last executing test programs:

2.605850161s ago: executing program 2 (id=2586):
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x80000)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
getpeername$tipc(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10)
accept4(r0, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f0000000180)=0x80, 0x80800)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)=@gettaction={0x118, 0x32, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@action_gd=@TCA_ACT_TAB={0x34, 0x1, [{0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_gd=@TCA_ACT_TAB={0x34, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0x14, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @action_gd=@TCA_ACT_TAB={0x78, 0x1, [{0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x79b}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0xa}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x40400000}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x5c1}]}, 0x118}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan1\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000400)={0x1d, r2, 0x1, {0x1, 0xfe, 0x3}}, 0x18)
recvmmsg$unix(r1, &(0x7f0000000c00)=[{{&(0x7f0000000440), 0x6e, &(0x7f0000000600)=[{&(0x7f00000004c0)=""/232, 0xe8}, {&(0x7f00000005c0)=""/53, 0x35}], 0x2, &(0x7f0000000640)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff]}}], 0x58}}, {{&(0x7f00000006c0), 0x6e, &(0x7f0000000800)=[{&(0x7f0000000740)=""/76, 0x4c}, {&(0x7f00000007c0)=""/51, 0x33}], 0x2, &(0x7f0000000840)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [<r9=>0xffffffffffffffff, 0xffffffffffffffff, <r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000940)=""/3, 0x3}, {&(0x7f0000000980)=""/60, 0x3c}, {&(0x7f00000009c0)=""/24, 0x18}, {&(0x7f0000000a00)=""/109, 0x6d}, {&(0x7f0000000a80)=""/89, 0x59}, {&(0x7f0000000b00)=""/71, 0x47}], 0x6}}], 0x3, 0x40010000, 0x0)
r13 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$sock_inet6_SIOCSIFDSTADDR(r13, 0x8918, &(0x7f0000000cc0)={@empty, 0x2c, r2})
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000d00)={0x9}, 0x4)
getsockopt$SO_TIMESTAMP(r5, 0x1, 0x40, &(0x7f0000000d40), &(0x7f0000000d80)=0x4)
bind$isdn_base(r9, &(0x7f0000000dc0)={0x22, 0x7, 0x5, 0x30, 0x8}, 0x6)
sendmsg$nl_route(r4, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)=@newnexthop={0x1c, 0x68, 0x2, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x2, 0x0, 0x2d}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x844}, 0xc000)
r14 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockname(r14, &(0x7f0000000f00)=@pppol2tpv3, &(0x7f0000000f80)=0x80)
recvmmsg(r6, &(0x7f0000000fc0), 0x0, 0x40010003, &(0x7f0000001000)={0x77359400})
pipe(&(0x7f0000001040))
r15 = accept$netrom(r11, &(0x7f0000001080)={{0x3, @bcast}, [@remote, @remote, @default, @default, @bcast, @netrom, @default, @bcast]}, &(0x7f0000001100)=0x48)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000001140)={'veth0_vlan\x00'})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000001180)={<r16=>0x0, @in6={{0xa, 0x4e20, 0x7f, @dev={0xfe, 0x80, '\x00', 0xa}, 0xa7}}, 0x4, 0x40}, &(0x7f0000001240)=0x90)
setsockopt$inet_sctp6_SCTP_CONTEXT(r8, 0x84, 0x11, &(0x7f0000001280)={r16, 0x5}, 0x8)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000012c0)={{r12}, 0x3f1, 0xffffffffffffffff, 0x8})
recvmsg$can_raw(r7, &(0x7f0000001640)={&(0x7f0000001300)=@in6={0xa, 0x0, 0x0, @private2}, 0x80, &(0x7f0000001500)=[{&(0x7f0000001380)=""/198, 0xc6}, {&(0x7f0000001480)=""/84, 0x54}], 0x2, &(0x7f0000001540)=""/231, 0xe7}, 0x12141)
