last executing test programs:

6.875408165s ago: executing program 3 (id=3363):
unshare(0x42000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x3, 0xb) (async)
r1 = socket(0x2000000000000021, 0x3, 0xb)
connect$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000000d00)=[{{0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffe4e}}, {{&(0x7f0000000400)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x0, &(0x7f0000000640)=[{&(0x7f0000000240)=""/39}, {&(0x7f0000000480)=""/182}, {&(0x7f0000000540)=""/75}, {&(0x7f0000000340)=""/28}, {&(0x7f0000000e00)=""/121}, {&(0x7f00000018c0)=""/4096}], 0x0, &(0x7f00000006c0)=""/213}}, {{&(0x7f00000007c0)=@ethernet={0x0, @dev}, 0x0, &(0x7f0000000900)=[{&(0x7f0000000840)=""/8}, {&(0x7f0000000880)=""/78}], 0x0, &(0x7f0000000a40)=""/186}}, {{&(0x7f0000000940)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000b00)=""/39}, {&(0x7f0000000b40)=""/158}], 0x0, &(0x7f0000000c40)=""/156}}], 0xf000, 0x10002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
r8 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @loopback, @local}, 0xc)
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYRES16=r1], 0x128}, 0x4010) (async)
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYRES16=r1], 0x128}, 0x4010)
recvmsg$unix(r7, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$inet(r10, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r9, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) (async)
recvmsg$unix(r9, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$inet(r11, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000140)=0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={<r12=>0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f00000000c0)={r12}, &(0x7f0000000100)=0x8)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x34, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x7}]}, 0x34}}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x54, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x100}, {0x6}, {0x8, 0x15, 0xe}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x10) (async)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x54, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x100}, {0x6}, {0x8, 0x15, 0xe}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$l2tp(0x2, 0x2, 0x73)

3.424502697s ago: executing program 2 (id=3375):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r0, 0x0, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x14, 0x2, 0xa, 0x1}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x10}}, 0x8c}}, 0x0) (fail_nth: 12)

2.852782949s ago: executing program 2 (id=3379):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r2, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={r8}, 0x8)
r9 = socket(0x10, 0x3, 0x0)
r10 = socket(0x10, 0xa, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r10)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r9, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0x0, 0x6}, {0xf, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r13 = openat$cgroup_procs(r12, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r13, r13, 0x0, 0xf)
close(0x4)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0xc}, {0x0, 0xe8d215e92a884414}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x20000080)
r14 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r14, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r14, &(0x7f0000000100)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r15}}, 0x24}}, 0x0)

2.595405102s ago: executing program 4 (id=3380):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000002d80)={&(0x7f0000001900)=@in={0x2, 0x4e22, @private=0xa010100}, 0x10, &(0x7f0000002bc0)=[{&(0x7f0000001940)="6f6285262b44", 0x6}], 0x1, &(0x7f0000002d40)=[@init={0x18, 0x84, 0x0, {0x0, 0x3, 0x1, 0x2}}], 0x18, 0x4}, 0x24040050) (fail_nth: 20)

1.980299751s ago: executing program 4 (id=3383):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) (async)
r0 = socket(0x18, 0x0, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'sit0\x00'}}, 0x1e) (async)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xc, @broadcast, 'veth1_to_team\x00'}}, 0x1e)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x101a40, 0x0)
ioctl$PPPIOCATTCHAN(r2, 0x40047438, &(0x7f0000000040)=0x2) (async)
ioctl$PPPIOCBRIDGECHAN(r2, 0x40047435, &(0x7f0000000200)=0x1)
close(0x3) (async)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$AUDIT_TTY_SET(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x18, 0x3f9, 0x20, 0x70bd27, 0x25dfdbfd, {0x0, 0x1}, ["", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x4008084}, 0x20004000)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x64, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
r5 = socket$inet_sctp(0x2, 0x0, 0x84)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={0x0, 0x83e5}, 0x8) (async)
sendmmsg$sock(r3, &(0x7f0000009ac0), 0x0, 0x20048010) (async)
setsockopt$inet_opts(r3, 0x0, 0xf, &(0x7f0000000000)='\x00', 0x1) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x34}}, 0x0) (async)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x50) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, 0x0, 0x18) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xb2}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x7}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

1.903005191s ago: executing program 1 (id=3384):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000001540))
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x15)
socket$inet6(0xa, 0x805, 0x0) (async)
socket$inet6(0xa, 0x805, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f000000bd80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f000000bdc0)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f000000bdc0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f000000bf00)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0x50, r2, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "1057b456b8cfa453a8f8108d13"}, @NL80211_KEY_SEQ={0x4}, @NL80211_KEY_MODE={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}}, 0x0) (async)
sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f000000bf00)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0x50, r2, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "1057b456b8cfa453a8f8108d13"}, @NL80211_KEY_SEQ={0x4}, @NL80211_KEY_MODE={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00'})
unshare(0x20000400) (async)
unshare(0x20000400)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
connect$l2tp6(r4, &(0x7f0000000080)={0xa, 0x0, 0xffffffc0, @mcast2, 0x63, 0x4}, 0x20) (async)
connect$l2tp6(r4, &(0x7f0000000080)={0xa, 0x0, 0xffffffc0, @mcast2, 0x63, 0x4}, 0x20)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x200, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x4, 0x2a}}}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x60}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040004}, 0x10)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe(&(0x7f0000000200))
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r5, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r5], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80000000}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x51}]}, &(0x7f0000000100)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
ioctl$SIOCAX25NOUID(r6, 0x89e3, &(0x7f0000000000)) (async)
ioctl$SIOCAX25NOUID(r6, 0x89e3, &(0x7f0000000000))
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r7, 0x6611)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYRES32=r8], 0xc8}}, 0x40010) (async)
sendmsg$NFT_BATCH(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYRES32=r8], 0xc8}}, 0x40010)

1.847145412s ago: executing program 2 (id=3385):
r0 = socket(0x10, 0x3, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) (async, rerun: 64)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='gretap0\x00', 0x10) (rerun: 64)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x34, r2, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1}]}, 0x34}}, 0x0) (async)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="090000001200010a0000000000000000070000001dabe5385d"], 0x14}}, 0x0)

1.780916973s ago: executing program 0 (id=3386):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={@mcast2={0xff, 0x5}, @mcast1, @mcast2, 0x800000, 0xa, 0x0, 0x0, 0x7ffffffe, 0x140192})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='timer_start\x00'}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000000000000000040001812", @ANYRES32, @ANYBLOB="0000000000000000b7030000000a0000850000000c000000b70700000000000018010000202070250000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500"/103], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x1c}, [@ldst={0x6}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$ITER_CREATE(0x21, &(0x7f0000000300), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x8, &(0x7f0000000100)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendto$inet6(r2, &(0x7f0000001640)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xffffffffffffff18, 0x840, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$SIOCSIFHWADDR(r3, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

1.680789196s ago: executing program 1 (id=3387):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYRESOCT=r0, @ANYRES16=0x0, @ANYBLOB="000126bd7000fedbdf2515000000680005801c000280080001001ae1000008000300dcffffff0800140040000000070001006962000007000100696200000800010065746800040002802c000280080003000100000008000200080000000800020038040000080002000400000008000400ff030000"], 0x7c}, 0x1, 0x0, 0x0, 0x4044010}, 0x4810)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000380)=ANY=[], 0x9)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000084e96bb05865d32b7dfaa3d6f234f8850bb577c97062f1f1337035af8e424268340100008025d367adac5f7a42e3a458ed7230716dfa1e4592783bc808ce4fb47c38c2abec15cccfbfe091b056c127a0ec0625176904e702966be61f7047c136596d2e4976113f439f2b58c40a49c6369ed13d9476bafb2e3cbb3bf00dfef28cb4e4a225315d21078e8b6dd1d4e7e64ea33e458436d28fdb7d0522ccba29c1b138e33bf9166593d28e7b66436309d0c607973874ff4e4f94758602caffacb52234f9ea91"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000080)={<r5=>0x0, 0x5, 0x6}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000600)={r5, @in={{0x2, 0x4e24, @rand_addr=0x64010100}}, 0xd, 0x401}, 0x90)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00', 0x3a, 0x0, 0x7f}, 0x2c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
pipe(0x0)

1.680330827s ago: executing program 4 (id=3388):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x19, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffe02}, {}, {0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0xc5}}]}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000030a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

1.600972694s ago: executing program 3 (id=3389):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r0, 0x0, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x14, 0x2, 0xa, 0x1}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x10}}, 0x8c}}, 0x0) (fail_nth: 13)

1.570397407s ago: executing program 0 (id=3390):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='nilfs2_segment_usage_check\x00', r0}, 0x18)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="1400000016000b63d25a80648c2594f917240685", 0x14}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x9, 0x4, 0x4, 0x7ff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000380), 0xce4, r3}, 0x38)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xe, '\x00', 0x0, r0, 0x5, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r4, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newsa={0x17c, 0x10, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@multicast1}, {@in=@empty, 0x0, 0x33}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x89, 0x1, {{'sha256\x00'}, 0x208, "ca8bdaf566099b58b0085179e7b91acc5981a2f76db1cb781fe7cb575f642ed9d3ee2820e6be79e042344d8e2e779c6a0b7e0987ec26fe22919789f93ba510dd3b"}}]}, 0x17c}}, 0x0)

1.472816964s ago: executing program 2 (id=3391):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32=r0, @ANYBLOB="00008000000000001800348005"], 0x38}, 0x1, 0x300}, 0x0) (async, rerun: 64)
r1 = socket$can_raw(0x1d, 0x3, 0x1) (rerun: 64)
setsockopt(r1, 0x65, 0x0, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0) (async, rerun: 64)
r5 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=@can_newroute={0x3c, 0x18, 0x1, 0x70bd2f, 0x25dfdbfd, {}, [@CGW_CS_XOR={0x8, 0x5, {0x7, 0x4, 0xfffffffffffffffc, 0x8}}, @CGW_MOD_UID={0x8}, @CGW_MOD_XOR={0x15, 0x3, {{{0x0, 0x1, 0x1}, 0x6, 0x0, 0x0, 0x0, "1fbde55eb0d7e533"}, 0x6}}]}, 0x3c}}, 0x0) (async)
recvmmsg(r4, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1}, 0xfffffffd}], 0x2, 0x0, 0x0) (async)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001880)=ANY=[@ANYBLOB="dc2000003d0007010000000000000000017c0000040000000c00018006000600800a0000b8200280b1200680d80001"], 0x20dc}}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000140)={0x4e000}) (async)
sendmmsg$alg(r2, &(0x7f0000000140), 0x4924b68, 0x0)

1.472241996s ago: executing program 4 (id=3392):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000000000000000000000000008500000061000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000700)=ANY=[@ANYBLOB="2000000017140197"], 0x20}}, 0x0) (async, rerun: 32)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003e40)=ANY=[@ANYBLOB="d41b00003b0007010000000000000000017c00000400fc801000018054717f8008213700", @ANYRES32, @ANYBLOB="ac1b02"], 0x1bd4}}, 0xc000) (rerun: 32)

1.193218089s ago: executing program 3 (id=3393):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000002d80)={&(0x7f0000001900)=@in={0x2, 0x4e22, @private=0xa010100}, 0x10, &(0x7f0000002bc0)=[{&(0x7f0000001940)="6f6285262b44", 0x6}], 0x1, &(0x7f0000002d40)=[@init={0x18, 0x84, 0x0, {0x0, 0x3, 0x1, 0x2}}], 0x18, 0x4}, 0x24040050) (fail_nth: 21)

1.091160537s ago: executing program 1 (id=3394):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r0, 0x0, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x14, 0x2, 0xa, 0x1, 0x20}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x10}}, 0x8c}}, 0x0)

620.889431ms ago: executing program 2 (id=3395):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, r0, 0x800, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x8, 0x6f}}}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20048840)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffff2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000850}, 0x40080)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000479700850000003900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x32, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="24fcff001d2054c4159f05c053bfe300f28a79e52a6681229565a04dd5ac2b218c53ca3f836a0000000022fb15e9ce9ba542ba4ce6343e02bd4842ff5c3164bfde2eda8e5c0c9883f647cf4ad32e93ff070000000000000e09988467dd28c4e1ff2debf664aa134507fc9c", @ANYRES16=r0, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r2, @ANYBLOB="0800260094090000"], 0x24}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x20, 0x5, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x200c4003)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, r0, 0x800, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x8, 0x6f}}}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20048840) (async)
sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffff2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000850}, 0x40080) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000479700850000003900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x32, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="24fcff001d2054c4159f05c053bfe300f28a79e52a6681229565a04dd5ac2b218c53ca3f836a0000000022fb15e9ce9ba542ba4ce6343e02bd4842ff5c3164bfde2eda8e5c0c9883f647cf4ad32e93ff070000000000000e09988467dd28c4e1ff2debf664aa134507fc9c", @ANYRES16=r0, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r2, @ANYBLOB="0800260094090000"], 0x24}}, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPSET_CMD_RENAME(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x20, 0x5, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x200c4003) (async)

614.05111ms ago: executing program 0 (id=3396):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x82c}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x40894)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=ANY=[], 0x23c}}, 0x0)
syz_genetlink_get_family_id$net_dm(&(0x7f0000000080), r0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r1)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="c0000000", @ANYRES16=r2, @ANYBLOB="010028bd7000fddbdf250400000020000a"], 0xc0}}, 0x0)

520.678577ms ago: executing program 3 (id=3397):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000002000000000000000100008400ebd107c020ddfd"], 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = openat$cgroup_ro(r0, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
close(r1)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(r2, 0x0, 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x503, 0x200000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x15a11}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r5}, @IFLA_HSR_SLAVE1={0x8, 0x1, r7}, @IFLA_HSR_PROTOCOL={0x5, 0x7, 0x1}]}}}]}, 0x48}}, 0x44)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b88ef", 0x8, 0x3a, 0x0, @private1, @local, {[], @echo_reply}}}}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014001100b7030000000000698500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r9, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x4, [{}, {0x0, 0x100000000000000}]}, 0x68)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0xa8, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_USERDATA={0x93, 0x6, "97b9051b0e51c89c8a2cade2ffe1772dde15bd4c639d7d23da7fbfb163550c8f0cb8ad00fee4eb946725ca1688858b42fb7ca055bcb5f377b9d06f92c0599e72a5e701f706d5a89d5f5653702623a7e34d7ca42ca8a57c4e24356e6e3833b2475c1c3dcc48ac02176eace0b94c1b369e94a24a4306d3a73100d12429720dafdaaf4701f36668bb99435f82506258dc"}]}, @NFT_MSG_NEWFLOWTABLE={0x14, 0x2, 0xa, 0x1}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x10}}, 0x114}}, 0x0)

469.542931ms ago: executing program 1 (id=3398):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xb, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98fd8fe1e1b5fb82}, [@RTA_IP_PROTO={0x5, 0x1b, 0x6}]}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x14, &(0x7f0000000080)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_val={0x18, 0x5, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0xc26}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

