27abc7e8e1480ad4d9c6a67def24c9144cd0ba59b8b56fd144820cac1f558ac2eb0602c2d5ac97f0dfb2f93c3d295172f82ef112f73b3467989b17cec4878cbc339ff9", 0xa6}, {&(0x7f0000000c80)="ca3b44119d1cc5ee6b55a56ce563fc99b7f9cbad63cc8c25ccb620ead80b3d8fafd0c5e14f25bbe3fbc93b7a73af06ac82df61418a0ac8a04ef39bb54547b6482d358cb8715a9f3fa02b1fdee888eee31cef0d13d3212b230c547bdd2a3f8f05896c6a0fd470066856921e2b10323df2afec0f4c4506667f4edb143a589907a162be74da1c62c9111ad85f1de4b4b45720a53f6da1de336253e8b4888a40b3adaf1f03a3277afc74625c5c44e11f759c456bcc5468ab2d21718662ee2cdb483ebe88e90402369dd025cf4091a4670ee85d57c14fee2fb531022f31ac0210c2060e67f6afabfe3060b872d55e270b3c9f09d92b6bf9f58d09a765741b6ad8e58c4e40111b4ef389f5cc90a66a0815427aee9d2e6511440f4bbe18e3502d876c10db5537299d9d63d81fb714c39cbe1c7dbfa7d125e9034c9e5a93067a9bb0da2a849087e11d76bae6da2aecf3e096c93015280433d1cc55cd8a360f7b7cd96ac72fa9e05cb27c43dcf9f59336baf34678d839342b92a36bcdad0935b29983571e01fe7282811119a58d257a286a3f58af732da80871c358f6cf8c5dc5b288003806f440c345f0df8f0a2ebe766a3f1eeaae7fc8f4d2cef8e1a81ab98e6c5fa34e64c3d4471895252a82a3ca4d15d5fe71ae6d63f1556fe98e616622ff0db25031907078c54d09f8ab3a7b7bbfb8e2f677a4bf89f16a20ff7db2aed20c001953667910a009869188ceae966db91098790f471f7c4bde493fbaa3f33c6d53e95e4d4ec864d5e20169d95f0be89ea9e63ddce21fd743d5bdf2ed9b0bbe1785716ab46d9e5acb61272c9e1052c2f88d93ec0e911c2c9fafe2fd46a30dcae5f48db7946c593aa25096bbc12330a2f4df787222c0fa5744293fa10f9319df6c42f782f6489d1b84514d876697e984a8619f30dafd623ffc8d4ab2689929dac06f218786e500e51a621003f821ef6b464da16b1d27140714e47113ece4860ce9b6fa44a756188f9c65d9364e74c645cac1aa52533b7410194e7f15730597de23e61c77602f234780541e800366c18307b3c20a71d7cfdd1aa4806c4c93ef0406006c8fa697a762b16c679462d90ff3b32b75b698d2466409b5b4b2f95511849a9458d7379730247e827c196489e385e1d462d2bca50f17530498326c0891b8eaae6bec4c43d9ce8342051eaa5f7169e522c110738d980a53c0ee31d404856e2dd0721f3a4ea3387a9239d7c9d74977d2fb3707a6329bbf4ce760e27ad90680d07c4b894d77f823f5e18c18c1c7a7dc7b2a5e75419e1ac205879dece1fa9d631f583ccab46a85445d7247308c92851cbb5639529dafea34b7e7b8de8d2f316be71fb7689bc70870ba90284e0ce178bcc6dcfd721ce18b432140d0a7e457aa79de4d18c85451adf6922b6825a39880bf49633fcceb8ed82cb944ac155090c486368fb4fa11651892230a8310777a52666f451e563d255f9c358064493d7c929d6013cfc41b5ca78d7d9edade359d205e9a6f92c986a5fb2279ed6b0a7bcbace392932594622c1ed5655dfd436de7845070cda4e3900bcdca38a44183d059317d69ff76288a832ea290e549bddf6a713e7ec54982665acaee16c3d1f47abd13b6cbbb5a84566e9771a24e50394186c1a429b6b9276c6d4f3cf9b2d479b3cc85be62ed9512e3e0f8e6242cb43cfd34bd96f1b2444b5cd19624f43f6f8ed3995c6b11480dcebff7ea8d844ea27901bdd1254b5f92da29951e4d9af93137e126c1e4febe5ef3bbbafc0f946fc7363ecddc52db7e7ef3c6b790a983ddded0bfcc73402f6aebc5b2eb74f28ec947a53740fb0ad3d7fbd122256d2c77951e6ff5fd863b1c6a89c5ac56b4fc010fb6b2bd03c15c5f0a6522ff8f6dc1dcfcb44de4cc7b4344b7e6f3f9a9ed7c77986d6f713c4fb496559e976b320a387ae6c949d75deb8a50dd5c4a7a386e7f369f38a35cdf4ce5a8dfb60ffbd0e8375845984213f1ee0bd3d79c811a977f497192dc367e5e42f48b2d8d16296686ea753a81bd42d33eac5395a2066b453bd27effd17ed924356be124fe09a07cea4ca7135d884082a2ea6663d17f99ff0910b62e1639651d112e674850b3005ab73774e4301d52083ea2a296e9e05222b9142e2611f3ff88033d0f5c33a091d67d0197325ba931dc31fbab1749325d4bfbee1cca0e6a6344e92e9769bd88759d1f2bd946a8d5d468abe22a8b4097992b9627bc9fe32b516db94d1719dda5a6389ad63cd1b69b0a677da0aa78d2b974ac8600ed442158e6658cc4a78384d181d1d5a6c023aebdff36c285444b4fb0fd84c52d43fdf641c429c35bcf6e339a70d9d4a4ff9ae8751fef7dacf877a4d26ca25d65d63223cde0334f897a66a0222616b9f836dc9d58012a41d588b0c2f043473beb47737eeea4c724af79f7783211390f7377c082a1d70ba19f6b574d888cce1f7b31f0d03df2b2c121b0b0e537da64ee1fd3882291f678d3dceac1cca72297cb5985c41d72a313ad67585cbe554da15eb2c603a0c5bf8547652aa46f178089bda12e4b6e58deee7222aeef62a503f46fef2d8b59e203c0b0fa77a5377c80602aa3797cc0a992a68ef642bd666a2cb7783120eed7c5511352b80c760c985fa3472e450408f568e6ba581f286b9970055609decb15e0255aa5bb2f924936bdf5c4647007c9e5fdfb40965d401d71d56ab03dc3626dec3e4b65dfc55834e0f124d5d6b3b64ca679e14bddb65d9aa361da643a618b8008995b77934061599acc13923091a44c0f9450dfd82a26482d234d80b5d211bd564c9051748cd641f26b80b84613af63de8124f04a7e22674958750577c1c932e32ee1bd94f84c3100cf59ad5fb2b0bea0ef386c5e0a78d7f60da881419406826045e1c000fdfa62299b8974dcb298817aeaf4f0288a28ad0f936bd664b48bd3afdb80d8d9857f6ffca40d04251e44c4beff15ef1743c85938d637979e88a99912b2d148308d2c9eb88ce6cba75732e2d74e545061153f169e6fdda5de61a0ae39d199e26570685bc8e46cf372d4ec3579250e893d25ec1bbfd4dc219eab18dc9d4ea9de6b219ed7b69c6c916ddda78dbf5af7987df9a2fedb188bfa12a86951570ef782f65589170e4fe7da517e83e3676d25201e17c432db6ca2b952543f624c4556d6232479d645b1e87ac3b3c95282800feb20e3bf71b1cb3f24b7e0fc2583cdffd0e8c222f4d3ecb6dadba9e49613177d6a38fb996f58168852e43c4f08c0cb310ef50fcc691a3e4994c9b513f52627699039f7752d7462aafdeb9d343959858b945c80d7b13addb2e7075485c9c6619ca288896bb74961932dd8ae40d5bb36d3f2dad8106f7bcfa2911c63a61b3d265f38a08d4b81eb59eb9892aaf8f8a15c95ba7b06845697272c7ed329cff98c2744bc9055d30d5fbc535b20fe2dcf3939d60901e25c689c1ffe809b1a6bc16f43dca021288808036e159eb25cb46cdfd2acb0a4f4053b5e7f60ba4017b15eba3dc850a11ec0228714a6f1b91c946408c113e14fb160fbefd131072a5a1d25604786ed346341ebacaf62253e2621b590cde5efb07918a062d6a116d76e2da39f6519dc86465dc656ae50f03c662aed306e8e11ab9955333b6ba8b9e389885e9d10aa09381b58fa8c67beff66db726941b779de1d10396898f41bf0109b0013bb7d76d6137ee82009afe329a8d18768f7a71f319ad5bb6b86a30ff2df896ce1c5f3a331fc52b0067d2451e42622e506611fe65f369bef751c75cdc84b2a2c73e2964dbe44a4b494ea02fe91325ffd7fd40d001e4110c4d0b26cc1797965c2ecce4e29ed4cc93b953fd3b69d0844b47e73408c0d2d4dc64095e93abcf6e53e8cba33230ec5e40aa3aa3b243f1be1c5ea30541f2ec0097a8906f30718c6a5520d8a174b50063ccd20d0ccf2cfb24237bb730925f10fd33af8871941d002e5b3e10f886663e85278f4b8edd1b3be41c084b196e71031105d6c163e89a16fc04a915a568fad2870cc31a0dd25fb0e23ebd4a4f4e7ce2db1f29dac74e282b32f2ef5e951a399c2dc81eb34d818d3d10dc084e1ba4e5f983673bc0dbf8abfd38d689a807512572c334413810ff5f42e2e922cacf6019841c9bbcb45c7b91b993a180c2ecab02057abc863d8c772b9657f6485f96e2aa93e1c55ee729ce906e5b728c3e071af89a7adc70e3145999a27ba3a7e23a14003c65c39b764e165d300af60f2a4d3792c9a79cfb2998082cc67eedde0e84fee9e154a3ba1cbd7baf869ebda51127510b0839416d9465a4f2816f4748b4761204c3363a4693fce4d8eea1e04a7ff50aa461a97db3e669cb7f42cb75192b3bb380b57ee8ed77319a711cb6fa07ac27ae6882ff233e480bc2f42be032552536e37df5e896cbc02d1e44f552c494b1c2be11c326f9d9f4d0f9a21a8d4e5bec3cf405313da7ce3c2d5eef041ffb05feafb96d5a5f6fcc96a5db0c726fd7a99080e87bef18267807f2ac9d97db68d303d57003ab499c4483203c620f60ca359c3a7a8cd3091136157f4b8825466921f036f443d28273d5f9e55c692d76c20206bffa24a5e63194eb240377824949b0072c6d33d567762b7dcb6c58cf6e6b5c2118a32afc78aefec276748cdf79361c077360e3242c9de26a4c968ec57666aaf5f129351c04864c94508d3c98dd9e043da714f6c166ff8e43cf66b56d29e9c78e78b5dd793e1d77128a059add96b440cc6d6cafdf0619238139858c3f2905ad1cee2a8a792a97b39d887d4f6e71011af699fbe3e1b2baa3c89f5a097928de7bc55411df0ef6c6724b98edf9d065cb5f447293229a68cce35d19389ad31018362f6d10bc8e502621207f3ff1f87708fd5ef98bbb02ebeb3075ea525d8fd688b322425252deca73771bc15867a5025018daa66416ba9b17c473970c7899014ea73da51cedd739be34a1f2915991f4006a0957d57cf7ea3769b5ea73466a7b7c048f6735f15071142a87e95d25fc60ef2e48cc1ab8a5b90edc8b39a20ae4d5b195a2ea2e04d4f98b850c28ecf4ea4802a4b200f9c3bff8757960fdfa2fb83c85703e51b7415c850265dc5a2ca6c053390404b61b7f851639471f2ab6dc09cb74b2d5cb575df472c035e10cd90c2aecde26c46de922c3ba882c29428b0ebea5c9c59108aebf2a1c094e90bd6838ab59634e60dff883787cbabcec170820c5558ef69b07f358a173464424f78a5541cd27c46dddc5a3abb18e7e2cf3735bd23acc3e2432777193a9b7bb5d943f57b0446b4a75d0541579d8946848057362f4e35e4c45cebba554526953e1d276109894074d56e712673d370654da7cff03b979ad90faf1c3b4951e523f6c52880b21c35e7fe9ff6ae14afcb5a75ab45b6c96b6968b58b358edc1b6ff145bc6c1c7514e07b1dca72e008748cf756a68820a7bac5a0954bc259fa9e18d609d64658c78f1fc8c9cab858ca8c2b0802148b2ec052bbf5a2cb7e117f82404fbcd83b796554fe77c2636ae7b8a82652a82779bae828187c417fda305274a072c8ca67f13ec4caa076ca5ff602619aa4d1e0762d5629520e1c726ad71c195f3cd36f1b1e5c779965b6407a7d26eba96d77daa73b98e577a34a298684ece43652bf6aa42d1dce355c2d8102659245e4d704ab79da8708ec030ae87af631c404aeff135ff43d8b042a2bee8f1461e1145c66d2a7d4920b0da36aa77a390c7535836c40a6ef78ac2670c9a76acc6a0804ed819beb017e1aa7670b23c5249abbe63c168b32bf06ee6df7121ccda0388d98b72ab684f6ad8aff54556e985053a457d61680bc", 0x1000}], 0x7, &(0x7f0000001d00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6cf}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_retopts={{0x50, 0x0, 0x7, {[@timestamp_prespec={0x44, 0xc, 0xb2, 0x3, 0x4, [{@rand_addr=0x64010100}]}, @timestamp_prespec={0x44, 0x24, 0xe1, 0x3, 0x5, [{@loopback, 0x101}, {@remote, 0x6ec}, {@broadcast, 0x2}, {@private=0xa010101, 0xfffffff9}]}, @rr={0x7, 0xf, 0xa4, [@loopback, @loopback, @dev={0xac, 0x14, 0x14, 0x12}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x67}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3f}}], 0xf8}, 0x40000)
r7 = accept(r6, &(0x7f0000001e40)=@in={0x2, 0x0, @multicast1}, &(0x7f0000001ec0)=0x80)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000001f80)={'syztnl0\x00', &(0x7f0000001f00)={'ip6_vti0\x00', r2, 0x4, 0x7, 0xf5, 0x4, 0x26, @ipv4={'\x00', '\xff\xff', @loopback}, @dev={0xfe, 0x80, '\x00', 0xe}, 0x7, 0x7, 0xfffffff2, 0x7}})
accept4$bt_l2cap(r5, &(0x7f0000001fc0)={0x1f, 0x0, @fixed}, &(0x7f0000002000)=0xe, 0x80000)

799.555031ms ago: executing program 2 (id=904):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

787.542236ms ago: executing program 3 (id=905):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000003000100000000003f000000110000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, 0x0, 0x0}, 0x20)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000200)=0x2, 0x43)
ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0x1)
unshare(0x40040000)
shutdown(r1, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000700000006000000000000070000000000000000c45f00"], 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000080)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x100000001, 0x4, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xfffffffffffffffc, 0x9, 0x0, 0xfffffffffffffffd, 0x7fffffff}, 0x0, 0x0)
listen(r0, 0x558d)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x3a)
r5 = epoll_create(0x4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000240)={0xb0000000})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000062013c00000000009500"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd27, 0x0, {0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8}, [@FRA_DST={0x8, 0x1, @rand_addr=0x64010100}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x901}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

669.432669ms ago: executing program 0 (id=906):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0x8}]}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

657.16464ms ago: executing program 2 (id=907):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000003000100000000003f000000110000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, 0x0, 0x0}, 0x20)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000200)=0x2, 0x43)
ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0x1)
unshare(0x40040000)
shutdown(r1, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b70200"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000700000006000000000000070000000000000000c45f00"], 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000080)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x100000001, 0x4, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xfffffffffffffffc, 0x9, 0x0, 0xfffffffffffffffd, 0x7fffffff}, 0x0, 0x0)
listen(r0, 0x558d)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x3a)
r5 = epoll_create(0x4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000240)={0xb0000000})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000062013c00000000009500"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd27, 0x0, {0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8}, [@FRA_DST={0x8, 0x1, @rand_addr=0x64010100}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x901}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

441.65076ms ago: executing program 0 (id=908):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)=[@assoc={0x18, 0x117, 0x4, 0x9}], 0x18, 0x48045}, 0x80)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003c80)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
recvmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000004c0)=[{0x0}], 0x1}, 0x23}], 0x2, 0x40000100, 0x0)

434.349535ms ago: executing program 0 (id=909):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c2", 0x17)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003c80)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
recvmmsg(r1, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000001b40)=""/164, 0xa4}], 0x1}, 0x23}], 0x2, 0x40000100, 0x0)

364.340846ms ago: executing program 0 (id=910):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @loopback, 0x9}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
shutdown(r0, 0x1)
recvmsg(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000040)=""/50, 0x32}, {&(0x7f0000000240)=""/52, 0x34}, {&(0x7f0000000780)=""/129, 0x81}, {&(0x7f0000000300)=""/68, 0x44}, {&(0x7f0000000380)=""/121, 0x79}, {0x0}], 0x6}, 0x40000110)

145.96835ms ago: executing program 0 (id=911):
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x2a, 0x800, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000440))
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r1, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r2], 0x3c}}, 0x0)

84.445994ms ago: executing program 1 (id=912):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100), 0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c200280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00', @ANYRES32], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc014)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x4, 0xe, &(0x7f0000000200)=ANY=[@ANYRES64=r1], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x0, '.\x00'}})

0s ago: executing program 4 (id=913):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="7a0af8ff7525757cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c80000040000000000b1a297cfddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1ae9f2cfe401dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd853eb3f12225bfcca581f04f317c8301b43267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4800b3c26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692f01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f7e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c662003"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

kernel console output (not intermixed with test programs):

6.315129][ T6419]  ? __fget_files+0x2a/0x410
[   86.315152][ T6419]  ? __fget_files+0x2a/0x410
[   86.315180][ T6419]  __sys_sendmsg+0x269/0x350
[   86.315202][ T6419]  ? __pfx___sys_sendmsg+0x10/0x10
[   86.315230][ T6419]  ? do_sys_openat2+0x17a/0x1d0
[   86.315275][ T6419]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   86.315296][ T6419]  ? do_syscall_64+0x100/0x230
[   86.315316][ T6419]  ? do_syscall_64+0xb6/0x230
[   86.315333][ T6419]  do_syscall_64+0xf3/0x230
[   86.315350][ T6419]  ? clear_bhb_loop+0x35/0x90
[   86.315372][ T6419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.315390][ T6419] RIP: 0033:0x7f32c758d169
[   86.315404][ T6419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.315416][ T6419] RSP: 002b:00007f32c834c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.315433][ T6419] RAX: ffffffffffffffda RBX: 00007f32c77a5fa0 RCX: 00007f32c758d169
[   86.315444][ T6419] RDX: 0000000000004000 RSI: 0000400000000300 RDI: 0000000000000003
[   86.315453][ T6419] RBP: 00007f32c834c090 R08: 0000000000000000 R09: 0000000000000000
[   86.315462][ T6419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.315472][ T6419] R13: 0000000000000000 R14: 00007f32c77a5fa0 R15: 00007ffe7d74dc58
[   86.315496][ T6419]  </TASK>
[   87.001261][ T6431] netlink: 4 bytes leftover after parsing attributes in process `syz.0.160'.
[   87.049055][ T6433] netlink: 16 bytes leftover after parsing attributes in process `syz.2.161'.