r17 = syz_genetlink_get_family_id$batadv(&(0x7f00000016c0), r3)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r10, &(0x7f0000001780)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001740)={&(0x7f0000001700)={0x34, r17, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
pselect6(0x40, &(0x7f00000017c0)={0x5, 0x8, 0x0, 0x2, 0x5a0a000000, 0xec0, 0x2, 0x58}, &(0x7f0000001800)={0x4, 0x5, 0x7aa6, 0xfffffffffffffff6, 0x4, 0x2, 0x2, 0x6}, &(0x7f0000001840)={0xb5f, 0x0, 0x74, 0xd8f, 0x8, 0x6, 0x67db, 0x96}, &(0x7f0000001880)={0x77359400}, &(0x7f0000001900)={&(0x7f00000018c0)={[0x7]}, 0x8})
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001940))
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001a80)={&(0x7f0000001a00)={0x50, 0x0, 0x200, 0x9, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0x57}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x50}, 0x5)

2.512943081s ago: executing program 2 (id=2588):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r2, 0x0, 0x20000000}, 0x20)
close(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r5)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001600)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffb, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0xfffffffffffffff8}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r8, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x1d96}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2.217171977s ago: executing program 2 (id=2595):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1ae8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="c475fff12a938e13bdf045dbb8bd6dc48822ad44632e2e38ea0097ef40b8e1df0959adafa1367b134084c01f98626ddd0b8da591d705b958e963c1d65c795b4f321959f81b59b9330fad08c1d111ce49ed2e8b72a5c097cb2ab40e9fe654b2cbdc64e03e4b6b6f0ab667ff51ce82ce3757b665f4d44962312e6322150266420a83dac125f514f608dd27cffe2286cd499ca207536cac230cdfa4441094ae1a90fe50fc63cca600b6af7fa4aa20ccd9e3c7d6a6998561653733cd678ebc3eed8b2cf389cfddfa782794260c1d22b837a20cbf85341896cb1f9f798783eb3d9d7fa35f403a512822898afe37b6066c1579ea1d922e4d8e951d34fdee48b82616110a51f68ac8ea0e2773189a16df28af530ace79ed87635002db51c13b63d150c6805546051b68fc94a454195e0be1d619cdc6a20e92e8d9fbab8cea60e3c6f625398e091942be4d7ffe678efa81a64d702083feefbc38347c9daa7f9d64f6378efb986d9120de4008983eca0a4f3a1c590615c81f90088a76a0973d0ab53576cee7f44d2621349ffa3eeeeffb35715cf866f93ea55787e9351afece17e0e596b2777936d2a8995b29f457fcdfe8171f065f9aa5e87af2d691529ad1bb59bc778ad38705706fc17854b6a45561b7fb0e430021e82ec8eb961c8bf0d6db3ec465e50267c3d58eef1d40e2b7fabadf048680c022d334f8fd8a9435f39e8c155b3d4834fdb47df21dbbf337bfb38a007e8e8fcef70df3f9d283d8de476decd5741f11754139b7b830fa79d61f31f64483cb4c9f9cfe85ddf1347e4bfc22e0e164ae1c12025cecde905d42de88d632e4412ef39bcd0eda3f8670861e9a2e8e7bff0011e61f7429834b4bf26de286385bd2bbbfb1a9ddd0c04f172a08302e0ac2301926b3b4c469550b1bcafb60b6d66c2212815b8c86252cda8d885e00c54c7591c08f11c0f25aff11baf9e222bf9f29ae2f83e003ecdb923f6586de02f7e2339ae2fb6a40d9f154eafd8df852eb9f3e27f4cf41397bdabad1f3a6b7d9ba57c7f906911ec147dd42bef374435beff9610b0e02870abb2f81b2fbfce427c78e68f99585d0bd86a0dbf8b43914da9ebe59ee3e041eda963ade5754eec19e4d70c9ed09ba8258c6eaed72f918feea648fa40d162cd0fa75514d844f9af35da21d33e1026eacdfd750ae007bbf7c82b3284df7de983aa531aa7b74ad923fccd08e59fa5339459258d7c44daee39fb9b10eb72a530bdf5f0cfc8cd34e27442e1eea09ab983c15f8aff838bce3bb7f228e39eb994ae6ec56c257512f06c757e6c19a9c62484b0f65a6c8e37a5a8bf0ecfa47f2c202e01210afaf93348d57a462c02496603d2b1c4d950cbad348fd"], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r5, 0x0)