408.96256ms ago: executing program 2 (id=3399):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, r1, 0x100, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfff, 0x5e}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xb4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20000001)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000001c0)={<r3=>r0})
sendmsg$kcm(r3, &(0x7f0000002540)={&(0x7f0000000200)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}}, 0x80, &(0x7f00000024c0)=[{&(0x7f0000000280)="0d240c4dab1ba7fca9941258ec24dbdf51adeb6afcfcdea84507223b2a0093366d808a88f44670708ef63c7f327abe8af0053d19db9fcfd393a55cbe0891836010b6a9c8ebc85fd3acb077a5745c719f038b66ca3c87f0bf3fc504290c4339eb0f50c5a806a1c764af20539c5e265cdb57c19a84a653dbc24a668e7f6599fe6f882d4e4ce515fc38ae0720feef815d9fd0f746a24d5b6629265ecbafaa1a7262495ebee5d5299a018cc594c11cfd676531bfb01757f5717d3f4a5d6a296e7843816b8d8c92391b8ec110f1a93b1715d56cb1d1db5fbca3bbe9274167a58d9fe85a1996d4f9e4174e7474d5ffdd8ac2b0e0a0b13a6e06c0a2b93523bddbb16b4cd5eea53f2fa053e8fd7558ce60890773f6c1b4c886fe4b19b4503d902bf42aea6d643f8a0fe4d4721746af9e4ff21ade12855b59762bb7ac95ce7e1e951e71f2d16a9905ced2463cc5010b16da71e64b47f3f6ab69c4dadd97433ba7f1a03140a280d8fa0e9d6dec102caf9ec50c178a4551fe19babfe4e25019e7438f35e9cf701acd39576fcdf3c26a86630c3ace179e39ae2cd011bdc61bc08b82dd05d2477f8a0462484e8bf0db12e38ddc0b1d41cebb266f378169f7297c3897a06a3552dd088a630a8e16e53591975fdfc30fc480f5cc9457ab73659a53a7d1044b87ff4a5d89892de870aa6206145565062a914ccd7f49ee9d4db230bbcc5c980de4ea306992e80a174ec0feb52eab9fc53740d34a11cf527e85c38734c09105aa6dedc8d827c9932121df09ceece036e53e9f34c5c5ee6bdae8fcdf6d0a4d656e7f54eacf05a871c1fdcdd87b1c4486899bc027e056cb50bc43080bc6e25d736c19f3705340a2c711c08371aa9c27cbcc8082ed8eebd5f7ed45b2f43368da9f5943850ad0d9f25f2a3072d88d9919be4dbfd9d4ae33a8d8264260991e298ff48f9bdfcd470199f430e46977926600df4fa4d5d3e65440ea390dcbb5e03cf0d015f62c9294642c11ffe619187c1897befc458c13788d30b6e551604bc411fcf9dd3298f2ce42b2a953e4216dba51965361eb58f690ffd6e4931196092db6bf70d86873ef0bb25573889ed978c57ce85aff7215aae180e9dd7b948e0a5b1f581a1709b9ac61d6a4096d0d46d479defba81b7fd99f9ab3868637dd0a074b35916ed5ce99b9ca99bfd283285c71b56de8d8271e5ff49b0a74af3264b602fc38f8f6f1d571afcd1f866ba3a4407d639443e67be010b5241cc7a1122a74d4af3ac71bf6b7eee62d18fbbacb605cf9a3d2b7ccb937550a652a501d17d6c64156ac2e37304091446eb3027b1e630862a4350301dbdae3d2c4f36b5dcf0d7cadb23a58a1108f4755ace063dd57251ef7657f01fce89f3c7d90ad1eecf5e13732ffc0a7cca7cbb6a6e1b1e4a084d913cbd2281d37c7f5d0d1a0fa12c3661affe2f93d2e9c25a96be2fbf348257083eda9ecbb92ca8d19372e157aead6dd7fc856b15c1c538f51501e34458a77f361ca20a2bbff1b29dc89af79f62d4f7cd3a79a7b4be347301aca372823e06ef7e23f101ba09a9898661a663814885c203559173d1105f5bc124fc88684158cfdf2626c30a7d7bd2e32a9bbc09c7104f1672c753ef59aed5368a9e8dceeb0e8c2f23443c09071ad5a96ebb4ac1b83d5a2c73fca04f137264b0e2225100e9c111ae4ae425e9b32b8d3f068719a3903bebe266ece4401a8701bcf4b361266bb7c1e527e2749da062522937dd54181d750230a1a51603f1e5a3f6da90d57830d491d68bac4cb187ff58c80a064da898a0be3e57231f4611dacd2a7c318d23aef42a8d0919249fa1c7d40fb7c51373bde81333b39cee5dd8ba7c1baaccc92428beabdf698456e481b19991b65c8ab65fc70c854ac8f319fb4dc4dc1cf57f12ba081349e4062eb129f443289115b37ff0873808deb6dc6db1073010c5525198e8810fbfaad1e94266c0568d2bc3148706191218cfdbe8c88c1efc6e7de0b9164a6df12383ba6543a9db56d2d07449b6274e8c6ccf9807852fe467bf350b64d6cee07feff38f437ecc95f45ab02be3085bdce76d1e6aa7a5691248d449f359021a5a763fea4d16387e723512b846f53d908cea793272e6211f6fcdc1079aaee3c3ba3b08003be23180cd89195780f37a7a1241fe4a91171fa50af361dc50f18dc04a86eeb471666f763f887b57a870c3d98bf4f257d44cca29b2d0d885029319b1935a751329f4de7d97346fe383c7ab12f81cbf42897051615c2e550c2467a9006814adc1f7fb74fd67cd11e926f5204ef079c33813a9f1aaec5ed9d6c0c4e802478f76d37d72859a59e8c393a6ba003656590c4505e7ab179fb57b8f0f176d3e855f2ebac9f7a8ba4ebcc50975801bfb423b2b9d2b7f23781ced0376430687cd16cca06dd152013ea97ad965a88cbd5c90e3c571776063de18671947389424512bbc0d93d17525213bf5637ff60d20226960f9074e2c7fd753b8bfa13605d03c2cac0dbd6e7bed3be5093c8c426c67212de6af04a08af5b3e58e6b4ba881dd3b9bc08ce2608aca4b2249f9e8f60481c9bc3cfddba8c180f687ec7d2ec8ceec7bab711ce4cc61ed3c8bec08a5e92ab09ec3d40c1a393df6b4119e0f00b90c087fa4ce985b9f3af850ba14386b49cd0049ce966bc0d13e1d4fba823943765a9424797d72dc6cb34bc98efc06aefa4482d0257b4313b1cb5b40067583805cdae2bed225b2809bea795ca1217bd819c577244b0aa9e7bde3f2e67f2ad9ba78884a141e8c1f31bbec9917bb458e1929c2f70f051f9b574a4f03186eba303bb731753e6c408ea76ab9c72424a582dc5bcf9a4d63347bd97c9a01442daa7354291c579e238cf4b36c81c65b3e369933eafc3d2ec8997b95b4f39bc193a44e37f1292b47911dda3e582f479ba8403e872ea0edba22f8def79a15e3dc83f693fd41f81edc4fec174af1d140032b9a94b423f66f695614a39fcaed814cfa4ce3a354ccfe7ac9dbd447fc7abeb43d3ae58ff433861ac1a3193972aedff3441bf0895cd79d5ad0bd4aed3740b44cc835d9d1c43a3420196bc5471926dd0e9a5771193203f6262a9a9e7d089038f28476591757f7eddacb91684bf0ed4bd58b062d903fc2d5df38e8dca1e322d15ab3911400bf98d73a8dd1c432ebbd878566952c4ede11c54e9e8bf318d9dfd95d01324de6e5c777cb877895849f15d156e9903491f3c8fe1fac81ff35d125544ff0e2a3e8e43517a9c94f2a20228ff9e33831acdc3a62c943eb69074ce7c622454c7d09f6c4ae85bc3b669f519ebbfd6002b187671b53020966208cb06ccf372fd1f7669a0a622a784d38e3656761b8a3bbeb3bcaca04329c0553d2120ba819665636d9360fbbee2c5178d084c2f22ea432a8769e11d17f11db4e8589b43ce9f23d4e04e68ddea14987de88f3beb8373c29456492a0a0b5ef91365081b9065358eaa30d6a33f2a2b9fa36b4d7aaff545a8093771213607792a963fcf786f93e05f9b361776d400c9465a4a9adeff0628bdcfcd48a6b43bd40a7f0be20e6277706716d34168360e1eab9e19fb4e4352fdfd284c2aab1c87659e14a09217f1862828855684e576afd492a5679ad19c40bc36adaad2c712e593635e880d61ccba7a528c65ad6af3171ce6386c0419beaee810f7ca8c12839dcf20cca1dfa1b55e02205859de336b5a0653dd20a095a6e0364da555b8fa651f04e0531ec5fe73dbce6da551f26c6f722fb2570f99705a779bd1a946eca6f2b037f4a3ba738a40a8dc6e4612fa54f0f8b921aba462f9fa8197df8d14b46eeacaae135af198ac4febb52d6ce098899100a0c0434c62b6f3a435da5de465227326d7c85de7eb14269a3818576137b55997b3935b29d6fa656fc8211ea4cbe5f0a9aed51b091d0ee943d3ac1b6dea8c49f63d6bc7d47d757c336115df286762a89871c85585e98452d27a4562bac1aa2afa341fb59860a1ecaedfd88b5f5a8113d3a3621f6f85ccffb1ebf648eeb5cc55858d707fa1b7c8394411e4a550538f86470104a569faa216547efb35d538e88a005646a925ead0fecbcc9c23a2781bc24d54cf73d17db2eaeae04478e3e3fc4cdfbb99d2f621eefd110f52887215999804b1e643ccdd16d37ecb62a248b3378e4e74ed5d98d45e4a16a90887bd84b084118f1c2977aa2eed6c7fb656f6b45a90924e82a290480ec8da2773e1298c39ccbac1f6fd656c1d388a099948f14461e055ebee5666331a3610de63a0c04355cd4ab5687cb3c51ac905939c026d0da8cf04422bbdaa4409915d0667026597f498a7ef50d1cfef0ddbb2c10b46b5cba78cd4381433a2ff9979977a837dd4dbf8b1a324ca5e8510cf34cc0d7b0ea3d52f81dc1afeadba4d84d3286fbbc391946a0729900d7b62b01940aaac28b7e6b9899ea5f29f1ea0b83df41451a7475f815570ef9e6ae73b3cdb5726f452f3a887efca97e0f9360da31af3a7218eef4aabf5e1df431a22df57eea878649bb835dd08b0b4eaea5347e59cc4bb8fc32c2f5b36d45d6e408e3d3a89bd4c37016165f0f00a8a646c3cca0c500f23ba240c0ef01a7a9572a2a0678ebbea9747ccc5d395fbacfc6d190697d6c794d35cb3df3597371218498fa9c9f174c3137e25759b15344e866c600cdeadbf9b60e520b0b6dbf7737e189c1d565794f5478b72479bef29f53967339c3386e3b1118d1fefabd73fcd639d95fc1eb62533b2b0d2e5b489348f653680f4357f763efdee2c1fd989c5d930b13607cbc937c8a6d48b28ae1ede61449457e2f8d72c4ca1bf8b501f4862220f6e482408240a106e59b461090aab50a50e540347dc288a37ff80b14e299ac26df9ff68bcd9a2ccdf9d6a7ca416007a6f4fc2bcd9a89033ba5c09ec0bc5644fb2b98f534ee9fcf142b7c4986518e5362aa41765790d39558ae95ba3da80b33d5e59d73dba7cf73bf0683208ef0b3dfa362e4499c2568ccdf9eacf3fdb6d2dff5de2b0e6e4ada9466035fefc926c25858606a7287d283b8b6c1b05e2fa4b9945dda395d7b70d9b2c1a173b1665116c89c200ba2c6565206e1cbb6c9bd4d4bce3b72f65990950bf6ebbaad510340db894b951f3fb3039ed3612155093290a577f45ceb234b94f487cd199f0992c8258ca1b5b6fe14bd45a94cf0ed7f1bfa2b68551956627d205b3df0eac06411cc6d5365a24a1ea24a19da18bf1d6893c01bc4f746f6dd9141611f498b20d23867dab77dd6ba7bab641acca3b9a61fb100e1e2a0a7dcb256cf2e93bdfe214f0a59563094252d8300b8cdd1043e9ff241abb89d5d5958b53a255655f4adcdc042bc94b4a1e5890e5e1d56f9e5d7e577db3e4ed1d3d505024f0b0ff043195a2051ce41ee2ea4736f8cb807165d523622e57c94083f3c795e46207e688c26e7d6bd3eb5524aa49e05fe4081dbee63e234a077f8b01fb65a122bb204fb7b5e9814031cf80b851d136fc6fd0e592ca6e8a0aa76c1fd1de48fbbdeca4fc01b4378beca85d58ddeba5db91e179eba961f14aa67424f6d6e2b779c638dfc9a220415572e0e898efed853199adb5b7c46c2d9cb1195b9439d3f021c0a149d450525dd68b1371912286f563a3598b550ee2c4d1e7ad4b56db2913727283ed09539fc7c20f19ee7063bf615fc4fc993f8afa6b33343908b773778b76e055169c4c6af74a082ec60b2ee42998d22fcae09c5fca8d2a2dc68cb9441ec14dbe83a14e3bc7fafc93b45f5d6c000c2acd81e3b9613b81aeca8034d09c7a9b84e1c872b41c99bcc7463d006b270b2c0ff29b5c70711e1257ec8628", 0x1000}, {&(0x7f0000001280)="879adcdb440d27194713554479c13040fe637847ee49a184295cad5fcfde9b02b71aa9181646c8c96a1d76ccf2a6d8857078e6282f681cba1a853741a23581817d939f7ca505c19c08afb7e1aeb8d79de4de2b594de65d8cdd29479ccc501f531e3bea6c24726e413ed1bed2f04d8bc7ec51f98f7fe765a2f100956af0d6f039291d", 0x82}, {&(0x7f0000001340)="27a8d25dfe6a05", 0x7}, {&(0x7f0000001380)="98f5be47de82d96176b882b2cf74c1f8258831c9b0784e3701ac4ffb0f3e129819759a81f3b7273e4181870aea15809d5203ade941bf78", 0x37}, {&(0x7f00000013c0)="13a8d93e6925ecd8778e6b4edde99dc20a0bb2de6ada3825791db6bcc39b752c27432e8a762274aaa710bfd8b59d1bbdd782cf13d600b35ece6457fba64c4e223d2038d1460d0e6768704b7aa28b7f96fbf74361b7128164ef13774c1fdf438a4641cb41b926d1fa839b1b7deb6a2af7c2e6b74fe66d6d69d37fccb1f2d79a26ed708d654c7f61e0629bbc3b8c44e5e70f2f42e2a91d78bfa0ff7b1002d0decc0ef9c8541e2155508d0bd0ffefe1f84ce53edea3ce958685d9f6f690341ef08f9a5dee48dc7cccca0b96dd4b6919f379d22360dcf929b05e2e9d1180a21ab7e9996a4abe62462abe36e78174e57c", 0xee}, {&(0x7f00000014c0)="aa8f481202b9d917e456430a8514cc94f89c0c9c7501f55c383f50a23c20549b5ffeb5677d985e5b6598beeda4abacdcf97b169dcc3afc22125d40b72ecfa9652ffba102019955ffbdad0c43ade824ec9d8dfdf7ff99858e9944f45a71d9785004acf11665ce5b26ec119ab569867b2aaf57a0ceb71eab3170f731ad5b60f255c7759cde33c156dc4b0dcf9a8527f23e00e62377f19a7d5b6fdc3c2211e9f113739941e3cf07fbbd3ddfca63a58bf83c53a90413ea1bdc38e7edc4b187f93b7a6dc9a6f020d86ffaa62216c8b84c16c3b230847c5306fe6b01265facef3876c6db0024c95dfa5f69883ce30d0621a330b3d118b4960d8e8a87eaf8dd2ef8e03135379addb56465a9a30bf4e326baa671989adcd3daee0bd3a6643da8ad761562fee973fdd59e1fe8fe3f67f875991fbea17570ec007256a639e77120645d2d5eab6d3d0ec3556cc6d28bab78b8db1ea4746e0e3a1b7734d6f375d54a842e702fd6b30d9b4a03466fcf58bd43c75fec2029431616023d46ea913aee83532c9187dd8ec17b06dc98c8e82dbacd238788368351ecbf53de69679c24c26db642fe740d13bc242a5069e2b36a8388703326124b45e04ef236706c09b88256e23c86f07fb56016944e0bf0b0340da3f5113f7c46af83cdc11a5b0a15230e81f3b00ffc7a0216f2eabdda7e37b21936461625e653414da42a3e5cfa26c3c828f2ed30d273967b352c56ad8e0597edc8bcfb07daf98a56bb3306f27179a3fbd5dc73a0e4503c6972595fc801c936995b993c10725146c5f0c9a0aab5c54aa980ecee6b421e7d6e999d5fa1f3b7ba898cd74df798a96acf8338828c53474770284c6ba1c934bc8111f4f58f182c367f5a5f51c268cce34f839d3f607faf1ffaf9631bfa4c1fdfab94ae6199ab825027932eff088a02f32c8db503feaa2529e5e89ccdecb8312554ee58a8de2714a8676f55db2e9b020b0bbcbdb0de0227a7c5f461e9842bbe3c5b451d4e5c5c7da36eebdc5e6736482084173540807ce7e1e26804e76607f1e28eb68f18f6a718e5be93a8e5ee0fe39e79088d6718495b74d52a1f3829998095251cab26fb9adaf0266eb3ea2a847c77a96551088e957bca4974c2f87675a3a07b7694a3009893906bb322f2365214d5b8bc7958cbc92828e388940f02ec72750f23ea280932f1a957afa18f1f1f13363105a72ce928deb098b885b87e2dd0444785e89e2b2f5f3c2a97e2f2dd3a64108f5cff00c9357d69df2dd174b4c1523fe12422bc275ebf1618709383da9cc28fcbab070507d292f4708cf15c5eb4f84001efe321c9d136d1a19ec4ba716126405f6f658c7ed19de9f2ec9dc50b054e10a755c00420ae5be4ea8d544e09ad6fd5535d836338ee966c27c1186de544c5099b8af3cd0868a9a1ae05ef8c1dea59dea1e195f87f92cbda5275d6a65afc23a0c2a458f649ccb4defc465d464a74de61e318521b9204535c4609aa3adbaa39dc8e3eb35df93eca886d3e860274bc25266d3d90efae16bca2115e6431efb1552bc7a37953d6027c415e2a9ebaf6562ebf193a62472330f6bad1499dd16292b58e6c5e5b55baefbfcb7854b48c9278b826007b8bda0fa5d35a12070b83d72d77cd83e9bcc702936b16c57869e2e60508172faac4cc72eda96896055efec5f8193129690ba8f8bf8d1c8048d9e9f4071ec8c33a716f751118a7f9ee096683a61da8515465f4a5ab081d44513e602ed7e99d9445952083cfce56dd4ea94f9b298d1a6901be1c0ebb3ebe0056c021f8e837f197518ef2782e928e8a4ad2dc444f0fadccf9897320943b334aa85005415d082f5d805437f970737ad35e2fe17109b13aa70166af780fa8c1482367117123cabdf3c47e34d9e01facf17226ed09669eb3ddfc558796c6fb7a36b9445241d24fce33550a929d3276526b7d62c85377eb54dbc4605de2fd211c288534c756de0a5ef3be67e9eb36b908403a4c2a023618339c941e8c72a3353e0e34fa41d5ec023089fd4187912abb4f9f5a886ccf597a183b1ad3cefe6396001838947d1dd92f4b36d195f5d0d76f25d406005816c44c664eabd99d9ed54e433fdce1e7a1e7b7ad0451542e2a2214e74a15c5f2218016cac1b601bd7f42e6e6c670d183eb5db959c67106c6eea1afaf4af2b21ed5f12839e17a7358c3afff332d4f04443d6b8f6f1d32860845bd7d2d20e86e5b0b8f6eaf851d8475e555545e0727ad398fe1de04972a649f9d0e7ccf8260914c55362d6648e791879d8282cdb2e0fe43d86244409573f5d51a62a14eef0c5f9e4e657312738c4b545e51117399c9c4ad3d32d8cf6c2ee0f262355a6725d3c010718fba989ca71b6028b6be2747c73cc1e6275c86702d84cca22e46479d7266e9f32a17cad30351188a0e6b1a793e147ec2fd1994529d61f6fef41d684ab50af710d2689caa92274fe490a3e879899292d0ceea4ce1da86e842722f604b4a5fb81418b53a97c11956c29639da60b3f7acf82a984675868273aa28ab7ceb256f977c048fe2c2d119ff857bbd30f724dba726f3b9ec7352eae96adc56f92236b588ea5b14e1c382272bb34ddbc27f5e489d33f42d02f41a3e0844b3ac32adb07648631cfb48065646735adccd7c26428189358d28c5b7d7d90ab52f110d1885bd4392e70f113a1ee616695596ebf74012a1fc5794d092c8c345c5d2cbe4d2c9aa35b6ee6d7fd0d3dd58020bf6a28a8de431333b4dae5c1adbf4414763af996db5462885da3a83c6b51b929ea97c00e2c4a7bc42f94b1fde95ee4b0161d798dc0668f5ae51f559b3fb44f41f1146ed7f7c60d51a315b5a117c12869e98e322c6b395c8e90187e0ff66f88c78b13e94458b34a417483f38d948aa807de5d834e81fc7057342d360485481d74128c3b580a38d70ab50c5b457c7e9d7f5a09236f77cf16c725907984cf089beb82095d5031d5770a109183217b1514ec83426d745516a1d49bfefb8f6d7bd4b2a9a72a27f3461a61c76c1b90d1c35150a8b186fd961577b5dc609402b2f9db9b5633e5c1ccafaae22572c43c0272bd4e683b6d3659b1d316a0719ee163da89a1931d30c7f033a1695f305aa35727a677fdb79031bd93a6860a29695eea17977c315159097b08da86dc66fad799bd07d33ec98896081130c2f556dd76b32f4405c74faa05c89439bce7dbe2339a55e7a4e873719ad8feeef90b3cd037672a4c844c5dfab5f889abc256f72b565cb0827d2bf4eb0fb2e7e5fbce21c4289f1d2b9ec985f164866e2c41f079471c23e5376f5a97379bf77b360d848fa58dba7ac797add1a1bc98a4dc057be3be21e3532fbee196bdf34bc326f25dca0d94b6e73e787a294d9cff14994b69034753b6a82e5f6a786981216b06635fe3892d20ca2b1d33a833d4a80884a34493a5c2a149a7a10ae857512a5b556c2031baf6aecdb78afa803151c03ce125e6cfc342c1f815c474cde8383c8665712ddf95bf0a9cd5735fc01bc85a50ec89025596d6ff957a889d12d9b4dda4375b87e018e948f0426141fe3d89b017d6ba1ffe7359ab1f7c70b4047c34b924032084e4e910192a86971f012c4fedfc22a3d3e10e8df6bb3ec2cf45e4d60a5b020975ff3386a805ea6d04ec03075a2eac1590702fad8773cd31ac3313b1db15c90161460476c063273883b96f2f61f4dce9134a30cd4ee2e4a125e00e1cf5e5336c2de9f3b4817c2aaac2caeb06b69614ab864147a22f6eff1cd60d77df996f7bcd78af07ccabd41c30eba5c073b9f875cb7fbb3905abce4975265717bb93cecfaa43ce1874cb3d2529aa68489936916565fdb353261bb3ba3add5804867872018d14d25f20be96aacf7b9ef5db8e56f82cdd397067825bed7e24e6bda1ddc206c8e9a65859c0db20d0bc72e4a65488966cce4c1c1b6c063eba9caf24974b932e772bbedfe72434b11f8df4dc7c685a9d5250df884047bfa2744eaf42e9e394723ccd3d4ff8a58e277024185f6fdee4e1de7070d6cd43afe929369d820b189af1a16c6de6e2dccb7994815638ec5604c2b0ed5379aedca8081fabf554481e40fdd825f38197f78b7730ff2096069691a78a634930407513e946afbdca9dfeac91d2cd4a79d6bf4afdb8a2c761fe4dc5b16c46cfbb2bb1d33376d81341b7fefff60a4b2548e3806365e756c813a0607fc43b9e01e00bc7faec06b0685b845c6d93c3300b581a1d5a3c24642af5039b01cd7a805c3615c8ecf61547d520174684ca58106666a131ad79112668bb55ba52655b6c8f690993688c3bc913d40f01a9e4b6ae7942cae91391394ace00f4c43cb91546eef1a1df3a0925dd762d0902cddbbb21f69e82ed1d22f2346a679d3ad01d849264043f8e1016b4930ddd3d14163069ce896a2fcd86012b1764274222ff45019fefb791f2493c3da8fd8ae21059354795d67382d9633f2720d845423440f4c1c934717853265e3676e3f6a05198ab2d89a6dfe8565f80ee32a2c524bcaac22242fcf7f15a8c7ca9ebc6893d0406c712a24b367b9ee91bb7304742a3bccbe919547bf287d665049bc754d5099593dbe22581b67177e295bec19b7f122a71092a1487ad77790c771231dbfa9e7316df36199828d1e9e51de1cb1858ea1fcc503a13496c026f7b229f784e245f247a0cb92984f42436b892269401bd1aa0671fe27a01af6e8e935e6e915f447966d5c9cdf7a61fb0488a0974c4d341bb5ffafab8f4a25e10eeca9b57d8e20c455f41a9072afabdd51abef0d33777a431b5aa830eb5daa4c6260c30adda4bfb62d5516660b07fc6dbd6b368ca227569f34cadab86271e16bb427be78dc663b238e6a68db20f092d27068aa6725ed643d58543771b9e606413883f78b78bb4adddbfbe4c2e9039dfc4ccd4110df024a2df41d6b7b4762bfa1323a6f8c7bc848f50f4aaa40f0cd613ea134d9603bc5d5b7bab4d1e4f3b65d22b956139356c9c396dbebc43d6648e5e6cc266c519e993da3864247315f5c4b3eab51d5be6051cd047da05d69b6f5c3cfc75d55279678bfe84cee8b59abb1980cc1f22cf529eef961978342a4fedc21bccb8bac7c2999652ef8b34404a2a2dbbd89d4eaf4159f4ea98302a530b1f5b439fce57ebc1c09447c697c4ad058683f4414d96eab9e71b76a5dbaa612187f8958de9b7458b6beb30bfaf9e66bd5fb2219615dfe946305f7e6cb11868dd7cb5a0f3d8757e1be82df0ed08f42b10161338ab371d4f39702c0357fbc5ad359508803199996a802ba306d0dd04cfec1e47dbd21e0901c9fb7b16b328871e5d8ae9bed38662ce199ff1d6b3a1e97c6d338e5e671061841ce7b2fdbd04566aa7e60b4e288b164f6bd821b0e61870ee96d36c8fb8f94f10b0d062d0ee4f3b4725613c4052c3d0d49c2d47b08d03b32f2b0751e403617a6129de4c958418aadadb1c719af8aeb4d180fe0e01b08a815e3ed79b4984c92fdcf99e8434c6065a6a59d2530f95cdab207a69a2df0a64805466548b6db31af0e7640ff4f37c30948dc68a8ab82b09efcd7ebb9426271cfb8cdb23376714214825d6dab054a795696c5e536f626a202f54be19820ade67abc16d7fdad69fce73dd570df463503ea20b461ad3e8536a37e076b1245dc9027ed4531049cea63dda3734cc2705dc224375706bd523a28576c3343f656e5360d40d457b9195014f6de0848d422abd6a2fab7b6660a554e1c6e3d2e33b8882f08b6209085a2ec657f3ddcb20860f70a464af7ec0a3314c8d1a4d00d5834222b506efbd416b5f63f9cc988120bca8b527a7c23c0", 0x1000}], 0x6}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000002580), r0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000025c0), r0)
ioctl$SIOCX25GSUBSCRIP(r3, 0x89e0, &(0x7f0000002600)={'veth0_virt_wifi\x00', 0x5, 0x2})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002740), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000002800)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000027c0)={&(0x7f0000002780)={0x24, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x24}}, 0x1)
getpeername$packet(r3, &(0x7f0000002840)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000002880)=0x14)
r7 = socket(0x25, 0x6, 0x7)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0x7, &(0x7f00000028c0)={0x2, 0xa, 0x246800, 0xe}, 0x10)
sendmsg$NL80211_CMD_SET_QOS_MAP(r3, &(0x7f0000002b00)={&(0x7f0000002900)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002ac0)={&(0x7f0000002940)={0x164, r4, 0x200, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_QOS_MAP={0x32, 0xc7, {[{0x4, 0x4}, {0x30, 0x4}, {0x6, 0x5}, {0x7, 0x3}, {0xf6, 0x5}, {0x0, 0x1}, {0xfb, 0x7}, {0xd, 0x7}, {0x3, 0x5}, {0x9, 0x1}, {}, {0xfc, 0x2}, {0xc4}, {0x5, 0x3}, {0xf8, 0x6}, {0xb5, 0x1}, {0x4}, {0xe}, {0x8, 0x3}], "2a7b1986cbf85f32"}}, @NL80211_ATTR_QOS_MAP={0x24, 0xc7, {[{0x8, 0x3}, {0x10, 0x7}, {0x1, 0x2}, {0x3, 0x5}, {0x0, 0x2}, {0x9, 0x1}, {0x2, 0x3}, {0xcb, 0x3}, {0x81, 0x4}, {0x0, 0x4}, {0xff, 0x5}, {0x67, 0x7}], "90de2cf4b9972801"}}, @NL80211_ATTR_QOS_MAP={0x28, 0xc7, {[{0x4}, {0x0, 0x6}, {0x4, 0x5}, {0x0, 0x2}, {0xd1, 0x6}, {0x4, 0x1}, {0x0, 0x5}, {}, {0xa, 0x1}, {0x8, 0x1}, {0x3c, 0x5}, {0x3, 0x3}, {0x6, 0x5}, {0xfc, 0x1}], "d5084f910366fa60"}}, @NL80211_ATTR_QOS_MAP={0xe, 0xc7, {[{0x9c, 0x3}], "0e3f65aff771e75f"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0xfe, 0x7}, {0x5, 0x2}, {0x5f, 0x7}, {0x6}, {0x3, 0x2}, {0x6, 0x4}, {0x69, 0x5}, {0x7}, {0x7, 0x2}, {0x6, 0x2}, {0xff}, {0x50, 0x3}, {0x1, 0x4}, {0x2, 0x2}, {0x80, 0x4}, {0x38, 0x3}, {0xc5, 0x5}, {0x5, 0x2}, {0x5, 0x6}, {0x55, 0x2}], "e93509b451218471"}}, @NL80211_ATTR_QOS_MAP={0x24, 0xc7, {[{0x0, 0x4}, {0xdd, 0x3}, {0x7, 0x6}, {0x81, 0x3}, {0x2, 0x5}, {0x7, 0x6}, {0x0, 0x1}, {0x81}, {0x6, 0x1}, {0x6, 0x4}, {}, {0x3, 0x4}], "16e1cae912bc20a7"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0xf7, 0x3}, {0x6, 0x6}, {0x6, 0x2}, {0xff, 0x3}, {0x5c, 0x6}, {0x1, 0x6}, {0xb, 0x1}, {0xc}, {0xd, 0x3}, {0xb0, 0x7}, {0x7, 0x5}, {0xfe, 0x2}, {0x9, 0x1}, {0xff, 0x7}, {0x80, 0x2}, {0x37}, {0x0, 0x6}, {0x9, 0x7}, {0x3}, {0xa5}], "6e30482c7227410e"}}, @NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0xe8, 0x2}, {0xb1, 0x5}, {0x2, 0x2}, {0xff, 0x4}], "a4968e725a4c3eca"}}, @NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x3, 0x1}, {0xa, 0x3}, {0x9, 0x5}, {0xd, 0x4}, {0x8, 0x4}, {0x3, 0x6}, {0x7, 0x4}, {}, {0xd, 0x6}], "275808977c764567"}}]}, 0x164}, 0x1, 0x0, 0x0, 0x200000c4}, 0x20004040)
r8 = accept4$x25(r3, &(0x7f0000002b40)={0x9, @remote}, &(0x7f0000002b80)=0x12, 0x80800)
ioctl$SIOCX25GSUBSCRIP(r8, 0x89e0, &(0x7f0000002bc0)={'pimreg\x00', 0x2, 0x10001})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r9, &(0x7f0000003540)={&(0x7f0000002cc0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000003440)=[{&(0x7f0000002d40)=""/246, 0xf6}, {&(0x7f0000002e40)=""/129, 0x81}, {&(0x7f0000002f00)=""/81, 0x51}, {&(0x7f0000002f80)=""/129, 0x81}, {&(0x7f0000003040)=""/79, 0x4f}, {&(0x7f00000030c0)=""/234, 0xea}, {&(0x7f00000031c0)=""/78, 0x4e}, {&(0x7f0000003240)=""/253, 0xfd}, {&(0x7f0000003340)=""/245, 0xf5}], 0x9, &(0x7f0000003500)=""/36, 0x24}, 0x2)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r10, &(0x7f0000003740)={&(0x7f0000003580)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000003700)={&(0x7f00000035c0)={0x12c, 0x1, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_TUPLE_ORIG={0xc0, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x18}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0xb4}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x9}, @CTA_LABELS={0x14, 0x16, 0x1, 0x0, [0x6, 0x4, 0x984e, 0x5]}, @CTA_LABELS_MASK={0x18, 0x17, [0x6, 0xf, 0x5, 0x101, 0xffffffec]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x7fffffff}, @CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x15f7}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x2}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x41}, 0x4000000)
ioctl$BTRFS_IOC_GET_DEV_STATS(r7, 0xc4089434, &(0x7f0000003780)={<r11=>0x0, 0x10001, 0x1, [0x6ca4, 0x4, 0x7578, 0x8, 0x6], [0x732, 0x4, 0x8, 0x7, 0x87, 0x4, 0x78b, 0x1c650, 0xd27, 0x234c441a, 0x7, 0x7, 0x1, 0x9, 0x0, 0x1, 0x9, 0x2, 0x3ff, 0x8, 0xb, 0xfbb, 0x5, 0x8000000000000000, 0xfd8, 0x9, 0x4, 0x8, 0x65724ef2, 0x0, 0x5, 0x3, 0x0, 0x5, 0xa, 0x3, 0x7fffffffffffffff, 0x1, 0x8, 0x3, 0x3, 0x9, 0x7fff, 0xadc, 0x3ff, 0x10000, 0x5, 0x401, 0x1, 0x3, 0xffffffffffffffff, 0xaff8, 0x5, 0xe, 0xfffffffffffffffb, 0x9, 0x0, 0x1, 0x100000000, 0xffffffffffffff44, 0x2282, 0x5, 0x9, 0x10000, 0x7, 0x80000001, 0x4, 0x6, 0xfb4, 0x0, 0xfffffffffffffff2, 0x8a70, 0x3, 0x10, 0x9, 0x5974aa2e, 0x7, 0x5a27, 0x4, 0x9, 0x2, 0x401, 0x4, 0x7, 0x40, 0x7, 0x1, 0x7270, 0x19, 0x65, 0x8001, 0xf1, 0x503a86a2, 0xa, 0x3, 0x2, 0xd, 0x2, 0x1000, 0x7fffffffffffffff, 0xb6f, 0x9, 0x2da, 0x5, 0x8000000000000001, 0x3, 0x7, 0x6, 0xa4, 0x2, 0x9, 0x0, 0xfffffffffffffffe, 0x7, 0x0, 0x4, 0x673b, 0x1, 0x2000000, 0x40, 0x2]})
ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f0000003bc0)={r11, "34e32748593259b85f18cee9254fdfee"})
sendmsg$nl_crypto(r7, &(0x7f0000004d40)={&(0x7f0000004bc0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000004d00)={&(0x7f0000004c00)=@get={0xf0, 0x13, 0x100, 0x70bd2a, 0x25dfdbff, {{'drbg_nopr_hmac_sha384\x00'}, '\x00', '\x00', 0x1400, 0x800}, [{0x8, 0x1, 0x5}, {0x8, 0x1, 0x7ff}]}, 0xf0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r9, 0x8983, &(0x7f0000004d80))
sendmsg$inet(r3, &(0x7f0000004f00)={&(0x7f0000004dc0)={0x2, 0x4e22, @private=0xa010102}, 0x10, &(0x7f0000004e00), 0x0, &(0x7f0000004e40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x1e}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7f}}, @ip_retopts={{0x34, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0xc, [@dev={0xac, 0x14, 0x14, 0x2b}]}, @generic={0x88, 0x8, "56cfc0e81eac"}, @timestamp_prespec={0x44, 0x14, 0x10, 0x3, 0x1, [{@broadcast, 0x9}, {@broadcast, 0xaa}]}]}}}, @ip_tos_int={{0x14}}], 0x88}, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_genetlink_get_family_id$tipc2(&(0x7f0000004f40), r0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000004fc0)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_GET_INTERFACE(r3, &(0x7f0000005080)={&(0x7f0000004f80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000005040)={&(0x7f0000005000)={0x28, r1, 0x200, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x80000001, 0x52}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x10)