[   87.110870][ T6424] lo: entered promiscuous mode
[   87.128973][ T6424] tunl0: entered promiscuous mode
[   87.168800][ T6424] gre0: entered promiscuous mode
[   87.175628][ T6424] gretap0: entered promiscuous mode
[   87.181580][ T6424] erspan0: entered promiscuous mode
[   87.189049][ T6424] ip_vti0: entered promiscuous mode
[   87.196079][ T6424] ip6_vti0: entered promiscuous mode
[   87.202262][ T6424] sit0: entered promiscuous mode
[   87.208488][ T6424] ip6tnl0: entered promiscuous mode
[   87.215208][ T6424] ip6gre0: entered promiscuous mode
[   87.221451][ T6424] syz_tun: entered promiscuous mode
[   87.227628][ T6424] ip6gretap0: entered promiscuous mode
[   87.233854][ T6424] bridge0: entered promiscuous mode
[   87.240031][ T6424] vcan0: entered promiscuous mode
[   87.245785][ T6424] bond0: entered promiscuous mode
[   87.251015][ T6424] bond_slave_0: entered promiscuous mode
[   87.257577][ T6424] bond_slave_1: entered promiscuous mode
[   87.265288][ T6424] bond1: entered promiscuous mode
[   87.271650][ T6424] bond2: entered promiscuous mode
[   87.281473][ T6424] team0: entered promiscuous mode
[   87.286967][ T6424] team_slave_0: entered promiscuous mode
[   87.292924][ T6424] team_slave_1: entered promiscuous mode
[   87.352396][ T6424] dummy0: entered promiscuous mode
[   87.359107][ T6424] nlmon0: entered promiscuous mode
[   87.368227][ T6424] caif0: entered promiscuous mode
[   87.373495][ T6424] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   87.558607][ T6441] lo: entered promiscuous mode
[   87.579908][ T6441] tunl0: entered promiscuous mode
[   87.628316][ T6441] gre0: entered promiscuous mode
[   87.657391][ T6441] gretap0: entered promiscuous mode
[   87.690204][ T6441] erspan0: entered promiscuous mode
[   87.714258][ T6441] ip_vti0: entered promiscuous mode
[   87.755429][ T6441] ip6_vti0: entered promiscuous mode
[   87.774894][ T6441] sit0: entered promiscuous mode
[   87.780699][ T6441] ip6tnl0: entered promiscuous mode
[   87.839404][ T6441] ip6gre0: entered promiscuous mode
[   87.860041][ T6441] syz_tun: entered promiscuous mode
[   87.899984][ T6441] ip6gretap0: entered promiscuous mode
[   87.937856][ T6447] FAULT_INJECTION: forcing a failure.
[   87.937856][ T6447] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.940056][ T6441] bridge0: entered promiscuous mode
[   87.957367][ T6446] netlink: 'syz.0.165': attribute type 10 has an invalid length.
[   87.974241][ T6441] vcan0: entered promiscuous mode
[   87.979945][ T6447] CPU: 1 UID: 0 PID: 6447 Comm: syz.4.164 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   87.979971][ T6447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   87.979981][ T6447] Call Trace:
[   87.979987][ T6447]  <TASK>
[   87.979993][ T6447]  dump_stack_lvl+0x241/0x360
[   87.980019][ T6447]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.980037][ T6447]  ? __pfx__printk+0x10/0x10
[   87.980059][ T6447]  ? snprintf+0xda/0x120
[   87.980083][ T6447]  should_fail_ex+0x40a/0x550
[   87.980111][ T6447]  _copy_to_user+0x31/0xb0
[   87.980134][ T6447]  simple_read_from_buffer+0xca/0x150
[   87.980157][ T6447]  proc_fail_nth_read+0x1e9/0x250
[   87.980181][ T6447]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.980205][ T6447]  ? rw_verify_area+0x243/0x630
[   87.980221][ T6447]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.980242][ T6447]  vfs_read+0x1f8/0xb40
[   87.980258][ T6447]  ? fdget_pos+0x254/0x320
[   87.980279][ T6447]  ? __pfx___mutex_lock+0x10/0x10
[   87.980297][ T6447]  ? __pfx_vfs_read+0x10/0x10
[   87.980316][ T6447]  ? __fget_files+0x2a/0x410
[   87.980337][ T6447]  ? __fget_files+0x395/0x410
[   87.980355][ T6447]  ? __fget_files+0x2a/0x410
[   87.980383][ T6447]  ksys_read+0x18f/0x2b0
[   87.980402][ T6447]  ? __pfx_ksys_read+0x10/0x10
[   87.980419][ T6447]  ? do_syscall_64+0x100/0x230
[   87.980439][ T6447]  ? do_syscall_64+0xb6/0x230
[   87.980459][ T6447]  do_syscall_64+0xf3/0x230
[   87.980478][ T6447]  ? clear_bhb_loop+0x35/0x90
[   87.980501][ T6447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.980519][ T6447] RIP: 0033:0x7f801838bb7c
[   87.980535][ T6447] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   87.980547][ T6447] RSP: 002b:00007f8019231030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   87.980567][ T6447] RAX: ffffffffffffffda RBX: 00007f80185a5fa0 RCX: 00007f801838bb7c
[   87.980578][ T6447] RDX: 000000000000000f RSI: 00007f80192310a0 RDI: 0000000000000004
[   87.980588][ T6447] RBP: 00007f8019231090 R08: 0000000000000000 R09: 0000000000000000
[   87.980597][ T6447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   87.980606][ T6447] R13: 0000000000000000 R14: 00007f80185a5fa0 R15: 00007ffc90716468
[   87.980631][ T6447]  </TASK>
[   88.211066][ T6452] netlink: 'syz.0.165': attribute type 10 has an invalid length.
[   88.245435][ T6441] bond0: entered promiscuous mode
[   88.250529][ T6441] bond_slave_0: entered promiscuous mode
[   88.279809][ T6457] FAULT_INJECTION: forcing a failure.
[   88.279809][ T6457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.299262][ T6441] bond_slave_1: entered promiscuous mode
[   88.318912][ T6441] team0: entered promiscuous mode
[   88.323273][ T6459] netlink: 'syz.4.168': attribute type 7 has an invalid length.
[   88.323973][ T6441] team_slave_0: entered promiscuous mode
[   88.324134][ T6441] team_slave_1: entered promiscuous mode
[   88.340855][ T6457] CPU: 1 UID: 0 PID: 6457 Comm: syz.3.169 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   88.340878][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   88.340888][ T6457] Call Trace:
[   88.340894][ T6457]  <TASK>
[   88.340901][ T6457]  dump_stack_lvl+0x241/0x360
[   88.340926][ T6457]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.340943][ T6457]  ? __pfx__printk+0x10/0x10
[   88.340960][ T6457]  ? __pfx_lock_release+0x10/0x10
[   88.340989][ T6457]  should_fail_ex+0x40a/0x550
[   88.341013][ T6457]  _copy_from_iter+0x1df/0x1c40
[   88.341031][ T6457]  ? __virt_addr_valid+0x183/0x530
[   88.341047][ T6457]  ? __pfx_lock_release+0x10/0x10
[   88.341074][ T6457]  ? __alloc_skb+0x28f/0x440
[   88.341088][ T6457]  ? __pfx__copy_from_iter+0x10/0x10
[   88.341107][ T6457]  ? __virt_addr_valid+0x183/0x530
[   88.341120][ T6457]  ? __virt_addr_valid+0x183/0x530
[   88.341133][ T6457]  ? __virt_addr_valid+0x45f/0x530
[   88.341147][ T6457]  ? __phys_addr_symbol+0x2f/0x70
[   88.341161][ T6457]  ? __check_object_size+0x47a/0x730
[   88.341185][ T6457]  netlink_sendmsg+0x742/0xcb0
[   88.341216][ T6457]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.341239][ T6457]  ? aa_sock_msg_perm+0x91/0x160
[   88.341266][ T6457]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.341284][ T6457]  __sock_sendmsg+0x221/0x270
[   88.341306][ T6457]  ____sys_sendmsg+0x53a/0x860
[   88.341328][ T6457]  ? __pfx_____sys_sendmsg+0x10/0x10
[   88.341343][ T6457]  ? __fget_files+0x2a/0x410
[   88.341366][ T6457]  ? __fget_files+0x2a/0x410
[   88.341392][ T6457]  __sys_sendmsg+0x269/0x350
[   88.341418][ T6457]  ? __pfx___sys_sendmsg+0x10/0x10
[   88.341446][ T6457]  ? do_sys_openat2+0x17a/0x1d0
[   88.341487][ T6457]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   88.341509][ T6457]  ? do_syscall_64+0x100/0x230
[   88.341530][ T6457]  ? do_syscall_64+0xb6/0x230
[   88.341549][ T6457]  do_syscall_64+0xf3/0x230
[   88.341566][ T6457]  ? clear_bhb_loop+0x35/0x90
[   88.341589][ T6457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.341608][ T6457] RIP: 0033:0x7fc5f318d169
[   88.341622][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.341635][ T6457] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.341652][ T6457] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[   88.341662][ T6457] RDX: 0000000000040000 RSI: 0000400000000240 RDI: 0000000000000003
[   88.341672][ T6457] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[   88.341681][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.341690][ T6457] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[   88.341714][ T6457]  </TASK>
[   88.350255][ T6459] netlink: 16 bytes leftover after parsing attributes in process `syz.4.168'.
[   88.367366][ T6441] dummy0: entered promiscuous mode
[   88.519453][ T6466] FAULT_INJECTION: forcing a failure.
[   88.519453][ T6466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.543984][ T6441] nlmon0: entered promiscuous mode
[   88.547035][ T6466] CPU: 1 UID: 0 PID: 6466 Comm: syz.3.171 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   88.547058][ T6466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   88.547067][ T6466] Call Trace:
[   88.547073][ T6466]  <TASK>
[   88.547080][ T6466]  dump_stack_lvl+0x241/0x360
[   88.547106][ T6466]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.547123][ T6466]  ? __pfx__printk+0x10/0x10
[   88.547141][ T6466]  ? __pfx_lock_release+0x10/0x10
[   88.547169][ T6466]  should_fail_ex+0x40a/0x550
[   88.547196][ T6466]  _copy_from_iter+0x1df/0x1c40
[   88.547213][ T6466]  ? __virt_addr_valid+0x183/0x530
[   88.547229][ T6466]  ? __pfx_lock_release+0x10/0x10
[   88.547254][ T6466]  ? __alloc_skb+0x28f/0x440
[   88.547269][ T6466]  ? __pfx__copy_from_iter+0x10/0x10
[   88.547288][ T6466]  ? __virt_addr_valid+0x183/0x530
[   88.547301][ T6466]  ? __virt_addr_valid+0x183/0x530
[   88.547314][ T6466]  ? __virt_addr_valid+0x45f/0x530
[   88.547329][ T6466]  ? __phys_addr_symbol+0x2f/0x70
[   88.547342][ T6466]  ? __check_object_size+0x47a/0x730
[   88.547374][ T6466]  netlink_sendmsg+0x742/0xcb0
[   88.547405][ T6466]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.547429][ T6466]  ? aa_sock_msg_perm+0x91/0x160
[   88.547455][ T6466]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.547474][ T6466]  __sock_sendmsg+0x221/0x270
[   88.547496][ T6466]  ____sys_sendmsg+0x53a/0x860
[   88.547519][ T6466]  ? __pfx_____sys_sendmsg+0x10/0x10
[   88.547534][ T6466]  ? __fget_files+0x2a/0x410
[   88.547556][ T6466]  ? __fget_files+0x2a/0x410
[   88.547582][ T6466]  __sys_sendmsg+0x269/0x350
[   88.547603][ T6466]  ? __pfx___sys_sendmsg+0x10/0x10
[   88.547628][ T6466]  ? do_sys_openat2+0x17a/0x1d0
[   88.547671][ T6466]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   88.547694][ T6466]  ? do_syscall_64+0x100/0x230
[   88.547714][ T6466]  ? do_syscall_64+0xb6/0x230
[   88.547734][ T6466]  do_syscall_64+0xf3/0x230
[   88.547751][ T6466]  ? clear_bhb_loop+0x35/0x90
[   88.547772][ T6466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.547791][ T6466] RIP: 0033:0x7fc5f318d169
[   88.547805][ T6466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.547818][ T6466] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   88.547835][ T6466] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[   88.547846][ T6466] RDX: 0000000004000080 RSI: 0000400000000000 RDI: 0000000000000003
[   88.547856][ T6466] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[   88.547865][ T6466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.547874][ T6466] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[   88.547898][ T6466]  </TASK>
[   88.934911][ T6441] caif0: entered promiscuous mode
[   88.949421][ T6441] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   89.020980][ T6446] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[   89.038109][ T6446] team0: Port device netdevsim0 added
[   89.056441][ T6452] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[   89.100410][ T6452] team0: Port device netdevsim0 removed
[   89.111308][ T6479] FAULT_INJECTION: forcing a failure.
[   89.111308][ T6479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.113497][ T6452] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[   89.140542][ T6479] CPU: 1 UID: 0 PID: 6479 Comm: syz.3.176 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   89.140565][ T6479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   89.140575][ T6479] Call Trace:
[   89.140581][ T6479]  <TASK>
[   89.140588][ T6479]  dump_stack_lvl+0x241/0x360
[   89.140613][ T6479]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.140629][ T6479]  ? __pfx__printk+0x10/0x10
[   89.140647][ T6479]  ? __pfx_lock_release+0x10/0x10
[   89.140676][ T6479]  should_fail_ex+0x40a/0x550
[   89.140702][ T6479]  _copy_from_iter+0x1df/0x1c40
[   89.140720][ T6479]  ? __virt_addr_valid+0x183/0x530
[   89.140737][ T6479]  ? __pfx_lock_release+0x10/0x10
[   89.140764][ T6479]  ? __alloc_skb+0x28f/0x440
[   89.140779][ T6479]  ? __pfx__copy_from_iter+0x10/0x10
[   89.140799][ T6479]  ? __virt_addr_valid+0x183/0x530
[   89.140813][ T6479]  ? __virt_addr_valid+0x183/0x530
[   89.140826][ T6479]  ? __virt_addr_valid+0x45f/0x530
[   89.140841][ T6479]  ? __phys_addr_symbol+0x2f/0x70
[   89.140856][ T6479]  ? __check_object_size+0x47a/0x730
[   89.140878][ T6479]  pfkey_sendmsg+0x235/0x1070
[   89.140900][ T6479]  ? __pfx___might_resched+0x10/0x10
[   89.140926][ T6479]  ? __pfx_pfkey_sendmsg+0x10/0x10
[   89.140948][ T6479]  ? aa_sk_perm+0x96d/0xab0
[   89.140976][ T6479]  ? __pfx_aa_sk_perm+0x10/0x10
[   89.140996][ T6479]  ? __import_iovec+0x582/0x830
[   89.141014][ T6479]  ? aa_sock_msg_perm+0x91/0x160
[   89.141039][ T6479]  ? __pfx_pfkey_sendmsg+0x10/0x10
[   89.141052][ T6479]  __sock_sendmsg+0x221/0x270
[   89.141075][ T6479]  ____sys_sendmsg+0x53a/0x860
[   89.141100][ T6479]  ? __pfx_____sys_sendmsg+0x10/0x10
[   89.141115][ T6479]  ? __fget_files+0x2a/0x410
[   89.141137][ T6479]  ? __fget_files+0x2a/0x410
[   89.141162][ T6479]  __sys_sendmsg+0x269/0x350
[   89.141183][ T6479]  ? __pfx___sys_sendmsg+0x10/0x10
[   89.141219][ T6479]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   89.141264][ T6479]  do_syscall_64+0xf3/0x230
[   89.141283][ T6479]  ? clear_bhb_loop+0x35/0x90
[   89.141306][ T6479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.141326][ T6479] RIP: 0033:0x7fc5f318d169
[   89.141340][ T6479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.141353][ T6479] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.141378][ T6479] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[   89.141389][ T6479] RDX: 0000000000000000 RSI: 00004000005f5000 RDI: 0000000000000003
[   89.141399][ T6479] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[   89.141409][ T6479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.141418][ T6479] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[   89.141441][ T6479]  </TASK>
[   89.148638][ T6452] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   89.239976][ T6482] netlink: 8 bytes leftover after parsing attributes in process `syz.4.177'.
[   89.526425][ T6482] netlink: 24 bytes leftover after parsing attributes in process `syz.4.177'.
[   89.546612][ T6489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.179'.
[   89.568362][ T6489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.179'.
[   90.120501][ T6503] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   90.134861][ T6503] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   90.145689][ T6503] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[   90.491455][ T6507] ip6tnl1: entered promiscuous mode
[   90.503044][ T6507] ip6tnl1: entered allmulticast mode
[   90.667327][ T6515] netlink: 36 bytes leftover after parsing attributes in process `syz.2.188'.
[   90.730138][ T6508] lo: entered promiscuous mode
[   90.748509][ T6508] tunl0: entered promiscuous mode
[   90.754280][ T6508] gre0: entered promiscuous mode
[   90.780596][ T6508] gretap0: entered promiscuous mode
[   90.815120][ T6508] erspan0: entered promiscuous mode
[   90.823189][ T6508] ip_vti0: entered promiscuous mode
[   90.846890][ T6508] ip6_vti0: entered promiscuous mode
[   90.875986][ T6508] sit0: entered promiscuous mode
[   90.893896][ T6532] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0001 with DS=0x2
[   90.896428][ T6508] ip6tnl0: entered promiscuous mode
[   90.925652][ T6508] ip6gre0: entered promiscuous mode
[   90.976794][ T6508] syz_tun: entered promiscuous mode
[   91.018527][ T6508] ip6gretap0: entered promiscuous mode
[   91.038890][ T6508] bridge0: entered promiscuous mode
[   91.055482][ T6508] vcan0: entered promiscuous mode
[   91.064516][ T6508] bond0: entered promiscuous mode
[   91.080008][ T6508] bond_slave_0: entered promiscuous mode
[   91.100413][ T6508] bond_slave_1: entered promiscuous mode
[   91.116819][ T6508] team0: entered promiscuous mode
[   91.144473][ T6508] team_slave_0: entered promiscuous mode
[   91.172880][ T6508] team_slave_1: entered promiscuous mode
[   91.194099][ T6508] dummy0: entered promiscuous mode
[   91.219649][ T6508] nlmon0: entered promiscuous mode
[   91.245664][ T6508] caif0: entered promiscuous mode
[   91.268117][ T6508] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   91.295092][ T6545] netlink: 10 bytes leftover after parsing attributes in process `syz.3.191'.
[   91.351942][ T6548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   91.408636][ T6548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   91.701284][ T6555] syz.1.193: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   91.734228][ T6555] CPU: 0 UID: 0 PID: 6555 Comm: syz.1.193 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   91.734256][ T6555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   91.734267][ T6555] Call Trace:
[   91.734275][ T6555]  <TASK>
[   91.734283][ T6555]  dump_stack_lvl+0x241/0x360
[   91.734312][ T6555]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.734331][ T6555]  ? __pfx__printk+0x10/0x10
[   91.734353][ T6555]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[   91.734376][ T6555]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[   91.734401][ T6555]  warn_alloc+0x278/0x410
[   91.734422][ T6555]  ? __vmalloc_node_range_noprof+0x106/0x1380
[   91.734442][ T6555]  ? __pfx_warn_alloc+0x10/0x10
[   91.734462][ T6555]  ? kasan_save_track+0x3f/0x80
[   91.734480][ T6555]  ? __kasan_kmalloc+0x98/0xb0
[   91.734500][ T6555]  ? xsk_setsockopt+0x4aa/0x810
[   91.734524][ T6555]  ? do_sock_setsockopt+0x3af/0x720
[   91.734546][ T6555]  ? __x64_sys_setsockopt+0x1ee/0x280
[   91.734563][ T6555]  ? do_syscall_64+0xf3/0x230
[   91.734581][ T6555]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.734614][ T6555]  __vmalloc_node_range_noprof+0x126/0x1380
[   91.734660][ T6555]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   91.734683][ T6555]  ? __kasan_kmalloc+0x98/0xb0
[   91.734707][ T6555]  vmalloc_user_noprof+0x74/0x80
[   91.734726][ T6555]  ? xskq_create+0xb6/0x170
[   91.734748][ T6555]  xskq_create+0xb6/0x170
[   91.734773][ T6555]  xsk_init_queue+0xa1/0x100
[   91.734797][ T6555]  xsk_setsockopt+0x4aa/0x810
[   91.734824][ T6555]  ? __pfx_xsk_setsockopt+0x10/0x10
[   91.734848][ T6555]  ? __pfx_aa_sk_perm+0x10/0x10
[   91.734876][ T6555]  ? aa_sock_opt_perm+0x79/0x120
[   91.734906][ T6555]  ? __pfx_xsk_setsockopt+0x10/0x10
[   91.734927][ T6555]  do_sock_setsockopt+0x3af/0x720
[   91.734951][ T6555]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   91.734974][ T6555]  ? __fget_files+0x395/0x410
[   91.734997][ T6555]  ? __fget_files+0x2a/0x410
[   91.735028][ T6555]  __x64_sys_setsockopt+0x1ee/0x280
[   91.735054][ T6555]  do_syscall_64+0xf3/0x230
[   91.735085][ T6555]  ? clear_bhb_loop+0x35/0x90
[   91.735113][ T6555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.735136][ T6555] RIP: 0033:0x7fc473f8d169
[   91.735153][ T6555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.735168][ T6555] RSP: 002b:00007fc474d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   91.735188][ T6555] RAX: ffffffffffffffda RBX: 00007fc4741a5fa0 RCX: 00007fc473f8d169
[   91.735201][ T6555] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[   91.735212][ T6555] RBP: 00007fc47400e2a0 R08: 0000000000000004 R09: 0000000000000000
[   91.735224][ T6555] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.735236][ T6555] R13: 0000000000000000 R14: 00007fc4741a5fa0 R15: 00007fff21bd5f48
[   91.735264][ T6555]  </TASK>
[   91.738193][ T6558] FAULT_INJECTION: forcing a failure.