ppoll(0x0, 0x0, &(0x7f00000003c0)={0x0, 0x989680}, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x11, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@RTM_DELMDB={0x18, 0x55, 0x1}, 0x18}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000002cd40009800800014000000006c80002800c000180080001400000000324"], 0x140}}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x14, 0x19, {0x80000000, 0xffffff00, 0x400002}}}}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000800)

2.09839846s ago: executing program 3 (id=2597):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000200005020000000001000000020020000000efff000000000500130001000000080002"], 0x2c}}, 0x26048880)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000300000d000000000000000000000000000000000000000000000000000000000000a00747e5ebca8a9f6f548f165736469b3f3662abad965f2e6623831b840cf5be49f91ec53b714d6db8e8dd5c775e2f6e7ce1919a83287c9a1444cd04be951c68135d1a4a1dc8d4ab4226bdd6081dca36d0bf2a67deb7abdd0391912e41e3b6d97795cc2bfe684727a1595f0821054f9a797d368d6a1773f2d171b129f6d5443aac81ed17a808a54b9564b30ab9e4b980a7582888b2ac96b7c97eaf0f964fef9ddcaa55c6f5754caa0dc36853e2bf8a1a4242ed37d6166fbac782d9c33259d9c48d0b4ccd30b7b4b6e530f3efd36aee97f3ed1cfc60ee7d6d529f8e8edb0b5fc47047ecadb300497d"], &(0x7f0000000a80)=""/172, 0x3e, 0xac, 0x9}, 0x28)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x80000}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r5, 0x0, 0x1}, 0x18)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r6, 0x0, 0x1}, 0x18)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$netlink(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000002580), 0x0, 0x0, 0x0, 0x60004810}, 0x20048880)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x3, 0x2, 0x301, 0x0, 0x0, {0xa}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20000800)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r10, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, &(0x7f0000000200)={<r11=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r10, 0x84, 0x7a, &(0x7f0000000340)={r11, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r9, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r9, 0x84, 0x7c, &(0x7f0000000080)={r11, 0x5, 0x3ff}, 0x8)
bind$802154_dgram(r8, &(0x7f0000000200)={0x24, @short={0x2, 0x3, 0xaaa0}}, 0x14)

2.043024842s ago: executing program 2 (id=2598):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38)
recvmmsg(r2, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0x4b00}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)=""/254, 0xfe}], 0x1}, 0x7}], 0x2, 0x143, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="f9ffffff000000000000003d1304e200000000019500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
sendto$rxrpc(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r5, &(0x7f0000001280)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @empty}}, 0x24)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="19002dbd7000fcffffff1b000000180001801400020064756d6d7930"], 0x2c}}, 0x0)

1.912618262s ago: executing program 2 (id=2599):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r1, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000700)={<r2=>0x0, 0x81, 0x10}, &(0x7f0000000040)=0xc)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
r4 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$packet_int(r4, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r4, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x1c, &(0x7f0000000140)={r6, 0xffffffffffffffff, 0x24}, 0xc)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000), 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$inet(0x2, 0x6, 0xe000000)