387.812141ms ago: executing program 0 (id=3400):
r0 = socket$alg(0x26, 0x5, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r1}, 0x10)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x1411, 0x1}, 0x10}}, 0x0) (async)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
r3 = accept4(r0, &(0x7f0000000000)=@caif=@dbg, 0x0, 0x80800)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

260.627156ms ago: executing program 4 (id=3401):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$netlink(r1, &(0x7f0000006f40)={0x0, 0x0, &(0x7f0000006e80)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="100000000000000000006e800000000000"], 0x10}, {&(0x7f0000000380)=ANY=[@ANYBLOB="fbffffff"], 0x10}], 0x2}, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x7, 0x4, &(0x7f0000000480)=@framed={{}, [@alu={0x4, 0x1, 0x3, 0x0, 0x0, 0x1}]}, &(0x7f00000005c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0xd}], 0x18, 0x800}, 0x4000010)
sendmsg$nl_route_sched_retired(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0x200, 0x0, 0x25dfdbff}, 0x24}}, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r4 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000380)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x8}]}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r5, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_extract_tcp_res(0x0, 0x5, 0xe)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0x6, 0x0, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x800)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000100)="bc", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
socketpair(0x15, 0x80000, 0x3, 0x0)
sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000810}, 0x24000040)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x0)

230.549937ms ago: executing program 3 (id=3402):
syz_emit_ethernet(0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd605678c1000a2c00fec00000001166bdbe8dbcb036000000fe8000000000000000000000000000aa33"], 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0)

220.332809ms ago: executing program 1 (id=3403):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000080)={0x0, 0x0, 0x6, 0x80000000})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f00000004c0)={0x14, r2, 0x1, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2}, 0x4000000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000020000000900010073797a310000000060000000160a03000000000000000000020000000900010073797a31000000000900020073797a31000000002c000380080002400000000008000140000000001800038014000100776c616e3100000000000000000000000800074000000001"], 0xa8}}, 0x0)
sendfile(r4, r4, 0x0, 0x100000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x7fff, 0x4, 0x7fffffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$nl_xfrm(r0, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[@ANYRESHEX, @ANYRES32=0x0, @ANYRES8=r1, @ANYBLOB="fc0000000000000000000000000000000000000033000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000957ce1081a0d87840000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002bbd700000000000000000000000000000000000000000000600000008"], 0x118}, 0x1, 0x0, 0x0, 0x40}, 0x0)

136.813416ms ago: executing program 0 (id=3404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x70, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xe}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_NODE={0x28, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x400}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x2, 0x1, 0x18}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r2)
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x48, r3, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xae3f}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000804}, 0x4008040)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {0xffff, 0xffff}, {0x6, 0x10}}}, 0x24}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYRES64=r4, @ANYRES8=r4, @ANYRES16=r3], 0x14}}, 0x4814)

115.85423ms ago: executing program 4 (id=3405):
r0 = socket(0x11, 0x3, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'gre0\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) (async, rerun: 32)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, &(0x7f0000000180)) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r4}, &(0x7f00000007c0), &(0x7f0000000800)='%-010d \x00'}, 0x20) (async)
r5 = socket$alg(0x26, 0x5, 0x0) (async, rerun: 64)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async, rerun: 64)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f00000006c0)={0xd8, 0x0, 0x1, 0x101, 0x0, 0x0, {0xa}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}, @CTA_SYNPROXY={0x3c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x4ef8}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0xd}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_SYNPROXY_TSOFF={0x8}]}, @CTA_SEQ_ADJ_ORIG={0xc, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x1000}]}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xe, 0x1, 'ftp-20000\x00'}}, @CTA_LABELS_MASK={0x28, 0x17, [0x8000, 0x22c, 0x3, 0xd, 0x80000001, 0x8, 0x4, 0x3ff, 0x1]}, @CTA_SYNPROXY={0xc, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x400}]}, @CTA_NAT_DST={0x2c, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x31}}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @dev={0xfe, 0x80, '\x00', 0x3e}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x44004}, 0x40)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000180)={r6, 0x2000000, 0x1c, 0x0, &(0x7f0000000000)="0990ffff480000927370dd00327c26f0e5ab52894ed7b55291a58e29", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) (async, rerun: 32)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (rerun: 32)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) (async)
sendmmsg$inet(r7, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="316f825a3d29f96a392ea917017b4cd300000000bee700d6dd1fb41a20baf7f7343067fd40cdd4f16742e94b000000005d0200b7f3028100ae8180db94b9de7456ae62b0e61861f615947de10ae3c4fa199fb5fe7766a0842912179154a96fa88e161d861e77a486e10d1d1d0b90c8997e6917226fe4bb5d77e85706336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d186ac9b2382a75ac68920ca3d542aece1ba7920a8f39b27045", 0xbd}, {&(0x7f0000000800)="6a8fa35a5ac69c3f3504610b7a65154b8a319d412cae86d445126356a7ea73e2cc685d4a2c125a1898bb727147075b79a19e162ca01c17cdb0398d7303a2955433e8f9de6d144dddc2ca170b10d505c3eb024dcacee0c139b5a9044f1f3a0fd4e958406a6ba551087ed89e2312e678f38707c8f37e5c8fe3cb977b7035046ea60fc263c1f72c13c1c7be3f14407e96c832dd5b10a03966185a38402e2cf26722ddeb0e262b9354a7db169109b0adec288e14e03b42147a29ba7f26c6886c05bea9ef56a3bb171e67a92b838a19c3a646fbd5bc79dadd977983eb0587e61bbc7a2d3f3fc63e5704464ed8e57027a8dc835d5f71cf96a13d0a6440492610145b7f71a28bbc1834493d9c63412a741186a0d3a3d18e00f622045954020e1d4bf3c51439ec5ea6c35004bb016ec740a9c2bbccd7daec478949021a69ce9a14bcff85d518579526d616f3ed024cf414e6673b800dc8e6d690b48d3c7430cdd4f51fa4707cad5d91f17a4bd1", 0x169}], 0x2}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000014c0)='#', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399a", 0x98}], 0x1}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)="3e7519ac8330ccb60569ee16c38b51cac8273d9b17b700ad7c7953159796843698b3f8ad0c0ab64aed40f7f9a8d2064c2d1e8461f2cea73d606546ce5dd36ef0984c8628cd8e491d555febff44642d77f1b58e90f30bbd5dd5645f49a82f412cc8d3b0be1f8bb33d23684b5cce588ff0", 0x70}, {&(0x7f0000000340)="fec6f9be863e381af38ec8f11e3529b1a1e2b79cfb5dff61faf4280ff0c914dda11bcd18487e4b24cca5d0fea3fea3be27489a984d05b0b2ca2b3b871ef4219411a277ea3c93a4ac1e9aab659686b53c7fee9ee386c0f82717e9ca9ec66a466b792d9e10029509227946f55f6dd439917cdc15b5417d65645a2fbe3a93b4e5e259e2eba055352ac94b514fc66de369a6d61a77bff7ecefc02fe4146f16c074906ec8733a2ecdcbde0ac422f7f61822a13c6ed6b1d3351e3130aa16f27dd54284ea1bc97a36e8cf65d39acbccd9ad3ef68429e659cd411df2c874f95c396a3bd1459e", 0xe2}], 0x2}}], 0x4, 0x0)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r7, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)=@newqdisc={0xfc, 0x24, 0x1, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xf, 0x7}, {0x10, 0x4}, {0x4, 0x7}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xfffffffc}, @TCA_STAB={0x30, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0x2, 0x0, 0xc2, 0x0, 0x76, 0x8, 0x5}}, {0xe, 0x2, [0xff, 0x4, 0x7fff, 0xd20, 0x5]}}]}, @TCA_STAB={0x80, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0xf7, 0x6, 0x9b7, 0x1, 0x5, 0x9, 0x4}}, {0xc, 0x2, [0x0, 0x3, 0x9, 0x6337]}}, {{0x1c, 0x1, {0xf8, 0x72, 0x2, 0x5, 0x2, 0x10, 0xe342, 0x1}}, {0x6, 0x2, [0x4]}}, {{0x1c, 0x1, {0x81, 0x5, 0xfd7c, 0xb54, 0x3, 0x9, 0x7, 0x7}}, {0x12, 0x2, [0x3, 0x8, 0x6, 0xa0, 0x6, 0x6, 0x5]}}]}, @TCA_RATE={0x6, 0x5, {0x7, 0x4}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0xfc}, 0x1, 0x0, 0x0, 0x8001}, 0x8000) (async, rerun: 32)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async, rerun: 32)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
bind$alg(r5, &(0x7f0000000640)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
r9 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$kcm(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000940)="d744784ca67c0398246d848e6df22054de2bd8ca3da64dfdea7d8eb74ffe057d7469066c6ca034a2677ce0c1c25e2b2a825d677e0fbac312a7da165cd5db94fa38cdf3a3f3f93b912a7515e0b1e441a3be644a296bcc765e7adc9ddb4d14376a69cbfcd2ddd156ba432349e96debeda26ee8914c28f4", 0x7ffff000}, {&(0x7f00000009c0)="d86e5c29ab2c0dce2b79f95d543a0d6b45dec9dab7afbc0d6d678feb7a652e67638c3ee007937917fad76308e99818f8f112b73a3c3e3c5ed80c49fab6e0593e95008b4a47aebdde3e28cea1cec26385f3d03b872970dfb69a63a6384a9be5b9419ff8ea6d9c2a730307894adb589d11a1ec59255d10acb1fbef", 0x7a}], 0x2}, 0x0)

43.729221ms ago: executing program 0 (id=3406):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x700000000000015, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015400100142603600e12080006", 0x2b}], 0x1}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414000800080004"], 0x2c}}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELSET={0x9c, 0xb, 0xa, 0xa04, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x34}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_USERDATA={0x5e, 0xd, 0x1, 0x0, "f74dcff39abe572645a87a29a872a0686d7ee164ced85de45fcaad7aea17c86d20bb94c13d495b033c382b7fd49207be4eaa1099dfef93d1680c97e0b6cd47643fef44b4a3442e49f4f4465e5e59900b6b51806af8d18737536e"}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x18}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2c}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x2}]}], {0x14}}, 0xc4}, 0x1, 0x0, 0x0, 0x10803}, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_netprio_ifpriomap(r6, &(0x7f0000000280), 0x2, 0x0)
write$cgroup_netprio_ifpriomap(r7, &(0x7f00000002c0)=ANY=[@ANYBLOB="76657468305f9c3b746f5f627269646765"], 0x12)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r5}]}, 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="24000000180009042bbd7000000000000a000000000000080000000008001e000e22d345"], 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000440012800e00010069703665727370616e00000030000200000000800000000000000000000000000000000214000700fc02000000000000000000000000000004001200"], 0x64}}, 0x0)

35.678267ms ago: executing program 3 (id=3407):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000002d80)={&(0x7f0000001900)=@in={0x2, 0x4e22, @private=0xa010100}, 0x10, &(0x7f0000002bc0)=[{&(0x7f0000001940)="6f6285262b44", 0x6}], 0x1, &(0x7f0000002d40)=[@init={0x18, 0x84, 0x0, {0x0, 0x3, 0x1, 0x2}}], 0x18, 0x4}, 0x24040050) (fail_nth: 22)

0s ago: executing program 1 (id=3408):
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0xff}}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x170, 0xd0, 0x8, 0x170, 0x5803, 0x2d0, 0x2e8, 0x2e8, 0x2d0, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [], [], 'pim6reg0\x00', 'veth0\x00'}, 0x0, 0x108, 0x170, 0x0, {0x0, 0x2000000000000}, [@common=@srh={{0x30}}, @common=@frag={{0x30}, {[], 0x0, 0x0, 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x118, 0x160, 0x0, {}, [@common=@unspec=@limit={{0x48}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000001b80)={&(0x7f0000001880)={0x44, 0x3, 0x8, 0x401, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_FIN_WAIT={0x9}, @CTA_TIMEOUT_TCP_TIME_WAIT={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3a}]}, 0x44}}, 0x0)
recvmsg$qrtr(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080), 0xc, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/64, 0x40}, {&(0x7f0000000100)=""/245, 0xf5}], 0x2, &(0x7f0000000240)=[{0xf8, 0x0, 0x0, ""/231}], 0xf8}, 0x38, 0x22)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf100, 0x0, 0x0, 0x0, 0x2000}, [@printk={@p, {0x3, 0x3, 0x6}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xca}}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x9}]}, &(0x7f0000000400)='GPL\x00', 0x1, 0xe0, &(0x7f0000000440)=""/224, 0x0, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