[   91.738193][ T6558] name failslab, interval 1, probability 0, space 0, times 0
[   91.754412][ T6555] Mem-Info:
[   91.763623][ T6558] CPU: 1 UID: 0 PID: 6558 Comm: syz.2.195 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   91.763646][ T6558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   91.763655][ T6558] Call Trace:
[   91.763661][ T6558]  <TASK>
[   91.763668][ T6558]  dump_stack_lvl+0x241/0x360
[   91.763692][ T6558]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.763713][ T6558]  ? __pfx__printk+0x10/0x10
[   91.763741][ T6558]  should_fail_ex+0x40a/0x550
[   91.763768][ T6558]  should_failslab+0xac/0x100
[   91.763788][ T6558]  ? skb_clone+0x20c/0x390
[   91.763804][ T6558]  kmem_cache_alloc_noprof+0x70/0x380
[   91.763829][ T6558]  skb_clone+0x20c/0x390
[   91.763849][ T6558]  __netlink_deliver_tap+0x3c4/0x7f0
[   91.763881][ T6558]  ? netlink_deliver_tap+0x2e/0x1b0
[   91.763899][ T6558]  netlink_deliver_tap+0x19d/0x1b0
[   91.763919][ T6558]  netlink_unicast+0x7c4/0x990
[   91.763945][ T6558]  ? __pfx_netlink_unicast+0x10/0x10
[   91.763961][ T6558]  ? __virt_addr_valid+0x45f/0x530
[   91.763978][ T6558]  ? __phys_addr_symbol+0x2f/0x70
[   91.763991][ T6558]  ? __check_object_size+0x47a/0x730
[   91.764014][ T6558]  netlink_sendmsg+0x8de/0xcb0
[   91.764045][ T6558]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.764067][ T6558]  ? __pfx_aa_file_perm+0x10/0x10
[   91.764081][ T6558]  ? aa_sock_msg_perm+0x91/0x160
[   91.764108][ T6558]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.764126][ T6558]  __sock_sendmsg+0x221/0x270
[   91.764148][ T6558]  sock_write_iter+0x2d7/0x3f0
[   91.764168][ T6558]  ? __pfx_sock_write_iter+0x10/0x10
[   91.764196][ T6558]  ? bpf_lsm_file_permission+0x9/0x10
[   91.764224][ T6558]  vfs_write+0xacf/0xd10
[   91.764244][ T6558]  ? __pfx_sock_write_iter+0x10/0x10
[   91.764262][ T6558]  ? __pfx_vfs_write+0x10/0x10
[   91.764275][ T6558]  ? do_sys_openat2+0x17a/0x1d0
[   91.764298][ T6558]  ? __fget_files+0x2a/0x410
[   91.764327][ T6558]  ? __fget_files+0x2a/0x410
[   91.764355][ T6558]  ksys_write+0x18f/0x2b0
[   91.764373][ T6558]  ? __pfx_ksys_write+0x10/0x10
[   91.764389][ T6558]  ? do_syscall_64+0x100/0x230
[   91.764410][ T6558]  ? do_syscall_64+0xb6/0x230
[   91.764430][ T6558]  do_syscall_64+0xf3/0x230
[   91.764447][ T6558]  ? clear_bhb_loop+0x35/0x90
[   91.764469][ T6558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.764488][ T6558] RIP: 0033:0x7f0af258d169
[   91.764502][ T6558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.764515][ T6558] RSP: 002b:00007f0af3499038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   91.764531][ T6558] RAX: ffffffffffffffda RBX: 00007f0af27a5fa0 RCX: 00007f0af258d169
[   91.764542][ T6558] RDX: 0000000000000024 RSI: 0000400000000800 RDI: 0000000000000003
[   91.764552][ T6558] RBP: 00007f0af3499090 R08: 0000000000000000 R09: 0000000000000000
[   91.764561][ T6558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.764570][ T6558] R13: 0000000000000000 R14: 00007f0af27a5fa0 R15: 00007fff26ffff68
[   91.764595][ T6558]  </TASK>
[   92.242153][ T6568] dccp_v4_rcv: dropped packet with invalid checksum
[   92.247921][ T6555] active_anon:8179 inactive_anon:0 isolated_anon:0
[   92.247921][ T6555]  active_file:1536 inactive_file:38307 isolated_file:0
[   92.247921][ T6555]  unevictable:768 dirty:343 writeback:0
[   92.247921][ T6555]  slab_reclaimable:9743 slab_unreclaimable:98049
[   92.247921][ T6555]  mapped:33844 shmem:4270 pagetables:958
[   92.247921][ T6555]  sec_pagetables:0 bounce:0
[   92.247921][ T6555]  kernel_misc_reclaimable:0
[   92.247921][ T6555]  free:1338504 free_pcp:343 free_cma:0
[   92.387832][ T6555] Node 0 active_anon:32748kB inactive_anon:0kB active_file:6144kB inactive_file:153152kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:135420kB dirty:1372kB writeback:0kB shmem:15556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11184kB pagetables:3876kB sec_pagetables:0kB all_unreclaimable? no
[   92.420538][ T6555] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   92.451201][ T6555] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   92.479376][ T6555] lowmem_reserve[]: 0 2489 2490 0 0
[   92.483361][ T6564] lo: left promiscuous mode
[   92.490031][ T6555] Node 0 DMA32 free:1436856kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:32704kB inactive_anon:0kB active_file:6144kB inactive_file:152832kB unevictable:1536kB writepending:1368kB present:3129332kB managed:2549728kB mlocked:0kB bounce:0kB free_pcp:936kB local_pcp:680kB free_cma:0kB
[   92.490095][ T6555] lowmem_reserve[]: 0 0 0 0 0
[   92.490146][ T6555] Node 0 
[   92.506195][ T6564] tunl0: left promiscuous mode
[   92.520810][ T6555] Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:320kB unevictable:0kB writepending:4kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   92.560690][ T6564] gre0: left promiscuous mode
[   92.572422][ T6564] gretap0: left promiscuous mode
[   92.580796][ T6564] erspan0: left promiscuous mode
[   92.584777][ T6555] lowmem_reserve[]: 0 0 0 0 0
[   92.588539][ T6564] ip_vti0: left promiscuous mode
[   92.592354][ T6555] Node 1 
[   92.601586][ T6564] ip6_vti0: left promiscuous mode
[   92.602258][ T6555] Normal free:3901960kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   92.606980][ T6564] sit0: left promiscuous mode
[   92.610010][ T6555] lowmem_reserve[]: 0 0 0 0 0
[   92.658656][ T6564] ip6tnl0: left promiscuous mode
[   92.665394][ T6555] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   92.688502][ T6564] ip6gre0: left promiscuous mode
[   92.700676][ T6555] Node 0 DMA32: 18*4kB (UM) 173*8kB (UME) 226*16kB (UM) 158*32kB (UME) 97*64kB (UME) 81*128kB (UME) 27*256kB (UM) 7*512kB (UM) 6*1024kB (UME) 5*2048kB (UM) 338*4096kB (M) = 1438032kB
[   92.720667][ T6564] syz_tun: left promiscuous mode
[   92.727700][ T6555] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[   92.740057][ T6564] ip6gretap0: left promiscuous mode
[   92.747862][ T6564] bridge0: left promiscuous mode
[   92.753021][ T6555] Node 1 Normal: 200*4kB (UME) 53*8kB (UME) 56*16kB (UME) 213*32kB (UME) 89*64kB (UME) 40*128kB (UME) 11*256kB (UME) 15*512kB (UME) 3*1024kB (UM) 1*2048kB (E) 944*4096kB (UM) = 3901992kB
[   92.772415][ T6564] vcan0: left promiscuous mode
[   92.778776][ T6564] bond0: left promiscuous mode
[   92.783907][ T6564] bond_slave_0: left promiscuous mode
[   92.790636][ T6564] bond_slave_1: left promiscuous mode
[   92.798832][ T6555] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   92.808705][ T6564] team0: left promiscuous mode
[   92.814005][ T6564] team_slave_0: left promiscuous mode
[   92.820179][ T6564] team_slave_1: left promiscuous mode
[   92.826150][ T6555] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   92.837042][ T6564] dummy0: left promiscuous mode
[   92.843747][ T6555] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   92.853608][ T6564] nlmon0: left promiscuous mode
[   92.860110][ T6564] caif0: left promiscuous mode
[   92.865452][ T6555] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   92.877052][ T6555] 45037 total pagecache pages
[   92.881769][ T6555] 0 pages in swap cache
[   92.886771][ T6555] Free swap  = 124996kB
[   92.891832][ T6555] Total swap = 124996kB
[   92.897249][ T6555] 2097051 pages RAM
[   92.901083][ T6555] 0 pages HighMem/MovableOnly
[   92.906331][ T6555] 427897 pages reserved
[   92.910705][ T6555] 0 pages cma reserved
[   93.203369][ T6577] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   93.214044][ T6579] FAULT_INJECTION: forcing a failure.
[   93.214044][ T6579] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.233667][ T6579] CPU: 1 UID: 0 PID: 6579 Comm: syz.1.202 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   93.233692][ T6579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   93.233702][ T6579] Call Trace:
[   93.233708][ T6579]  <TASK>
[   93.233715][ T6579]  dump_stack_lvl+0x241/0x360
[   93.233741][ T6579]  ? __pfx_dump_stack_lvl+0x10/0x10
[   93.233758][ T6579]  ? __pfx__printk+0x10/0x10
[   93.233776][ T6579]  ? __pfx_lock_release+0x10/0x10
[   93.233806][ T6579]  should_fail_ex+0x40a/0x550
[   93.233833][ T6579]  _copy_from_user+0x2d/0xb0
[   93.233853][ T6579]  __sys_bpf+0x1be/0x820
[   93.233876][ T6579]  ? __pfx___sys_bpf+0x10/0x10
[   93.233907][ T6579]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   93.233930][ T6579]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   93.233954][ T6579]  ? do_syscall_64+0x100/0x230
[   93.233986][ T6579]  __x64_sys_bpf+0x7c/0x90
[   93.234006][ T6579]  do_syscall_64+0xf3/0x230
[   93.234024][ T6579]  ? clear_bhb_loop+0x35/0x90
[   93.234048][ T6579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.234068][ T6579] RIP: 0033:0x7fc473f8d169
[   93.234082][ T6579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.234095][ T6579] RSP: 002b:00007fc474d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.234112][ T6579] RAX: ffffffffffffffda RBX: 00007fc4741a5fa0 RCX: 00007fc473f8d169
[   93.234124][ T6579] RDX: 0000000000000048 RSI: 00004000000054c0 RDI: 0000000000000005
[   93.234134][ T6579] RBP: 00007fc474d42090 R08: 0000000000000000 R09: 0000000000000000
[   93.234143][ T6579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.234153][ T6579] R13: 0000000000000000 R14: 00007fc4741a5fa0 R15: 00007fff21bd5f48
[   93.234177][ T6579]  </TASK>
[   93.234534][ T6579] netlink: 36 bytes leftover after parsing attributes in process `syz.1.202'.
[   93.238917][ T6577] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   93.310341][ T6577] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[   93.643729][ T6588] xt_hashlimit: size too large, truncated to 1048576
[   93.663713][ T6589] netlink: 36 bytes leftover after parsing attributes in process `syz.3.203'.
[   93.677559][ T6588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.205'.
[   93.751676][ T6582] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   93.940101][ T6599] dccp_v4_rcv: dropped packet with invalid checksum
[   95.207688][ T6640] dccp_v4_rcv: dropped packet with invalid checksum
[   95.349396][ T6639] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   95.383538][ T6639] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   95.397445][ T6639] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[   95.783914][ T6653] FAULT_INJECTION: forcing a failure.
[   95.783914][ T6653] name failslab, interval 1, probability 0, space 0, times 0
[   95.841858][ T6657] bridge0: port 2(bridge_slave_1) entered learning state
[   95.842065][ T6653] CPU: 0 UID: 0 PID: 6653 Comm: syz.1.227 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   95.842085][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   95.842094][ T6653] Call Trace:
[   95.842100][ T6653]  <TASK>
[   95.842107][ T6653]  dump_stack_lvl+0x241/0x360
[   95.842132][ T6653]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.842147][ T6653]  ? __pfx__printk+0x10/0x10
[   95.842171][ T6653]  should_fail_ex+0x40a/0x550
[   95.842196][ T6653]  should_failslab+0xac/0x100
[   95.842216][ T6653]  ? skb_clone+0x20c/0x390
[   95.842232][ T6653]  kmem_cache_alloc_noprof+0x70/0x380
[   95.842258][ T6653]  skb_clone+0x20c/0x390
[   95.842278][ T6653]  __netlink_deliver_tap+0x3c4/0x7f0
[   95.842309][ T6653]  ? netlink_deliver_tap+0x2e/0x1b0
[   95.842327][ T6653]  netlink_deliver_tap+0x19d/0x1b0
[   95.842348][ T6653]  netlink_unicast+0x7c4/0x990
[   95.842374][ T6653]  ? __pfx_netlink_unicast+0x10/0x10
[   95.842390][ T6653]  ? __virt_addr_valid+0x45f/0x530
[   95.842405][ T6653]  ? __phys_addr_symbol+0x2f/0x70
[   95.842419][ T6653]  ? __check_object_size+0x47a/0x730
[   95.842443][ T6653]  netlink_sendmsg+0x8de/0xcb0
[   95.842473][ T6653]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.842495][ T6653]  ? aa_sock_msg_perm+0x91/0x160
[   95.842521][ T6653]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.842539][ T6653]  __sock_sendmsg+0x221/0x270
[   95.842562][ T6653]  ____sys_sendmsg+0x53a/0x860
[   95.842585][ T6653]  ? __pfx_____sys_sendmsg+0x10/0x10
[   95.842599][ T6653]  ? __fget_files+0x2a/0x410
[   95.842622][ T6653]  ? __fget_files+0x2a/0x410
[   95.842649][ T6653]  __sys_sendmsg+0x269/0x350
[   95.842677][ T6653]  ? __pfx___sys_sendmsg+0x10/0x10
[   95.842705][ T6653]  ? do_sys_openat2+0x17a/0x1d0
[   95.842750][ T6653]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   95.842773][ T6653]  ? do_syscall_64+0x100/0x230
[   95.842794][ T6653]  ? do_syscall_64+0xb6/0x230
[   95.842814][ T6653]  do_syscall_64+0xf3/0x230
[   95.842830][ T6653]  ? clear_bhb_loop+0x35/0x90
[   95.842852][ T6653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.842871][ T6653] RIP: 0033:0x7fc473f8d169
[   95.842885][ T6653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.842897][ T6653] RSP: 002b:00007fc474d42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.842914][ T6653] RAX: ffffffffffffffda RBX: 00007fc4741a5fa0 RCX: 00007fc473f8d169
[   95.842925][ T6653] RDX: 0000000004000080 RSI: 0000400000000000 RDI: 0000000000000003
[   95.842935][ T6653] RBP: 00007fc474d42090 R08: 0000000000000000 R09: 0000000000000000
[   95.842945][ T6653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.842954][ T6653] R13: 0000000000000000 R14: 00007fc4741a5fa0 R15: 00007fff21bd5f48
[   95.842978][ T6653]  </TASK>
[   96.252349][ T6669] FAULT_INJECTION: forcing a failure.
[   96.252349][ T6669] name failslab, interval 1, probability 0, space 0, times 0
[   96.344734][ T6669] CPU: 0 UID: 0 PID: 6669 Comm: syz.3.234 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   96.344760][ T6669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   96.344769][ T6669] Call Trace:
[   96.344775][ T6669]  <TASK>
[   96.344782][ T6669]  dump_stack_lvl+0x241/0x360
[   96.344808][ T6669]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.344823][ T6669]  ? __pfx__printk+0x10/0x10
[   96.344843][ T6669]  ? kmem_cache_alloc_noprof+0x48/0x380
[   96.344865][ T6669]  ? __pfx___might_resched+0x10/0x10
[   96.344890][ T6669]  should_fail_ex+0x40a/0x550
[   96.344918][ T6669]  should_failslab+0xac/0x100
[   96.344940][ T6669]  ? __kernfs_new_node+0xd8/0x870
[   96.344959][ T6669]  kmem_cache_alloc_noprof+0x70/0x380
[   96.344979][ T6669]  ? up_write+0x1a9/0x590
[   96.344999][ T6669]  __kernfs_new_node+0xd8/0x870
[   96.345021][ T6669]  ? up_write+0x1a9/0x590
[   96.345043][ T6669]  ? __pfx___kernfs_new_node+0x10/0x10
[   96.345074][ T6669]  ? kernfs_add_one+0x157/0x700
[   96.345101][ T6669]  kernfs_new_node+0x137/0x240
[   96.345125][ T6669]  __kernfs_create_file+0x49/0x2e0
[   96.345142][ T6669]  sysfs_add_file_mode_ns+0x24a/0x310
[   96.345165][ T6669]  internal_create_group+0x782/0x12d0
[   96.345191][ T6669]  ? netdev_queue_update_kobjects+0x1d6/0x720
[   96.345207][ T6669]  ? dev_ethtool+0x1362/0x1d70
[   96.345220][ T6669]  ? dev_ioctl+0x785/0x1340
[   96.345240][ T6669]  ? __pfx_internal_create_group+0x10/0x10
[   96.345269][ T6669]  sysfs_create_groups+0x56/0x120
[   96.345291][ T6669]  netdev_queue_update_kobjects+0x2a6/0x720
[   96.345319][ T6669]  netif_set_real_num_tx_queues+0x16f/0x8d0
[   96.345348][ T6669]  veth_set_channels+0x41e/0xae0
[   96.345381][ T6669]  ethtool_set_channels+0x792/0xaf0
[   96.345413][ T6669]  ? __pfx_ethtool_set_channels+0x10/0x10
[   96.345443][ T6669]  ? bpf_lsm_capable+0x9/0x10
[   96.345464][ T6669]  ? security_capable+0x7e/0x2d0
[   96.345492][ T6669]  dev_ethtool+0x1362/0x1d70
[   96.345523][ T6669]  ? __pfx_dev_ethtool+0x10/0x10
[   96.345539][ T6669]  ? tomoyo_path_number_perm+0x5dd/0x770
[   96.345574][ T6669]  ? dev_load+0x21/0x1f0
[   96.345595][ T6669]  dev_ioctl+0x785/0x1340
[   96.345625][ T6669]  sock_do_ioctl+0x240/0x460
[   96.345652][ T6669]  ? __pfx_sock_do_ioctl+0x10/0x10
[   96.345691][ T6669]  sock_ioctl+0x626/0x8e0
[   96.345713][ T6669]  ? __pfx_sock_ioctl+0x10/0x10
[   96.345731][ T6669]  ? __fget_files+0x2a/0x410
[   96.345755][ T6669]  ? __fget_files+0x2a/0x410
[   96.345781][ T6669]  ? __pfx_sock_ioctl+0x10/0x10
[   96.345801][ T6669]  __se_sys_ioctl+0xf5/0x170
[   96.345821][ T6669]  do_syscall_64+0xf3/0x230
[   96.345841][ T6669]  ? clear_bhb_loop+0x35/0x90
[   96.345864][ T6669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.345884][ T6669] RIP: 0033:0x7fc5f318d169
[   96.345897][ T6669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.345910][ T6669] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   96.345927][ T6669] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[   96.345938][ T6669] RDX: 00004000000002c0 RSI: 0000000000008946 RDI: 0000000000000003
[   96.345947][ T6669] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[   96.345956][ T6669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   96.345965][ T6669] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[   96.345990][ T6669]  </TASK>
[   97.106606][ T6691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.240'.