setsockopt$inet_tcp_TLS_TX(r7, 0x6, 0x1, &(0x7f0000000280)=@gcm_128={{0x303}, "94c8ebc05a26d554", "ab3581082143951bcaf1321e6d671d98", "52b8ba00", "880fa47c115d4975"}, 0x28)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000340)={<r8=>r2, 0x3}, &(0x7f0000000400)=0x8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
unshare(0x62040200)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000440)={r8, 0xb9cf}, 0x8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c000000180001002cbd7000000000000a0000000003ff02", @ANYRES32, @ANYBLOB="08001f"], 0x3c}}, 0x0)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_CONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r12, @ANYBLOB="0a00340002020202020200ffeb00930008003500000000000800350001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x1088}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x2e)

1.311437482s ago: executing program 1 (id=2604):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x6)
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@link_local, @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x2, 0x39, 0x1c, 0x65, 0x0, 0x1, 0x2, 0x0, @broadcast, @loopback}, {0x17, 0x4, 0x0, @remote}}}}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x5c, r3, 0x207, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}]}, 0x5c}}, 0x880)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1f}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x54}}, 0x8000000)

1.165563164s ago: executing program 1 (id=2607):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x6, 0x4, 0x1, 0x0, r1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2}, &(0x7f0000000840), &(0x7f0000000880)=r1, 0x1000000}, 0x20)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket$inet6(0xa, 0x3, 0x1)
write$tun(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xfdef)
pipe(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000006c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000700)="b26e2e1973", 0x5}], 0x1, 0x0, 0x0, 0x4000}}], 0x1, 0x4445)
recvmsg$unix(r7, &(0x7f00000046c0)={0x0, 0x0, &(0x7f0000004500)=[{&(0x7f0000001080)=""/54, 0x36}], 0x1, &(0x7f00000045c0)}, 0x120)
write$cgroup_devices(r5, &(0x7f0000000080)=ANY=[@ANYBLOB='b '], 0x47)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0)
ioctl$sock_rose_SIOCDELRT(r5, 0x890c, &(0x7f00000000c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={'rose', 0x0}, 0x8, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r9, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="3103efff00000000000408000000040003"], 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r11, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xa006}, 0x4)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r13 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r12, &(0x7f00000014c0)={@val={0x0, 0x800}, @val={0x0, 0x0, 0x3}, @mpls={[{0x8, 0x0, 0x1}], @ipv4=@gre={{0x5, 0x4, 0x0, 0x0, 0xfbc, 0x0, 0x11, 0x0, 0x21, 0x0, @dev, @broadcast}, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [], "50726483718ba3e6d08f7571cc59e627d3ed353e879da15784c220746fc2eba11f56fe932b544f53b43a34b265bd5d44fd38791b56b3b8767c382bc52ee2b8fcbbd661f151afd5315d5f502920c297a3916d7ea039eb558ebb06336662367e15363058de9b806035d5c980832248d1fc96c6b2fb2a4dffa91026dd0228974f70bea2a8e3fe0c9aae345d6e19f2"}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "ac10ef31176d1af88e863d588661a0756365388ef6f2d7b69fb82dc9e7de475e5aad52fa5b61fb1730a4f8ba342b81d86460c5cc35df8bdc3e55e1e92140c9ed10cfd396d4fb331e1901da8dfd47cd7431fd6cb967f7d84f0ba6de4a73b26c286edc3684534e70f60b30b7aefec9309c13a29b35e134d47c3