  318.644150][T14512]  </TASK>
[  318.910621][T14533] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2561'.
[  319.089543][T14537] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2562'.
[  319.103492][T14537] tipc: Can't bind to reserved service type 2
[  319.115959][T14539] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2563'.
[  319.283401][T14521] lo speed is unknown, defaulting to 1000
[  319.606508][T14561] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2570'.
[  319.614249][T14560] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2570'.
[  319.687678][T14563] set match dimension is over the limit!
[  319.854364][T14521] lo speed is unknown, defaulting to 1000
[  319.998378][T14572] siw: device registration error -23
[  320.270067][T14577] siw: device registration error -23
[  320.612872][T14599] hsr0: entered allmulticast mode
[  320.620880][T14599] hsr_slave_0: entered allmulticast mode
[  320.626959][T14599] hsr_slave_1: entered allmulticast mode
[  321.216837][T14621] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2586'.
[  321.358752][T14628] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2586'.
[  321.439061][T14631] netlink: 'syz.3.2588': attribute type 10 has an invalid length.
[  321.671087][T14644] IPVS: set_ctl: invalid protocol: 47 172.30.0.3:20002
[  322.034049][T14652] x_tables: duplicate underflow at hook 1
[  322.143396][T14628] bond0: (slave netdevsim0): Releasing backup interface
[  322.165416][T14628] bond0: (slave netdevsim0): the permanent HWaddr of slave - 4e:bd:5c:c8:66:5c - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  322.362188][T14660] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2599'.
[  322.592609][T14669] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2601'.
[  322.608066][T14669] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2601'.
[  323.005737][T14684] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2607'.
[  323.190724][T14689] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2608'.
[  323.461416][T14696] lo speed is unknown, defaulting to 1000
[  323.570297][T14696] lo speed is unknown, defaulting to 1000
[  323.677018][T14712] netlink: 'syz.1.2616': attribute type 10 has an invalid length.
[  323.701660][T14712] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2616'.
[  323.902939][T14722] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  323.983736][T14725] netlink: 'syz.1.2621': attribute type 1 has an invalid length.
[  324.024695][T14725] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2621'.
[  324.084449][T14732] netlink: 'syz.2.2622': attribute type 10 has an invalid length.
[  324.109059][T14732] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2622'.
[  324.214571][T14735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2623'.
[  324.463270][T14718] lo speed is unknown, defaulting to 1000
[  324.581669][T14752] netlink: 'syz.4.2626': attribute type 28 has an invalid length.
[  324.655503][T14718] lo speed is unknown, defaulting to 1000
[  325.086688][T14773] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  325.090181][T14764] lo speed is unknown, defaulting to 1000
[  325.287490][T14778] netlink: 'syz.4.2636': attribute type 1 has an invalid length.
[  325.389850][T14764] lo speed is unknown, defaulting to 1000
[  325.847638][T14798] xt_cgroup: invalid path, errno=-2
[  326.017234][T14799] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2641'.
[  326.374236][T14806] tipc: Invalid UDP bearer configuration
[  326.374282][T14806] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  326.419282][T14806] netlink: 'syz.1.2646': attribute type 39 has an invalid length.
[  326.430272][T14809] netlink: 'syz.2.2645': attribute type 64 has an invalid length.
[  326.617719][T14821] netlink: zone id is out of range
[  326.622925][T14821] netlink: zone id is out of range
[  326.649332][T14821] netlink: zone id is out of range
[  326.664125][T14821] netlink: zone id is out of range
[  326.695556][T14821] netlink: zone id is out of range
[  326.725629][T14821] netlink: zone id is out of range
[  326.730821][T14821] netlink: zone id is out of range
[  326.731570][T14824] ip6gretap1: entered allmulticast mode
[  326.756557][T14821] netlink: zone id is out of range
[  326.772107][T14821] netlink: zone id is out of range
[  327.403023][T14868] __nla_validate_parse: 10 callbacks suppressed
[  327.403049][T14868] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2663'.
[  327.455487][T14875] netlink: 'syz.0.2662': attribute type 21 has an invalid length.
[  327.486748][T14875] IPv6: NLM_F_CREATE should be specified when creating new route
[  327.518316][T14875] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  327.525645][T14875] IPv6: NLM_F_CREATE should be set when creating new route
[  327.532922][T14875] IPv6: NLM_F_CREATE should be set when creating new route
[  327.540244][T14875] IPv6: NLM_F_CREATE should be set when creating new route
[  327.612882][T14877] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2666'.
[  327.687261][ T8354] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  327.720670][T14890] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2667'.
[  327.753582][T14892] xt_l2tp: unknown flags: 10
[  327.815082][T14900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2667'.
[  328.056196][T14910] netlink: 'syz.3.2671': attribute type 1 has an invalid length.
[  329.024700][T14958] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2683'.
[  329.510415][T14981] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2692'.
[  329.542813][T14984] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2691'.
[  329.567590][T14981] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.679332][T14981] veth0_to_bond: entered promiscuous mode
[  329.704891][T14997] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2692'.
[  329.789783][T14981] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  329.810366][T14981] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  329.823930][T14981] veth1_macvtap: left promiscuous mode
[  329.830751][T14981] veth0_macvtap: left promiscuous mode
[  329.837732][T14981] veth0_macvtap: entered promiscuous mode
[  329.845265][T14981] veth1_macvtap: entered promiscuous mode
[  329.852260][T14981] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.861691][T14981] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.869993][T14981] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.878715][T14981] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.917240][T14981] 8021q: adding VLAN 0 to HW filter on device bond1
[  329.933636][T14981] 8021q: adding VLAN 0 to HW filter on device bond2
[  329.997383][ T3518] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  330.013012][ T3518] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  330.024334][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  330.024334][ T3592] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  330.083428][ T3592] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  330.184913][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  330.501903][T15019] batadv_slave_0: entered promiscuous mode
[  330.525114][ T3592] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  330.588107][T15022] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2701'.
[  330.684991][T15025] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input9
[  330.705824][T15039] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2703'.
[  330.725070][ T5883] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  330.856114][T15044] syz_tun: entered promiscuous mode
[  330.862443][T15044] syz_tun: left promiscuous mode
[  330.968701][ T3592] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  331.165685][   T35] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  331.374722][T15075] pim6reg: entered allmulticast mode
[  331.377444][T15073] FAULT_INJECTION: forcing a failure.
[  331.377444][T15073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  331.405998][T15075] pim6reg: left allmulticast mode
[  331.447303][T15073] CPU: 1 UID: 0 PID: 15073 Comm: syz.4.2713 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  331.458159][T15073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  331.468267][T15073] Call Trace:
[  331.471580][T15073]  <TASK>
[  331.474543][T15073]  dump_stack_lvl+0x241/0x360
[  331.479344][T15073]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.484563][T15073]  ? __pfx__printk+0x10/0x10
[  331.489168][T15073]  ? __pfx_lock_release+0x10/0x10
[  331.494215][T15073]  should_fail_ex+0x3b0/0x4e0
[  331.498917][T15073]  _copy_from_iter+0x1e9/0x1c20
[  331.503783][T15073]  ? __virt_addr_valid+0x183/0x530
[  331.508915][T15073]  ? rcu_is_watching+0x15/0xb0
[  331.513706][T15073]  ? __pfx__copy_from_iter+0x10/0x10
[  331.519008][T15073]  ? __virt_addr_valid+0x183/0x530
[  331.524150][T15073]  ? __virt_addr_valid+0x183/0x530
[  331.529289][T15073]  ? __virt_addr_valid+0x45f/0x530
[  331.534423][T15073]  ? __check_object_size+0x47a/0x730
[  331.539740][T15073]  sctp_user_addto_chunk+0x8c/0x220
[  331.544961][T15073]  sctp_datamsg_from_user+0x760/0xf20
[  331.550358][T15073]  sctp_sendmsg_to_asoc+0xf7e/0x1800
[  331.555657][T15073]  ? sctp_v6_to_sk_saddr+0x101/0x1c0
[  331.560964][T15073]  ? __asan_memcpy+0x40/0x70
[  331.565569][T15073]  ? sctp_assoc_add_peer+0xe3c/0x15c0
[  331.570979][T15073]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  331.576718][T15073]  ? sctp_connect_new_asoc+0x3fe/0x6c0
[  331.582203][T15073]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  331.588023][T15073]  ? sctp_sendmsg+0xbb9/0x3520
[  331.592809][T15073]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  331.598644][T15073]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  331.604218][T15073]  sctp_sendmsg+0x1bc3/0x3520
[  331.608926][T15073]  ? __pfx_sctp_sendmsg+0x10/0x10
[  331.613974][T15073]  ? __pfx_aa_sk_perm+0x10/0x10
[  331.618863][T15073]  ? inet_sendmsg+0x330/0x390
[  331.623558][T15073]  __sock_sendmsg+0x1a6/0x270
[  331.628258][T15073]  ____sys_sendmsg+0x52a/0x7e0
[  331.633041][T15073]  ? __pfx_____sys_sendmsg+0x10/0x10
[  331.638338][T15073]  ? __fget_files+0x2a/0x410
[  331.642947][T15073]  ? __fget_files+0x2a/0x410
[  331.647568][T15073]  __sys_sendmsg+0x269/0x350
[  331.652172][T15073]  ? __pfx_lock_release+0x10/0x10
[  331.657214][T15073]  ? __pfx___sys_sendmsg+0x10/0x10
[  331.662401][T15073]  ? __pfx_vfs_write+0x10/0x10
[  331.667198][T15073]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  331.673543][T15073]  ? do_syscall_64+0x100/0x230
[  331.678330][T15073]  ? do_syscall_64+0xb6/0x230
[  331.683021][T15073]  do_syscall_64+0xf3/0x230
[  331.687540][T15073]  ? clear_bhb_loop+0x35/0x90
[  331.692232][T15073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.698148][T15073] RIP: 0033:0x7f07e6f85d29
[  331.702576][T15073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.722195][T15073] RSP: 002b:00007f07e7dd8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.730630][T15073] RAX: ffffffffffffffda RBX: 00007f07e7175fa0 RCX: 00007f07e6f85d29
[  331.738614][T15073] RDX: 0000000000004040 RSI: 0000000020003940 RDI: 0000000000000003
[  331.746619][T15073] RBP: 00007f07e7dd8090 R08: 0000000000000000 R09: 0000000000000000
[  331.754599][T15073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  331.762575][T15073] R13: 0000000000000000 R14: 00007f07e7175fa0 R15: 00007ffef49f1718
[  331.770567][T15073]  </TASK>
[  332.644870][ T5845] Bluetooth: hci4: command 0x0406 tx timeout
[  332.901174][T15143] Cannot find del_set index 286 as target
[  332.976695][T15118] sit0: left promiscuous mode
[  333.369763][T15118] bridge0: port 1(ip6gretap0) entered disabled state
[  333.657151][T15118] batadv_slave_0: left promiscuous mode
[  333.706502][T15118] vlan0: left promiscuous mode
[  333.718098][T15118] : left promiscuous mode
[  333.722474][T15118] : left allmulticast mode
[  333.727454][T15118] veth0_vlan: left allmulticast mode
[  333.751810][T15118] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  333.760870][T15118] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  333.769527][T15118] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  333.778276][T15118] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  333.808885][T15118] bridge0: left promiscuous mode
[  333.813924][T15118] bridge0: left allmulticast mode
[  333.827459][T15118] gtp1: left promiscuous mode
[  333.832221][T15118] gtp1: left allmulticast mode
[  334.426531][T15200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  334.642209][T15210] __nla_validate_parse: 4 callbacks suppressed
[  334.642232][T15210] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2750'.
[  334.686321][T15210] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2750'.
[  334.695825][T15215] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2752'.
[  334.704983][T15210] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2750'.
[  334.724507][T15217] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2752'.
[  334.736723][T15215] netlink: 'syz.1.2752': attribute type 21 has an invalid length.
[  334.764144][T15215] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2752'.
[  334.794722][T15217] xt_socket: unknown flags 0x8
[  334.799751][T15189] lo speed is unknown, defaulting to 1000
[  335.028441][T15227] Cannot find set identified by id 0 to match
[  335.061976][T15225] IPv6: sit1: Disabled Multicast RS
[  335.147638][T15231] Bluetooth: MGMT ver 1.23
[  335.170555][T15233] pim6reg: entered allmulticast mode
[  335.180997][T15231] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2757'.
[  335.202645][T15233] pim6reg: left allmulticast mode
[  335.382738][T15227] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  335.404596][T15227] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  335.424720][T15227] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  335.438732][T15227] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  335.447331][    C1] ip6_tnl_xmit_ctl: 7 callbacks suppressed
[  335.447354][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  335.490081][T15189] lo speed is unknown, defaulting to 1000
[  335.935423][ T8353] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  336.136632][T15259] netlink: 'syz.1.2762': attribute type 8 has an invalid length.
[  336.161098][T15259] netlink: 244 bytes leftover after parsing attributes in process `syz.1.2762'.
[  336.171379][T15258] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2764'.
[  336.191920][T15257] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  336.502241][T15262] tun0: tun_chr_ioctl cmd 35108
[  336.615595][T15271] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2765'.
[  337.244595][ T8354] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  337.515810][T15303] netlink: 'syz.2.2772': attribute type 10 has an invalid length.
[  337.534201][T15303] macvlan0: entered allmulticast mode
[  337.544953][T15303] veth1_vlan: entered allmulticast mode
[  337.572817][T15303] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  337.582054][ T3518] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa17 error=-28
[  337.619908][T15310] netlink: 'syz.2.2772': attribute type 10 has an invalid length.
[  337.992349][T15310] veth1_vlan (unregistering): left allmulticast mode
[  338.047065][T15310] bond0: (slave macvlan0): Releasing backup interface
[  338.269373][T15321] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  338.417781][ T8353] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  338.642219][T15334] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  339.580652][ T8277] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  339.664098][T15362] netlink: 'syz.2.2789': attribute type 11 has an invalid length.
[  339.672173][T15362] __nla_validate_parse: 7 callbacks suppressed
[  339.672192][T15362] netlink: 204 bytes leftover after parsing attributes in process `syz.2.2789'.
[  340.003472][T15375] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2793'.
[  340.030958][T15375] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2793'.
[  340.744469][ T8354] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  340.883657][T15393] 8021q: adding VLAN 0 to HW filter on device bond4
[  341.124508][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  341.359854][T15418] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2807'.
[  341.489745][T15405] lo speed is unknown, defaulting to 1000
[  341.714920][T15405] lo speed is unknown, defaulting to 1000
[  341.764206][T15411] netlink: 'syz.3.2804': attribute type 1 has an invalid length.
[  341.875238][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  342.058425][T15439] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  342.091092][T15438] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  342.343221][T15446] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2815'.
[  342.530309][T15452] netlink: 112 bytes leftover after parsing attributes in process `syz.4.2817'.
[  342.885758][T15478] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2824'.
[  342.933728][T15482] net_ratelimit: 13 callbacks suppressed
[  342.933753][T15482] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  342.994556][ T2860] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  343.293225][T15502] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  343.382296][T15508] netlink: 'syz.2.2833': attribute type 1 has an invalid length.
[  343.390500][T15508] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2833'.
[  343.409450][T15508] xt_hashlimit: overflow, try lower: 18446744073709551615/2047
[  343.618438][T15522] netlink: 'syz.0.2836': attribute type 4 has an invalid length.
[  344.135486][ T8353] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  344.240193][T15549] netlink: 'syz.0.2846': attribute type 13 has an invalid length.
[  344.269735][T15549] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2846'.
[  344.325016][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  344.360739][T15549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2846'.
[  344.397947][T15563] netlink: 'syz.2.2852': attribute type 1 has an invalid length.
[  344.418586][T15559] netlink: 'syz.1.2850': attribute type 2 has an invalid length.
[  344.773133][T15581] netlink: 'syz.4.2856': attribute type 15 has an invalid length.
[  344.797655][T15580] __nla_validate_parse: 1 callbacks suppressed
[  344.797681][T15580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2857'.
[  344.983775][T15576] lo speed is unknown, defaulting to 1000
[  345.001122][T15584] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2858'.
[  345.264241][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  345.277476][T15592] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  345.384549][T15576] lo speed is unknown, defaulting to 1000
[  345.815083][T15592] lo speed is unknown, defaulting to 1000
[  345.928761][T15609] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2866'.
[  346.248707][T15627] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2871'.
[  346.285202][T15592] lo speed is unknown, defaulting to 1000
[  346.402209][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  346.432140][T15596] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2861'.
[  346.472912][T15629] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (18446744073709551615)
[  346.490660][T15629] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  346.811816][T15642] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.2874'.
[  346.927671][T15651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2876'.
[  346.997148][T15650] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2877'.
[  347.276294][T15659] netlink: 'syz.1.2878': attribute type 10 has an invalid length.
[  347.291371][T15659] netlink: 55 bytes leftover after parsing attributes in process `syz.1.2878'.
[  347.313456][T15662] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  347.321163][T15662] syzkaller0: entered promiscuous mode
[  347.335760][T15662] syzkaller0: entered allmulticast mode
[  347.355763][T15662] tipc: Resetting bearer <eth:syzkaller0>
[  347.378080][T15662] tipc: Resetting bearer <eth:syzkaller0>
[  347.414750][T15661] tipc: Resetting bearer <eth:syzkaller0>
[  347.459602][T15668] x_tables: duplicate underflow at hook 3
[  347.472155][T15661] tipc: Disabling bearer <eth:syzkaller0>
[  347.491404][T15670] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.2883'.
[  347.527005][ T2860] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  347.632202][T15676] xt_hashlimit: overflow, try lower: 0/0
[  347.814283][T15688] netlink: 'syz.3.2888': attribute type 1 has an invalid length.
[  347.879603][T15688] 8021q: adding VLAN 0 to HW filter on device bond5
[  347.908001][T15694] IPv6: Can't replace route, no match found
[  348.034052][T15696] batadv0 (unregistering): left promiscuous mode
[  348.088004][T15699] syz.4.2892[15699] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  348.088097][T15699] syz.4.2892[15699] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  348.110914][T15699] syz.4.2892[15699] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  348.437437][T15716] netlink: 'syz.4.2898': attribute type 12 has an invalid length.
[  348.675971][   T35] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  348.850372][T15733] nbd: must specify at least one socket
[  349.148929][T15747] bond3: entered promiscuous mode
[  349.160793][T15754] netlink: 'syz.2.2908': attribute type 10 has an invalid length.
[  349.178929][T15747] bond3: entered allmulticast mode
[  349.188225][T15747] 8021q: adding VLAN 0 to HW filter on device bond3
[  349.447110][T15754] team0: Port device wlan1 removed
[  349.477000][ T3518] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa17 error=-28
[  349.478268][T15754] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  349.519716][T15757] netlink: 'syz.1.2912': attribute type 1 has an invalid length.
[  349.704860][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  349.716142][ T5834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  349.727053][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  349.746213][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  349.755655][ T5834] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  349.763888][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  349.785416][   T35] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  350.052661][T15779] netlink: 'syz.3.2916': attribute type 2 has an invalid length.
[  350.096542][T15779] __nla_validate_parse: 5 callbacks suppressed
[  350.096565][T15779] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2916'.
[  350.208096][T15763] lo speed is unknown, defaulting to 1000
[  350.408773][T15763] lo speed is unknown, defaulting to 1000
[  350.631937][T15804] netlink: 1280 bytes leftover after parsing attributes in process `syz.2.2923'.
[  350.654332][T15804] openvswitch: netlink: Flow actions attr not present in new flow.
[  350.723628][T15814] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2923'.
[  350.823342][T15763] chnl_net:caif_netlink_parms(): no params data found
[  350.852874][T15823] gretap0: entered promiscuous mode
[  350.859088][T15823] macsec1: entered promiscuous mode
[  350.864721][T15823] macsec1: entered allmulticast mode
[  350.870304][T15823] gretap0: entered allmulticast mode
[  350.895850][ T8277] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  351.101188][T15763] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.114252][T15763] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.124262][T15763] bridge_slave_0: entered allmulticast mode
[  351.131695][T15763] bridge_slave_0: entered promiscuous mode
[  351.139890][T15812] lo speed is unknown, defaulting to 1000
[  351.168234][T15763] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.190936][T15763] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.203192][T15763] bridge_slave_1: entered allmulticast mode
[  351.213150][T15763] bridge_slave_1: entered promiscuous mode
[  351.313169][T15763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  351.351139][T15763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  351.416358][T15812] lo speed is unknown, defaulting to 1000
[  351.428945][T15763] team0: Port device team_slave_0 added
[  351.436833][T15839] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2931'.
[  351.456500][T15763] team0: Port device team_slave_1 added
[  351.581919][T15763] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.589775][T15763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.618655][T15763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.635681][T15832] lo speed is unknown, defaulting to 1000
[  351.665728][T15763] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.672908][T15763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.714159][T15763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.850516][ T5834] Bluetooth: hci5: command tx timeout
[  351.890300][T15832] lo speed is unknown, defaulting to 1000
[  351.909131][T15763] hsr_slave_0: entered promiscuous mode
[  351.953178][T15763] hsr_slave_1: entered promiscuous mode
[  351.960707][T15763] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  351.983080][T15763] Cannot create hsr debugfs directory
[  352.104353][ T8277] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  352.380998][T15858] Â: renamed from pim6reg1
[  352.895710][T15872] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2943'.
[  353.111232][T15763] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  353.156853][T15763] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  353.241793][T15763] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  353.269467][T15763] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  353.286397][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  353.306191][T15885] bpq0: entered allmulticast mode
[  353.537307][T15763] 8021q: adding VLAN 0 to HW filter on device bond0
[  353.641223][T15763] 8021q: adding VLAN 0 to HW filter on device team0
[  353.651391][T15907] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2952'.
[  353.692336][T15909] xt_addrtype: ipv6 does not support BROADCAST matching
[  353.702735][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.704469][T15910] xt_addrtype: ipv6 does not support BROADCAST matching
[  353.709900][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  353.720829][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.732229][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  353.870855][T15763] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  353.901495][T15763] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  353.940456][ T5834] Bluetooth: hci5: command tx timeout
[  354.288068][T15763] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.393636][ T2860] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.415637][ T2860] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.444335][ T2860] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  354.464541][T15941] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  354.837292][T15763] veth0_vlan: entered promiscuous mode
[  354.861070][T15763] veth1_vlan: entered promiscuous mode
[  354.892004][T15763] veth0_macvtap: entered promiscuous mode
[  354.917434][T15763] veth1_macvtap: entered promiscuous mode
[  354.943381][T15763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.960398][T15763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.981604][T15763] batman_adv: batadv0: Interface activated: batadv_slave_0
[  355.005841][T15763] batman_adv: batadv0: Interface activated: batadv_slave_1