[   97.295444][ T6697] netlink: 8 bytes leftover after parsing attributes in process `syz.0.243'.
[   97.337938][ T6698] bridge0: port 3(batadv1) entered blocking state
[   97.357786][ T6698] bridge0: port 3(batadv1) entered disabled state
[   97.364417][ T6698] batadv1: entered allmulticast mode
[   97.389203][ T6698] batadv1: entered promiscuous mode
[   97.416306][ T6703] netlink: 24 bytes leftover after parsing attributes in process `syz.2.244'.
[   97.425501][ T6703] netlink: 12 bytes leftover after parsing attributes in process `syz.2.244'.
[   97.434973][ T6703] netlink: 12 bytes leftover after parsing attributes in process `syz.2.244'.
[   97.491405][ T6706] netlink: 48 bytes leftover after parsing attributes in process `syz.3.246'.
[   97.696270][ T6714] FAULT_INJECTION: forcing a failure.
[   97.696270][ T6714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.743349][ T6714] CPU: 1 UID: 0 PID: 6714 Comm: syz.3.248 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   97.743375][ T6714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   97.743384][ T6714] Call Trace:
[   97.743389][ T6714]  <TASK>
[   97.743397][ T6714]  dump_stack_lvl+0x241/0x360
[   97.743423][ T6714]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.743440][ T6714]  ? __pfx__printk+0x10/0x10
[   97.743457][ T6714]  ? __pfx_lock_release+0x10/0x10
[   97.743486][ T6714]  should_fail_ex+0x40a/0x550
[   97.743521][ T6714]  _copy_from_user+0x2d/0xb0
[   97.743542][ T6714]  copy_msghdr_from_user+0xae/0x680
[   97.743570][ T6714]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   97.743588][ T6714]  ? __fget_files+0x2a/0x410
[   97.743612][ T6714]  ? __fget_files+0x2a/0x410
[   97.743638][ T6714]  __sys_sendmsg+0x209/0x350
[   97.743659][ T6714]  ? __pfx___sys_sendmsg+0x10/0x10
[   97.743686][ T6714]  ? do_sys_openat2+0x17a/0x1d0
[   97.743728][ T6714]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   97.743749][ T6714]  ? do_syscall_64+0x100/0x230
[   97.743770][ T6714]  ? do_syscall_64+0xb6/0x230
[   97.743791][ T6714]  do_syscall_64+0xf3/0x230
[   97.743808][ T6714]  ? clear_bhb_loop+0x35/0x90
[   97.743831][ T6714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.743850][ T6714] RIP: 0033:0x7fc5f318d169
[   97.743865][ T6714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.743877][ T6714] RSP: 002b:00007fc5f4000038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.743894][ T6714] RAX: ffffffffffffffda RBX: 00007fc5f33a6080 RCX: 00007fc5f318d169
[   97.743905][ T6714] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003
[   97.743915][ T6714] RBP: 00007fc5f4000090 R08: 0000000000000000 R09: 0000000000000000
[   97.743925][ T6714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.743934][ T6714] R13: 0000000000000001 R14: 00007fc5f33a6080 R15: 00007ffc0672e0d8
[   97.743958][ T6714]  </TASK>
[   97.947195][ T6718] netlink: 'syz.2.249': attribute type 3 has an invalid length.
[   97.985566][ T1099] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   97.997849][ T1099] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   98.107372][ T6724] 8021q: adding VLAN 0 to HW filter on device bond1
[   98.187604][ T6724] bond1: entered promiscuous mode
[   98.217747][ T6724] bond0: (slave bond1): Enslaving as an active interface with an up link
[   98.385967][ T6737] FAULT_INJECTION: forcing a failure.
[   98.385967][ T6737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.415384][ T6737] CPU: 1 UID: 0 PID: 6737 Comm: syz.3.253 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[   98.415410][ T6737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   98.415420][ T6737] Call Trace:
[   98.415426][ T6737]  <TASK>
[   98.415433][ T6737]  dump_stack_lvl+0x241/0x360
[   98.415467][ T6737]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.415485][ T6737]  ? __pfx__printk+0x10/0x10
[   98.415503][ T6737]  ? __pfx_lock_release+0x10/0x10
[   98.415534][ T6737]  should_fail_ex+0x40a/0x550
[   98.415560][ T6737]  _copy_from_iter+0x1df/0x1c40
[   98.415578][ T6737]  ? __virt_addr_valid+0x183/0x530
[   98.415594][ T6737]  ? __pfx_lock_release+0x10/0x10
[   98.415622][ T6737]  ? __alloc_skb+0x28f/0x440
[   98.415637][ T6737]  ? __pfx__copy_from_iter+0x10/0x10
[   98.415656][ T6737]  ? __virt_addr_valid+0x183/0x530
[   98.415670][ T6737]  ? __virt_addr_valid+0x183/0x530
[   98.415684][ T6737]  ? __virt_addr_valid+0x45f/0x530
[   98.415699][ T6737]  ? __phys_addr_symbol+0x2f/0x70
[   98.415713][ T6737]  ? __check_object_size+0x47a/0x730
[   98.415736][ T6737]  netlink_sendmsg+0x742/0xcb0
[   98.415766][ T6737]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.415787][ T6737]  ? aa_sock_msg_perm+0x91/0x160
[   98.415812][ T6737]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.415829][ T6737]  __sock_sendmsg+0x221/0x270
[   98.415851][ T6737]  ____sys_sendmsg+0x53a/0x860
[   98.415874][ T6737]  ? __pfx_____sys_sendmsg+0x10/0x10
[   98.415888][ T6737]  ? __fget_files+0x2a/0x410
[   98.415911][ T6737]  ? __fget_files+0x2a/0x410
[   98.415937][ T6737]  __sys_sendmsg+0x269/0x350
[   98.415957][ T6737]  ? __pfx___sys_sendmsg+0x10/0x10
[   98.415984][ T6737]  ? do_sys_openat2+0x17a/0x1d0
[   98.416027][ T6737]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.416049][ T6737]  ? do_syscall_64+0x100/0x230
[   98.416070][ T6737]  ? do_syscall_64+0xb6/0x230
[   98.416090][ T6737]  do_syscall_64+0xf3/0x230
[   98.416107][ T6737]  ? clear_bhb_loop+0x35/0x90
[   98.416130][ T6737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.416149][ T6737] RIP: 0033:0x7fc5f318d169
[   98.416162][ T6737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.416174][ T6737] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.416192][ T6737] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[   98.416203][ T6737] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[   98.416212][ T6737] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[   98.416221][ T6737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.416230][ T6737] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[   98.416252][ T6737]  </TASK>
[   99.225808][ T6764] netlink: 36 bytes leftover after parsing attributes in process `syz.1.263'.
[   99.240249][ T6768] netlink: 19 bytes leftover after parsing attributes in process `syz.2.265'.
[   99.563141][ T6780] dccp_v4_rcv: dropped packet with invalid checksum
[  100.505026][ T6808] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[  100.544031][ T6808] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  100.914089][ T6812] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.946612][ T6819] netlink: 36 bytes leftover after parsing attributes in process `syz.1.275'.
[  100.977096][ T6815] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  101.703446][ T6827] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  101.746089][ T6830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.281'.
[  101.784824][ T6830] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  101.801538][ T6830] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  101.812427][ T6830] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  101.857714][ T6832] dccp_v4_rcv: dropped packet with invalid checksum
[  102.051149][ T6838] Cannot find set identified by id 0 to match
[  102.092151][ T6841] netlink: 'syz.3.285': attribute type 3 has an invalid length.
[  102.127539][ T6841] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.285'.
[  102.508121][ T6857] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  102.516850][ T6858] netlink: 68 bytes leftover after parsing attributes in process `syz.4.290'.
[  102.575521][ T6858] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  102.691957][ T6872] netlink: 32 bytes leftover after parsing attributes in process `syz.2.294'.
[  102.705481][ T6873] dccp_v4_rcv: dropped packet with invalid checksum
[  103.041266][ T6888] netlink: 4 bytes leftover after parsing attributes in process `syz.3.300'.
[  103.146989][ T6888] bridge_slave_1: left allmulticast mode
[  103.164804][ T6888] bridge_slave_1: left promiscuous mode
[  103.184893][ T6888] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.265396][ T6888] bridge_slave_0: left allmulticast mode
[  103.273874][ T6888] bridge_slave_0: left promiscuous mode
[  103.301391][ T6888] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.668223][ T6878] lo: entered promiscuous mode
[  103.674759][ T6878] tunl0: entered promiscuous mode
[  103.683289][ T6878] gre0: entered promiscuous mode
[  103.697423][ T6878] gretap0: entered promiscuous mode
[  103.702683][ T6878] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  103.750208][ T6907] FAULT_INJECTION: forcing a failure.
[  103.750208][ T6907] name failslab, interval 1, probability 0, space 0, times 0
[  103.754103][ T6905] netlink: 5 bytes leftover after parsing attributes in process `syz.2.305'.
[  103.764394][ T6907] CPU: 0 UID: 0 PID: 6907 Comm: syz.3.306 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  103.764417][ T6907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  103.764427][ T6907] Call Trace:
[  103.764432][ T6907]  <TASK>
[  103.764439][ T6907]  dump_stack_lvl+0x241/0x360
[  103.764465][ T6907]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.764482][ T6907]  ? __pfx__printk+0x10/0x10
[  103.764497][ T6907]  ? __nla_validate_parse+0x2885/0x3290
[  103.764514][ T6907]  ? netlink_unicast+0x7c4/0x990
[  103.764536][ T6907]  ? netlink_sendmsg+0x8de/0xcb0
[  103.764562][ T6907]  should_fail_ex+0x40a/0x550
[  103.764586][ T6907]  should_failslab+0xac/0x100
[  103.764606][ T6907]  ? xfrm_state_alloc+0x26/0x320
[  103.764626][ T6907]  kmem_cache_alloc_noprof+0x70/0x380
[  103.764651][ T6907]  xfrm_state_alloc+0x26/0x320
[  103.764673][ T6907]  xfrm_add_sa+0x1674/0x42a0
[  103.764700][ T6907]  ? __pfx_xfrm_add_sa+0x10/0x10
[  103.764722][ T6907]  ? __nla_parse+0x40/0x60
[  103.764743][ T6907]  xfrm_user_rcv_msg+0x975/0xc20
[  103.764765][ T6907]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  103.764814][ T6907]  ? __mutex_trylock_common+0x183/0x2e0
[  103.764832][ T6907]  ? __pfx___might_resched+0x10/0x10
[  103.764854][ T6907]  ? __pfx___mutex_trylock_common+0x10/0x10
[  103.764881][ T6907]  netlink_rcv_skb+0x206/0x480
[  103.764901][ T6907]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  103.764920][ T6907]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  103.764964][ T6907]  xfrm_netlink_rcv+0x79/0x90
[  103.764982][ T6907]  netlink_unicast+0x7f6/0x990
[  103.765008][ T6907]  ? __pfx_netlink_unicast+0x10/0x10
[  103.765024][ T6907]  ? __virt_addr_valid+0x45f/0x530
[  103.765040][ T6907]  ? __phys_addr_symbol+0x2f/0x70
[  103.765054][ T6907]  ? __check_object_size+0x47a/0x730
[  103.765077][ T6907]  netlink_sendmsg+0x8de/0xcb0
[  103.765107][ T6907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.765131][ T6907]  ? aa_sock_msg_perm+0x91/0x160
[  103.765165][ T6907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.765183][ T6907]  __sock_sendmsg+0x221/0x270
[  103.765206][ T6907]  ____sys_sendmsg+0x53a/0x860
[  103.765229][ T6907]  ? __pfx_____sys_sendmsg+0x10/0x10
[  103.765244][ T6907]  ? __fget_files+0x2a/0x410
[  103.765267][ T6907]  ? __fget_files+0x2a/0x410
[  103.765295][ T6907]  __sys_sendmsg+0x269/0x350
[  103.765315][ T6907]  ? __pfx___sys_sendmsg+0x10/0x10
[  103.765344][ T6907]  ? do_sys_openat2+0x17a/0x1d0
[  103.765387][ T6907]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  103.765410][ T6907]  ? do_syscall_64+0x100/0x230
[  103.765431][ T6907]  ? do_syscall_64+0xb6/0x230
[  103.765451][ T6907]  do_syscall_64+0xf3/0x230
[  103.765469][ T6907]  ? clear_bhb_loop+0x35/0x90
[  103.765491][ T6907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.765510][ T6907] RIP: 0033:0x7fc5f318d169
[  103.765525][ T6907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.765538][ T6907] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.765557][ T6907] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[  103.765568][ T6907] RDX: 0000000004000080 RSI: 0000400000000000 RDI: 0000000000000003
[  103.765579][ T6907] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[  103.765589][ T6907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.765598][ T6907] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[  103.765623][ T6907]  </TASK>
[  104.105840][ T6914] lo: entered promiscuous mode
[  104.121038][ T6915] netlink: 68 bytes leftover after parsing attributes in process `syz.3.307'.
[  104.129063][ T6914] tunl0: entered promiscuous mode
[  104.136686][ T6914] gre0: entered promiscuous mode
[  104.144320][ T6914] gretap0: entered promiscuous mode
[  104.149907][ T6914] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  104.178644][ T6905] 0ªX¹¦Dö»: renamed from gretap0
[  104.181551][ T6915] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8
[  104.214341][ T6905] 0ªX¹¦Dö»: entered allmulticast mode
[  104.957221][ T6944] netlink: 68 bytes leftover after parsing attributes in process `syz.1.313'.
[  105.018700][ T6944] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input9
[  106.303459][ T6970] Cannot find set identified by id 0 to match
[  106.727598][ T6939] lo: entered promiscuous mode
[  106.734465][ T6939] tunl0: entered promiscuous mode
[  106.756583][ T6939] gre0: entered promiscuous mode
[  106.763401][ T6939] gretap0: entered promiscuous mode
[  106.769357][ T6939] net_ratelimit: 2 callbacks suppressed
[  106.769373][ T6939] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  106.909256][ T6977] dccp_v4_rcv: dropped packet with invalid checksum
[  107.432324][ T6983] 8021q: adding VLAN 0 to HW filter on device bond1
[  107.452772][ T6983] bond0: (slave bond1): Enslaving as an active interface with an up link
[  108.062149][ T6994] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  108.911637][ T7033] dccp_v4_rcv: dropped packet with invalid checksum
[  109.168262][ T7035] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  109.180606][ T7035] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  109.198988][ T7042] macvlan2: entered promiscuous mode
[  109.212585][ T7035] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  109.226353][ T7042] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  109.240991][ T7042] team0: Port device macvlan2 added
[  109.303933][ T7045] macsec0: entered promiscuous mode
[  109.368757][ T7045] macsec0 (unregistering): left promiscuous mode
[  109.420816][ T7048] netlink: 28 bytes leftover after parsing attributes in process `syz.4.337'.
[  109.434526][ T7047] netlink: 28 bytes leftover after parsing attributes in process `syz.4.337'.
[  109.445540][ T7048] netlink: 8 bytes leftover after parsing attributes in process `syz.4.337'.
[  109.455908][ T7047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.337'.
[  109.495515][ T7050] batadv_slave_0: entered promiscuous mode
[  109.504107][ T7050] batadv_slave_0: entered allmulticast mode
[  109.513238][ T7050] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.524330][ T7050] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.552240][ T7050] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  109.737313][ T7051] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  109.806630][ T7053] 8021q: adding VLAN 0 to HW filter on device bond2
[  109.815418][ T7053] bond0: (slave bond2): Enslaving as an active interface with an up link
[  110.560497][ T7081] netlink: 36 bytes leftover after parsing attributes in process `syz.2.347'.
[  110.848318][ T7084] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  110.981451][ T7089] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.266352][ T7106] Cannot find add_set index 0 as target
[  111.300141][ T7089] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.579664][ T7112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.356'.
[  111.651068][ T7089] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.068428][ T7089] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.261047][ T7089] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.286896][ T7089] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.313519][ T7089] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.341212][ T7089] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.036101][ T5850] Bluetooth: hci4: command 0x0405 tx timeout
[  130.916616][ T7123] No such timeout policy "syz1"
[  130.991693][ T7129] macvlan2: entered promiscuous mode
[  131.034642][ T7129] bridge0: entered promiscuous mode
[  131.518307][ T7166] FAULT_INJECTION: forcing a failure.
[  131.518307][ T7166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.531671][ T7166] CPU: 0 UID: 0 PID: 7166 Comm: syz.3.374 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  131.531693][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  131.531704][ T7166] Call Trace:
[  131.531710][ T7166]  <TASK>
[  131.531717][ T7166]  dump_stack_lvl+0x241/0x360
[  131.531744][ T7166]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.531761][ T7166]  ? __pfx__printk+0x10/0x10
[  131.531780][ T7166]  ? __pfx_lock_release+0x10/0x10
[  131.531810][ T7166]  should_fail_ex+0x40a/0x550
[  131.531837][ T7166]  _copy_from_user+0x2d/0xb0
[  131.531857][ T7166]  sctp_setsockopt+0xcc/0x11c0
[  131.531883][ T7166]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  131.531904][ T7166]  do_sock_setsockopt+0x3af/0x720
[  131.531927][ T7166]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  131.531948][ T7166]  ? __fget_files+0x395/0x410
[  131.531968][ T7166]  ? __fget_files+0x2a/0x410
[  131.531996][ T7166]  __x64_sys_setsockopt+0x1ee/0x280
[  131.532019][ T7166]  do_syscall_64+0xf3/0x230
[  131.532037][ T7166]  ? clear_bhb_loop+0x35/0x90
[  131.532061][ T7166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.532081][ T7166] RIP: 0033:0x7fc5f318d169
[  131.532095][ T7166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.532108][ T7166] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  131.532126][ T7166] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[  131.532138][ T7166] RDX: 0000000000000019 RSI: 0000000000000084 RDI: 0000000000000004
[  131.532148][ T7166] RBP: 00007fc5f4021090 R08: 0000000000000008 R09: 0000000000000000
[  131.532157][ T7166] R10: 0000400000000200 R11: 0000000000000246 R12: 0000000000000001
[  131.532165][ T7166] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[  131.532191][ T7166]  </TASK>
[  131.821024][ T7169] netlink: 'syz.0.375': attribute type 3 has an invalid length.
[  131.831619][ T7169] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.375'.
[  131.841177][ T7169] FAULT_INJECTION: forcing a failure.
[  131.841177][ T7169] name failslab, interval 1, probability 0, space 0, times 0
[  131.841449][ T7170] sch_fq: defrate 2048 ignored.