579870d43bcc2babd71412ade39c68b036b5e7a6e90c25efe7a5b3ff3fae0fe7459e71cb431cb8f6a45a9a21d938cbd1de67fde856f05154095c3d86b9f4bac02987d8a06aae5f8d3da56748f1f6b1e9de4d1afaea08c70a943b080bf77494e5dcc17fe38bb0a0b36a008f7805cfdbe5a89e2e12e013b6ff42e3f9e825f3d604768f87273edad56c12c8a5eacd9b63ea6fa1ecf16139cb19c579c4f0a125a755439e6dc9c1637c0d23c1c281af2982cca306b2d3dbaede299bfe4f2ebd822abfabafef3f159049cc24f01a412fafe3d43841a6a4dbed78566e34544a074d4c01cedbb22527e955e8f93ef5a927fdec293a3c78693cae45de7481fdf0f65a43b50d26904594676b7af375752c99e2ba3e00286ab9d438af7b8834c0e71d245c0428ecc5a59f29ab0bca9b1913b9bb5373a94e1daae374d0ed7e7ffd0a1188c83e61e8ee28625483a96a246b9e1cdc8da085de61834a15afd5e7726d711c5ecc008914b9b9f35603330113e548e4509516bac6bc1150b2ace667a540ec84d22c0d0200056918fa3ac596cddd501f7b34f3b97c12c3c10e4b0c67ef01059c2feed93f9169498278daabd27d8537882a87b2edd4b2e6789b90d065ba7a064b2b4ecc1622c8662b3145844c12491ee85dd2acbe057479db9d24e500d9f1af37745f39e7fc7d4e513fa839556155db1ba6d62465a464184f2f4f9c4c822e64c6a357d7bc06caf64db283f0a3a427b400b7dd4df488c9e30db1fdb1774038d32557b69f9c1eba7ec66309bc68c19200aa5f05ec21c1cc9a12667cbae2863198913eac1de18df558c1b5fbceb0e6b521e120e98b39ecc8cabb6c25cdc31d827eeb549fe548f6b29d4f65b176ea0a20411d750f02c660cba2c62935fad8c51324f6f437daa53c81ff2e19b94140f1d72a2540b3fa74ffe85c696a4e4411d4449744ca4b5e8b921c7d62208b88a1df38030c4e09cd264a9c534259737ed6ea798cbc2d0054845dc84e97295efad0f5228fc61710e75a4445a889e230887845fa7f02be62593c352cb344a0f947bdb6c4cf3aab5ecedbd4fdde781c496db32a51f700b2fc19b2c36e257bbb2c735e0f03cd9e49700aee6edaa6952bdc2feef2d2e5463b6778fde3c7ef73477e22a181816883192beee132b3866c4ec977e0cd0b995de650c4c7d3e6e483685f75f9d82f69868d67e64a59e7320707847040bed7bb8c24d5e6a1da326d3226e71933484a2c619592a00db3b086d5fee139abaae14d65698937ef8c066acc7134f085e1e8ccd04a67e128c2d775740f0727c14dfbf8a2ed7f25d353285ab0fd03a8788d725163d27ac13ced25669301f672fb1f404451d85e92e1d0049fa9558c8492cc336ddd5133cb1b307f2901341fb6a021e1b751f22412e76fad6ea2b4a7d756559619fa47b22bc55ef8fdc19fbd6136becc60ff19748e60452e704752c82beb4861ea118875e9fe75a9e6c10c8b922dd8054ef8dd15963db6d505e7eab028322801bb4328d8257e726d937ca83c8efca320c8ecd24313eb5e8114c604781ed936a82740340ac6692bfc3613d2f49bf8284cf60cee6513fd154034e49af838146872e8735962da7f7bbd301f2fd85e597c1b6f8418352ebec83286f9dfab4a0b4dbb8b9c7b55aaf9ac1628d1493c1786c78a8a0b8c58596f1e1ba92b7fcdb80e867fdd299c78b902ac2de3c6d6bad6c5fb0c5db603b7c3c7ff8a64dc4488e07d2b506db960db1503ad72dab8ef405549a5f12a62052be8f7ad3fad32ba8560a8874c06f815ec9912dfcc16d8e0f8c9ab9afceae435a63dcdd1dc6b1e4d186f306ec1c8af08e69ad8fc9860c9bad1af0654c51e0711ecfa47c6b4411010076c975057db6609b47fda736f6ef81863387e3c971479a572145aab35a24475ffea35c1626b644ba12ef8d92cf9310f722b493b2da8ea4c5dcd99d75167e1404642aafbf5db3f8ce95382d7bbd550c0bae73af75dc913ead260ce475b30879d4279efeae49e88b0071661725e9ec5b3579c1716d70971fd301d8ee090a98120bf35ffa62101077362a2a3564022b0bff01e76e641fc01ff731a834509600aadeffe2f00276de348a3c57778865063bd8e348b6e68b5c74298ba911a184f5bfdefd6473272c174c9e644abdf22b3ac39e246ae947ffef4773bcfec3b2a8d03dc8971471dfc50cd5ef6d32ae3486f7d14b0137e80a313910d9bc87aed8c41c6563f646b39c2a26f4add083ab6efb5753fc6b78e7907b9cd8a2cabdf87e202239fffc99e0446915c3bc147635398f73201d7369902225184d8da01641759645bf92b5d73ab153f2150264c3333ce12747ce2642aa04aeeb85513170a67dd93b010e8fd0f3cb290e1fc0040d32bdad7d8b41c4f2d10a3c170dbc3e264e29714a34dd220c2bf3e273d7cb3a9397b16a47c85cca75e4cac2def7c976fb7f38b24bdb8f80486e9cec55574d9f2864085289fd2fc497a3a7fab762877629db9ff70201f07897246f9f5211ced9266b732e9988805669dc1bc8e4ddd235562c7785e2379f1f0dd1e71a98b6d