[  355.022187][T15763] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.064116][T15763] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.072900][T15763] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.081917][T15763] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.197758][ T8277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.220721][ T8277] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.260813][ T8277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.275816][ T8277] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.607754][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  355.854280][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  356.004330][ T5834] Bluetooth: hci5: command tx timeout
[  356.724484][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  357.854366][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  358.084329][ T5834] Bluetooth: hci5: command tx timeout
[  358.974510][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  360.084805][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  360.964428][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  361.194528][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  362.314470][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  363.424228][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  364.524525][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  365.624339][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  366.220787][T15984] lo: entered allmulticast mode
[  366.228543][T15984] tunl0: entered allmulticast mode
[  366.234621][T15984] gre0: entered allmulticast mode
[  366.241421][T15984] erspan0: entered allmulticast mode
[  366.247908][T15984] ip_vti0: entered allmulticast mode
[  366.257605][T15984] ip6_vti0: entered allmulticast mode
[  366.264284][T15984] sit0: entered allmulticast mode
[  366.270266][T15984] ip6tnl0: entered allmulticast mode
[  366.278506][T15984] ip6gre0: entered allmulticast mode
[  366.304940][T15984] ip6gretap0: entered allmulticast mode
[  366.311625][T15984] vcan0: entered allmulticast mode
[  366.396295][T15984] bond0: entered allmulticast mode
[  366.444821][T15984] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  366.467098][T15984] dummy0: entered allmulticast mode
[  366.473384][T15984] nlmon0: entered allmulticast mode
[  366.499172][T15984] vxcan0: entered allmulticast mode
[  366.506155][T15984] vxcan1: entered allmulticast mode
[  366.511783][T15984] veth0: entered allmulticast mode
[  366.523477][T15984] veth1: entered allmulticast mode
[  366.531510][T15984] wg1: entered allmulticast mode
[  366.544864][T15984] wg2: entered allmulticast mode
[  366.575110][T15984] veth0_to_bridge: entered allmulticast mode
[  366.582204][T15984] bridge_slave_0: entered allmulticast mode
[  366.589798][T15984] veth1_to_bridge: entered allmulticast mode
[  366.597220][T15984] bridge_slave_1: entered allmulticast mode
[  366.604621][T15984] veth0_to_bond: entered allmulticast mode
[  366.611470][T15984] bond_slave_0: entered allmulticast mode
[  366.641419][T15984] veth1_to_bond: entered allmulticast mode
[  366.657301][T15984] bond_slave_1: entered allmulticast mode
[  366.669134][T15984] veth0_to_team: entered allmulticast mode
[  366.679428][T15984] team_slave_0: entered allmulticast mode
[  366.690456][T15984] veth1_to_team: entered allmulticast mode
[  366.699052][T15984] team_slave_1: entered allmulticast mode
[  366.703938][T16001] sctp: [Deprecated]: syz.2.2973 (pid 16001) Use of struct sctp_assoc_value in delayed_ack socket option.
[  366.703938][T16001] Use struct sctp_sack_info instead
[  366.705614][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  366.735697][T15984] veth0_to_batadv: entered allmulticast mode
[  366.742427][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  366.751762][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  366.755159][T15984] batadv_slave_0: entered allmulticast mode
[  366.767569][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  366.776560][T15984] veth1_to_batadv: entered allmulticast mode
[  366.783946][T15984] batadv_slave_1: entered allmulticast mode
[  366.790127][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  366.798375][ T5845] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  366.807120][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  366.831644][T15984] xfrm0: entered allmulticast mode
[  366.838362][T15984] veth0_to_hsr: entered allmulticast mode
[  366.847243][T15984] veth1_to_hsr: entered allmulticast mode
[  366.856377][T15984] veth1_virt_wifi: entered allmulticast mode
[  366.863430][T15984] veth0_virt_wifi: entered allmulticast mode
[  366.872520][T15984] veth1_macvtap: entered allmulticast mode
[  366.880999][T15984] veth0_macvtap: entered allmulticast mode
[  366.889013][T15984] macvtap0: entered allmulticast mode
[  366.896378][T15984] macsec0: entered allmulticast mode
[  366.904965][T15984] geneve0: entered allmulticast mode
[  366.911395][T15984] geneve1: entered allmulticast mode
[  366.919440][T15984] ip6tnl1: entered allmulticast mode
[  366.927155][T15984] sit1: entered allmulticast mode
[  366.935114][T15984] gre1: entered allmulticast mode
[  366.941160][T15984] bridge_slave_1.: entered allmulticast mode
[  366.951934][T15984] syztnl1: entered allmulticast mode
[  366.957979][T15134] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  366.966872][T15984] bond1: entered allmulticast mode
[  366.972048][T15984] ip6gretap1: entered allmulticast mode
[  366.980428][T15984] sit2: entered allmulticast mode
[  366.986791][T15984] team_slave_1.00: entered allmulticast mode
[  366.995604][T15984] ip6_vti1: entered allmulticast mode
[  367.001948][T15984] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode
[  367.009835][T15134] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  367.015533][T15984] ip6tnl2: entered allmulticast mode
[  367.031619][T15984] ˜uóuä†ÝcÎb: entered allmulticast mode
[  367.039929][T15984] bond2: entered allmulticast mode
[  367.069335][T15984] gre2: entered allmulticast mode
[  367.077540][T15984] ip6gre1: entered allmulticast mode
[  367.083794][T15984] netdevsim netdevsim1 eth0: entered allmulticast mode
[  367.096742][T15984] netdevsim netdevsim1 eth1: entered allmulticast mode
[  367.098167][T16013] netlink: 'syz.2.2977': attribute type 3 has an invalid length.
[  367.106547][T15984] netdevsim netdevsim1 eth2: entered allmulticast mode
[  367.127292][T15984] netdevsim netdevsim1 eth3: entered allmulticast mode
[  367.141153][T15984] geneve2: entered allmulticast mode
[  367.150103][T15984] bond3: left promiscuous mode
[  367.160578][T15984] macsec1: left promiscuous mode
[  367.182354][ T8276] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  367.190362][ T8276] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  367.273826][ T8276] ip6_tunnel: ˜uóuä†ÝcÎb xmit: Local address not yet configured!
[  367.507014][T15999] lo speed is unknown, defaulting to 1000
[  367.527927][T15134] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  367.624836][T15999] lo speed is unknown, defaulting to 1000
[  367.908778][T15999] chnl_net:caif_netlink_parms(): no params data found
[  368.269067][T15999] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.298958][T15999] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.313273][T15999] bridge_slave_0: entered allmulticast mode
[  368.336771][T15999] bridge_slave_0: entered promiscuous mode
[  368.367310][T15999] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.377788][T15999] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.385822][T15999] bridge_slave_1: entered allmulticast mode
[  368.393415][T15999] bridge_slave_1: entered promiscuous mode
[  368.462095][T16069] dvmrp0: entered allmulticast mode
[  368.557862][T16070] pimreg: entered allmulticast mode
[  368.658111][T15999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.678570][T15999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.702426][T16062] lo speed is unknown, defaulting to 1000
[  368.786017][T15999] team0: Port device team_slave_0 added
[  368.796796][T15999] team0: Port device team_slave_1 added
[  368.854798][T15999] batman_adv: batadv0: Adding interface: batadv_slave_0
[  368.863215][T15999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.891695][ T5834] Bluetooth: hci0: command tx timeout
[  368.907941][T15999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  368.929085][T15999] batman_adv: batadv0: Adding interface: batadv_slave_1
[  368.939077][T15999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.972983][T15999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  369.050620][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  369.061621][T16062] lo speed is unknown, defaulting to 1000
[  369.121502][T15999] hsr_slave_0: entered promiscuous mode
[  369.129703][T15999] hsr_slave_1: entered promiscuous mode
[  369.146523][ T8276] ip6_tnl_xmit_ctl: 6 callbacks suppressed
[  369.146546][ T8276] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  369.165207][T15999] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  369.172861][T15999] Cannot create hsr debugfs directory
[  369.336335][T16108] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3002'.
[  369.535370][T16112] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3005'.
[  370.315868][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  370.970836][ T5834] Bluetooth: hci0: command tx timeout
[  371.214711][    C0] ip6_tunnel: ˜uóuä†ÝcÎb xmit: Local address not yet configured!
[  371.444373][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  371.529169][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  371.534316][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  372.073848][T16120] lo speed is unknown, defaulting to 1000
[  372.404264][ T5880] IPVS: starting estimator thread 0...
[  372.516894][T16139] IPVS: using max 25 ests per chain, 60000 per kthread
[  372.542956][T16120] lo speed is unknown, defaulting to 1000
[  372.543001][T15999] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  372.594668][T15970] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  372.603795][T15999] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  372.672537][T15999] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  372.699405][T16118] lo speed is unknown, defaulting to 1000
[  372.699892][T15999] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  373.045685][ T5834] Bluetooth: hci0: command tx timeout
[  373.053872][T16158] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3018'.
[  373.101863][T15999] 8021q: adding VLAN 0 to HW filter on device bond0
[  373.122313][T15999] 8021q: adding VLAN 0 to HW filter on device team0
[  373.148846][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.156026][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.200319][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.207514][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  373.275857][T16165] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3019'.
[  373.365570][T16165] bond3 (unregistering): Released all slaves
[  373.481271][T16153] lo speed is unknown, defaulting to 1000
[  373.494611][T16118] lo speed is unknown, defaulting to 1000
[  373.673359][T16172] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3021'.
[  373.770619][T15970] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  373.843447][T15999] 8021q: adding VLAN 0 to HW filter on device batadv0
[  373.966982][T15999] veth0_vlan: entered promiscuous mode
[  374.004460][T15999] veth1_vlan: entered promiscuous mode
[  374.052276][T16181] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3023'.
[  374.061804][T15999] veth0_macvtap: entered promiscuous mode
[  374.075090][T15999] veth1_macvtap: entered promiscuous mode
[  374.104696][T15999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.128408][T15999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.150416][T15999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.172026][T15999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.208321][T15999] batman_adv: batadv0: Interface activated: batadv_slave_0
[  374.235860][T15999] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.266479][T15999] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.293014][T15999] batman_adv: batadv0: Interface activated: batadv_slave_1
[  374.310890][T15999] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.329661][T15999] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.341239][T15999] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.354182][T15999] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.372000][T16153] lo speed is unknown, defaulting to 1000
[  374.886941][T15970] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  374.975586][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  375.004073][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  375.131835][   T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  375.146886][ T5834] Bluetooth: hci0: command tx timeout
[  375.151498][T16201] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3030'.
[  375.161196][   T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  375.784765][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  375.802288][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  375.803362][T16221] netlink: 'syz.1.3035': attribute type 2 has an invalid length.
[  375.933839][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  375.982890][ T5845] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  375.993076][ T5845] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  376.035267][T15970] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  376.062759][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  376.371042][T16219] lo speed is unknown, defaulting to 1000
[  376.417656][T16233] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3040'.
[  376.505733][T16236] netlink: 9 bytes leftover after parsing attributes in process `syz.1.3042'.
[  376.544304][T16236] 0·: renamed from hsr0 (while UP)
[  376.577280][T16236] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  376.645448][T16219] lo speed is unknown, defaulting to 1000
[  376.834635][T16243] smc: net device wg0 applied user defined pnetid SYZ0
[  376.842636][T16243] netlink: 'syz.0.3043': attribute type 39 has an invalid length.
[  377.031347][T16243] smc: removing net device wg0 with user defined pnetid SYZ0
[  377.077446][T16219] chnl_net:caif_netlink_parms(): no params data found
[  377.106449][T16231] lo speed is unknown, defaulting to 1000
[  377.160640][T16252] batadv_slave_1: entered promiscuous mode
[  377.226523][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  377.245198][T16252] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  377.377956][T16252] batadv_slave_1 (unregistering): left promiscuous mode
[  377.391762][T16252] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.534827][T16231] lo speed is unknown, defaulting to 1000
[  377.687224][T16219] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.703270][T16219] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.713572][T16219] bridge_slave_0: entered allmulticast mode
[  377.736065][T16257] siw: device registration error -23
[  377.745521][T16219] bridge_slave_0: entered promiscuous mode
[  377.872763][T16219] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.904381][T16219] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.924453][T16219] bridge_slave_1: entered allmulticast mode
[  377.931722][T16219] bridge_slave_1: entered promiscuous mode
[  377.963612][T16279] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3041'.
[  378.078563][T16219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.100408][T16219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.144947][T16284] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3052'.
[  378.158953][T16281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3051'.
[  378.201645][T16291] bridge_slave_1: left allmulticast mode
[  378.208886][T16291] bridge_slave_1: left promiscuous mode
[  378.219915][T16291] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.232757][T16291] bridge1: port 1(bridge_slave_1) entered blocking state
[  378.240928][T16291] bridge1: port 1(bridge_slave_1) entered disabled state
[  378.245424][ T5845] Bluetooth: hci1: command tx timeout
[  378.250607][T16291] bridge_slave_1: entered allmulticast mode
[  378.262988][T16291] bridge_slave_1: entered promiscuous mode
[  378.300523][T16219] team0: Port device team_slave_0 added
[  378.331702][T16219] team0: Port device team_slave_1 added
[  378.345740][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  378.423834][T16288] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3051'.
[  378.445567][T16282] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3051'.
[  378.596243][T16219] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.623797][T16219] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.640024][T16306] netlink: 'syz.0.3057': attribute type 2 has an invalid length.
[  378.726988][T16219] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.883532][T16219] batman_adv: batadv0: Adding interface: batadv_slave_1
[  378.897144][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  378.904958][T16219] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.905000][T16219] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  378.906055][T16316] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3062'.
[  379.002972][T16318] tipc: Enabled bearer <udp:syz2>, priority 10
[  379.062744][T16316] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3062'.
[  379.292554][T16319] netlink: 'syz.4.3062': attribute type 1 has an invalid length.
[  379.430546][T16219] hsr_slave_0: entered promiscuous mode
[  379.518735][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  379.527194][    C0] ip6_tunnel: ˜uóuä†ÝcÎb xmit: Local address not yet configured!
[  379.538079][T16219] hsr_slave_1: entered promiscuous mode
[  379.621054][T16219] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  379.629544][T16219] Cannot create hsr debugfs directory
[  379.813520][T16338] netlink: 'syz.0.3064': attribute type 1 has an invalid length.
[  380.140699][T16219] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.283549][T16219] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.324204][ T5845] Bluetooth: hci1: command tx timeout
[  380.332239][T16351] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3070'.
[  380.387746][T16352] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3070'.
[  380.441518][T16219] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.513562][T16219] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.634830][T15970] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  380.705768][T16219] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  380.720328][T16219] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  380.740488][T16219] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  380.774447][T16219] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  380.804274][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  380.960363][T16219] 8021q: adding VLAN 0 to HW filter on device bond0
[  380.999565][T16219] 8021q: adding VLAN 0 to HW filter on device team0
[  381.042794][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.050026][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  381.077211][T16364] ip6gretap0: entered promiscuous mode
[  381.085156][T16364] batadv_slave_0: entered promiscuous mode
[  381.113347][T16368] netlink: 'syz.1.3075': attribute type 1 has an invalid length.
[  381.152584][T16364] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  381.190554][T16364] Cannot create hsr debugfs directory
[  381.252003][T16368] 8021q: adding VLAN 0 to HW filter on device bond4
[  381.283358][T15970] bridge0: port 2(bridge_slave_1) entered blocking state
[  381.290609][T15970] bridge0: port 2(bridge_slave_1) entered forwarding state
[  381.402179][T16373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3076'.
[  381.650976][T16219] 8021q: adding VLAN 0 to HW filter on device batadv0
[  381.688397][T16219] veth0_vlan: entered promiscuous mode
[  381.701616][T16219] veth1_vlan: entered promiscuous mode
[  381.728789][T16219] veth0_macvtap: entered promiscuous mode
[  381.739983][T16219] veth1_macvtap: entered promiscuous mode
[  381.752065][T15970] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  381.807609][T16219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  381.825154][T16219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  381.836289][T16219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  381.847257][T16219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  381.858022][T16219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  381.869164][T16219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  381.926704][T16219] batman_adv: batadv0: Interface activated: batadv_slave_0
[  381.963941][T16219] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  381.999203][T16219] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.039369][T16219] batman_adv: batadv0: Interface activated: batadv_slave_1
[  382.071994][T16219] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  382.111652][T16219] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  382.140891][T16219] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  382.165925][T16219] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  382.403578][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.423226][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.431232][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.437624][ T5845] Bluetooth: hci1: command tx timeout
[  382.454156][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.549647][T16396] netlink: 'syz.4.3084': attribute type 8 has an invalid length.
[  382.923521][T16413] ipt_ECN: cannot use operation on non-tcp rule
[  382.941948][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  383.926130][T16363] Set syz1 is full, maxelem 65536 reached
[  384.171578][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  384.380234][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  384.390298][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  384.400971][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  384.435291][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  384.444919][ T5839] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  384.452331][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  384.484979][ T5845] Bluetooth: hci1: command tx timeout
[  384.486768][T16444] netlink: 1292 bytes leftover after parsing attributes in process `syz.1.3096'.
[  384.618572][T16446] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3097'.
[  384.669380][T16449] FAULT_INJECTION: forcing a failure.
[  384.669380][T16449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.682836][T16450] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  384.719700][T16449] CPU: 0 UID: 0 PID: 16449 Comm: syz.0.3098 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  384.730556][T16449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  384.740669][T16449] Call Trace:
[  384.743983][T16449]  <TASK>
[  384.746947][T16449]  dump_stack_lvl+0x241/0x360
[  384.751696][T16449]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.756945][T16449]  ? __pfx__printk+0x10/0x10
[  384.761593][T16449]  ? __pfx_lock_release+0x10/0x10
[  384.766683][T16449]  should_fail_ex+0x3b0/0x4e0
[  384.771419][T16449]  _copy_from_user+0x2f/0xc0
[  384.776066][T16449]  copy_msghdr_from_user+0xae/0x680
[  384.781322][T16449]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  384.787182][T16449]  ? __fget_files+0x2a/0x410
[  384.791826][T16449]  ? __fget_files+0x2a/0x410
[  384.796477][T16449]  __sys_sendmsg+0x209/0x350
[  384.801119][T16449]  ? __pfx_lock_release+0x10/0x10
[  384.806194][T16449]  ? __pfx___sys_sendmsg+0x10/0x10
[  384.811361][T16449]  ? __pfx_vfs_write+0x10/0x10
[  384.816228][T16449]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  384.822608][T16449]  ? do_syscall_64+0x100/0x230
[  384.827418][T16449]  ? do_syscall_64+0xb6/0x230
[  384.832138][T16449]  do_syscall_64+0xf3/0x230
[  384.836684][T16449]  ? clear_bhb_loop+0x35/0x90
[  384.841407][T16449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.847341][T16449] RIP: 0033:0x7f7f69b85d29
[  384.851791][T16449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.871441][T16449] RSP: 002b:00007f7f6aaa4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  384.879930][T16449] RAX: ffffffffffffffda RBX: 00007f7f69d75fa0 RCX: 00007f7f69b85d29
[  384.887316][T16440] lo speed is unknown, defaulting to 1000
[  384.887916][T16449] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  384.901660][T16449] RBP: 00007f7f6aaa4090 R08: 0000000000000000 R09: 0000000000000000
[  384.909673][T16449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.917685][T16449] R13: 0000000000000000 R14: 00007f7f69d75fa0 R15: 00007ffd29b85e48
[  384.925716][T16449]  </TASK>
[  385.180713][T16440] lo speed is unknown, defaulting to 1000
[  385.485403][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  385.643212][T16462] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.863125][T16462] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.992378][T16462] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.034009][T16440] chnl_net:caif_netlink_parms(): no params data found
[  386.168051][T16462] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.371847][T16495] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3109'.
[  386.475855][T16440] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.483022][T16440] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.496548][ T5845] Bluetooth: hci2: command tx timeout
[  386.534762][T16440] bridge_slave_0: entered allmulticast mode
[  386.541581][T16440] bridge_slave_0: entered promiscuous mode
[  386.567794][ T5845] Bluetooth: hci1: command 0x0405 tx timeout
[  386.584948][T16440] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.594671][T16440] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.601910][T16440] bridge_slave_1: entered allmulticast mode
[  386.613223][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  386.615806][T16511] netlink: 'syz.4.3111': attribute type 1 has an invalid length.
[  386.641339][T16440] bridge_slave_1: entered promiscuous mode
[  386.656197][T16462] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.741977][T16513] bond1: (slave gretap1): making interface the new active one
[  386.751001][T16513] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  386.767141][T16462] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.779598][T16514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3112'.
[  386.825871][T16440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.852593][T16462] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.894433][T16440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.918396][T16462] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.008691][T16440] team0: Port device team_slave_0 added
[  387.019064][T16440] team0: Port device team_slave_1 added
[  387.064492][T16440] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.081786][T16440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.139271][T16440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.176510][T16440] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.183785][T16440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.268346][T16532] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3118'.