[  131.855287][ T7169] CPU: 0 UID: 0 PID: 7169 Comm: syz.0.375 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  131.855312][ T7169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  131.855323][ T7169] Call Trace:
[  131.855330][ T7169]  <TASK>
[  131.855338][ T7169]  dump_stack_lvl+0x241/0x360
[  131.855363][ T7169]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.855388][ T7169]  ? __pfx__printk+0x10/0x10
[  131.855407][ T7169]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  131.855428][ T7169]  ? __pfx___might_resched+0x10/0x10
[  131.855447][ T7169]  ? rcu_is_watching+0x15/0xb0
[  131.855469][ T7169]  should_fail_ex+0x40a/0x550
[  131.855497][ T7169]  should_failslab+0xac/0x100
[  131.855518][ T7169]  __kmalloc_node_noprof+0xe1/0x4d0
[  131.855537][ T7169]  ? __kvmalloc_node_noprof+0x72/0x190
[  131.855564][ T7169]  __kvmalloc_node_noprof+0x72/0x190
[  131.855588][ T7169]  nf_hook_entries_grow+0x288/0x720
[  131.855619][ T7169]  __nf_register_net_hook+0x278/0x8d0
[  131.855639][ T7169]  ? parse_nl_config+0x37b/0x480
[  131.855666][ T7169]  nf_register_net_hook+0xb0/0x190
[  131.855687][ T7169]  nf_register_net_hooks+0x41/0x1a0
[  131.855709][ T7169]  ila_xlat_nl_cmd_add_mapping+0x646/0x17d0
[  131.855739][ T7169]  ? __pfx_ila_xlat_nl_cmd_add_mapping+0x10/0x10
[  131.855761][ T7169]  ? __nla_parse+0x40/0x60
[  131.855781][ T7169]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  131.855806][ T7169]  genl_rcv_msg+0xb1f/0xec0
[  131.855830][ T7169]  ? __pfx_genl_rcv_msg+0x10/0x10
[  131.855874][ T7169]  ? __pfx_lock_acquire+0x10/0x10
[  131.855895][ T7169]  ? __pfx_ila_xlat_nl_cmd_add_mapping+0x10/0x10
[  131.855915][ T7169]  ? __pfx___might_resched+0x10/0x10
[  131.855944][ T7169]  netlink_rcv_skb+0x206/0x480
[  131.855966][ T7169]  ? __pfx_genl_rcv_msg+0x10/0x10
[  131.855984][ T7169]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  131.856016][ T7169]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  131.856049][ T7169]  genl_rcv+0x28/0x40
[  131.856064][ T7169]  netlink_unicast+0x7f6/0x990
[  131.856090][ T7169]  ? __pfx_netlink_unicast+0x10/0x10
[  131.856107][ T7169]  ? __virt_addr_valid+0x45f/0x530
[  131.856123][ T7169]  ? __phys_addr_symbol+0x2f/0x70
[  131.856137][ T7169]  ? __check_object_size+0x47a/0x730
[  131.856161][ T7169]  netlink_sendmsg+0x8de/0xcb0
[  131.856193][ T7169]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.856217][ T7169]  ? aa_sock_msg_perm+0x91/0x160
[  131.856245][ T7169]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.856264][ T7169]  __sock_sendmsg+0x221/0x270
[  131.856291][ T7169]  ____sys_sendmsg+0x53a/0x860
[  131.856317][ T7169]  ? __pfx_____sys_sendmsg+0x10/0x10
[  131.856331][ T7169]  ? __fget_files+0x2a/0x410
[  131.856356][ T7169]  ? __fget_files+0x2a/0x410
[  131.856390][ T7169]  __sys_sendmsg+0x269/0x350
[  131.856412][ T7169]  ? __pfx___sys_sendmsg+0x10/0x10
[  131.856441][ T7169]  ? do_sys_openat2+0x17a/0x1d0
[  131.856488][ T7169]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  131.856511][ T7169]  ? do_syscall_64+0x100/0x230
[  131.856532][ T7169]  ? do_syscall_64+0xb6/0x230
[  131.856553][ T7169]  do_syscall_64+0xf3/0x230
[  131.856570][ T7169]  ? clear_bhb_loop+0x35/0x90
[  131.856593][ T7169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.856612][ T7169] RIP: 0033:0x7f32c758d169
[  131.856627][ T7169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.856640][ T7169] RSP: 002b:00007f32c834c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.856658][ T7169] RAX: ffffffffffffffda RBX: 00007f32c77a5fa0 RCX: 00007f32c758d169
[  131.856669][ T7169] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000003
[  131.856679][ T7169] RBP: 00007f32c834c090 R08: 0000000000000000 R09: 0000000000000000
[  131.856689][ T7169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.856698][ T7169] R13: 0000000000000000 R14: 00007f32c77a5fa0 R15: 00007ffe7d74dc58
[  131.856724][ T7169]  </TASK>
[  132.300707][ T7175] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  132.340904][ T7184] netlink: 28 bytes leftover after parsing attributes in process `syz.1.380'.
[  133.198186][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  133.265316][ T7213] netlink: 28 bytes leftover after parsing attributes in process `syz.1.391'.
[  133.552974][ T7224] netlink: 68 bytes leftover after parsing attributes in process `syz.1.395'.
[  133.562934][ T7223] netlink: 36 bytes leftover after parsing attributes in process `syz.2.394'.
[  133.641489][ T7224] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input10
[  133.809027][ T7238] 8021q: adding VLAN 0 to HW filter on device bond3
[  133.819026][ T7238] bond3: entered promiscuous mode
[  133.826811][ T7238] bond0: (slave bond3): Enslaving as an active interface with an up link
[  134.392397][ T7252] netlink: 36 bytes leftover after parsing attributes in process `syz.4.401'.
[  134.500350][ T7258] FAULT_INJECTION: forcing a failure.
[  134.500350][ T7258] name failslab, interval 1, probability 0, space 0, times 0
[  134.524949][ T7258] CPU: 1 UID: 0 PID: 7258 Comm: syz.3.405 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  134.524976][ T7258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  134.524986][ T7258] Call Trace:
[  134.524992][ T7258]  <TASK>
[  134.524999][ T7258]  dump_stack_lvl+0x241/0x360
[  134.525026][ T7258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.525043][ T7258]  ? __pfx__printk+0x10/0x10
[  134.525062][ T7258]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  134.525082][ T7258]  ? __pfx___might_resched+0x10/0x10
[  134.525108][ T7258]  should_fail_ex+0x40a/0x550
[  134.525137][ T7258]  should_failslab+0xac/0x100
[  134.525159][ T7258]  __kmalloc_node_noprof+0xe1/0x4d0
[  134.525179][ T7258]  ? crypto_create_tfm_node+0x88/0x3d0
[  134.525203][ T7258]  crypto_create_tfm_node+0x88/0x3d0
[  134.525227][ T7258]  crypto_alloc_tfm_node+0x161/0x360
[  134.525253][ T7258]  crypto_alloc_sync_skcipher+0x35/0xc0
[  134.525275][ T7258]  crypto_get_default_null_skcipher+0x3b/0x80
[  134.525297][ T7258]  aead_init_geniv+0x14e/0x260
[  134.525316][ T7258]  crypto_create_tfm_node+0x167/0x3d0
[  134.525340][ T7258]  crypto_alloc_tfm_node+0x161/0x360
[  134.525366][ T7258]  esp6_init_state+0x387/0x1180
[  134.525399][ T7258]  ? __pfx_esp6_init_state+0x10/0x10
[  134.525449][ T7258]  ? __xfrm_init_state+0x725/0x12e0
[  134.525469][ T7258]  ? __xfrm_init_state+0x725/0x12e0
[  134.525489][ T7258]  __xfrm_init_state+0x9bc/0x12e0
[  134.525516][ T7258]  xfrm_add_sa+0x3038/0x42a0
[  134.525544][ T7258]  ? __pfx_xfrm_add_sa+0x10/0x10
[  134.525568][ T7258]  ? __nla_parse+0x40/0x60
[  134.525590][ T7258]  xfrm_user_rcv_msg+0x975/0xc20
[  134.525612][ T7258]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  134.525661][ T7258]  ? __mutex_trylock_common+0x183/0x2e0
[  134.525679][ T7258]  ? __pfx___might_resched+0x10/0x10
[  134.525703][ T7258]  ? __pfx___mutex_trylock_common+0x10/0x10
[  134.525729][ T7258]  netlink_rcv_skb+0x206/0x480
[  134.525751][ T7258]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  134.525773][ T7258]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  134.525819][ T7258]  xfrm_netlink_rcv+0x79/0x90
[  134.525838][ T7258]  netlink_unicast+0x7f6/0x990
[  134.525865][ T7258]  ? __pfx_netlink_unicast+0x10/0x10
[  134.525883][ T7258]  ? __virt_addr_valid+0x45f/0x530
[  134.525899][ T7258]  ? __phys_addr_symbol+0x2f/0x70
[  134.525914][ T7258]  ? __check_object_size+0x47a/0x730
[  134.525948][ T7258]  netlink_sendmsg+0x8de/0xcb0
[  134.525981][ T7258]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.526006][ T7258]  ? aa_sock_msg_perm+0x91/0x160
[  134.526035][ T7258]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.526053][ T7258]  __sock_sendmsg+0x221/0x270
[  134.526077][ T7258]  ____sys_sendmsg+0x53a/0x860
[  134.526102][ T7258]  ? __pfx_____sys_sendmsg+0x10/0x10
[  134.526117][ T7258]  ? __fget_files+0x2a/0x410
[  134.526141][ T7258]  ? __fget_files+0x2a/0x410
[  134.526170][ T7258]  __sys_sendmsg+0x269/0x350
[  134.526191][ T7258]  ? __pfx___sys_sendmsg+0x10/0x10
[  134.526220][ T7258]  ? do_sys_openat2+0x17a/0x1d0
[  134.526266][ T7258]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  134.526288][ T7258]  ? do_syscall_64+0x100/0x230
[  134.526310][ T7258]  ? do_syscall_64+0xb6/0x230
[  134.526331][ T7258]  do_syscall_64+0xf3/0x230
[  134.526349][ T7258]  ? clear_bhb_loop+0x35/0x90
[  134.526372][ T7258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.526391][ T7258] RIP: 0033:0x7fc5f318d169
[  134.526406][ T7258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.526419][ T7258] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  134.526437][ T7258] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[  134.526448][ T7258] RDX: 0000000004000080 RSI: 0000400000000000 RDI: 0000000000000003
[  134.526458][ T7258] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[  134.526469][ T7258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.526479][ T7258] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[  134.526505][ T7258]  </TASK>
[  135.073413][ T7266] Cannot find add_set index 0 as target
[  135.366019][ T7281] FAULT_INJECTION: forcing a failure.
[  135.366019][ T7281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.414672][ T7281] CPU: 1 UID: 0 PID: 7281 Comm: syz.1.414 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  135.414699][ T7281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  135.414709][ T7281] Call Trace:
[  135.414714][ T7281]  <TASK>
[  135.414721][ T7281]  dump_stack_lvl+0x241/0x360
[  135.414747][ T7281]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.414764][ T7281]  ? __pfx__printk+0x10/0x10
[  135.414786][ T7281]  ? __pfx_lock_release+0x10/0x10
[  135.414814][ T7281]  should_fail_ex+0x40a/0x550
[  135.414841][ T7281]  _copy_from_user+0x2d/0xb0
[  135.414862][ T7281]  move_addr_to_kernel+0x82/0x150
[  135.414884][ T7281]  __sys_sendto+0x268/0x4c0
[  135.414911][ T7281]  ? __pfx___sys_sendto+0x10/0x10
[  135.414945][ T7281]  ? __fget_files+0x2a/0x410
[  135.414975][ T7281]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  135.415000][ T7281]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  135.415027][ T7281]  __x64_sys_sendto+0xde/0x100
[  135.415046][ T7281]  do_syscall_64+0xf3/0x230
[  135.415071][ T7281]  ? clear_bhb_loop+0x35/0x90
[  135.415095][ T7281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.415115][ T7281] RIP: 0033:0x7fc473f8d169
[  135.415130][ T7281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.415144][ T7281] RSP: 002b:00007fc474d42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  135.415162][ T7281] RAX: ffffffffffffffda RBX: 00007fc4741a5fa0 RCX: 00007fc473f8d169
[  135.415173][ T7281] RDX: 0000000000000003 RSI: 0000400000000dc0 RDI: 0000000000000004
[  135.415184][ T7281] RBP: 00007fc474d42090 R08: 00004000000001c0 R09: 0000000000000014
[  135.415195][ T7281] R10: 0000000000048001 R11: 0000000000000246 R12: 0000000000000001
[  135.415205][ T7281] R13: 0000000000000000 R14: 00007fc4741a5fa0 R15: 00007fff21bd5f48
[  135.415230][ T7281]  </TASK>
[  135.635975][ T7285] netlink: 20 bytes leftover after parsing attributes in process `syz.0.415'.
[  135.683787][ T7285] netlink: 36 bytes leftover after parsing attributes in process `syz.0.415'.
[  136.120148][ T7313] netlink: 36 bytes leftover after parsing attributes in process `syz.3.424'.
[  136.280156][ T7320] netlink: 36 bytes leftover after parsing attributes in process `syz.2.427'.
[  136.463581][ T7334] Cannot find add_set index 2 as target
[  136.510816][ T7340] FAULT_INJECTION: forcing a failure.
[  136.510816][ T7340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.547682][ T7340] CPU: 0 UID: 0 PID: 7340 Comm: syz.2.433 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  136.547709][ T7340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  136.547720][ T7340] Call Trace:
[  136.547726][ T7340]  <TASK>
[  136.547733][ T7340]  dump_stack_lvl+0x241/0x360
[  136.547759][ T7340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.547777][ T7340]  ? __pfx__printk+0x10/0x10
[  136.547796][ T7340]  ? __pfx_lock_release+0x10/0x10
[  136.547826][ T7340]  should_fail_ex+0x40a/0x550
[  136.547853][ T7340]  _copy_from_user+0x2d/0xb0
[  136.547874][ T7340]  copy_msghdr_from_user+0xae/0x680
[  136.547896][ T7340]  ? __pfx___might_resched+0x10/0x10
[  136.547919][ T7340]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  136.547944][ T7340]  ? do_recvmmsg+0x44e/0xab0
[  136.547961][ T7340]  ? __might_fault+0xaa/0x120
[  136.547981][ T7340]  do_recvmmsg+0x3bd/0xab0
[  136.548008][ T7340]  ? __pfx_do_recvmmsg+0x10/0x10
[  136.548045][ T7340]  ? ksys_write+0x22a/0x2b0
[  136.548062][ T7340]  ? __pfx_lock_release+0x10/0x10
[  136.548088][ T7340]  ? sb_end_write+0xe9/0x1c0
[  136.548109][ T7340]  ? vfs_write+0x7fa/0xd10
[  136.548128][ T7340]  ? __mutex_unlock_slowpath+0x227/0x800
[  136.548156][ T7340]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  136.548172][ T7340]  ? __fget_files+0x2a/0x410
[  136.548204][ T7340]  __x64_sys_recvmmsg+0x199/0x250
[  136.548225][ T7340]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  136.548244][ T7340]  ? do_syscall_64+0x100/0x230
[  136.548265][ T7340]  ? do_syscall_64+0xb6/0x230
[  136.548285][ T7340]  do_syscall_64+0xf3/0x230
[  136.548303][ T7340]  ? clear_bhb_loop+0x35/0x90
[  136.548327][ T7340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.548347][ T7340] RIP: 0033:0x7f0af258d169
[  136.548363][ T7340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.548377][ T7340] RSP: 002b:00007f0af3499038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  136.548396][ T7340] RAX: ffffffffffffffda RBX: 00007f0af27a5fa0 RCX: 00007f0af258d169
[  136.548408][ T7340] RDX: 0000000000000002 RSI: 0000400000000540 RDI: 0000000000000004
[  136.548418][ T7340] RBP: 00007f0af3499090 R08: 0000000000000000 R09: 0000000000000000
[  136.548429][ T7340] R10: 0000000040000100 R11: 0000000000000246 R12: 0000000000000001
[  136.548439][ T7340] R13: 0000000000000000 R14: 00007f0af27a5fa0 R15: 00007fff26ffff68
[  136.548464][ T7340]  </TASK>
[  136.586847][ T7341] netlink: 'syz.4.432': attribute type 1 has an invalid length.
[  136.891122][ T7348] lo: left promiscuous mode
[  136.900542][ T7348] tunl0: left promiscuous mode
[  136.917877][ T7350] sctp: [Deprecated]: syz.3.435 (pid 7350) Use of struct sctp_assoc_value in delayed_ack socket option.
[  136.917877][ T7350] Use struct sctp_sack_info instead
[  136.940065][ T7348] gre0: left promiscuous mode
[  136.951090][ T7348] gretap0: left promiscuous mode
[  137.020504][ T7348] erspan0: left promiscuous mode
[  137.040379][ T7348] ip_vti0: left promiscuous mode
[  137.072797][ T7348] ip6_vti0: left promiscuous mode
[  137.098572][ T7348] sit0: left promiscuous mode
[  137.122087][ T7348] ip6tnl0: left promiscuous mode
[  137.130531][ T7348] ip6gre0: left promiscuous mode
[  137.154333][ T7348] syz_tun: left promiscuous mode
[  137.199824][ T7348] ip6gretap0: left promiscuous mode
[  137.223088][ T7348] vcan0: left promiscuous mode
[  137.252061][ T7348] bond0: left promiscuous mode
[  137.264810][ T7348] bond_slave_0: left promiscuous mode
[  137.271088][ T7348] bond_slave_1: left promiscuous mode
[  137.289557][ T7348] bond1: left promiscuous mode
[  137.302336][ T7348] bond2: left promiscuous mode
[  137.310030][ T7348] bond3: left promiscuous mode
[  137.315938][ T7369] netlink: 36 bytes leftover after parsing attributes in process `syz.1.441'.
[  137.345485][ T7348] team0: left promiscuous mode
[  137.354449][ T7348] team_slave_0: left promiscuous mode
[  137.362688][ T7348] team_slave_1: left promiscuous mode
[  137.381649][ T7348] dummy0: left promiscuous mode
[  137.393597][ T7348] nlmon0: left promiscuous mode
[  137.412998][ T7348] caif0: left promiscuous mode
[  137.483809][ T7348] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  137.499196][ T7348] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  137.553338][ T7348] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  137.561986][ T7348] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  137.571320][ T7348] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  137.579892][ T7348] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  137.794215][ T7378] netlink: 'syz.0.443': attribute type 1 has an invalid length.
[  138.307912][ T7398] netlink: 766 bytes leftover after parsing attributes in process `syz.3.451'.
[  138.443261][ T7397] 8021q: adding VLAN 0 to HW filter on device batadv1
[  138.484053][ T7397] bridge0: port 3(batadv1) entered blocking state
[  138.509929][ T7397] bridge0: port 3(batadv1) entered disabled state
[  138.530861][ T7397] batadv1: entered allmulticast mode
[  138.558372][ T7397] batadv1: entered promiscuous mode
[  138.581856][ T7397] bridge0: port 3(batadv1) entered blocking state
[  138.588890][ T7397] bridge0: port 3(batadv1) entered forwarding state
[  138.667245][ T7415] netlink: 36 bytes leftover after parsing attributes in process `syz.3.454'.
[  138.952129][ T1099] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  138.963059][ T1099] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  139.293477][ T7438] FAULT_INJECTION: forcing a failure.