[  387.283811][T16440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  387.710305][T16545] netlink: 'syz.2.3120': attribute type 10 has an invalid length.
[  387.727730][T16545] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3120'.
[  387.784500][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  388.022132][T16545] batman_adv: batadv0: Adding interface: vlan1
[  388.034624][T16545] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.071370][T16545] batman_adv: batadv0: Interface activated: vlan1
[  388.298184][T16440] hsr_slave_0: entered promiscuous mode
[  388.339592][T16440] hsr_slave_1: entered promiscuous mode
[  388.392929][T16440] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  388.415815][T16440] Cannot create hsr debugfs directory
[  388.564262][ T5834] Bluetooth: hci2: command tx timeout
[  388.810189][T16577] syzkaller0: entered allmulticast mode
[  388.863175][T16583] netlink: 'syz.1.3135': attribute type 1 has an invalid length.
[  388.871243][T16583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3135'.
[  388.883149][T16583] netlink: 92 bytes leftover after parsing attributes in process `syz.1.3135'.
[  388.915957][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  389.192579][T16590] xt_CT: No such helper "pptp"
[  389.372558][T16440] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  389.393474][T16440] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  389.413853][T16440] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  389.433931][T16440] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  389.478495][T16597] xt_l2tp: wrong L2TP version: 0
[  389.785738][T16603] macvlan0: entered allmulticast mode
[  389.799365][T16603] veth1_vlan: entered allmulticast mode
[  389.826299][T16603] veth1_vlan: left allmulticast mode
[  389.875431][T16603] macvlan0 (unregistering): left allmulticast mode
[  389.936060][T16440] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.030524][T16440] 8021q: adding VLAN 0 to HW filter on device team0
[  390.064202][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  390.093556][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.100846][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.131114][T16612] netlink: 277 bytes leftover after parsing attributes in process `syz.4.3145'.
[  390.358144][ T8276] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.365394][ T8276] bridge0: port 2(bridge_slave_1) entered forwarding state
[  390.480304][T16621] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3147'.
[  390.511787][T16619] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3146'.
[  390.521320][T16619] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3146'.
[  390.538682][T16619] netlink: 'syz.0.3146': attribute type 6 has an invalid length.
[  390.644549][ T5834] Bluetooth: hci2: command tx timeout
[  390.835683][T16634] sctp: [Deprecated]: syz.2.3149 (pid 16634) Use of struct sctp_assoc_value in delayed_ack socket option.
[  390.835683][T16634] Use struct sctp_sack_info instead
[  390.966129][T16440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  390.986629][T16644] bridge_slave_0: left allmulticast mode
[  390.992427][T16644] bridge_slave_0: left promiscuous mode
[  391.014391][T16644] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.280302][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  391.293174][T16440] veth0_vlan: entered promiscuous mode
[  391.333925][T16440] veth1_vlan: entered promiscuous mode
[  391.389597][T16654] __nla_validate_parse: 4 callbacks suppressed
[  391.389620][T16654] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3155'.
[  391.431418][T16654] vlan0: entered allmulticast mode
[  391.471712][T16440] veth0_macvtap: entered promiscuous mode
[  391.491842][T16440] veth1_macvtap: entered promiscuous mode
[  391.533398][T16440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  391.544871][T16440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.560718][T16440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  391.572765][T16440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.582853][T16440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  391.593708][T16440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.604498][T16663] rdma_rxe: rxe_newlink: failed to add lo
[  391.610437][T16440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  391.635081][T16440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.650493][T16440] batman_adv: batadv0: Interface activated: batadv_slave_0
[  391.668163][T16440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  391.679370][T16440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.691493][T16440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  391.702587][T16440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.714382][T16440] batman_adv: batadv0: Interface activated: batadv_slave_1
[  391.733788][T16440] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  391.774182][T16440] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.783120][T16440] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.796672][T16440] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  391.956768][T16674] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  391.973564][ T8278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.983014][T16674] netlink: 'syz.4.3161': attribute type 2 has an invalid length.
[  391.994440][ T8278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  392.082292][ T8276] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  392.096548][ T8276] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  392.112152][T16679] gre1: entered promiscuous mode
[  392.407909][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  392.579571][T16687] xt_CT: No such helper "snmp"
[  392.727970][ T5834] Bluetooth: hci2: command tx timeout
[  392.821906][T16701] x_tables: duplicate underflow at hook 1
[  392.966802][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  393.131425][ T5845] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  393.144928][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  393.153593][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  393.177777][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  393.191893][ T5845] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  393.205995][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  393.320154][T16708] smc: ib device syz0 ibport 1 erased user defined pnetid SYZ2
[  393.365881][T16716] netlink: 'syz.3.3175': attribute type 1 has an invalid length.
[  393.394236][T16716] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3175'.
[  393.565265][ T8276] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  393.675739][T16727] Bluetooth: MGMT ver 1.23
[  393.717734][T16705] lo speed is unknown, defaulting to 1000
[  393.794838][T16733] netlink: 'syz.2.3178': attribute type 2 has an invalid length.
[  393.826656][T16733] : entered promiscuous mode
[  393.992566][T16705] lo speed is unknown, defaulting to 1000
[  394.062781][T16740] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3182'.
[  394.286513][T16757] sch_tbf: burst 1127 is lower than device lo mtu (65550) !
[  394.392723][T16705] chnl_net:caif_netlink_parms(): no params data found
[  394.724271][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  394.895599][    C0] ip6_tunnel: ˜uóuä†ÝcÎb xmit: Local address not yet configured!
[  395.034572][T16753] lo speed is unknown, defaulting to 1000
[  395.041987][T16705] bridge0: port 1(bridge_slave_0) entered blocking state
[  395.063714][T16705] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.104851][T16705] bridge_slave_0: entered allmulticast mode
[  395.112184][T16705] bridge_slave_0: entered promiscuous mode
[  395.254527][T16705] bridge0: port 2(bridge_slave_1) entered blocking state
[  395.261798][T16705] bridge0: port 2(bridge_slave_1) entered disabled state
[  395.269242][T16705] bridge_slave_1: entered allmulticast mode
[  395.276846][T16705] bridge_slave_1: entered promiscuous mode
[  395.284890][ T5834] Bluetooth: hci3: command tx timeout
[  395.444060][T16778] Bluetooth: MGMT ver 1.23
[  395.536974][T16705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  395.588640][T16705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  395.833446][T16705] team0: Port device team_slave_0 added
[  395.861516][T16753] lo speed is unknown, defaulting to 1000
[  395.885337][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  395.894360][T16789] tun0: tun_chr_ioctl cmd 2148553947
[  395.913008][T16705] team0: Port device team_slave_1 added
[  395.964363][T16793] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3195'.
[  396.107638][T16705] batman_adv: batadv0: Adding interface: batadv_slave_0
[  396.116318][T16705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  396.154960][T16705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  396.203908][T16772] lo speed is unknown, defaulting to 1000
[  396.207424][T16705] batman_adv: batadv0: Adding interface: batadv_slave_1
[  396.229847][T16705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  396.237558][T16798] netlink: 176 bytes leftover after parsing attributes in process `syz.4.3196'.
[  396.291152][T16705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  396.695460][T16705] hsr_slave_0: entered promiscuous mode
[  396.713900][T16705] hsr_slave_1: entered promiscuous mode
[  396.767781][T16705] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  396.786361][T16705] Cannot create hsr debugfs directory
[  397.022047][T15970] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  397.120028][T16772] lo speed is unknown, defaulting to 1000
[  397.150417][T16759] siw: device registration error -23
[  397.290943][T16808] Unsupported ieee802154 address type: 0
[  397.311813][T16705] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.323056][T16705] netdevsim netdevsim1 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  397.360365][T16808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3199'.
[  397.374387][ T5834] Bluetooth: hci3: command tx timeout
[  397.590246][T16807] lo speed is unknown, defaulting to 1000
[  397.691391][T16807] lo speed is unknown, defaulting to 1000
[  398.084162][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  398.154366][T16705] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.164447][T16705] netdevsim netdevsim1 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  398.174711][ T8279] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  398.339662][T16705] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.374087][T16705] netdevsim netdevsim1 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  398.422616][T16825] netlink: 'syz.4.3205': attribute type 15 has an invalid length.
[  398.526285][T16705] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.544728][T16705] netdevsim netdevsim1 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  398.657294][T16830] FAULT_INJECTION: forcing a failure.
[  398.657294][T16830] name failslab, interval 1, probability 0, space 0, times 0
[  398.686719][T16830] CPU: 1 UID: 0 PID: 16830 Comm: syz.4.3207 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  398.697564][T16830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  398.707668][T16830] Call Trace:
[  398.710968][T16830]  <TASK>
[  398.713904][T16830]  dump_stack_lvl+0x241/0x360
[  398.718607][T16830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  398.723835][T16830]  ? __pfx__printk+0x10/0x10
[  398.728447][T16830]  should_fail_ex+0x3b0/0x4e0
[  398.733147][T16830]  should_failslab+0xac/0x100
[  398.737837][T16830]  __kmalloc_cache_noprof+0x70/0x390
[  398.743177][T16830]  ? sctp_add_bind_addr+0x89/0x3a0
[  398.748327][T16830]  sctp_add_bind_addr+0x89/0x3a0
[  398.753322][T16830]  sctp_copy_local_addr_list+0x311/0x500
[  398.759011][T16830]  ? sctp_copy_local_addr_list+0xab/0x500
[  398.764769][T16830]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  398.770948][T16830]  ? sctp_v4_is_any+0x35/0x60
[  398.775662][T16830]  sctp_bind_addr_copy+0xad/0x3b0
[  398.780705][T16830]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  398.787057][T16830]  sctp_connect_new_asoc+0x2f3/0x6c0
[  398.792367][T16830]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  398.798240][T16830]  ? sctp_sendmsg+0xbb9/0x3520
[  398.803030][T16830]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  398.808861][T16830]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  398.814455][T16830]  sctp_sendmsg+0x219a/0x3520
[  398.819164][T16830]  ? aa_sk_perm+0x96d/0xab0
[  398.823706][T16830]  ? __pfx_sctp_sendmsg+0x10/0x10
[  398.828747][T16830]  ? __pfx_aa_sk_perm+0x10/0x10
[  398.833620][T16830]  ? inet_sendmsg+0x330/0x390
[  398.838314][T16830]  __sock_sendmsg+0x1a6/0x270
[  398.843022][T16830]  ____sys_sendmsg+0x52a/0x7e0
[  398.847823][T16830]  ? __pfx_____sys_sendmsg+0x10/0x10
[  398.853154][T16830]  ? __fget_files+0x2a/0x410
[  398.857788][T16830]  ? __fget_files+0x2a/0x410
[  398.862422][T16830]  __sys_sendmsg+0x269/0x350
[  398.867049][T16830]  ? __pfx_lock_release+0x10/0x10
[  398.872098][T16830]  ? __pfx___sys_sendmsg+0x10/0x10
[  398.877264][T16830]  ? __pfx_vfs_write+0x10/0x10
[  398.882089][T16830]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  398.888457][T16830]  ? do_syscall_64+0x100/0x230
[  398.893261][T16830]  ? do_syscall_64+0xb6/0x230
[  398.897992][T16830]  do_syscall_64+0xf3/0x230
[  398.902531][T16830]  ? clear_bhb_loop+0x35/0x90
[  398.907235][T16830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.913147][T16830] RIP: 0033:0x7f889b585d29
[  398.917573][T16830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.937211][T16830] RSP: 002b:00007f889c3ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  398.945651][T16830] RAX: ffffffffffffffda RBX: 00007f889b775fa0 RCX: 00007f889b585d29
[  398.953638][T16830] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  398.961621][T16830] RBP: 00007f889c3ee090 R08: 0000000000000000 R09: 0000000000000000
[  398.969599][T16830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  398.977581][T16830] R13: 0000000000000000 R14: 00007f889b775fa0 R15: 00007ffc06626e98
[  398.985673][T16830]  </TASK>
[  399.249021][T16705] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  399.348251][T16843] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  399.354476][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  399.393888][T16843] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  399.396584][T16843] netlink: 'syz.3.3212': attribute type 1 has an invalid length.
[  399.444291][ T5834] Bluetooth: hci3: command tx timeout
[  399.490982][T16705] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  399.534776][T16705] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  399.776099][T16705] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  399.849301][T16865] FAULT_INJECTION: forcing a failure.
[  399.849301][T16865] name failslab, interval 1, probability 0, space 0, times 0
[  399.862744][T16865] CPU: 1 UID: 0 PID: 16865 Comm: syz.0.3219 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  399.873574][T16865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  399.883703][T16865] Call Trace:
[  399.887020][T16865]  <TASK>
[  399.889992][T16865]  dump_stack_lvl+0x241/0x360
[  399.894733][T16865]  ? __pfx_dump_stack_lvl+0x10/0x10
[  399.899983][T16865]  ? __pfx__printk+0x10/0x10
[  399.904638][T16865]  should_fail_ex+0x3b0/0x4e0
[  399.909369][T16865]  should_failslab+0xac/0x100
[  399.914088][T16865]  __kmalloc_cache_noprof+0x70/0x390
[  399.919436][T16865]  ? sctp_add_bind_addr+0x89/0x3a0
[  399.924597][T16865]  sctp_add_bind_addr+0x89/0x3a0
[  399.929585][T16865]  sctp_copy_local_addr_list+0x311/0x500
[  399.935262][T16865]  ? sctp_copy_local_addr_list+0xab/0x500
[  399.941024][T16865]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  399.947229][T16865]  ? sctp_v4_is_any+0x35/0x60
[  399.951953][T16865]  sctp_bind_addr_copy+0xad/0x3b0
[  399.957005][T16865]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  399.963367][T16865]  sctp_connect_new_asoc+0x2f3/0x6c0
[  399.968716][T16865]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  399.974547][T16865]  ? sctp_sendmsg+0xbb9/0x3520
[  399.979341][T16865]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  399.985171][T16865]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  399.990746][T16865]  sctp_sendmsg+0x219a/0x3520
[  399.995461][T16865]  ? aa_sk_perm+0x96d/0xab0
[  399.999988][T16865]  ? __pfx_sctp_sendmsg+0x10/0x10
[  400.005034][T16865]  ? __pfx_aa_sk_perm+0x10/0x10
[  400.009915][T16865]  ? inet_sendmsg+0x330/0x390
[  400.014613][T16865]  __sock_sendmsg+0x1a6/0x270
[  400.019323][T16865]  ____sys_sendmsg+0x52a/0x7e0
[  400.024126][T16865]  ? __pfx_____sys_sendmsg+0x10/0x10
[  400.029439][T16865]  ? __fget_files+0x2a/0x410
[  400.034056][T16865]  ? __fget_files+0x2a/0x410
[  400.038680][T16865]  __sys_sendmsg+0x269/0x350
[  400.043286][T16865]  ? __pfx_lock_release+0x10/0x10
[  400.048328][T16865]  ? __pfx___sys_sendmsg+0x10/0x10
[  400.053467][T16865]  ? __pfx_vfs_write+0x10/0x10
[  400.058263][T16865]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  400.064604][T16865]  ? do_syscall_64+0x100/0x230
[  400.069384][T16865]  ? do_syscall_64+0xb6/0x230
[  400.074078][T16865]  do_syscall_64+0xf3/0x230
[  400.078596][T16865]  ? clear_bhb_loop+0x35/0x90
[  400.083290][T16865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.089194][T16865] RIP: 0033:0x7f7f69b85d29
[  400.093669][T16865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.113287][T16865] RSP: 002b:00007f7f6aaa4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.122678][T16865] RAX: ffffffffffffffda RBX: 00007f7f69d75fa0 RCX: 00007f7f69b85d29
[  400.130690][T16865] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  400.138691][T16865] RBP: 00007f7f6aaa4090 R08: 0000000000000000 R09: 0000000000000000
[  400.146695][T16865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  400.154684][T16865] R13: 0000000000000000 R14: 00007f7f69d75fa0 R15: 00007ffd29b85e48
[  400.162681][T16865]  </TASK>
[  400.410376][T16875] set match dimension is over the limit!
[  400.744917][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  401.366094][ T5834] Bluetooth: hci0: command tx timeout
[  401.526216][ T5834] Bluetooth: hci3: command tx timeout
[  401.859204][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  402.860482][T16876] pim6reg: entered allmulticast mode
[  402.874438][T16877] pim6reg: left allmulticast mode
[  402.965102][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  403.063560][T16882] geneve2: entered promiscuous mode
[  403.084540][T16882] geneve2: entered allmulticast mode
[  403.266393][T16705] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.317672][T16705] 8021q: adding VLAN 0 to HW filter on device team0
[  403.419298][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.426538][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.470654][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.477920][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.982226][T16705] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.066714][T16705] veth0_vlan: entered promiscuous mode
[  404.081895][T16705] veth1_vlan: entered promiscuous mode
[  404.115946][ T8279] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  404.178667][T16705] veth0_macvtap: entered promiscuous mode
[  404.197768][T16705] veth1_macvtap: entered promiscuous mode
[  404.232033][T16913] tipc: Started in network mode
[  404.254148][T16913] tipc: Node identity ac14140f, cluster identity 4711
[  404.264424][T16913] tipc: New replicast peer: 255.255.255.255
[  404.271087][T16913] tipc: Enabled bearer <udp:syz2>, priority 10
[  404.316371][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.344574][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.388334][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.414884][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.454034][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.476240][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.488099][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.499050][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.509599][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.520597][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.532954][T16705] batman_adv: batadv0: Interface activated: batadv_slave_0
[  404.632180][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.671305][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.708914][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.751666][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.785284][T16705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  404.806311][T16705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.829188][T16705] batman_adv: batadv0: Interface activated: batadv_slave_1
[  404.933756][T16705] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.966798][T16705] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.991904][T16705] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.006627][T16705] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.238405][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.258524][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.274173][ T5925] tipc: Node number set to 2886997007
[  405.285093][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  405.314117][T16946] can: request_module (can-proto-0) failed.
[  405.398169][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.409098][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.425129][T16957] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3243'.
[  405.626440][T16964] netlink: 'syz.0.3246': attribute type 27 has an invalid length.
[  405.656008][T16964] netlink: 'syz.0.3246': attribute type 1 has an invalid length.
[  405.669382][T16967] bond0: Unable to set down delay as MII monitoring is disabled
[  405.674723][T16964] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3246'.
[  405.707124][T16970] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3248'.
[  405.717444][T16964] ebt_among: wrong size: 2080 against expected 2280, rounded to 2280
[  405.866793][T16972] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3249'.
[  406.396402][T16974] lo speed is unknown, defaulting to 1000
[  406.446561][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  406.952400][T17014] netlink: 'syz.1.3261': attribute type 5 has an invalid length.
[  407.068721][T17023] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3264'.
[  407.143816][T16974] lo speed is unknown, defaulting to 1000
[  407.294673][T17036] netlink: 'syz.3.3264': attribute type 2 has an invalid length.
[  407.311885][T17039] FAULT_INJECTION: forcing a failure.
[  407.311885][T17039] name failslab, interval 1, probability 0, space 0, times 0
[  407.325183][T17039] CPU: 0 UID: 0 PID: 17039 Comm: syz.0.3268 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  407.336002][T17039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  407.346101][T17039] Call Trace:
[  407.349433][T17039]  <TASK>
[  407.352396][T17039]  dump_stack_lvl+0x241/0x360
[  407.357135][T17039]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.362369][T17039]  ? __pfx__printk+0x10/0x10
[  407.367016][T17039]  should_fail_ex+0x3b0/0x4e0
[  407.371732][T17039]  should_failslab+0xac/0x100
[  407.376427][T17039]  ? skb_clone+0x20c/0x390
[  407.380864][T17039]  kmem_cache_alloc_noprof+0x70/0x380
[  407.386262][T17039]  skb_clone+0x20c/0x390
[  407.390525][T17039]  __netlink_deliver_tap+0x3cc/0x7f0
[  407.395852][T17039]  ? netlink_deliver_tap+0x2e/0x1b0
[  407.401065][T17039]  netlink_deliver_tap+0x19d/0x1b0
[  407.406191][T17039]  netlink_unicast+0x7c4/0x990
[  407.410981][T17039]  ? __pfx_netlink_unicast+0x10/0x10
[  407.416285][T17039]  ? __virt_addr_valid+0x45f/0x530
[  407.421409][T17039]  ? __phys_addr_symbol+0x2f/0x70
[  407.426450][T17039]  ? __check_object_size+0x47a/0x730
[  407.431757][T17039]  netlink_sendmsg+0x8e4/0xcb0
[  407.436542][T17039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.441844][T17039]  ? aa_sock_msg_perm+0x91/0x160
[  407.446807][T17039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.452125][T17039]  __sock_sendmsg+0x221/0x270
[  407.456823][T17039]  ____sys_sendmsg+0x52a/0x7e0
[  407.461602][T17039]  ? __pfx_____sys_sendmsg+0x10/0x10
[  407.466896][T17039]  ? __fget_files+0x2a/0x410
[  407.471502][T17039]  ? __fget_files+0x2a/0x410
[  407.476112][T17039]  __sys_sendmsg+0x269/0x350
[  407.480719][T17039]  ? __pfx_lock_release+0x10/0x10
[  407.485766][T17039]  ? __pfx___sys_sendmsg+0x10/0x10
[  407.490900][T17039]  ? __pfx_vfs_write+0x10/0x10
[  407.495712][T17039]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  407.502054][T17039]  ? do_syscall_64+0x100/0x230
[  407.506840][T17039]  ? do_syscall_64+0xb6/0x230
[  407.511536][T17039]  do_syscall_64+0xf3/0x230
[  407.516052][T17039]  ? clear_bhb_loop+0x35/0x90
[  407.520743][T17039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.526649][T17039] RIP: 0033:0x7f7f69b85d29
[  407.531080][T17039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.551137][T17039] RSP: 002b:00007f7f6aaa4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.559569][T17039] RAX: ffffffffffffffda RBX: 00007f7f69d75fa0 RCX: 00007f7f69b85d29
[  407.567553][T17039] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  407.575538][T17039] RBP: 00007f7f6aaa4090 R08: 0000000000000000 R09: 0000000000000000
[  407.583515][T17039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.591492][T17039] R13: 0000000000000000 R14: 00007f7f69d75fa0 R15: 00007ffd29b85e48
[  407.599496][T17039]  </TASK>
[  407.717267][ T8279] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  407.815870][T17046] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3270'.
[  408.033251][T17054] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3273'.
[  408.048682][T17054] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3273'.
[  408.059849][T17054] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3273'.
[  408.069487][T17052] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3274'.
[  408.496195][T17066] netlink: 'syz.0.3278': attribute type 10 has an invalid length.
[  408.653391][T17048] lo speed is unknown, defaulting to 1000
[  408.848395][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  408.860165][T17079] xt_HMARK: spi-set and port-set can't be combined
[  408.982351][T17048] lo speed is unknown, defaulting to 1000
[  409.066194][T17074] lo speed is unknown, defaulting to 1000
[  409.573369][T17104] batadv0: entered allmulticast mode
[  409.593449][T17104] netlink: 'syz.2.3288': attribute type 1 has an invalid length.
[  409.766733][T17074] lo speed is unknown, defaulting to 1000
[  409.866143][T17112] netlink: 'syz.2.3291': attribute type 10 has an invalid length.
[  410.003477][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  410.938033][T17152] netlink: 'syz.4.3303': attribute type 10 has an invalid length.
[  411.004190][T17152] __nla_validate_parse: 6 callbacks suppressed
[  411.004217][T17152] netlink: 140 bytes leftover after parsing attributes in process `syz.4.3303'.
[  411.156038][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  411.219993][T17165] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3306'.
[  411.240859][T17165] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3306'.
[  411.270646][T17165] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3306'.
[  411.303674][T17169] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3308'.
[  411.318624][T17165] openvswitch: netlink: Unknown nsh attribute 0
[  411.345562][T17165] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  411.602902][T17177] xt_hashlimit: size too large, truncated to 1048576
[  411.673319][T17183] syzkaller1: entered promiscuous mode
[  411.691209][T17183] syzkaller1: entered allmulticast mode
[  411.881385][T17197] netlink: 'syz.1.3316': attribute type 10 has an invalid length.
[  411.914167][T17197] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3316'.
[  411.985612][T17203] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3315'.
[  412.097098][T17210] FAULT_INJECTION: forcing a failure.
[  412.097098][T17210] name failslab, interval 1, probability 0, space 0, times 0
[  412.110838][T17210] CPU: 1 UID: 0 PID: 17210 Comm: syz.3.3320 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  412.121655][T17210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  412.131727][T17210] Call Trace:
[  412.135016][T17210]  <TASK>
[  412.137963][T17210]  dump_stack_lvl+0x241/0x360
[  412.142673][T17210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  412.147889][T17210]  ? __pfx__printk+0x10/0x10
[  412.152504][T17210]  should_fail_ex+0x3b0/0x4e0
[  412.157221][T17210]  should_failslab+0xac/0x100
[  412.161953][T17210]  __kmalloc_cache_noprof+0x70/0x390
[  412.167299][T17210]  ? sctp_add_bind_addr+0x89/0x3a0
[  412.172464][T17210]  sctp_add_bind_addr+0x89/0x3a0
[  412.177457][T17210]  sctp_copy_local_addr_list+0x311/0x500
[  412.183129][T17210]  ? sctp_copy_local_addr_list+0xab/0x500
[  412.188865][T17210]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  412.195040][T17210]  ? sctp_v4_is_any+0x35/0x60
[  412.199750][T17210]  sctp_bind_addr_copy+0xad/0x3b0
[  412.204824][T17210]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  412.211231][T17210]  sctp_connect_new_asoc+0x2f3/0x6c0
[  412.216556][T17210]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  412.222429][T17210]  ? sctp_sendmsg+0xbb9/0x3520
[  412.227239][T17210]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  412.233065][T17210]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  412.238633][T17210]  sctp_sendmsg+0x219a/0x3520
[  412.243342][T17210]  ? aa_sk_perm+0x96d/0xab0
[  412.247861][T17210]  ? __pfx_sctp_sendmsg+0x10/0x10
[  412.252918][T17210]  ? __pfx_aa_sk_perm+0x10/0x10
[  412.257803][T17210]  ? inet_sendmsg+0x330/0x390
[  412.262527][T17210]  __sock_sendmsg+0x1a6/0x270
[  412.267236][T17210]  ____sys_sendmsg+0x52a/0x7e0
[  412.272058][T17210]  ? __pfx_____sys_sendmsg+0x10/0x10
[  412.277392][T17210]  ? __fget_files+0x2a/0x410
[  412.282023][T17210]  ? __fget_files+0x2a/0x410
[  412.286673][T17210]  __sys_sendmsg+0x269/0x350
[  412.291298][T17210]  ? __pfx_lock_release+0x10/0x10
[  412.296371][T17210]  ? __pfx___sys_sendmsg+0x10/0x10
[  412.301521][T17210]  ? __pfx_vfs_write+0x10/0x10
[  412.306349][T17210]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  412.312750][T17210]  ? do_syscall_64+0x100/0x230
[  412.317588][T17210]  ? do_syscall_64+0xb6/0x230
[  412.322341][T17210]  do_syscall_64+0xf3/0x230
[  412.326905][T17210]  ? clear_bhb_loop+0x35/0x90
[  412.331628][T17210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.337549][T17210] RIP: 0033:0x7f914e385d29
[  412.341989][T17210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.361753][T17210] RSP: 002b:00007f914f113038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  412.370306][T17210] RAX: ffffffffffffffda RBX: 00007f914e575fa0 RCX: 00007f914e385d29
[  412.378349][T17210] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  412.386353][T17210] RBP: 00007f914f113090 R08: 0000000000000000 R09: 0000000000000000
[  412.394528][T17210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  412.402552][T17210] R13: 0000000000000000 R14: 00007f914e575fa0 R15: 00007fffc4ac0e78
[  412.410581][T17210]  </TASK>
[  412.439727][ T8279] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  412.859238][T17230] FAULT_INJECTION: forcing a failure.
[  412.859238][T17230] name failslab, interval 1, probability 0, space 0, times 0
[  412.890558][T17230] CPU: 0 UID: 0 PID: 17230 Comm: syz.1.3327 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  412.892851][T17231] netlink: 'syz.2.3328': attribute type 10 has an invalid length.
[  412.901392][T17230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  412.901414][T17230] Call Trace:
[  412.901423][T17230]  <TASK>
[  412.901433][T17230]  dump_stack_lvl+0x241/0x360
[  412.901473][T17230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  412.901504][T17230]  ? __pfx__printk+0x10/0x10
[  412.901535][T17230]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  412.901568][T17230]  ? __pfx___might_resched+0x10/0x10
[  412.901590][T17230]  ? __asan_memset+0x23/0x50
[  412.901616][T17230]  should_fail_ex+0x3b0/0x4e0
[  412.901656][T17230]  should_failslab+0xac/0x100
[  412.901687][T17230]  __kmalloc_node_noprof+0xe1/0x4d0
[  412.901717][T17230]  ? __kvmalloc_node_noprof+0x72/0x190
[  412.901746][T17230]  __kvmalloc_node_noprof+0x72/0x190
[  412.901771][T17230]  rhashtable_init_noprof+0x534/0xa60
[  412.901808][T17230]  rhltable_init_noprof+0x1c/0x60
[  412.901837][T17230]  nf_tables_newtable+0x7e8/0x1e10
[  412.901866][T17230]  ? nfnl_pernet+0x23/0x240
[  412.901899][T17230]  ? __pfx_nf_tables_newtable+0x10/0x10
[  412.946572][T17231] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3328'.
[  412.951192][T17230]  ? __nla_parse+0x40/0x60
[  412.951237][T17230]  nfnetlink_rcv+0x14e3/0x2ab0
[  413.025129][T17230]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  413.030360][T17230]  ? netlink_deliver_tap+0x2e/0x1b0
[  413.035611][T17230]  ? skb_clone+0x240/0x390
[  413.040089][T17230]  ? __pfx_lock_release+0x10/0x10
[  413.045181][T17230]  ? netlink_deliver_tap+0x2e/0x1b0
[  413.050438][T17230]  netlink_unicast+0x7f6/0x990
[  413.055285][T17230]  ? __pfx_netlink_unicast+0x10/0x10
[  413.060641][T17230]  ? __virt_addr_valid+0x45f/0x530
[  413.065812][T17230]  ? __phys_addr_symbol+0x2f/0x70
[  413.070887][T17230]  ? __check_object_size+0x47a/0x730
[  413.076228][T17230]  netlink_sendmsg+0x8e4/0xcb0
[  413.081050][T17230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.086387][T17230]  ? aa_sock_msg_perm+0x91/0x160
[  413.091377][T17230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.096714][T17230]  __sock_sendmsg+0x221/0x270
[  413.101451][T17230]  ____sys_sendmsg+0x52a/0x7e0
[  413.106280][T17230]  ? __pfx_____sys_sendmsg+0x10/0x10
[  413.111616][T17230]  ? __fget_files+0x2a/0x410
[  413.116281][T17230]  ? __fget_files+0x2a/0x410
[  413.120947][T17230]  __sys_sendmsg+0x269/0x350
[  413.125594][T17230]  ? __pfx_lock_release+0x10/0x10
[  413.130684][T17230]  ? __pfx___sys_sendmsg+0x10/0x10
[  413.135867][T17230]  ? __pfx_vfs_write+0x10/0x10
[  413.140706][T17230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  413.147080][T17230]  ? do_syscall_64+0x100/0x230
[  413.149878][T17227] netlink: 'syz.4.3326': attribute type 1 has an invalid length.
[  413.151870][T17230]  ? do_syscall_64+0xb6/0x230
[  413.151907][T17230]  do_syscall_64+0xf3/0x230
[  413.163215][T17227] netlink: 'syz.4.3326': attribute type 2 has an invalid length.
[  413.164276][T17230]  ? clear_bhb_loop+0x35/0x90
[  413.164313][T17230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.164339][T17230] RIP: 0033:0x7f55eff85d29
[  413.164361][T17230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.164382][T17230] RSP: 002b:00007f55f0dc5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  413.164409][T17230] RAX: ffffffffffffffda RBX: 00007f55f0175fa0 RCX: 00007f55eff85d29
[  413.164428][T17230] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  413.164443][T17230] RBP: 00007f55f0dc5090 R08: 0000000000000000 R09: 0000000000000000
[  413.164460][T17230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.164475][T17230] R13: 0000000000000000 R14: 00007f55f0175fa0 R15: 00007ffc48272c48
[  413.164510][T17230]  </TASK>
[  413.894413][ T8276] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  414.018071][T17271] netlink: 'syz.0.3340': attribute type 10 has an invalid length.
[  414.040823][T17271] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3340'.
[  414.097360][T17247] lo speed is unknown, defaulting to 1000
[  414.221581][T17280] syz.0.3344[17280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  414.221693][T17280] syz.0.3344[17280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  414.249916][T17280] syz.0.3344[17280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  414.299853][T17280] netlink: 'syz.0.3344': attribute type 2 has an invalid length.
[  414.365594][T17284] FAULT_INJECTION: forcing a failure.
[  414.365594][T17284] name failslab, interval 1, probability 0, space 0, times 0
[  414.388807][T17284] CPU: 0 UID: 0 PID: 17284 Comm: syz.2.3346 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  414.399677][T17284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  414.409781][T17284] Call Trace:
[  414.413077][T17284]  <TASK>
[  414.416022][T17284]  dump_stack_lvl+0x241/0x360
[  414.420732][T17284]  ? __pfx_dump_stack_lvl+0x10/0x10
[  414.425950][T17284]  ? __pfx__printk+0x10/0x10
[  414.430558][T17284]  ? __kmalloc_cache_noprof+0x48/0x390
[  414.436041][T17284]  ? __pfx___might_resched+0x10/0x10
[  414.441335][T17284]  ? lockdep_init_map_type+0xa1/0x910
[  414.446735][T17284]  should_fail_ex+0x3b0/0x4e0
[  414.451438][T17284]  should_failslab+0xac/0x100
[  414.456138][T17284]  __kmalloc_cache_noprof+0x70/0x390
[  414.461445][T17284]  ? nft_trans_table_add+0x57/0x400
[  414.466755][T17284]  nft_trans_table_add+0x57/0x400
[  414.471894][T17284]  nf_tables_newtable+0x1143/0x1e10
[  414.477118][T17284]  ? __pfx_nf_tables_newtable+0x10/0x10
[  414.482679][T17284]  ? __nla_parse+0x40/0x60
[  414.487117][T17284]  nfnetlink_rcv+0x14e3/0x2ab0
[  414.491923][T17284]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  414.497099][T17284]  ? netlink_deliver_tap+0x2e/0x1b0
[  414.502306][T17284]  ? skb_clone+0x240/0x390
[  414.506739][T17284]  ? __pfx_lock_release+0x10/0x10
[  414.511792][T17284]  ? netlink_deliver_tap+0x2e/0x1b0
[  414.517005][T17284]  netlink_unicast+0x7f6/0x990
[  414.521798][T17284]  ? __pfx_netlink_unicast+0x10/0x10
[  414.527099][T17284]  ? __virt_addr_valid+0x45f/0x530
[  414.532231][T17284]  ? __phys_addr_symbol+0x2f/0x70
[  414.537268][T17284]  ? __check_object_size+0x47a/0x730
[  414.542571][T17284]  netlink_sendmsg+0x8e4/0xcb0
[  414.547443][T17284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  414.552744][T17284]  ? aa_sock_msg_perm+0x91/0x160
[  414.557700][T17284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  414.563000][T17284]  __sock_sendmsg+0x221/0x270
[  414.567723][T17284]  ____sys_sendmsg+0x52a/0x7e0
[  414.572515][T17284]  ? __pfx_____sys_sendmsg+0x10/0x10
[  414.577812][T17284]  ? __fget_files+0x2a/0x410
[  414.582454][T17284]  ? __fget_files+0x2a/0x410
[  414.587066][T17284]  __sys_sendmsg+0x269/0x350
[  414.591695][T17284]  ? __pfx_lock_release+0x10/0x10
[  414.596738][T17284]  ? __pfx___sys_sendmsg+0x10/0x10
[  414.601873][T17284]  ? __pfx_vfs_write+0x10/0x10
[  414.606687][T17284]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  414.613038][T17284]  ? do_syscall_64+0x100/0x230
[  414.617816][T17284]  ? do_syscall_64+0xb6/0x230
[  414.622509][T17284]  do_syscall_64+0xf3/0x230
[  414.627038][T17284]  ? clear_bhb_loop+0x35/0x90
[  414.631728][T17284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.637638][T17284] RIP: 0033:0x7fea1e785d29
[  414.642063][T17284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  414.661685][T17284] RSP: 002b:00007fea1f676038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  414.670128][T17284] RAX: ffffffffffffffda RBX: 00007fea1e975fa0 RCX: 00007fea1e785d29
[  414.678116][T17284] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  414.686095][T17284] RBP: 00007fea1f676090 R08: 0000000000000000 R09: 0000000000000000
[  414.694075][T17284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  414.702073][T17284] R13: 0000000000000000 R14: 00007fea1e975fa0 R15: 00007ffc11fd5628
[  414.710083][T17284]  </TASK>
[  414.753219][T17247] lo speed is unknown, defaulting to 1000
[  414.972557][T17291] netlink: 'syz.0.3348': attribute type 2 has an invalid length.
[  415.004600][T17291] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3348'.
[  415.295942][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  415.306663][T17317] netlink: 'syz.3.3354': attribute type 10 has an invalid length.
[  415.387264][T17322] netlink: 'syz.2.3357': attribute type 1 has an invalid length.
[  415.578557][T17333] FAULT_INJECTION: forcing a failure.
[  415.578557][T17333] name failslab, interval 1, probability 0, space 0, times 0
[  415.660141][T17333] CPU: 0 UID: 0 PID: 17333 Comm: syz.1.3359 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  415.671004][T17333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  415.681103][T17333] Call Trace:
[  415.684423][T17333]  <TASK>
[  415.687390][T17333]  dump_stack_lvl+0x241/0x360
[  415.692127][T17333]  ? __pfx_dump_stack_lvl+0x10/0x10
[  415.697377][T17333]  ? __pfx__printk+0x10/0x10
[  415.702033][T17333]  ? __kmalloc_cache_noprof+0x48/0x390
[  415.707545][T17333]  ? __pfx___might_resched+0x10/0x10
[  415.712872][T17333]  ? lockdep_init_map_type+0xa1/0x910
[  415.718298][T17333]  should_fail_ex+0x3b0/0x4e0
[  415.723049][T17333]  should_failslab+0xac/0x100
[  415.727797][T17333]  __kmalloc_cache_noprof+0x70/0x390
[  415.733138][T17333]  ? nft_trans_table_add+0x57/0x400
[  415.738388][T17333]  nft_trans_table_add+0x57/0x400
[  415.743476][T17333]  nf_tables_newtable+0x1143/0x1e10
[  415.748738][T17333]  ? __pfx_nf_tables_newtable+0x10/0x10
[  415.754343][T17333]  ? __nla_parse+0x40/0x60
[  415.758812][T17333]  nfnetlink_rcv+0x14e3/0x2ab0
[  415.763663][T17333]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  415.768879][T17333]  ? netlink_deliver_tap+0x2e/0x1b0
[  415.774124][T17333]  ? skb_clone+0x240/0x390
[  415.778591][T17333]  ? __pfx_lock_release+0x10/0x10
[  415.783682][T17333]  ? netlink_deliver_tap+0x2e/0x1b0
[  415.788935][T17333]  netlink_unicast+0x7f6/0x990
[  415.793784][T17333]  ? __pfx_netlink_unicast+0x10/0x10
[  415.799132][T17333]  ? __virt_addr_valid+0x45f/0x530
[  415.804298][T17333]  ? __phys_addr_symbol+0x2f/0x70
[  415.809371][T17333]  ? __check_object_size+0x47a/0x730
[  415.814723][T17333]  netlink_sendmsg+0x8e4/0xcb0
[  415.819533][T17333]  ? __pfx_netlink_sendmsg+0x10/0x10
[  415.824854][T17333]  ? aa_sock_msg_perm+0x91/0x160
[  415.829839][T17333]  ? __pfx_netlink_sendmsg+0x10/0x10
[  415.835168][T17333]  __sock_sendmsg+0x221/0x270
[  415.839898][T17333]  ____sys_sendmsg+0x52a/0x7e0
[  415.844713][T17333]  ? __pfx_____sys_sendmsg+0x10/0x10
[  415.850045][T17333]  ? __fget_files+0x2a/0x410
[  415.854691][T17333]  ? __fget_files+0x2a/0x410
[  415.859343][T17333]  __sys_sendmsg+0x269/0x350
[  415.863988][T17333]  ? __pfx_lock_release+0x10/0x10
[  415.869064][T17333]  ? __pfx___sys_sendmsg+0x10/0x10
[  415.874236][T17333]  ? __pfx_vfs_write+0x10/0x10
[  415.879059][T17333]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  415.885423][T17333]  ? do_syscall_64+0x100/0x230
[  415.890221][T17333]  ? do_syscall_64+0xb6/0x230
[  415.894917][T17333]  do_syscall_64+0xf3/0x230
[  415.899434][T17333]  ? clear_bhb_loop+0x35/0x90
[  415.904150][T17333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.910080][T17333] RIP: 0033:0x7f55eff85d29
[  415.914518][T17333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.934166][T17333] RSP: 002b:00007f55f0dc5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  415.942655][T17333] RAX: ffffffffffffffda RBX: 00007f55f0175fa0 RCX: 00007f55eff85d29
[  415.950693][T17333] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  415.958716][T17333] RBP: 00007f55f0dc5090 R08: 0000000000000000 R09: 0000000000000000
[  415.966748][T17333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  415.974776][T17333] R13: 0000000000000000 R14: 00007f55f0175fa0 R15: 00007ffc48272c48
[  415.982833][T17333]  </TASK>
[  416.123787][T17331] syzkaller0: entered promiscuous mode
[  416.135443][T17348] validate_nla: 2 callbacks suppressed
[  416.135466][T17348] netlink: 'syz.1.3365': attribute type 29 has an invalid length.
[  416.155593][T17331] syzkaller0: entered allmulticast mode
[  416.209507][T17336] lo speed is unknown, defaulting to 1000
[  416.696458][T17359] netlink: 'syz.4.3370': attribute type 10 has an invalid length.
[  416.704624][T17359] __nla_validate_parse: 2 callbacks suppressed
[  416.704643][T17359] netlink: 140 bytes leftover after parsing attributes in process `syz.4.3370'.
[  416.766068][ T8278] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  417.908764][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  419.055017][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  419.074332][T17336] lo speed is unknown, defaulting to 1000
[  419.084444][T17366] bond0: option resend_igmp: invalid value (4095)
[  419.090958][T17366] bond0: option resend_igmp: allowed values 0 - 255
[  419.114526][T17368] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3373'.
[  419.301304][T17380] FAULT_INJECTION: forcing a failure.
[  419.301304][T17380] name failslab, interval 1, probability 0, space 0, times 0
[  419.314115][T17380] CPU: 0 UID: 0 PID: 17380 Comm: syz.2.3375 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  419.324932][T17380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  419.335035][T17380] Call Trace:
[  419.338352][T17380]  <TASK>
[  419.341323][T17380]  dump_stack_lvl+0x241/0x360
[  419.346057][T17380]  ? __pfx_dump_stack_lvl+0x10/0x10
[  419.351301][T17380]  ? __pfx__printk+0x10/0x10
[  419.355940][T17380]  ? __kmalloc_cache_noprof+0x48/0x390
[  419.361443][T17380]  ? __pfx___might_resched+0x10/0x10
[  419.366764][T17380]  should_fail_ex+0x3b0/0x4e0
[  419.371498][T17380]  should_failslab+0xac/0x100
[  419.376227][T17380]  __kmalloc_cache_noprof+0x70/0x390
[  419.381548][T17380]  ? nfnetlink_rcv+0x1265/0x2ab0
[  419.386524][T17380]  nfnetlink_rcv+0x1265/0x2ab0
[  419.391373][T17380]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  419.396562][T17380]  ? netlink_deliver_tap+0x2e/0x1b0
[  419.401773][T17380]  ? skb_clone+0x240/0x390
[  419.406219][T17380]  ? __pfx_lock_release+0x10/0x10
[  419.411289][T17380]  ? netlink_deliver_tap+0x2e/0x1b0
[  419.416502][T17380]  netlink_unicast+0x7f6/0x990
[  419.421292][T17380]  ? __pfx_netlink_unicast+0x10/0x10
[  419.426593][T17380]  ? __virt_addr_valid+0x45f/0x530
[  419.431724][T17380]  ? __phys_addr_symbol+0x2f/0x70
[  419.436760][T17380]  ? __check_object_size+0x47a/0x730
[  419.442060][T17380]  netlink_sendmsg+0x8e4/0xcb0
[  419.446846][T17380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.452146][T17380]  ? aa_sock_msg_perm+0x91/0x160
[  419.457101][T17380]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.462397][T17380]  __sock_sendmsg+0x221/0x270
[  419.467094][T17380]  ____sys_sendmsg+0x52a/0x7e0
[  419.471877][T17380]  ? __pfx_____sys_sendmsg+0x10/0x10
[  419.477178][T17380]  ? __fget_files+0x2a/0x410
[  419.481788][T17380]  ? __fget_files+0x2a/0x410
[  419.486406][T17380]  __sys_sendmsg+0x269/0x350
[  419.491012][T17380]  ? __pfx_lock_release+0x10/0x10
[  419.496055][T17380]  ? __pfx___sys_sendmsg+0x10/0x10
[  419.501186][T17380]  ? __pfx_vfs_write+0x10/0x10
[  419.505979][T17380]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  419.512322][T17380]  ? do_syscall_64+0x100/0x230
[  419.517109][T17380]  ? do_syscall_64+0xb6/0x230
[  419.521801][T17380]  do_syscall_64+0xf3/0x230
[  419.526317][T17380]  ? clear_bhb_loop+0x35/0x90
[  419.531013][T17380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.536917][T17380] RIP: 0033:0x7fea1e785d29
[  419.541360][T17380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.560981][T17380] RSP: 002b:00007fea1f676038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  419.569411][T17380] RAX: ffffffffffffffda RBX: 00007fea1e975fa0 RCX: 00007fea1e785d29
[  419.577404][T17380] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  419.585397][T17380] RBP: 00007fea1f676090 R08: 0000000000000000 R09: 0000000000000000
[  419.593386][T17380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  419.601366][T17380] R13: 0000000000000000 R14: 00007fea1e975fa0 R15: 00007ffc11fd5628
[  419.609367][T17380]  </TASK>
[  419.800499][T17388] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3379'.
[  419.855441][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  419.866128][T17386] netlink: 288 bytes leftover after parsing attributes in process `syz.4.3378'.
[  419.871484][T17390] sctp: [Deprecated]: syz.2.3379 (pid 17390) Use of struct sctp_assoc_value in delayed_ack socket option.
[  419.871484][T17390] Use struct sctp_sack_info instead
[  419.901472][T17390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3379'.
[  420.065904][T17392] FAULT_INJECTION: forcing a failure.
[  420.065904][T17392] name failslab, interval 1, probability 0, space 0, times 0
[  420.095569][T17392] CPU: 0 UID: 0 PID: 17392 Comm: syz.4.3380 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  420.106424][T17392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  420.116530][T17392] Call Trace:
[  420.119862][T17392]  <TASK>
[  420.122842][T17392]  dump_stack_lvl+0x241/0x360
[  420.127584][T17392]  ? __pfx_dump_stack_lvl+0x10/0x10
[  420.132835][T17392]  ? __pfx__printk+0x10/0x10
[  420.137483][T17392]  should_fail_ex+0x3b0/0x4e0
[  420.142213][T17392]  should_failslab+0xac/0x100
[  420.146937][T17392]  __kmalloc_cache_noprof+0x70/0x390
[  420.152269][T17392]  ? sctp_add_bind_addr+0x89/0x3a0
[  420.157429][T17392]  sctp_add_bind_addr+0x89/0x3a0
[  420.162411][T17392]  sctp_copy_local_addr_list+0x311/0x500
[  420.168092][T17392]  ? sctp_copy_local_addr_list+0xab/0x500
[  420.173854][T17392]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  420.180052][T17392]  ? sctp_v4_is_any+0x35/0x60
[  420.184782][T17392]  sctp_bind_addr_copy+0xad/0x3b0
[  420.189850][T17392]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  420.196240][T17392]  sctp_connect_new_asoc+0x2f3/0x6c0
[  420.201587][T17392]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  420.207441][T17392]  ? sctp_sendmsg+0xbb9/0x3520
[  420.212265][T17392]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  420.218124][T17392]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  420.223726][T17392]  sctp_sendmsg+0x219a/0x3520
[  420.228468][T17392]  ? aa_sk_perm+0x96d/0xab0
[  420.233019][T17392]  ? __pfx_sctp_sendmsg+0x10/0x10
[  420.238095][T17392]  ? __pfx_aa_sk_perm+0x10/0x10
[  420.243021][T17392]  ? inet_sendmsg+0x330/0x390
[  420.247733][T17392]  __sock_sendmsg+0x1a6/0x270
[  420.252439][T17392]  ____sys_sendmsg+0x52a/0x7e0
[  420.257224][T17392]  ? __pfx_____sys_sendmsg+0x10/0x10
[  420.262520][T17392]  ? __fget_files+0x2a/0x410
[  420.267134][T17392]  ? __fget_files+0x2a/0x410
[  420.271749][T17392]  __sys_sendmsg+0x269/0x350
[  420.276360][T17392]  ? __pfx___sys_sendmsg+0x10/0x10
[  420.281493][T17392]  ? __pfx_preempt_schedule+0x10/0x10
[  420.286909][T17392]  ? fput+0x84/0x290
[  420.290826][T17392]  ? fput+0x208/0x290
[  420.294836][T17392]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  420.301178][T17392]  ? do_syscall_64+0x100/0x230
[  420.305958][T17392]  ? do_syscall_64+0xb6/0x230
[  420.310648][T17392]  do_syscall_64+0xf3/0x230
[  420.315180][T17392]  ? clear_bhb_loop+0x35/0x90
[  420.319873][T17392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.325777][T17392] RIP: 0033:0x7f889b585d29
[  420.330199][T17392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.349817][T17392] RSP: 002b:00007f889c3ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  420.358246][T17392] RAX: ffffffffffffffda RBX: 00007f889b775fa0 RCX: 00007f889b585d29
[  420.366231][T17392] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  420.374210][T17392] RBP: 00007f889c3ee090 R08: 0000000000000000 R09: 0000000000000000
[  420.382185][T17392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  420.390162][T17392] R13: 0000000000000000 R14: 00007f889b775fa0 R15: 00007ffc06626e98
[  420.398169][T17392]  </TASK>
[  420.405018][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  420.562256][T17397] netlink: 'syz.1.3381': attribute type 5 has an invalid length.
[  420.653463][T17403] netlink: 'syz.0.3382': attribute type 10 has an invalid length.
[  420.669089][T17403] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3382'.
[  421.035654][T17422] netlink: 'syz.4.3388': attribute type 2 has an invalid length.
[  421.094334][T17425] FAULT_INJECTION: forcing a failure.
[  421.094334][T17425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.135057][T17425] CPU: 1 UID: 0 PID: 17425 Comm: syz.3.3389 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  421.145901][T17425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  421.155973][T17425] Call Trace:
[  421.159261][T17425]  <TASK>
[  421.162203][T17425]  dump_stack_lvl+0x241/0x360
[  421.166903][T17425]  ? __pfx_dump_stack_lvl+0x10/0x10
[  421.172116][T17425]  ? __pfx__printk+0x10/0x10
[  421.176724][T17425]  ? snprintf+0xda/0x120
[  421.180980][T17425]  should_fail_ex+0x3b0/0x4e0
[  421.185679][T17425]  _copy_to_user+0x31/0xb0
[  421.190114][T17425]  simple_read_from_buffer+0xca/0x150
[  421.195517][T17425]  proc_fail_nth_read+0x1e9/0x250
[  421.200556][T17425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  421.206120][T17425]  ? rw_verify_area+0x55e/0x6f0
[  421.210977][T17425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  421.216551][T17425]  vfs_read+0x1fc/0xb70
[  421.220720][T17425]  ? __pfx___mutex_lock+0x10/0x10
[  421.225754][T17425]  ? __pfx_vfs_read+0x10/0x10
[  421.230447][T17425]  ? __fget_files+0x2a/0x410
[  421.235057][T17425]  ? __fget_files+0x395/0x410
[  421.239745][T17425]  ? __fget_files+0x2a/0x410
[  421.244363][T17425]  ksys_read+0x18f/0x2b0
[  421.248628][T17425]  ? __pfx_ksys_read+0x10/0x10
[  421.253400][T17425]  ? do_syscall_64+0x100/0x230
[  421.258178][T17425]  ? do_syscall_64+0xb6/0x230
[  421.262870][T17425]  do_syscall_64+0xf3/0x230
[  421.267386][T17425]  ? clear_bhb_loop+0x35/0x90
[  421.272079][T17425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.277984][T17425] RIP: 0033:0x7f914e38473c
[  421.282425][T17425] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  421.302062][T17425] RSP: 002b:00007f914f113030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  421.310488][T17425] RAX: ffffffffffffffda RBX: 00007f914e575fa0 RCX: 00007f914e38473c
[  421.318468][T17425] RDX: 000000000000000f RSI: 00007f914f1130a0 RDI: 0000000000000005
[  421.326453][T17425] RBP: 00007f914f113090 R08: 0000000000000000 R09: 0000000000000000
[  421.334437][T17425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  421.342415][T17425] R13: 0000000000000000 R14: 00007f914e575fa0 R15: 00007fffc4ac0e78
[  421.350413][T17425]  </TASK>
[  421.384470][T17432] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3392'.
[  421.437185][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.444367][T17432] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3392'.
[  421.461816][T17432] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3392'.
[  421.482510][T17433] Tq€!7: entered promiscuous mode
[  421.507336][T17436] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  421.515568][T17432] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3392'.
[  421.555160][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.560140][T17438] FAULT_INJECTION: forcing a failure.
[  421.560140][T17438] name failslab, interval 1, probability 0, space 0, times 0