[  139.293477][ T7438] name failslab, interval 1, probability 0, space 0, times 0
[  139.370464][ T7438] CPU: 0 UID: 0 PID: 7438 Comm: syz.3.460 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  139.370491][ T7438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  139.370502][ T7438] Call Trace:
[  139.370509][ T7438]  <TASK>
[  139.370516][ T7438]  dump_stack_lvl+0x241/0x360
[  139.370543][ T7438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.370559][ T7438]  ? __pfx__printk+0x10/0x10
[  139.370576][ T7438]  ? __kmalloc_noprof+0xb5/0x4c0
[  139.370597][ T7438]  ? __pfx___might_resched+0x10/0x10
[  139.370624][ T7438]  should_fail_ex+0x40a/0x550
[  139.370650][ T7438]  should_failslab+0xac/0x100
[  139.370672][ T7438]  __kmalloc_noprof+0xdd/0x4c0
[  139.370691][ T7438]  ? sock_kmalloc+0xd7/0x160
[  139.370714][ T7438]  sock_kmalloc+0xd7/0x160
[  139.370734][ T7438]  aead_recvmsg+0x106c/0x19f0
[  139.370779][ T7438]  ? __pfx_aead_recvmsg+0x10/0x10
[  139.370793][ T7438]  ? up_write+0x1a9/0x590
[  139.370852][ T7438]  ? __pfx_validate_chain+0x10/0x10
[  139.370877][ T7438]  ? mark_lock+0x9a/0x360
[  139.370895][ T7438]  ? __lock_acquire+0x1397/0x2100
[  139.370949][ T7438]  ? iovec_from_user+0x1b4/0x240
[  139.370974][ T7438]  ? __import_iovec+0x3bf/0x830
[  139.370993][ T7438]  ? __pfx_aead_recvmsg+0x10/0x10
[  139.371010][ T7438]  sock_recvmsg_nosec+0x18e/0x1d0
[  139.371035][ T7438]  ____sys_recvmsg+0x3cd/0x480
[  139.371060][ T7438]  ? __pfx_____sys_recvmsg+0x10/0x10
[  139.371090][ T7438]  ? do_recvmmsg+0x44e/0xab0
[  139.371107][ T7438]  ? __might_fault+0xaa/0x120
[  139.371127][ T7438]  do_recvmmsg+0x426/0xab0
[  139.371156][ T7438]  ? __pfx_do_recvmmsg+0x10/0x10
[  139.371192][ T7438]  ? ksys_write+0x22a/0x2b0
[  139.371209][ T7438]  ? __pfx_lock_release+0x10/0x10
[  139.371235][ T7438]  ? sb_end_write+0xe9/0x1c0
[  139.371256][ T7438]  ? vfs_write+0x7fa/0xd10
[  139.371274][ T7438]  ? __mutex_unlock_slowpath+0x227/0x800
[  139.371303][ T7438]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  139.371320][ T7438]  ? __fget_files+0x2a/0x410
[  139.371354][ T7438]  __x64_sys_recvmmsg+0x199/0x250
[  139.371374][ T7438]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  139.371396][ T7438]  ? do_syscall_64+0x100/0x230
[  139.371424][ T7438]  ? do_syscall_64+0xb6/0x230
[  139.371444][ T7438]  do_syscall_64+0xf3/0x230
[  139.371461][ T7438]  ? clear_bhb_loop+0x35/0x90
[  139.371483][ T7438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.371502][ T7438] RIP: 0033:0x7fc5f318d169
[  139.371516][ T7438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.371530][ T7438] RSP: 002b:00007fc5f4021038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  139.371547][ T7438] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318d169
[  139.371557][ T7438] RDX: 0000000000000002 RSI: 0000400000000540 RDI: 0000000000000004
[  139.371567][ T7438] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[  139.371576][ T7438] R10: 0000000040000100 R11: 0000000000000246 R12: 0000000000000001
[  139.371586][ T7438] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[  139.371612][ T7438]  </TASK>
[  140.217190][ T7458] tap0: tun_chr_ioctl cmd 1074025677
[  140.222721][ T7458] tap0: linktype set to 774
[  140.388070][ T7443] lo: entered promiscuous mode
[  140.416753][ T7443] tunl0: entered promiscuous mode
[  140.423440][ T7443] gre0: entered promiscuous mode
[  140.430566][ T7443] gretap0: entered promiscuous mode
[  140.444800][ T7443] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  140.632558][ T7469] netlink: 36 bytes leftover after parsing attributes in process `syz.4.470'.
[  141.447078][ T7481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  141.487872][ T7481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  141.578751][ T7488] netlink: 184 bytes leftover after parsing attributes in process `syz.2.474'.
[  141.765712][ T7488] netlink: 20 bytes leftover after parsing attributes in process `syz.2.474'.
[  142.535599][ T7508] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  142.941524][ T7521] netlink: 36 bytes leftover after parsing attributes in process `syz.4.485'.
[  143.082111][ T7528] FAULT_INJECTION: forcing a failure.
[  143.082111][ T7528] name failslab, interval 1, probability 0, space 0, times 0
[  143.114848][ T7528] CPU: 0 UID: 0 PID: 7528 Comm: syz.2.487 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  143.114871][ T7528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  143.114880][ T7528] Call Trace:
[  143.114886][ T7528]  <TASK>
[  143.114892][ T7528]  dump_stack_lvl+0x241/0x360
[  143.114917][ T7528]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.114934][ T7528]  ? __pfx__printk+0x10/0x10
[  143.114950][ T7528]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  143.114971][ T7528]  ? __pfx___might_resched+0x10/0x10
[  143.114993][ T7528]  should_fail_ex+0x40a/0x550
[  143.115019][ T7528]  should_failslab+0xac/0x100
[  143.115040][ T7528]  __kmalloc_node_noprof+0xe1/0x4d0
[  143.115060][ T7528]  ? crypto_create_tfm_node+0x88/0x3d0
[  143.115084][ T7528]  crypto_create_tfm_node+0x88/0x3d0
[  143.115105][ T7528]  crypto_alloc_tfm_node+0x161/0x360
[  143.115130][ T7528]  cryptd_alloc_aead+0xe2/0x200
[  143.115147][ T7528]  ? __pfx_cryptd_alloc_aead+0x10/0x10
[  143.115178][ T7528]  ? rcu_is_watching+0x15/0xb0
[  143.115194][ T7528]  ? trace_kmalloc+0x1f/0xd0
[  143.115215][ T7528]  simd_aead_init+0x67/0x150
[  143.115237][ T7528]  crypto_create_tfm_node+0x167/0x3d0
[  143.115260][ T7528]  crypto_spawn_tfm2+0x5c/0x90
[  143.115280][ T7528]  aead_init_geniv+0x18e/0x260
[  143.115299][ T7528]  crypto_create_tfm_node+0x167/0x3d0
[  143.115320][ T7528]  crypto_alloc_tfm_node+0x161/0x360
[  143.115353][ T7528]  esp6_init_state+0x387/0x1180
[  143.115385][ T7528]  ? __pfx_esp6_init_state+0x10/0x10
[  143.115431][ T7528]  ? __xfrm_init_state+0x725/0x12e0
[  143.115448][ T7528]  ? __xfrm_init_state+0x725/0x12e0
[  143.115468][ T7528]  __xfrm_init_state+0x9bc/0x12e0
[  143.115496][ T7528]  xfrm_add_sa+0x3038/0x42a0
[  143.115522][ T7528]  ? __pfx_xfrm_add_sa+0x10/0x10
[  143.115545][ T7528]  ? __nla_parse+0x40/0x60
[  143.115566][ T7528]  xfrm_user_rcv_msg+0x975/0xc20
[  143.115590][ T7528]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  143.115643][ T7528]  ? __mutex_trylock_common+0x183/0x2e0
[  143.115661][ T7528]  ? __pfx___might_resched+0x10/0x10
[  143.115685][ T7528]  ? __pfx___mutex_trylock_common+0x10/0x10
[  143.115714][ T7528]  netlink_rcv_skb+0x206/0x480
[  143.115735][ T7528]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  143.115755][ T7528]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  143.115803][ T7528]  xfrm_netlink_rcv+0x79/0x90
[  143.115823][ T7528]  netlink_unicast+0x7f6/0x990
[  143.115851][ T7528]  ? __pfx_netlink_unicast+0x10/0x10
[  143.115868][ T7528]  ? __virt_addr_valid+0x45f/0x530
[  143.115885][ T7528]  ? __phys_addr_symbol+0x2f/0x70
[  143.115900][ T7528]  ? __check_object_size+0x47a/0x730
[  143.115926][ T7528]  netlink_sendmsg+0x8de/0xcb0
[  143.115957][ T7528]  ? __pfx_netlink_sendmsg+0x10/0x10
[  143.115982][ T7528]  ? aa_sock_msg_perm+0x91/0x160
[  143.116010][ T7528]  ? __pfx_netlink_sendmsg+0x10/0x10
[  143.116028][ T7528]  __sock_sendmsg+0x221/0x270
[  143.116053][ T7528]  ____sys_sendmsg+0x53a/0x860
[  143.116079][ T7528]  ? __pfx_____sys_sendmsg+0x10/0x10
[  143.116094][ T7528]  ? __fget_files+0x2a/0x410
[  143.116118][ T7528]  ? __fget_files+0x2a/0x410
[  143.116147][ T7528]  __sys_sendmsg+0x269/0x350
[  143.116169][ T7528]  ? __pfx___sys_sendmsg+0x10/0x10
[  143.116200][ T7528]  ? do_sys_openat2+0x17a/0x1d0
[  143.116246][ T7528]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  143.116268][ T7528]  ? do_syscall_64+0x100/0x230
[  143.116289][ T7528]  ? do_syscall_64+0xb6/0x230
[  143.116310][ T7528]  do_syscall_64+0xf3/0x230
[  143.116328][ T7528]  ? clear_bhb_loop+0x35/0x90
[  143.116360][ T7528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.116380][ T7528] RIP: 0033:0x7f0af258d169
[  143.116395][ T7528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.116410][ T7528] RSP: 002b:00007f0af3499038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.116429][ T7528] RAX: ffffffffffffffda RBX: 00007f0af27a5fa0 RCX: 00007f0af258d169
[  143.116441][ T7528] RDX: 0000000004000080 RSI: 0000400000000000 RDI: 0000000000000003
[  143.116453][ T7528] RBP: 00007f0af3499090 R08: 0000000000000000 R09: 0000000000000000
[  143.116463][ T7528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  143.116474][ T7528] R13: 0000000000000000 R14: 00007f0af27a5fa0 R15: 00007fff26ffff68
[  143.116499][ T7528]  </TASK>
[  144.112558][ T7556] netlink: 165 bytes leftover after parsing attributes in process `syz.1.497'.
[  144.129808][ T7556] netlink: 277 bytes leftover after parsing attributes in process `syz.1.497'.
[  144.154834][ T5850] Bluetooth: hci4: command 0x0405 tx timeout
[  145.411891][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.442740][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.022818][ T7590] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  146.042560][ T7582] lo: entered promiscuous mode
[  146.078186][ T7582] tunl0: entered promiscuous mode
[  146.101885][ T7582] gre0: entered promiscuous mode
[  146.132820][ T7582] gretap0: entered promiscuous mode
[  146.163299][ T7582] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  147.158340][ T7638] lo: entered promiscuous mode
[  147.180358][ T7638] tunl0: entered promiscuous mode
[  147.201909][ T7638] gre0: entered promiscuous mode
[  147.223735][ T7638] 0ªX¹¦Dö»: entered promiscuous mode
[  147.237639][ T7638] 0ªX¹¦Dö»: left allmulticast mode
[  147.250246][ T7638] erspan0: entered promiscuous mode
[  147.282397][ T7638] ip_vti0: entered promiscuous mode
[  147.295906][ T7638] ip6_vti0: entered promiscuous mode
[  147.305861][ T7638] sit0: entered promiscuous mode
[  147.316498][ T7638] ip6tnl0: entered promiscuous mode
[  147.323210][ T7638] ip6gre0: entered promiscuous mode
[  147.335799][ T7638] syz_tun: entered promiscuous mode
[  147.343860][ T7638] ip6gretap0: entered promiscuous mode
[  147.353431][ T7638] vcan0: entered promiscuous mode
[  147.374190][ T7638] bond0: entered promiscuous mode
[  147.393534][ T7638] bond_slave_0: entered promiscuous mode
[  147.399598][ T7638] bond_slave_1: entered promiscuous mode
[  147.409689][ T7638] bond1: entered promiscuous mode
[  147.419885][ T7638] bond2: entered promiscuous mode
[  147.427605][ T7638] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.445445][ T7638] team0: entered promiscuous mode
[  147.450518][ T7638] team_slave_0: entered promiscuous mode
[  147.456844][ T7638] team_slave_1: entered promiscuous mode
[  147.463338][ T7638] 8021q: adding VLAN 0 to HW filter on device team0
[  147.472023][ T7638] dummy0: entered promiscuous mode
[  147.479616][ T7638] nlmon0: entered promiscuous mode
[  147.486645][ T7638] caif0: entered promiscuous mode
[  147.491782][ T7638] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  147.508126][ T7651] lo: left promiscuous mode
[  147.514968][ T7651] lo: entered allmulticast mode
[  147.521264][ T7651] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  147.968456][ T7682] netlink: 'syz.0.525': attribute type 3 has an invalid length.
[  147.994979][ T7682] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.525'.
[  148.005546][ T7682] FAULT_INJECTION: forcing a failure.
[  148.005546][ T7682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.040244][ T7682] CPU: 0 UID: 0 PID: 7682 Comm: syz.0.525 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  148.040268][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  148.040278][ T7682] Call Trace:
[  148.040283][ T7682]  <TASK>
[  148.040290][ T7682]  dump_stack_lvl+0x241/0x360
[  148.040316][ T7682]  ? __pfx_dump_stack_lvl+0x10/0x10
[  148.040333][ T7682]  ? __pfx__printk+0x10/0x10
[  148.040353][ T7682]  ? snprintf+0xda/0x120
[  148.040375][ T7682]  should_fail_ex+0x40a/0x550
[  148.040400][ T7682]  _copy_to_user+0x31/0xb0
[  148.040421][ T7682]  simple_read_from_buffer+0xca/0x150
[  148.040444][ T7682]  proc_fail_nth_read+0x1e9/0x250
[  148.040468][ T7682]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  148.040489][ T7682]  ? rw_verify_area+0x243/0x630
[  148.040505][ T7682]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  148.040527][ T7682]  vfs_read+0x1f8/0xb40
[  148.040543][ T7682]  ? fdget_pos+0x254/0x320
[  148.040566][ T7682]  ? __pfx___mutex_lock+0x10/0x10
[  148.040595][ T7682]  ? __pfx_vfs_read+0x10/0x10
[  148.040608][ T7682]  ? do_sys_openat2+0x17a/0x1d0
[  148.040632][ T7682]  ? __fget_files+0x2a/0x410
[  148.040654][ T7682]  ? __fget_files+0x395/0x410
[  148.040673][ T7682]  ? __fget_files+0x2a/0x410
[  148.040702][ T7682]  ksys_read+0x18f/0x2b0
[  148.040721][ T7682]  ? __pfx_ksys_read+0x10/0x10
[  148.040736][ T7682]  ? do_syscall_64+0x100/0x230
[  148.040756][ T7682]  ? do_syscall_64+0xb6/0x230
[  148.040777][ T7682]  do_syscall_64+0xf3/0x230
[  148.040795][ T7682]  ? clear_bhb_loop+0x35/0x90
[  148.040817][ T7682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.040835][ T7682] RIP: 0033:0x7f32c758bb7c
[  148.040850][ T7682] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  148.040863][ T7682] RSP: 002b:00007f32c834c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  148.040887][ T7682] RAX: ffffffffffffffda RBX: 00007f32c77a5fa0 RCX: 00007f32c758bb7c
[  148.040897][ T7682] RDX: 000000000000000f RSI: 00007f32c834c0a0 RDI: 0000000000000004
[  148.040906][ T7682] RBP: 00007f32c834c090 R08: 0000000000000000 R09: 0000000000000000
[  148.040914][ T7682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.040923][ T7682] R13: 0000000000000000 R14: 00007f32c77a5fa0 R15: 00007ffe7d74dc58
[  148.040946][ T7682]  </TASK>
[  148.098023][ T7688] netlink: 36 bytes leftover after parsing attributes in process `syz.3.522'.
[  148.376779][ T7665] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  148.512828][ T7705] netlink: 24 bytes leftover after parsing attributes in process `syz.0.527'.
[  149.715202][ T7734] netlink: 'syz.4.538': attribute type 12 has an invalid length.
[  149.972029][ T7747] netlink: 'syz.0.541': attribute type 10 has an invalid length.
[  149.981262][ T7741] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  150.061009][ T7747] macvlan0: entered allmulticast mode
[  150.097793][ T7734] netlink: zone id is out of range
[  150.108861][ T7747] veth1_vlan: entered allmulticast mode
[  150.153466][ T7747] macvlan0: entered promiscuous mode
[  150.187369][ T7747] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  150.195724][ T7741] netlink: 'syz.4.538': attribute type 2 has an invalid length.
[  150.378801][ T7741] Tq€!7: entered promiscuous mode
[  150.479458][ T7770] netlink: 32 bytes leftover after parsing attributes in process `syz.0.546'.
[  150.689446][ T7734] netlink: set zone limit has 4 unknown bytes
[  151.039312][ T7789] netlink: 32 bytes leftover after parsing attributes in process `syz.0.551'.
[  151.468090][ T7799] xt_bpf: check failed: parse error
[  151.533867][ T7802] tipc: New replicast peer: 127.0.0.1
[  151.570642][ T7802] tipc: Enabled bearer <udp:syz2>, priority 10
[  151.735100][ T7808] netlink: 'syz.2.557': attribute type 11 has an invalid length.
[  151.817512][ T7817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.558'.
[  152.021971][ T7817] macvtap0: entered promiscuous mode
[  152.027499][ T7817] gretap0: entered promiscuous mode
[  152.034742][ T7817] macvtap0: entered allmulticast mode
[  152.044715][ T7817] gretap0: entered allmulticast mode
[  152.536584][ T7844] netlink: 'syz.2.566': attribute type 10 has an invalid length.
[  152.580125][ T7844] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  152.626553][ T7844] team0: Port device wlan1 added
[  152.686011][ T5921] tipc: Node number set to 24321
[  152.776068][ T7849] netlink: 64 bytes leftover after parsing attributes in process `syz.3.568'.
[  152.798935][ T7849] netlink: 16 bytes leftover after parsing attributes in process `syz.3.568'.
[  153.513587][ T7815] lo: entered promiscuous mode
[  153.520659][ T7815] tunl0: entered promiscuous mode
[  153.544642][ T7815] gre0: entered promiscuous mode
[  153.551026][ T7815] gretap0: entered promiscuous mode
[  153.600466][ T7815] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  154.276760][ T7895] netlink: 68 bytes leftover after parsing attributes in process `syz.1.575'.
[  154.347096][ T7891] bridge0: entered promiscuous mode
[  154.354724][ T7891] bridge0: entered allmulticast mode
[  154.906738][ T7910] x_tables: duplicate underflow at hook 3
[  154.940428][ T7910] netlink: 32 bytes leftover after parsing attributes in process `syz.3.579'.
[  155.119667][ T7909] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  155.122878][ T7917] netlink: 'syz.3.581': attribute type 10 has an invalid length.
[  155.218606][ T7917] macvlan0: entered allmulticast mode
[  155.228294][ T7917] veth1_vlan: entered allmulticast mode
[  155.240202][ T7917] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  155.289159][ T7921] pimreg3: entered allmulticast mode
[  155.846318][ T7933] netlink: 4 bytes leftover after parsing attributes in process `syz.3.587'.
[  155.867043][ T7934] netlink: 4 bytes leftover after parsing attributes in process `syz.1.586'.
[  155.884605][ T7934] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.893439][ T7933] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  155.915556][ T7934] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.955462][ T7934] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.996067][ T7934] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.115395][ T7942] tipc: Can't bind to reserved service type 0
[  156.244999][ T7941] netlink: 'syz.1.586': attribute type 2 has an invalid length.
[  156.252689][ T7941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.586'.
[  156.854727][ T7968] netlink: 36 bytes leftover after parsing attributes in process `syz.0.596'.
[  156.916235][ T7970] FAULT_INJECTION: forcing a failure.
[  156.916235][ T7970] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.916673][ T7971] netlink: 16 bytes leftover after parsing attributes in process `syz.2.591'.
[  156.940654][ T7970] CPU: 1 UID: 0 PID: 7970 Comm: syz.3.597 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  156.940679][ T7970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  156.940689][ T7970] Call Trace:
[  156.940695][ T7970]  <TASK>
[  156.940702][ T7970]  dump_stack_lvl+0x241/0x360
[  156.940726][ T7970]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.940744][ T7970]  ? __pfx__printk+0x10/0x10
[  156.940765][ T7970]  ? snprintf+0xda/0x120
[  156.940787][ T7970]  should_fail_ex+0x40a/0x550
[  156.940810][ T7970]  _copy_to_user+0x31/0xb0
[  156.940829][ T7970]  simple_read_from_buffer+0xca/0x150
[  156.940849][ T7970]  proc_fail_nth_read+0x1e9/0x250
[  156.940866][ T7970]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  156.940883][ T7970]  ? rw_verify_area+0x243/0x630
[  156.940897][ T7970]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  156.940917][ T7970]  vfs_read+0x1f8/0xb40
[  156.940932][ T7970]  ? fdget_pos+0x254/0x320
[  156.940952][ T7970]  ? __pfx___mutex_lock+0x10/0x10
[  156.940979][ T7970]  ? __pfx_vfs_read+0x10/0x10
[  156.940997][ T7970]  ? __fget_files+0x2a/0x410
[  156.941019][ T7970]  ? __fget_files+0x395/0x410
[  156.941037][ T7970]  ? __fget_files+0x2a/0x410
[  156.941067][ T7970]  ksys_read+0x18f/0x2b0
[  156.941085][ T7970]  ? __pfx_ksys_read+0x10/0x10
[  156.941102][ T7970]  ? do_syscall_64+0x100/0x230
[  156.941124][ T7970]  ? do_syscall_64+0xb6/0x230
[  156.941146][ T7970]  do_syscall_64+0xf3/0x230
[  156.941165][ T7970]  ? clear_bhb_loop+0x35/0x90
[  156.941188][ T7970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.941207][ T7970] RIP: 0033:0x7fc5f318bb7c
[  156.941222][ T7970] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  156.941236][ T7970] RSP: 002b:00007fc5f4021030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  156.941254][ T7970] RAX: ffffffffffffffda RBX: 00007fc5f33a5fa0 RCX: 00007fc5f318bb7c
[  156.941266][ T7970] RDX: 000000000000000f RSI: 00007fc5f40210a0 RDI: 0000000000000004
[  156.941277][ T7970] RBP: 00007fc5f4021090 R08: 0000000000000000 R09: 0000000000000000
[  156.941287][ T7970] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.941297][ T7970] R13: 0000000000000000 R14: 00007fc5f33a5fa0 R15: 00007ffc0672e0d8
[  156.941324][ T7970]  </TASK>
[  157.341850][ T7978] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  157.350361][ T7978] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  157.358885][ T7978] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  157.501387][ T7981] netlink: 124 bytes leftover after parsing attributes in process `syz.3.600'.