[  421.575940][T17438] CPU: 1 UID: 0 PID: 17438 Comm: syz.3.3393 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  421.586749][T17438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  421.596840][T17438] Call Trace:
[  421.600155][T17438]  <TASK>
[  421.603121][T17438]  dump_stack_lvl+0x241/0x360
[  421.605048][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.607829][T17438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  421.607871][T17438]  ? __pfx__printk+0x10/0x10
[  421.625442][T17438]  should_fail_ex+0x3b0/0x4e0
[  421.630188][T17438]  should_failslab+0xac/0x100
[  421.634919][T17438]  __kmalloc_cache_noprof+0x70/0x390
[  421.640252][T17438]  ? sctp_add_bind_addr+0x89/0x3a0
[  421.645411][T17438]  sctp_add_bind_addr+0x89/0x3a0
[  421.650406][T17438]  sctp_copy_local_addr_list+0x311/0x500
[  421.656084][T17438]  ? sctp_copy_local_addr_list+0xab/0x500
[  421.661855][T17438]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  421.668067][T17438]  ? sctp_v4_is_any+0x35/0x60
[  421.671541][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.672774][T17438]  sctp_bind_addr_copy+0xad/0x3b0
[  421.672809][T17438]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  421.691868][T17438]  sctp_connect_new_asoc+0x2f3/0x6c0
[  421.697180][T17438]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  421.703001][T17438]  ? sctp_sendmsg+0xbb9/0x3520
[  421.707787][T17438]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  421.713621][T17438]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  421.719188][T17438]  sctp_sendmsg+0x219a/0x3520
[  421.723893][T17438]  ? aa_sk_perm+0x96d/0xab0
[  421.728419][T17438]  ? __pfx_sctp_sendmsg+0x10/0x10
[  421.733462][T17438]  ? __pfx_aa_sk_perm+0x10/0x10
[  421.738339][T17438]  ? inet_sendmsg+0x330/0x390
[  421.743048][T17438]  __sock_sendmsg+0x1a6/0x270
[  421.747745][T17438]  ____sys_sendmsg+0x52a/0x7e0
[  421.752526][T17438]  ? __pfx_____sys_sendmsg+0x10/0x10
[  421.757819][T17438]  ? __fget_files+0x2a/0x410
[  421.762424][T17438]  ? __fget_files+0x2a/0x410
[  421.767040][T17438]  __sys_sendmsg+0x269/0x350
[  421.771638][T17438]  ? __pfx_lock_release+0x10/0x10
[  421.776678][T17438]  ? __pfx___sys_sendmsg+0x10/0x10
[  421.781809][T17438]  ? __pfx_vfs_write+0x10/0x10
[  421.786610][T17438]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  421.792952][T17438]  ? do_syscall_64+0x100/0x230
[  421.797733][T17438]  ? do_syscall_64+0xb6/0x230
[  421.802463][T17438]  do_syscall_64+0xf3/0x230
[  421.806978][T17438]  ? clear_bhb_loop+0x35/0x90
[  421.811672][T17438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.817664][T17438] RIP: 0033:0x7f914e385d29
[  421.822089][T17438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.841733][T17438] RSP: 002b:00007f914f113038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  421.850165][T17438] RAX: ffffffffffffffda RBX: 00007f914e575fa0 RCX: 00007f914e385d29
[  421.858149][T17438] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  421.866128][T17438] RBP: 00007f914f113090 R08: 0000000000000000 R09: 0000000000000000
[  421.874105][T17438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  421.882084][T17438] R13: 0000000000000000 R14: 00007f914e575fa0 R15: 00007fffc4ac0e78
[  421.890080][T17438]  </TASK>
[  421.922513][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.940279][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.950831][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.961060][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.971114][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  421.986727][T17433] netlink: 'syz.4.3392': attribute type 2 has an invalid length.
[  422.009445][   T35] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  422.067275][T17444] __nla_validate_parse: 29 callbacks suppressed
[  422.067300][T17444] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3396'.
[  422.118911][T17447] syz_tun: entered promiscuous mode
[  422.142362][T17447] batadv_slave_0: entered promiscuous mode
[  422.155159][T17447] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  422.162805][T17447] Cannot create hsr debugfs directory
[  422.172285][T17447] hsr1: entered allmulticast mode
[  422.189391][T17447] syz_tun: entered allmulticast mode
[  422.195106][T17447] batadv_slave_0: entered allmulticast mode
[  422.641313][T17474] FAULT_INJECTION: forcing a failure.
[  422.641313][T17474] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.643147][T17474] 
[  422.643160][T17474] ======================================================
[  422.643168][T17474] WARNING: possible circular locking dependency detected
[  422.643178][T17474] 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0 Not tainted
[  422.643191][T17474] ------------------------------------------------------
[  422.643199][T17474] syz.3.3407/17474 is trying to acquire lock:
[  422.643210][T17474] ffffffff8e813440 (console_owner){..-.}-{0:0}, at: console_flush_all+0x1a3/0xeb0
[  422.643265][T17474] 
[  422.643265][T17474] but task is already holding lock:
[  422.643271][T17474] ffff8880b863e8d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  422.643329][T17474] 
[  422.643329][T17474] which lock already depends on the new lock.
[  422.643329][T17474] 
[  422.643336][T17474] 
[  422.643336][T17474] the existing dependency chain (in reverse order) is:
[  422.643344][T17474] 
[  422.643344][T17474] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  422.643373][T17474]        lock_acquire+0x1ed/0x550
[  422.643396][T17474]        _raw_spin_lock_nested+0x31/0x40
[  422.643429][T17474]        raw_spin_rq_lock_nested+0x2a/0x140
[  422.643460][T17474]        task_rq_lock+0xc6/0x360
[  422.643477][T17474]        cgroup_move_task+0x9b/0x5a0
[  422.643508][T17474]        css_set_move_task+0x72e/0x950
[  422.643527][T17474]        cgroup_post_fork+0x256/0x880
[  422.643546][T17474]        copy_process+0x39e9/0x3d50
[  422.643564][T17474]        kernel_clone+0x226/0x8e0
[  422.643585][T17474]        user_mode_thread+0x132/0x1a0
[  422.643605][T17474]        rest_init+0x23/0x300
[  422.643629][T17474]        start_kernel+0x47f/0x500
[  422.643652][T17474]        x86_64_start_reservations+0x2a/0x30
[  422.643683][T17474]        x86_64_start_kernel+0x9f/0xa0
[  422.643713][T17474]        common_startup_64+0x13e/0x147
[  422.643740][T17474] 
[  422.643740][T17474] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  422.643769][T17474]        lock_acquire+0x1ed/0x550
[  422.643790][T17474]        _raw_spin_lock_irqsave+0xd5/0x120
[  422.643819][T17474]        try_to_wake_up+0xc2/0x1470
[  422.643843][T17474]        __wake_up_common_lock+0x130/0x1e0
[  422.643867][T17474]        tty_port_default_wakeup+0xa6/0xf0
[  422.643887][T17474]        serial8250_tx_chars+0x6e2/0x930
[  422.643917][T17474]        serial8250_handle_irq+0x630/0xb80
[  422.643949][T17474]        serial8250_default_handle_irq+0xd1/0x1f0
[  422.643970][T17474]        serial8250_interrupt+0xa9/0x1f0
[  422.643994][T17474]        __handle_irq_event_percpu+0x29a/0xa60
[  422.644013][T17474]        handle_irq_event+0x89/0x1f0
[  422.644031][T17474]        handle_edge_irq+0x25f/0xc20
[  422.644066][T17474]        __common_interrupt+0x136/0x230
[  422.644108][T17474]        common_interrupt+0xb4/0xd0
[  422.644134][T17474]        asm_common_interrupt+0x26/0x40
[  422.644151][T17474]        acpi_safe_halt+0x21/0x30
[  422.644169][T17474]        acpi_idle_enter+0xe4/0x140
[  422.644186][T17474]        cpuidle_enter_state+0x109/0x470
[  422.644203][T17474]        cpuidle_enter+0x5d/0xa0
[  422.644220][T17474]        do_idle+0x372/0x5c0
[  422.644233][T17474]        cpu_startup_entry+0x42/0x60
[  422.644246][T17474]        rest_init+0x2dc/0x300
[  422.644264][T17474]        start_kernel+0x47f/0x500
[  422.644282][T17474]        x86_64_start_reservations+0x2a/0x30
[  422.644305][T17474]        x86_64_start_kernel+0x9f/0xa0
[  422.644327][T17474]        common_startup_64+0x13e/0x147
[  422.644347][T17474] 
[  422.644347][T17474] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  422.644370][T17474]        lock_acquire+0x1ed/0x550
[  422.644389][T17474]        _raw_spin_lock_irqsave+0xd5/0x120
[  422.644411][T17474]        __wake_up_common_lock+0x25/0x1e0
[  422.644429][T17474]        tty_port_default_wakeup+0xa6/0xf0
[  422.644444][T17474]        serial8250_tx_chars+0x6e2/0x930
[  422.644466][T17474]        serial8250_handle_irq+0x630/0xb80
[  422.644488][T17474]        serial8250_default_handle_irq+0xd1/0x1f0
[  422.644505][T17474]        serial8250_interrupt+0xa9/0x1f0
[  422.644524][T17474]        __handle_irq_event_percpu+0x29a/0xa60
[  422.644539][T17474]        handle_irq_event+0x89/0x1f0
[  422.644552][T17474]        handle_edge_irq+0x25f/0xc20
[  422.644574][T17474]        __common_interrupt+0x136/0x230
[  422.644597][T17474]        common_interrupt+0xb4/0xd0
[  422.644616][T17474]        asm_common_interrupt+0x26/0x40
[  422.644632][T17474]        acpi_safe_halt+0x21/0x30
[  422.644649][T17474]        acpi_idle_enter+0xe4/0x140
[  422.644667][T17474]        cpuidle_enter_state+0x109/0x470
[  422.644683][T17474]        cpuidle_enter+0x5d/0xa0
[  422.644699][T17474]        do_idle+0x372/0x5c0
[  422.644712][T17474]        cpu_startup_entry+0x42/0x60
[  422.644725][T17474]        rest_init+0x2dc/0x300
[  422.644742][T17474]        start_kernel+0x47f/0x500
[  422.644759][T17474]        x86_64_start_reservations+0x2a/0x30
[  422.644782][T17474]        x86_64_start_kernel+0x9f/0xa0
[  422.644803][T17474]        common_startup_64+0x13e/0x147
[  422.644824][T17474] 
[  422.644824][T17474] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  422.644845][T17474]        lock_acquire+0x1ed/0x550
[  422.644862][T17474]        _raw_spin_lock_irqsave+0xd5/0x120
[  422.644883][T17474]        serial8250_console_write+0x1a7/0x1ed0
[  422.644907][T17474]        console_flush_all+0x86b/0xeb0
[  422.644921][T17474]        console_unlock+0x14f/0x3b0
[  422.644943][T17474]        vprintk_emit+0x730/0xa10
[  422.644964][T17474]        _printk+0xd5/0x120
[  422.644983][T17474]        register_console+0xbf5/0xfd0
[  422.644997][T17474]        univ8250_console_init+0x52/0x90
[  422.645020][T17474]        console_init+0x1b8/0x6f0
[  422.645037][T17474]        start_kernel+0x2d8/0x500
[  422.645054][T17474]        x86_64_start_reservations+0x2a/0x30
[  422.645077][T17474]        x86_64_start_kernel+0x9f/0xa0
[  422.645099][T17474]        common_startup_64+0x13e/0x147
[  422.645119][T17474] 
[  422.645119][T17474] -> #0 (console_owner){..-.}-{0:0}:
[  422.645145][T17474]        validate_chain+0x18ef/0x5920
[  422.645167][T17474]        __lock_acquire+0x1397/0x2100
[  422.645184][T17474]        lock_acquire+0x1ed/0x550
[  422.645201][T17474]        console_flush_all+0x7f8/0xeb0
[  422.645215][T17474]        console_unlock+0x14f/0x3b0
[  422.645235][T17474]        vprintk_emit+0x730/0xa10
[  422.645257][T17474]        _printk+0xd5/0x120
[  422.645275][T17474]        should_fail_ex+0x391/0x4e0
[  422.645298][T17474]        strncpy_from_user+0x36/0x270
[  422.645321][T17474]        strncpy_from_user_nofault+0x71/0x140
[  422.645338][T17474]        bpf_probe_read_user_str+0x2a/0x70
[  422.645358][T17474]        bpf_prog_bc7c5c6b9645592f+0x3e/0x40
[  422.645371][T17474]        bpf_trace_run4+0x334/0x590
[  422.645398][T17474]        __traceiter_sched_switch+0x98/0xd0
[  422.645418][T17474]        __schedule+0x22bc/0x4c30
[  422.645440][T17474]        preempt_schedule_common+0x84/0xd0
[  422.645462][T17474]        preempt_schedule+0xe1/0xf0
[  422.645484][T17474]        preempt_schedule_thunk+0x1a/0x30
[  422.645500][T17474]        unwind_next_frame+0x18f8/0x22d0
[  422.645517][T17474]        arch_stack_walk+0x11c/0x150
[  422.645555][T17474]        stack_trace_save+0x118/0x1d0
[  422.645569][T17474]        kasan_save_track+0x3f/0x80
[  422.645585][T17474]        __kasan_kmalloc+0x98/0xb0
[  422.645602][T17474]        __kmalloc_cache_noprof+0x243/0x390
[  422.645623][T17474]        sctp_add_bind_addr+0x89/0x3a0
[  422.645639][T17474]        sctp_copy_local_addr_list+0x311/0x500
[  422.645656][T17474]        sctp_bind_addr_copy+0xad/0x3b0
[  422.645671][T17474]        sctp_connect_new_asoc+0x2f3/0x6c0
[  422.645692][T17474]        sctp_sendmsg+0x219a/0x3520
[  422.645710][T17474]        __sock_sendmsg+0x1a6/0x270
[  422.645732][T17474]        ____sys_sendmsg+0x52a/0x7e0
[  422.645749][T17474]        __sys_sendmsg+0x269/0x350
[  422.645765][T17474]        do_syscall_64+0xf3/0x230
[  422.645781][T17474]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.645798][T17474] 
[  422.645798][T17474] other info that might help us debug this:
[  422.645798][T17474] 
[  422.645803][T17474] Chain exists of:
[  422.645803][T17474]   console_owner --> &p->pi_lock --> &rq->__lock
[  422.645803][T17474] 
[  422.645827][T17474]  Possible unsafe locking scenario:
[  422.645827][T17474] 
[  422.645832][T17474]        CPU0                    CPU1
[  422.645837][T17474]        ----                    ----
[  422.645842][T17474]   lock(&rq->__lock);
[  422.645852][T17474]                                lock(&p->pi_lock);
[  422.645863][T17474]                                lock(&rq->__lock);
[  422.645875][T17474]   lock(console_owner);
[  422.645885][T17474] 
[  422.645885][T17474]  *** DEADLOCK ***
[  422.645885][T17474] 
[  422.645889][T17474] 6 locks held by syz.3.3407/17474:
[  422.645899][T17474]  #0: ffff88803f825fd8 (sk_lock-AF_INET){+.+.}-{0:0}, at: sctp_sendmsg+0xbb9/0x3520
[  422.645942][T17474]  #1: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: sctp_copy_local_addr_list+0xab/0x500
[  422.645981][T17474]  #2: ffff8880b863e8d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  422.646027][T17474]  #3: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x244/0x590
[  422.646065][T17474]  #4: ffffffff8e8134a0 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120
[  422.646116][T17474]  #5: ffffffff8e8130b0 (console_srcu){....}-{0:0}, at: console_flush_all+0x1a3/0xeb0
[  422.646155][T17474] 
[  422.646155][T17474] stack backtrace:
[  422.646161][T17474] CPU: 0 UID: 0 PID: 17474 Comm: syz.3.3407 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  422.646179][T17474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  422.646189][T17474] Call Trace:
[  422.646194][T17474]  <TASK>
[  422.646200][T17474]  dump_stack_lvl+0x241/0x360
[  422.646224][T17474]  ? __pfx_dump_stack_lvl+0x10/0x10
[  422.646245][T17474]  ? __pfx__printk+0x10/0x10
[  422.646269][T17474]  print_circular_bug+0x13a/0x1b0
[  422.646292][T17474]  check_noncircular+0x36a/0x4a0
[  422.646316][T17474]  ? __pfx_check_noncircular+0x10/0x10
[  422.646337][T17474]  ? lockdep_lock+0x123/0x2b0
[  422.646354][T17474]  ? add_lock_to_list+0x1e8/0x2f0
[  422.646378][T17474]  validate_chain+0x18ef/0x5920
[  422.646409][T17474]  ? __pfx_validate_chain+0x10/0x10
[  422.646430][T17474]  ? sprintf+0xda/0x120
[  422.646451][T17474]  ? vsnprintf+0x1cc3/0x1da0
[  422.646471][T17474]  ? __pfx_sprintf+0x10/0x10
[  422.646498][T17474]  ? __pfx_info_print_prefix+0x10/0x10
[  422.646517][T17474]  ? mark_lock+0x9a/0x360
[  422.646537][T17474]  __lock_acquire+0x1397/0x2100
[  422.646561][T17474]  lock_acquire+0x1ed/0x550
[  422.646578][T17474]  ? console_flush_all+0x1a3/0xeb0
[  422.646595][T17474]  ? __pfx_lock_acquire+0x10/0x10
[  422.646612][T17474]  ? __pfx_lock_release+0x10/0x10
[  422.646629][T17474]  ? do_raw_spin_lock+0x14f/0x370
[  422.646646][T17474]  ? do_raw_spin_unlock+0x13c/0x8b0
[  422.646661][T17474]  ? console_flush_all+0x511/0xeb0
[  422.646675][T17474]  ? console_flush_all+0x1a3/0xeb0
[  422.646690][T17474]  console_flush_all+0x7f8/0xeb0
[  422.646703][T17474]  ? console_flush_all+0x1a3/0xeb0
[  422.646732][T17474]  ? console_flush_all+0x1a3/0xeb0
[  422.646748][T17474]  ? __pfx_console_flush_all+0x10/0x10
[  422.646762][T17474]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  422.646784][T17474]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  422.646808][T17474]  ? this_cpu_in_panic+0x4f/0x80
[  422.646827][T17474]  ? is_printk_legacy_deferred+0x43/0x50
[  422.646844][T17474]  ? printk_get_console_flush_type+0x1fe/0x4f0
[  422.646867][T17474]  console_unlock+0x14f/0x3b0
[  422.646889][T17474]  ? __pfx_console_unlock+0x10/0x10
[  422.646914][T17474]  ? this_cpu_in_panic+0x4f/0x80
[  422.646952][T17474]  ? is_printk_legacy_deferred+0x43/0x50
[  422.646970][T17474]  ? printk_get_console_flush_type+0x1fe/0x4f0
[  422.646994][T17474]  vprintk_emit+0x730/0xa10
[  422.647016][T17474]  ? __pfx_vprintk_emit+0x10/0x10
[  422.647045][T17474]  _printk+0xd5/0x120
[  422.647065][T17474]  ? __pfx__printk+0x10/0x10
[  422.647089][T17474]  should_fail_ex+0x391/0x4e0
[  422.647114][T17474]  strncpy_from_user+0x36/0x270
[  422.647144][T17474]  strncpy_from_user_nofault+0x71/0x140
[  422.647163][T17474]  bpf_probe_read_user_str+0x2a/0x70
[  422.647182][T17474]  ? bpf_trace_run4+0x244/0x590
[  422.647196][T17474]  bpf_prog_bc7c5c6b9645592f+0x3e/0x40
[  422.647209][T17474]  bpf_trace_run4+0x334/0x590
[  422.647224][T17474]  ? psi_group_change+0xb4e/0x1190
[  422.647247][T17474]  ? __pfx_bpf_trace_run4+0x10/0x10
[  422.647264][T17474]  ? __pfx_probe_sched_switch+0x10/0x10
[  422.647279][T17474]  ? tracing_record_taskinfo_sched_switch+0x7b/0x390
[  422.647304][T17474]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  422.647325][T17474]  __traceiter_sched_switch+0x98/0xd0
[  422.647347][T17474]  __schedule+0x22bc/0x4c30
[  422.647370][T17474]  ? __pfx_validate_chain+0x10/0x10
[  422.647394][T17474]  ? mark_lock+0x9a/0x360
[  422.647415][T17474]  ? __pfx___schedule+0x10/0x10
[  422.647438][T17474]  ? mark_lock+0x9a/0x360
[  422.647460][T17474]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  422.647478][T17474]  ? preempt_schedule+0xe1/0xf0
[  422.647500][T17474]  preempt_schedule_common+0x84/0xd0
[  422.647523][T17474]  preempt_schedule+0xe1/0xf0
[  422.647546][T17474]  ? __pfx_preempt_schedule+0x10/0x10
[  422.647568][T17474]  ? unwind_next_frame+0xb0/0x22d0
[  422.647586][T17474]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  422.647603][T17474]  preempt_schedule_thunk+0x1a/0x30
[  422.647622][T17474]  unwind_next_frame+0x18f8/0x22d0
[  422.647643][T17474]  ? __kmalloc_cache_noprof+0x243/0x390
[  422.647665][T17474]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  422.647681][T17474]  arch_stack_walk+0x11c/0x150
[  422.647702][T17474]  ? sctp_add_bind_addr+0x89/0x3a0
[  422.647720][T17474]  stack_trace_save+0x118/0x1d0
[  422.647735][T17474]  ? __pfx_stack_trace_save+0x10/0x10
[  422.647751][T17474]  ? stack_depot_save_flags+0x37/0x940
[  422.647769][T17474]  kasan_save_track+0x3f/0x80
[  422.647784][T17474]  ? kasan_save_track+0x3f/0x80
[  422.647799][T17474]  ? __kasan_kmalloc+0x98/0xb0
[  422.647815][T17474]  ? __kmalloc_cache_noprof+0x243/0x390
[  422.647855][T17474]  __kasan_kmalloc+0x98/0xb0
[  422.647872][T17474]  __kmalloc_cache_noprof+0x243/0x390
[  422.647893][T17474]  ? sctp_add_bind_addr+0x89/0x3a0
[  422.647910][T17474]  sctp_add_bind_addr+0x89/0x3a0
[  422.647928][T17474]  sctp_copy_local_addr_list+0x311/0x500
[  422.647945][T17474]  ? sctp_copy_local_addr_list+0xab/0x500
[  422.647962][T17474]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  422.647980][T17474]  ? sctp_v4_is_any+0x35/0x60
[  422.648000][T17474]  sctp_bind_addr_copy+0xad/0x3b0
[  422.648016][T17474]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  422.648041][T17474]  sctp_connect_new_asoc+0x2f3/0x6c0
[  422.648063][T17474]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  422.648083][T17474]  ? sctp_sendmsg+0xbb9/0x3520
[  422.648104][T17474]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  422.648124][T17474]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  422.648153][T17474]  sctp_sendmsg+0x219a/0x3520
[  422.648179][T17474]  ? aa_sk_perm+0x96d/0xab0
[  422.648201][T17474]  ? __pfx_sctp_sendmsg+0x10/0x10
[  422.648223][T17474]  ? __pfx_aa_sk_perm+0x10/0x10
[  422.648247][T17474]  ? inet_sendmsg+0x330/0x390
[  422.648266][T17474]  __sock_sendmsg+0x1a6/0x270
[  422.648288][T17474]  ____sys_sendmsg+0x52a/0x7e0
[  422.648308][T17474]  ? __pfx_____sys_sendmsg+0x10/0x10
[  422.648325][T17474]  ? __fget_files+0x2a/0x410
[  422.648347][T17474]  ? __fget_files+0x2a/0x410
[  422.648370][T17474]  __sys_sendmsg+0x269/0x350
[  422.648387][T17474]  ? __pfx_lock_release+0x10/0x10
[  422.648406][T17474]  ? __pfx___sys_sendmsg+0x10/0x10
[  422.648427][T17474]  ? __pfx_vfs_write+0x10/0x10
[  422.648453][T17474]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  422.648471][T17474]  ? do_syscall_64+0x100/0x230
[  422.648488][T17474]  ? do_syscall_64+0xb6/0x230
[  422.648505][T17474]  do_syscall_64+0xf3/0x230
[  422.648521][T17474]  ? clear_bhb_loop+0x35/0x90
[  422.648539][T17474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.648556][T17474] RIP: 0033:0x7f914e385d29
[  422.648569][T17474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  422.648583][T17474] RSP: 002b:00007f914f113038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  422.648598][T17474] RAX: ffffffffffffffda RBX: 00007f914e575fa0 RCX: 00007f914e385d29
[  422.648610][T17474] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  422.648620][T17474] RBP: 00007f914f113090 R08: 0000000000000000 R09: 0000000000000000
[  422.648631][T17474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  422.648640][T17474] R13: 0000000000000000 R14: 00007f914e575fa0 R15: 00007fffc4ac0e78
[  422.648658][T17474]  </TASK>
[  424.224097][T17474] CPU: 0 UID: 0 PID: 17474 Comm: syz.3.3407 Not tainted 6.13.0-rc2-syzkaller-00456-gd22f955cc2cb #0
[  424.234850][T17474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  424.244898][T17474] Call Trace:
[  424.248190][T17474]  <TASK>
[  424.251123][T17474]  dump_stack_lvl+0x241/0x360
[  424.255812][T17474]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.261011][T17474]  ? __pfx__printk+0x10/0x10
[  424.265602][T17474]  should_fail_ex+0x3b0/0x4e0
[  424.270285][T17474]  strncpy_from_user+0x36/0x270
[  424.275225][T17474]  strncpy_from_user_nofault+0x71/0x140
[  424.280774][T17474]  bpf_probe_read_user_str+0x2a/0x70
[  424.286075][T17474]  ? bpf_trace_run4+0x244/0x590
[  424.290919][T17474]  bpf_prog_bc7c5c6b9645592f+0x3e/0x40
[  424.296369][T17474]  bpf_trace_run4+0x334/0x590
[  424.301058][T17474]  ? psi_group_change+0xb4e/0x1190
[  424.306173][T17474]  ? __pfx_bpf_trace_run4+0x10/0x10
[  424.311370][T17474]  ? __pfx_probe_sched_switch+0x10/0x10
[  424.316907][T17474]  ? tracing_record_taskinfo_sched_switch+0x7b/0x390
[  424.323582][T17474]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  424.329661][T17474]  __traceiter_sched_switch+0x98/0xd0
[  424.335035][T17474]  __schedule+0x22bc/0x4c30
[  424.339550][T17474]  ? __pfx_validate_chain+0x10/0x10
[  424.344749][T17474]  ? mark_lock+0x9a/0x360
[  424.349076][T17474]  ? __pfx___schedule+0x10/0x10
[  424.353929][T17474]  ? mark_lock+0x9a/0x360
[  424.358261][T17474]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  424.364603][T17474]  ? preempt_schedule+0xe1/0xf0
[  424.369472][T17474]  preempt_schedule_common+0x84/0xd0
[  424.374756][T17474]  preempt_schedule+0xe1/0xf0
[  424.379437][T17474]  ? __pfx_preempt_schedule+0x10/0x10
[  424.384809][T17474]  ? unwind_next_frame+0xb0/0x22d0
[  424.389917][T17474]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  424.396083][T17474]  preempt_schedule_thunk+0x1a/0x30
[  424.401279][T17474]  unwind_next_frame+0x18f8/0x22d0
[  424.406390][T17474]  ? __kmalloc_cache_noprof+0x243/0x390
[  424.411938][T17474]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  424.418095][T17474]  arch_stack_walk+0x11c/0x150
[  424.422859][T17474]  ? sctp_add_bind_addr+0x89/0x3a0
[  424.427965][T17474]  stack_trace_save+0x118/0x1d0
[  424.432814][T17474]  ? __pfx_stack_trace_save+0x10/0x10
[  424.438185][T17474]  ? stack_depot_save_flags+0x37/0x940
[  424.443661][T17474]  kasan_save_track+0x3f/0x80
[  424.448338][T17474]  ? kasan_save_track+0x3f/0x80
[  424.453192][T17474]  ? __kasan_kmalloc+0x98/0xb0
[  424.457953][T17474]  ? __kmalloc_cache_noprof+0x243/0x390
[  424.463604][T17474]  __kasan_kmalloc+0x98/0xb0
[  424.468198][T17474]  __kmalloc_cache_noprof+0x243/0x390
[  424.473569][T17474]  ? sctp_add_bind_addr+0x89/0x3a0
[  424.478678][T17474]  sctp_add_bind_addr+0x89/0x3a0
[  424.483619][T17474]  sctp_copy_local_addr_list+0x311/0x500
[  424.489247][T17474]  ? sctp_copy_local_addr_list+0xab/0x500
[  424.494963][T17474]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  424.501114][T17474]  ? sctp_v4_is_any+0x35/0x60
[  424.505791][T17474]  sctp_bind_addr_copy+0xad/0x3b0
[  424.510812][T17474]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  424.517143][T17474]  sctp_connect_new_asoc+0x2f3/0x6c0
[  424.522441][T17474]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  424.528253][T17474]  ? sctp_sendmsg+0xbb9/0x3520
[  424.533023][T17474]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  424.538829][T17474]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  424.544386][T17474]  sctp_sendmsg+0x219a/0x3520
[  424.549068][T17474]  ? aa_sk_perm+0x96d/0xab0
[  424.553572][T17474]  ? __pfx_sctp_sendmsg+0x10/0x10
[  424.558611][T17474]  ? __pfx_aa_sk_perm+0x10/0x10
[  424.563464][T17474]  ? inet_sendmsg+0x330/0x390
[  424.568136][T17474]  __sock_sendmsg+0x1a6/0x270
[  424.572837][T17474]  ____sys_sendmsg+0x52a/0x7e0
[  424.577601][T17474]  ? __pfx_____sys_sendmsg+0x10/0x10
[  424.582880][T17474]  ? __fget_files+0x2a/0x410
[  424.587472][T17474]  ? __fget_files+0x2a/0x410
[  424.592064][T17474]  __sys_sendmsg+0x269/0x350
[  424.596647][T17474]  ? __pfx_lock_release+0x10/0x10
[  424.601669][T17474]  ? __pfx___sys_sendmsg+0x10/0x10
[  424.606796][T17474]  ? __pfx_vfs_write+0x10/0x10
[  424.611563][T17474]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  424.617907][T17474]  ? do_syscall_64+0x100/0x230
[  424.622668][T17474]  ? do_syscall_64+0xb6/0x230
[  424.627360][T17474]  do_syscall_64+0xf3/0x230
[  424.631861][T17474]  ? clear_bhb_loop+0x35/0x90
[  424.636553][T17474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.642440][T17474] RIP: 0033:0x7f914e385d29
[  424.646853][T17474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.666471][T17474] RSP: 002b:00007f914f113038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  424.674884][T17474] RAX: ffffffffffffffda RBX: 00007f914e575fa0 RCX: 00007f914e385d29
[  424.682868][T17474] RDX: 0000000024040050 RSI: 0000000020002d80 RDI: 0000000000000003
[  424.690837][T17474] RBP: 00007f914f113090 R08: 0000000000000000 R09: 0000000000000000
[  424.698801][T17474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  424.706763][T17474] R13: 0000000000000000 R14: 00007f914e575fa0 R15: 00007fffc4ac0e78
[  424.714739][T17474]  </TASK>
[  424.765831][T17476] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3406'.
[  424.788187][T17478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3408'.
[  425.194455][   T35] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  425.604156][    C0] ip6_tunnel: ˜uóuä†ÝcÎb xmit: Local address not yet configured!
[  426.304951][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  427.404335][   T67] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  428.514205][   T53] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  429.654720][   T35] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  430.774407][ T8276] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  431.364236][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  431.884513][ T3518] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!