[  157.554219][ T7988] veth0_to_bond: entered promiscuous mode
[  157.587056][ T7981] netlink: 4 bytes leftover after parsing attributes in process `syz.3.600'.
[  157.619809][ T7981] veth0_to_bond (unregistering): left promiscuous mode
[  157.658923][ T7981] bond0: (slave bond_slave_0): Releasing backup interface
[  157.699385][ T7989] netpci0: tun_chr_ioctl cmd 1074025677
[  157.710435][ T7989] netpci0: linktype set to 773
[  157.744746][ T7990] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  157.833179][ T7996] netlink: 8 bytes leftover after parsing attributes in process `syz.0.602'.
[  158.591907][ T8014] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input11
[  159.213969][ T8035] macvtap1: entered promiscuous mode
[  159.230588][ T8035] macvtap1: entered allmulticast mode
[  159.255187][ T8035] dummy0: entered allmulticast mode
[  159.298868][ T8041] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.313595][ T8041] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.565131][ T8041] __nla_validate_parse: 3 callbacks suppressed
[  159.565160][ T8041] netlink: 184 bytes leftover after parsing attributes in process `syz.4.618'.
[  159.596135][ T8045] netlink: 36 bytes leftover after parsing attributes in process `syz.2.619'.
[  160.125555][ T8058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.623'.
[  160.202319][ T8058] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  160.321525][ T8058] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  160.349402][ T8051] lo: entered promiscuous mode
[  160.354236][ T8051] lo: left allmulticast mode
[  160.464468][ T8051] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  160.517398][ T8070] netlink: 284 bytes leftover after parsing attributes in process `syz.4.627'.
[  161.288748][ T8084] netlink: 36 bytes leftover after parsing attributes in process `syz.2.632'.
[  161.440051][ T8091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.636'.
[  161.519014][ T8092] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  161.520786][ T8091] macvtap1: entered promiscuous mode
[  161.550272][ T8092] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  161.554910][ T8091] macvtap1: entered allmulticast mode
[  161.572893][ T8091] gretap0: entered allmulticast mode
[  161.639555][ T8092] netlink: 184 bytes leftover after parsing attributes in process `syz.1.635'.
[  161.845201][ T8112] FAULT_INJECTION: forcing a failure.
[  161.845201][ T8112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.867604][ T8108] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  161.878355][ T8108] netlink: 'syz.4.641': attribute type 1 has an invalid length.
[  161.886149][ T8108] netlink: 224 bytes leftover after parsing attributes in process `syz.4.641'.
[  161.971775][ T8112] CPU: 1 UID: 0 PID: 8112 Comm: syz.2.643 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  161.971804][ T8112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  161.971815][ T8112] Call Trace:
[  161.971821][ T8112]  <TASK>
[  161.971829][ T8112]  dump_stack_lvl+0x241/0x360
[  161.971855][ T8112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.971873][ T8112]  ? __pfx__printk+0x10/0x10
[  161.971895][ T8112]  ? snprintf+0xda/0x120
[  161.971921][ T8112]  should_fail_ex+0x40a/0x550
[  161.971949][ T8112]  _copy_to_user+0x31/0xb0
[  161.971971][ T8112]  simple_read_from_buffer+0xca/0x150
[  161.971997][ T8112]  proc_fail_nth_read+0x1e9/0x250
[  161.972021][ T8112]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  161.972044][ T8112]  ? rw_verify_area+0x243/0x630
[  161.972061][ T8112]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  161.972083][ T8112]  vfs_read+0x1f8/0xb40
[  161.972101][ T8112]  ? fdget_pos+0x254/0x320
[  161.972123][ T8112]  ? __pfx___mutex_lock+0x10/0x10
[  161.972142][ T8112]  ? __pfx_vfs_read+0x10/0x10
[  161.972162][ T8112]  ? __fget_files+0x2a/0x410
[  161.972184][ T8112]  ? __fget_files+0x395/0x410
[  161.972204][ T8112]  ? __fget_files+0x2a/0x410
[  161.972233][ T8112]  ksys_read+0x18f/0x2b0
[  161.972252][ T8112]  ? __pfx_ksys_read+0x10/0x10
[  161.972269][ T8112]  ? do_syscall_64+0x100/0x230
[  161.972291][ T8112]  ? do_syscall_64+0xb6/0x230
[  161.972312][ T8112]  do_syscall_64+0xf3/0x230
[  161.972331][ T8112]  ? clear_bhb_loop+0x35/0x90
[  161.972354][ T8112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.972375][ T8112] RIP: 0033:0x7f0af258bb7c
[  161.972390][ T8112] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  161.972403][ T8112] RSP: 002b:00007f0af3499030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  161.972422][ T8112] RAX: ffffffffffffffda RBX: 00007f0af27a5fa0 RCX: 00007f0af258bb7c
[  161.972434][ T8112] RDX: 000000000000000f RSI: 00007f0af34990a0 RDI: 0000000000000005
[  161.972444][ T8112] RBP: 00007f0af3499090 R08: 0000000000000000 R09: 0000000000000000
[  161.972454][ T8112] R10: 0000000040000100 R11: 0000000000000246 R12: 0000000000000001
[  161.972464][ T8112] R13: 0000000000000000 R14: 00007f0af27a5fa0 R15: 00007fff26ffff68
[  161.972496][ T8112]  </TASK>
[  162.279548][ T8113] lo: entered promiscuous mode
[  162.286175][ T8113] tunl0: entered promiscuous mode
[  162.292512][ T8113] gre0: entered promiscuous mode
[  162.303660][ T8113] erspan0: entered promiscuous mode
[  162.321966][ T8113] ip_vti0: entered promiscuous mode
[  162.332671][ T8113] ip6_vti0: entered promiscuous mode
[  162.344042][ T8113] sit0: entered promiscuous mode
[  162.363548][ T8113] ip6tnl0: entered promiscuous mode
[  162.373686][ T8113] ip6gre0: entered promiscuous mode
[  162.389813][ T8113] syz_tun: entered promiscuous mode
[  162.407071][ T8113] ip6gretap0: entered promiscuous mode
[  162.414368][ T8113] vcan0: entered promiscuous mode
[  162.422064][ T8113] bond0: entered promiscuous mode
[  162.427388][ T8113] bond_slave_1: entered promiscuous mode
[  162.433304][ T8113] bond1: entered promiscuous mode
[  162.439010][ T8113] bond2: entered promiscuous mode
[  162.444248][ T8113] bond3: entered promiscuous mode
[  162.449691][ T8113] macvlan0: entered promiscuous mode
[  162.463356][ T8113] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.471197][ T8113] team0: entered promiscuous mode
[  162.476520][ T8113] team_slave_0: entered promiscuous mode
[  162.529448][ T8126] netlink: 16 bytes leftover after parsing attributes in process `syz.1.647'.
[  162.541030][ T8113] team_slave_1: entered promiscuous mode
[  162.600075][ T8113] 8021q: adding VLAN 0 to HW filter on device team0
[  162.655602][ T8113] dummy0: entered promiscuous mode
[  162.686690][ T8113] nlmon0: entered promiscuous mode
[  162.789616][ T8135] netlink: 36 bytes leftover after parsing attributes in process `syz.0.648'.
[  163.517465][ T8113] caif0: entered promiscuous mode
[  163.553067][ T8113] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  163.599881][ T8128] macvlan3: entered promiscuous mode
[  163.962268][ T8197] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input12
[  164.201753][ T8205] pim6reg: entered allmulticast mode
[  164.209598][ T8205] pim6reg: left allmulticast mode
[  164.417781][ T8214] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input13
[  164.904507][ T8238] __nla_validate_parse: 3 callbacks suppressed
[  164.923699][ T8238] netlink: 68 bytes leftover after parsing attributes in process `syz.2.673'.
[  164.974121][ T8231] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  164.991434][ T8241] netlink: 36 bytes leftover after parsing attributes in process `syz.3.674'.
[  165.013389][ T8238] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input14
[  165.322717][ T8257] netlink: 'syz.2.679': attribute type 10 has an invalid length.
[  165.427028][ T8257] macvlan0: entered allmulticast mode
[  165.433266][ T8257] veth1_vlan: entered allmulticast mode
[  165.455499][ T8257] macvlan0: entered promiscuous mode
[  165.473207][ T8257] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  165.605780][ T8250] netlink: 32 bytes leftover after parsing attributes in process `syz.1.669'.
[  166.019927][ T8273] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  166.213996][ T8287] netlink: 68 bytes leftover after parsing attributes in process `syz.3.688'.
[  166.231745][ T8287] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input15
[  166.466261][ T8298] netlink: 8 bytes leftover after parsing attributes in process `syz.3.691'.
[  166.484726][ T8298] netlink: 'syz.3.691': attribute type 1 has an invalid length.
[  166.568197][ T8301] netlink: 4 bytes leftover after parsing attributes in process `syz.4.693'.
[  166.590805][ T8301] macvtap2: entered promiscuous mode
[  166.601109][ T8301] macvtap2: entered allmulticast mode
[  166.634774][ T8301] dummy0: entered allmulticast mode
[  166.927862][ T8307] netlink: 32 bytes leftover after parsing attributes in process `syz.2.695'.
[  167.213430][ T8297] lo: entered promiscuous mode
[  167.220145][ T8297] tunl0: entered promiscuous mode
[  167.228414][ T8297] gre0: entered promiscuous mode
[  167.235893][ T8297] gretap0: entered promiscuous mode
[  167.241151][ T8297] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  167.551870][ T8321] openvswitch: netlink: IP tunnel dst address not specified
[  167.871956][ T8304] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  169.159880][ T8365] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  169.328053][ T8372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.712'.
[  169.408471][ T8372] macvtap1: entered promiscuous mode
[  169.435629][ T8372] macvtap1: entered allmulticast mode
[  169.441155][ T8372] dummy0: entered allmulticast mode
[  169.588306][ T8375] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  169.796792][ T8392] netlink: 36 bytes leftover after parsing attributes in process `syz.1.716'.
[  170.135543][ T8379] xt_hashlimit: max too large, truncated to 1048576
[  171.205478][ T8423] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  171.615080][ T8448] netlink: 36 bytes leftover after parsing attributes in process `syz.1.732'.
[  171.695383][ T8439] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  171.724706][ T8451] FAULT_INJECTION: forcing a failure.
[  171.724706][ T8451] name failslab, interval 1, probability 0, space 0, times 0
[  171.787233][ T8451] CPU: 1 UID: 0 PID: 8451 Comm: syz.4.734 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  171.787259][ T8451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  171.787269][ T8451] Call Trace:
[  171.787275][ T8451]  <TASK>
[  171.787282][ T8451]  dump_stack_lvl+0x241/0x360
[  171.787314][ T8451]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.787328][ T8451]  ? __pfx__printk+0x10/0x10
[  171.787342][ T8451]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  171.787361][ T8451]  ? __pfx___might_resched+0x10/0x10
[  171.787380][ T8451]  should_fail_ex+0x40a/0x550
[  171.787403][ T8451]  should_failslab+0xac/0x100
[  171.787420][ T8451]  kmem_cache_alloc_node_noprof+0x77/0x380
[  171.787436][ T8451]  ? __alloc_skb+0x1c3/0x440
[  171.787451][ T8451]  __alloc_skb+0x1c3/0x440
[  171.787462][ T8451]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  171.787480][ T8451]  ? __pfx___alloc_skb+0x10/0x10
[  171.787491][ T8451]  ? net_generic+0x1c0/0x240
[  171.787508][ T8451]  ? pfkey_broadcast+0x3e3/0x400
[  171.787524][ T8451]  pfkey_sendmsg+0xcfb/0x1070
[  171.787548][ T8451]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  171.787574][ T8451]  ? __pfx_aa_sk_perm+0x10/0x10
[  171.787590][ T8451]  ? __import_iovec+0x582/0x830
[  171.787608][ T8451]  ? aa_sock_msg_perm+0x91/0x160
[  171.787630][ T8451]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  171.787642][ T8451]  __sock_sendmsg+0x221/0x270
[  171.787661][ T8451]  ____sys_sendmsg+0x53a/0x860
[  171.787680][ T8451]  ? __pfx_____sys_sendmsg+0x10/0x10
[  171.787692][ T8451]  ? __fget_files+0x2a/0x410
[  171.787712][ T8451]  ? __fget_files+0x2a/0x410
[  171.787735][ T8451]  __sys_sendmsg+0x269/0x350
[  171.787752][ T8451]  ? __pfx___sys_sendmsg+0x10/0x10
[  171.787773][ T8451]  ? do_sys_openat2+0x17a/0x1d0
[  171.787808][ T8451]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  171.787828][ T8451]  ? do_syscall_64+0x100/0x230
[  171.787845][ T8451]  ? do_syscall_64+0xb6/0x230
[  171.787862][ T8451]  do_syscall_64+0xf3/0x230
[  171.787878][ T8451]  ? clear_bhb_loop+0x35/0x90
[  171.787897][ T8451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.787913][ T8451] RIP: 0033:0x7f801838d169
[  171.787926][ T8451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.787937][ T8451] RSP: 002b:00007f8019231038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.787952][ T8451] RAX: ffffffffffffffda RBX: 00007f80185a5fa0 RCX: 00007f801838d169
[  171.787961][ T8451] RDX: 0000000000000000 RSI: 00004000005f5000 RDI: 0000000000000003
[  171.787969][ T8451] RBP: 00007f8019231090 R08: 0000000000000000 R09: 0000000000000000
[  171.787976][ T8451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  171.787984][ T8451] R13: 0000000000000000 R14: 00007f80185a5fa0 R15: 00007ffc90716468
[  171.788004][ T8451]  </TASK>
[  172.846927][ T8487] netlink: 68 bytes leftover after parsing attributes in process `syz.0.744'.
[  172.955626][ T8487] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input16
[  173.072068][ T8483] 8021q: adding VLAN 0 to HW filter on device bond4
[  173.115930][ T8483] bond4: entered promiscuous mode
[  173.134193][ T8483] bond0: (slave bond4): Enslaving as an active interface with an up link
[  173.355605][ T8498] netlink: 4 bytes leftover after parsing attributes in process `syz.3.748'.
[  173.440713][ T8492] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  173.540265][ T8498] macvtap2: entered promiscuous mode
[  173.545986][ T8498] macvtap2: entered allmulticast mode
[  173.965584][ T8511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.754'.
[  173.999881][ T8511] netlink: 12 bytes leftover after parsing attributes in process `syz.2.754'.
[  174.374298][ T8529] netlink: 56 bytes leftover after parsing attributes in process `syz.4.762'.
[  174.438744][ T8534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.764'.
[  174.452304][ T8534] netlink: 28 bytes leftover after parsing attributes in process `syz.2.764'.
[  174.483844][ T8534] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  174.520288][ T8534] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  174.532573][ T8534] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  175.480609][ T8564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.777'.
[  175.634975][ T8561] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  175.681033][ T8567] netlink: 560 bytes leftover after parsing attributes in process `syz.2.777'.
[  176.235291][   T11] wlan0: Trigger new scan to find an IBSS to join
[  176.306590][ T8593] netlink: 'syz.1.786': attribute type 10 has an invalid length.
[  176.354700][ T8593] macvlan0: entered allmulticast mode
[  176.380026][ T8593] veth1_vlan: entered allmulticast mode
[  176.410176][ T8593] macvlan0: entered promiscuous mode
[  176.449486][ T8593] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  176.503022][ T8596] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  176.533033][ T8596] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  176.573472][ T8596] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  176.601910][ T8574] lo: entered promiscuous mode
[  176.609428][ T8574] tunl0: entered promiscuous mode
[  176.635798][ T8574] gre0: entered promiscuous mode
[  176.643115][ T8574] gretap0: entered promiscuous mode
[  176.689492][ T8574] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  177.196740][ T8611] 8021q: adding VLAN 0 to HW filter on device bond5
[  177.213018][ T8611] bond5: entered promiscuous mode
[  177.219036][ T8611] bond0: (slave bond5): Enslaving as an active interface with an up link
[  177.474359][ T8621] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  177.775673][ T8634] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  177.812156][ T8632] IPVS: set_ctl: invalid protocol: 47 10.1.1.0:20000
[  178.492425][ T8647] __nla_validate_parse: 5 callbacks suppressed
[  178.492445][ T8647] netlink: 16 bytes leftover after parsing attributes in process `syz.2.803'.
[  178.551115][ T8647] netlink: 28 bytes leftover after parsing attributes in process `syz.2.803'.
[  178.925940][ T8662] netlink: 8 bytes leftover after parsing attributes in process `syz.4.807'.
[  178.935945][ T8642] lo: entered promiscuous mode
[  178.954175][ T8663] dccp_v4_rcv: dropped packet with invalid checksum
[  178.956598][ T8642] tunl0: entered promiscuous mode
[  178.981826][ T8662] netlink: 28 bytes leftover after parsing attributes in process `syz.4.807'.
[  178.992500][ T8642] gre0: entered promiscuous mode
[  179.018623][ T8642] gretap0: entered promiscuous mode
[  179.037558][ T8642] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  179.151100][ T8665] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  179.166997][ T8665] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  179.194858][ T8665] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  179.203301][   T35] wlan0: Trigger new scan to find an IBSS to join
[  179.494427][ T8684] netlink: 16 bytes leftover after parsing attributes in process `syz.2.816'.
[  179.499684][ T8680] netlink: 68 bytes leftover after parsing attributes in process `syz.0.814'.
[  179.510009][ T8684] netlink: 28 bytes leftover after parsing attributes in process `syz.2.816'.
[  179.557606][ T8680] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input17
[  179.840675][ T8694] dccp_v4_rcv: dropped packet with invalid checksum
[  180.069195][ T8704] openvswitch: netlink: Tunnel attr 2 has unexpected len 0 expected 4
[  180.145377][ T8703] syzkaller0: entered promiscuous mode
[  180.150903][ T8703] syzkaller0: entered allmulticast mode
[  180.828366][ T8720] netlink: 16 bytes leftover after parsing attributes in process `syz.4.828'.
[  180.840522][ T8720] netlink: 28 bytes leftover after parsing attributes in process `syz.4.828'.
[  181.322881][ T8725] netlink: 68 bytes leftover after parsing attributes in process `syz.0.829'.
[  181.362645][ T8725] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input18
[  182.133328][ T8735] netlink: 'syz.0.833': attribute type 1 has an invalid length.
[  182.239002][ T8161] wlan0: Creating new IBSS network, BSSID 2e:87:fd:40:ac:b6
[  182.681570][ T8716] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  182.724762][ T8723] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  183.533209][ T8761] __nla_validate_parse: 2 callbacks suppressed
[  183.533230][ T8761] netlink: 36 bytes leftover after parsing attributes in process `syz.4.842'.
[  183.909149][ T8771] netlink: 16 bytes leftover after parsing attributes in process `syz.1.845'.
[  183.918396][ T8771] netlink: 28 bytes leftover after parsing attributes in process `syz.1.845'.
[  183.999421][ T8774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.847'.
[  184.034229][ T8774] netlink: 'syz.4.847': attribute type 1 has an invalid length.
[  184.309413][ T8778] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  184.628539][ T8794] netlink: 36 bytes leftover after parsing attributes in process `syz.2.854'.
[  185.052228][ T8809] netlink: 16 bytes leftover after parsing attributes in process `syz.0.858'.
[  185.068331][ T8807] netlink: 4 bytes leftover after parsing attributes in process `syz.2.860'.
[  185.080060][ T8809] netlink: 28 bytes leftover after parsing attributes in process `syz.0.858'.
[  185.110408][ T8807] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  185.221335][ T8805] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  185.732259][ T8839] netlink: 8 bytes leftover after parsing attributes in process `syz.1.868'.
[  185.779416][ T8839] netlink: 'syz.1.868': attribute type 1 has an invalid length.
[  185.915185][ T5848] Bluetooth: hci4: command 0x0405 tx timeout
[  186.476263][ T5844] Bluetooth: hci3: command 0x0406 tx timeout
[  186.482379][ T5844] Bluetooth: hci2: command 0x0406 tx timeout
[  186.489169][ T5848] Bluetooth: hci0: command 0x0406 tx timeout
[  186.496294][ T5848] Bluetooth: hci1: command 0x0406 tx timeout
[  186.497567][ T8849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.572519][ T8829] lo: entered promiscuous mode
[  186.589924][ T8829] tunl0: entered promiscuous mode
[  186.597550][ T8829] gre0: entered promiscuous mode
[  186.604146][ T8829] gretap0: entered promiscuous mode
[  186.616302][ T8829] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  186.648431][ T8855] netlink: 16 bytes leftover after parsing attributes in process `syz.1.873'.
[  187.703508][ T8894] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  187.843449][ T8869] lo: entered promiscuous mode
[  187.857151][ T8869] tunl0: entered promiscuous mode
[  187.864874][ T8869] gre0: entered promiscuous mode
[  187.871564][ T8869] gretap0: entered promiscuous mode
[  187.883950][ T8869] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  188.384361][ T8913] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input19
[  188.972503][ T8939] __nla_validate_parse: 5 callbacks suppressed
[  188.972522][ T8939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.900'.
[  189.008567][ T8939] netlink: 'syz.1.900': attribute type 1 has an invalid length.
[  189.701410][ T8961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.911'.
[  189.717573][ T8961] macvtap1: entered promiscuous mode
[  189.723446][ T8961] macvtap1: entered allmulticast mode
[  189.729022][ T8961] team0: entered allmulticast mode
[  189.734330][ T8961] team_slave_0: entered allmulticast mode
[  189.751477][ T8961] team_slave_1: entered allmulticast mode
[  189.760909][ T8961] macvlan2: entered allmulticast mode
[  189.795956][ T8961] bond0: entered allmulticast mode
[  189.796270][ T8964] netlink: 28 bytes leftover after parsing attributes in process `syz.1.912'.
[  189.811511][ T8961] bond_slave_0: entered allmulticast mode
[  189.817869][ T8961] bond_slave_1: entered allmulticast mode
[  189.823981][ T8961] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:562
[  189.834099][ T8961] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 8961, name: syz.0.911
[  189.864180][ T8961] preempt_count: 0, expected: 0
[  189.869370][ T8961] RCU nest depth: 1, expected: 0
[  189.874762][ T8961] 3 locks held by syz.0.911/8961:
[  189.880444][ T8961]  #0: ffffffff903d4bb8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250
[  189.890293][ T8961]  #1: ffffffff8fed6908 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xc4c/0x1d90
[  189.899600][ T8961]  #2: ffffffff8eb392e0 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x29/0x330
[  189.909896][ T8961] CPU: 0 UID: 0 PID: 8961 Comm: syz.0.911 Not tainted 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  189.909921][ T8961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  189.909932][ T8961] Call Trace:
[  189.909939][ T8961]  <TASK>
[  189.909947][ T8961]  dump_stack_lvl+0x241/0x360
[  189.909974][ T8961]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.909994][ T8961]  ? __pfx__printk+0x10/0x10
[  189.910025][ T8961]  __might_resched+0x5d4/0x780
[  189.910050][ T8961]  ? dev_set_rx_mode+0x57/0x2e0
[  189.910075][ T8961]  ? __pfx___might_resched+0x10/0x10
[  189.910101][ T8961]  ? mark_lock+0x9a/0x360
[  189.910129][ T8961]  __mutex_lock+0x126/0x1010
[  189.910156][ T8961]  ? __pfx___dev_notify_flags+0x10/0x10
[  189.910184][ T8961]  ? dev_set_allmulti+0x11c/0x270
[  189.910206][ T8961]  ? netif_set_allmulti+0x224/0x380
[  189.910231][ T8961]  ? __pfx___mutex_lock+0x10/0x10
[  189.910274][ T8961]  dev_set_allmulti+0x11c/0x270
[  189.910304][ T8961]  bond_change_rx_flags+0x4e1/0x6b0
[  189.910326][ T8961]  ? __pfx_netdev_info+0x10/0x10
[  189.910343][ T8961]  ? __pfx_bond_change_rx_flags+0x10/0x10
[  189.910362][ T8961]  ? __netdev_printk+0x30d/0x4d0
[  189.910394][ T8961]  ? __pfx_bond_change_rx_flags+0x10/0x10
[  189.910413][ T8961]  netif_set_allmulti+0x20e/0x380
[  189.910446][ T8961]  dev_set_allmulti+0x143/0x270
[  189.910476][ T8961]  macvlan_change_rx_flags+0xdb/0x220
[  189.910499][ T8961]  ? __pfx_macvlan_change_rx_flags+0x10/0x10
[  189.910518][ T8961]  netif_set_allmulti+0x20e/0x380
[  189.910549][ T8961]  dev_set_allmulti+0x143/0x270
[  189.910577][ T8961]  team_change_rx_flags+0x1a8/0x330
[  189.910596][ T8961]  ? team_change_rx_flags+0x29/0x330
[  189.910616][ T8961]  ? __pfx_team_change_rx_flags+0x10/0x10
[  189.910636][ T8961]  netif_set_allmulti+0x20e/0x380
[  189.910669][ T8961]  dev_set_allmulti+0x143/0x270
[  189.910691][ T8961]  macvlan_change_rx_flags+0xdb/0x220
[  189.910713][ T8961]  ? __pfx_macvlan_change_rx_flags+0x10/0x10
[  189.910744][ T8961]  netif_set_allmulti+0x20e/0x380
[  189.910777][ T8961]  __dev_change_flags+0x579/0x6f0
[  189.910799][ T8961]  ? __pfx___dev_change_flags+0x10/0x10
[  189.910814][ T8961]  ? netdev_rx_handler_register+0x78/0xe0
[  189.910837][ T8961]  ? macvtap_newlink+0x166/0x1b0
[  189.910857][ T8961]  rtnl_newlink_create+0x5ea/0xbd0
[  189.910896][ T8961]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  189.910922][ T8961]  ? __pfx___mutex_lock+0x10/0x10
[  189.910951][ T8961]  ? ns_capable+0x8a/0xf0
[  189.910975][ T8961]  rtnl_newlink+0x167a/0x1d90
[  189.911000][ T8961]  ? stack_depot_save_flags+0x37/0x940
[  189.911039][ T8961]  ? __pfx_rtnl_newlink+0x10/0x10
[  189.911060][ T8961]  ? __netlink_deliver_tap+0x561/0x7f0
[  189.911083][ T8961]  ? __pfx_validate_chain+0x10/0x10
[  189.911098][ T8961]  ? __sock_sendmsg+0x221/0x270
[  189.911116][ T8961]  ? ____sys_sendmsg+0x53a/0x860
[  189.911131][ T8961]  ? __sys_sendmsg+0x269/0x350
[  189.911146][ T8961]  ? do_syscall_64+0xf3/0x230
[  189.911165][ T8961]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.911210][ T8961]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  189.911236][ T8961]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  189.911269][ T8961]  ? mark_lock+0x9a/0x360
[  189.911290][ T8961]  ? __lock_acquire+0x1397/0x2100
[  189.911348][ T8961]  ? __pfx_lock_release+0x10/0x10
[  189.911387][ T8961]  ? __pfx_rtnl_newlink+0x10/0x10
[  189.911412][ T8961]  rtnetlink_rcv_msg+0x791/0xcf0
[  189.911432][ T8961]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  189.911459][ T8961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  189.911488][ T8961]  ? ref_tracker_free+0x643/0x7e0
[  189.911512][ T8961]  netlink_rcv_skb+0x206/0x480
[  189.911535][ T8961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  189.911560][ T8961]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  189.911607][ T8961]  ? netlink_deliver_tap+0x2e/0x1b0
[  189.911631][ T8961]  netlink_unicast+0x7f6/0x990
[  189.911662][ T8961]  ? __pfx_netlink_unicast+0x10/0x10
[  189.911679][ T8961]  ? __virt_addr_valid+0x45f/0x530
[  189.911697][ T8961]  ? __phys_addr_symbol+0x2f/0x70
[  189.911712][ T8961]  ? __check_object_size+0x47a/0x730
[  189.911747][ T8961]  netlink_sendmsg+0x8de/0xcb0
[  189.911783][ T8961]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.911811][ T8961]  ? aa_sock_msg_perm+0x91/0x160
[  189.911841][ T8961]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.911861][ T8961]  __sock_sendmsg+0x221/0x270
[  189.911886][ T8961]  ____sys_sendmsg+0x53a/0x860
[  189.911914][ T8961]  ? __pfx_____sys_sendmsg+0x10/0x10
[  189.911930][ T8961]  ? __fget_files+0x2a/0x410
[  189.911955][ T8961]  ? __fget_files+0x2a/0x410
[  189.911986][ T8961]  __sys_sendmsg+0x269/0x350
[  189.912002][ T8961]  ? __pfx_futex_wake+0x10/0x10
[  189.912028][ T8961]  ? __pfx___sys_sendmsg+0x10/0x10
[  189.912087][ T8961]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  189.912111][ T8961]  ? do_syscall_64+0x100/0x230
[  189.912130][ T8961]  ? do_syscall_64+0xb6/0x230
[  189.912150][ T8961]  do_syscall_64+0xf3/0x230
[  189.912168][ T8961]  ? clear_bhb_loop+0x35/0x90
[  189.912191][ T8961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.912212][ T8961] RIP: 0033:0x7f32c758d169
[  189.912239][ T8961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.912255][ T8961] RSP: 002b:00007f32c834c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  189.912274][ T8961] RAX: ffffffffffffffda RBX: 00007f32c77a5fa0 RCX: 00007f32c758d169
[  189.912286][ T8961] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000010
[  189.912295][ T8961] RBP: 00007f32c760e2a0 R08: 0000000000000000 R09: 0000000000000000
[  189.912306][ T8961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.912316][ T8961] R13: 0000000000000000 R14: 00007f32c77a5fa0 R15: 00007ffe7d74dc58
[  189.912346][ T8961]  </TASK>
[  189.912355][ T8961] 
[  190.461104][ T8961] =============================
[  190.465939][ T8961] [ BUG: Invalid wait context ]
[  190.470774][ T8961] 6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0 Tainted: G        W         
[  190.479378][ T8961] -----------------------------
[  190.484212][ T8961] syz.0.911/8961 is trying to lock:
[  190.489398][ T8961] ffff888078d5cd28 (&dev->lock){+.+.}-{4:4}, at: dev_set_allmulti+0x11c/0x270
[  190.498482][ T8961] other info that might help us debug this:
[  190.504357][ T8961] context-{5:5}
[  190.507832][ T8961] 3 locks held by syz.0.911/8961:
[  190.512840][ T8961]  #0: ffffffff903d4bb8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250
[  190.522422][ T8961]  #1: ffffffff8fed6908 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xc4c/0x1d90
[  190.531564][ T8961]  #2: ffffffff8eb392e0 (rcu_read_lock){....}-{1:3}, at: team_change_rx_flags+0x29/0x330
[  190.541487][ T8961] stack backtrace:
[  190.545195][ T8961] CPU: 0 UID: 0 PID: 8961 Comm: syz.0.911 Tainted: G        W          6.14.0-rc5-syzkaller-01147-g8ef890df4031 #0
[  190.545214][ T8961] Tainted: [W]=WARN
[  190.545219][ T8961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  190.545227][ T8961] Call Trace:
[  190.545235][ T8961]  <TASK>
[  190.545243][ T8961]  dump_stack_lvl+0x241/0x360
[  190.545260][ T8961]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.545273][ T8961]  ? __pfx__printk+0x10/0x10
[  190.545286][ T8961]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  190.545308][ T8961]  __lock_acquire+0x15a8/0x2100
[  190.545330][ T8961]  lock_acquire+0x1ed/0x550
[  190.545346][ T8961]  ? dev_set_allmulti+0x11c/0x270
[  190.545368][ T8961]  ? __pfx_lock_acquire+0x10/0x10
[  190.545384][ T8961]  ? dev_set_rx_mode+0x57/0x2e0
[  190.545402][ T8961]  ? __pfx___might_resched+0x10/0x10
[  190.545420][ T8961]  ? mark_lock+0x9a/0x360
[  190.545434][ T8961]  __mutex_lock+0x19c/0x1010
[  190.545450][ T8961]  ? dev_set_allmulti+0x11c/0x270
[  190.545469][ T8961]  ? __pfx___dev_notify_flags+0x10/0x10
[  190.545487][ T8961]  ? dev_set_allmulti+0x11c/0x270
[  190.545504][ T8961]  ? netif_set_allmulti+0x224/0x380
[  190.545521][ T8961]  ? __pfx___mutex_lock+0x10/0x10
[  190.545542][ T8961]  dev_set_allmulti+0x11c/0x270
[  190.545561][ T8961]  bond_change_rx_flags+0x4e1/0x6b0
[  190.545577][ T8961]  ? __pfx_netdev_info+0x10/0x10
[  190.545589][ T8961]  ? __pfx_bond_change_rx_flags+0x10/0x10
[  190.545603][ T8961]  ? __netdev_printk+0x30d/0x4d0
[  190.545620][ T8961]  ? __pfx_bond_change_rx_flags+0x10/0x10
[  190.545635][ T8961]  netif_set_allmulti+0x20e/0x380
[  190.545655][ T8961]  dev_set_allmulti+0x143/0x270
[  190.545679][ T8961]  macvlan_change_rx_flags+0xdb/0x220
[  190.545697][ T8961]  ? __pfx_macvlan_change_rx_flags+0x10/0x10
[  190.545715][ T8961]  netif_set_allmulti+0x20e/0x380
[  190.545735][ T8961]  dev_set_allmulti+0x143/0x270
[  190.545753][ T8961]  team_change_rx_flags+0x1a8/0x330
[  190.545768][ T8961]  ? team_change_rx_flags+0x29/0x330
[  190.545783][ T8961]  ? __pfx_team_change_rx_flags+0x10/0x10
[  190.545802][ T8961]  netif_set_allmulti+0x20e/0x380
[  190.545822][ T8961]  dev_set_allmulti+0x143/0x270
[  190.545841][ T8961]  macvlan_change_rx_flags+0xdb/0x220
[  190.545858][ T8961]  ? __pfx_macvlan_change_rx_flags+0x10/0x10
[  190.545875][ T8961]  netif_set_allmulti+0x20e/0x380
[  190.545895][ T8961]  __dev_change_flags+0x579/0x6f0
[  190.545909][ T8961]  ? __pfx___dev_change_flags+0x10/0x10
[  190.545921][ T8961]  ? netdev_rx_handler_register+0x78/0xe0
[  190.545936][ T8961]  ? macvtap_newlink+0x166/0x1b0
[  190.545949][ T8961]  rtnl_newlink_create+0x5ea/0xbd0
[  190.545971][ T8961]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  190.545990][ T8961]  ? __pfx___mutex_lock+0x10/0x10
[  190.546007][ T8961]  ? ns_capable+0x8a/0xf0
[  190.546022][ T8961]  rtnl_newlink+0x167a/0x1d90
[  190.546039][ T8961]  ? stack_depot_save_flags+0x37/0x940
[  190.546062][ T8961]  ? __pfx_rtnl_newlink+0x10/0x10
[  190.546077][ T8961]  ? __netlink_deliver_tap+0x561/0x7f0
[  190.546094][ T8961]  ? __pfx_validate_chain+0x10/0x10
[  190.546106][ T8961]  ? __sock_sendmsg+0x221/0x270
[  190.546122][ T8961]  ? ____sys_sendmsg+0x53a/0x860
[  190.546134][ T8961]  ? __sys_sendmsg+0x269/0x350
[  190.546145][ T8961]  ? do_syscall_64+0xf3/0x230
[  190.546159][ T8961]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.546183][ T8961]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  190.546201][ T8961]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  190.546221][ T8961]  ? mark_lock+0x9a/0x360
[  190.546233][ T8961]  ? __lock_acquire+0x1397/0x2100
[  190.546260][ T8961]  ? __pfx_lock_release+0x10/0x10
[  190.546281][ T8961]  ? __pfx_rtnl_newlink+0x10/0x10
[  190.546297][ T8961]  rtnetlink_rcv_msg+0x791/0xcf0
[  190.546313][ T8961]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  190.546330][ T8961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  190.546348][ T8961]  ? ref_tracker_free+0x643/0x7e0
[  190.546362][ T8961]  netlink_rcv_skb+0x206/0x480
[  190.546378][ T8961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  190.546394][ T8961]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  190.546417][ T8961]  ? netlink_deliver_tap+0x2e/0x1b0
[  190.546434][ T8961]  netlink_unicast+0x7f6/0x990
[  190.546451][ T8961]  ? __pfx_netlink_unicast+0x10/0x10
[  190.546464][ T8961]  ? __virt_addr_valid+0x45f/0x530
[  190.546477][ T8961]  ? __phys_addr_symbol+0x2f/0x70
[  190.546488][ T8961]  ? __check_object_size+0x47a/0x730
[  190.546505][ T8961]  netlink_sendmsg+0x8de/0xcb0
[  190.546526][ T8961]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.546543][ T8961]  ? aa_sock_msg_perm+0x91/0x160
[  190.546562][ T8961]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.546578][ T8961]  __sock_sendmsg+0x221/0x270
[  190.546594][ T8961]  ____sys_sendmsg+0x53a/0x860
[  190.546609][ T8961]  ? __pfx_____sys_sendmsg+0x10/0x10
[  190.546621][ T8961]  ? __fget_files+0x2a/0x410
[  190.546638][ T8961]  ? __fget_files+0x2a/0x410
[  190.546657][ T8961]  __sys_sendmsg+0x269/0x350
[  190.546674][ T8961]  ? __pfx_futex_wake+0x10/0x10
[  190.546692][ T8961]  ? __pfx___sys_sendmsg+0x10/0x10
[  190.546718][ T8961]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  190.546736][ T8961]  ? do_syscall_64+0x100/0x230
[  190.546751][ T8961]  ? do_syscall_64+0xb6/0x230
[  190.546765][ T8961]  do_syscall_64+0xf3/0x230
[  190.546780][ T8961]  ? clear_bhb_loop+0x35/0x90
[  190.546796][ T8961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.546813][ T8961] RIP: 0033:0x7f32c758d169
[  190.546824][ T8961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.546836][ T8961] RSP: 002b:00007f32c834c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.546850][ T8961] RAX: ffffffffffffffda RBX: 00007f32c77a5fa0 RCX: 00007f32c758d169
[  190.546859][ T8961] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000010
[  190.546868][ T8961] RBP: 00007f32c760e2a0 R08: 0000000000000000 R09: 0000000000000000
[  190.546876][ T8961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  190.546884][ T8961] R13: 0000000000000000 R14: 00007f32c77a5fa0 R15: 00007ffe7d74dc58
[  190.546898][ T8961]  </TASK>
[  191.130777][ T8961] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  191.139676][ T8961] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  191.157468][ T8967] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  191.160120][ T8969] chnl_net:chnl_net_open(): err: Unable to register and open device, Err:-19
[  191.165741][ T8967] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  191.175139][ T8969] caif:caif_disconnect_client(): nothing to disconnect
[  191.184545][ T8967] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  191.197556][ T8969] chnl_net:chnl_flowctrl_cb(): NET flowctrl func called flow: CLOSE/DEINIT
[  191.206676][ T8969] chnl_net:chnl_net_open(): state disconnected
[  191.212909][ T8969] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  194.635973][ T1296] ieee802154 phy0 wpan0: encryption failed: -22