204e6c1a1ee163ceb35f6c436bb2547522bed2a55814a3f5f53d3eceee6c847c12af75fdc8452116ab891a5c6424a79b33c4b56a5412700a907f3eca800fcfba133f8bab9ebae32c699b548aff3ac702699f293fceb7445a7107956adad16a6b73a2fe0c88232f2d9831b238b92c511e4a6e02f784ee328bd979c4728ba0f86cc4ed9a69c6d5bc23496729a6512c4664006afc08de2f4dd89e52108f7c081d11facccb91ebc82415691b6bf05818638b3a4d809ae307f4b2d867a34417dbaad8c01a3773d8ebe56890230bd4a2e2a027d59839e1710cb5d25cec245ed8f86b7d4ed8e4ec48c53387ab1ea059406bf2612a6c730750b41a47bdf51cbec2c3f1b07fd6aba2ea390e138868d71f0a73990e87b383757a199f53bcd25f93b15efaf84a9a3758f5cbc2223a809ba784a5af2d36a3b99e3d143310ecf2bb9d2dd8fe9defdfa3d82e005c52514f13beb97476fb7a0f7ab62892977c9da0b950dbbc89bdd58472619f3bdbf46def88488e7bdf0633ee908a4e4e795e92037b74db18672e168514e2ad0a2df94357f2dc2c593b251894657c6bea65abfcd76b7037bd5817ab73be94f00031150f375442e0f0d0e7236ed4150637c14f62ecb6713f897889d77d814ead5774d726f307fe32c020cdefda72151798fcde65af6fbe6594eeb078a8c414b949c0c2217a0cc82049c43f6fb3cb7c00fc0305b86dddde708dd8a61a63e799abdd49d6ff1c41b8ecb230891037ca36d7a7e1f6280f52a5d45ff872f11df408ae09fc9b9d371ccf4f2777626ad84426d925dac9bbacc785acb5c29cbf9d6aec77d5ac48778ab4682b7bb611f342a72c26417a5e432e5d956844e19739e61999a78c615acc09f415032031ac6cb839da764331d131acbe66b502e7f1a5b9dc68df7f5524e7bc6fdfa982b39af2cbff69052d04be78821282dbfc034e64943004375f16cf4741526aaafebfc1a6d4a38d4c345aa22c94922f145b6c449a216b6c382565598125156fad8097c2e7ea65063cdfe34e50fb75939f3b3cf5ab8a3448ead3cc36358f45b0eaabf8ff2b64a1923407226f24420978d03d6bcefc2b45a74425017c11146e25f6d41912f39afecaa19090123ea2605994978b00a347aba322cd10822933e3f5988477ce1b2aff651553ec4977b185e5c7aaa4c64b4fb49cfc0cad75e85c0617e19f26fd0932a4bba0821d5a4d9449773c2d3c25e8aee59155346502b72a4d6818f143695acd5b83a336d02e2d1b9da5740e287c4694012f9648656c51cd44431c54301ea55f48197d1280421793598db89820937aa6a41d69618f55fd9c40dc0742e77d4ddf4a68a6cecba47ff0a22e2734bc9556193642b92838c891b4ed109af35190332aabb9aab184076cfc99f08814bebe47fccd12005ad926a643c791ecda50458a1106a033408fb90da10f8d6e42b3a462e9f9a1a2752c21967884ea79a1148f3dd0304bef05747458c7859dbf7f6df08074e9ac221677b70546909329c5557adb255cc33c1f9b762188e2498a7744f066df3fb8bee6261db37489b63f9bda047a06cbc588ff1255e3b63a86a5ca353160e0dc4088ea691c768f5d36397cb64c6db2d5bd39473a9d1209d021b8017434874ed5f99d9fc27d5549eaecdcfb7093549acaea45610221192942e108def0efbc004bbfef195af7dcdc0b75097eba13d621c2ca5ee3bfd2845b21a910e8ea21536768e1e5081997ae7415a55e58e1294d8ff3bc95faf96a65501b922382f4f75a0f938b290fd66bb3ccdc33734bafa18a3765d23f151951b8c8c6939de018c4e9ca253dff4a1fc70a601bba8c2e146a79166745e5fd1748c638a7a945e5f5aea0a93c7861446ef5996e37231e573245dae58b168c0564c8b27ada3fde66bb00f51f7e47970855d1057739ccf583666055187173bfd1454a5fbcfd59f39b6ad63fbfbe0fea9a6b336a41ec316acedd38cc6fab7de1190c97bed6e8f1cdb47d59941955f87a59d953c0f60f68a63fcf8f6f76b3eb5d79d94a2eeb3fb28781b1bbd31937c6f6e2d6fa7d2f4134702fdc0a2250bbec420c73a89c1643379235a492c2cbb3280ec3e676fcc1b33aaa645234eebefb1c28c52646a33c1989a386d537cd5ebf89f50b575b37b9a337f653919a569229009"}, {}, {}, {0x8, 0x6558, 0x0, "20e62929c11cb0549208c925145acbdc02d1fec745f9b654f2d97c9269199fc2293765cfbba8e22fa0ba230c891eb5a9490864bc2e2993a2831d52a0f75fda3f213ec297d9acaa7a8aedc6826e3274b7f48681313b4b677b469a77dd667c84aaf2766d84d9f6dd1b6aa2ab1860b1394813e57c4c6d557a4d049d74cdc674b82da3e6c6f0b9a890edc47dd5a6801c24ba1da62ac03a3620d1f109122a34cd8f552730c4239a81f09bc9174d89403e8011a5436bc7abbd69d49f68a786837a51689f7a4b422061f4768c9052c000016fffffe700e53f083b13e53ef485d121779c5da2b6ce80f9cc4a030570a1cc071d9a6845b6018baaa77418d5fb030700f7b63620c369c466108465b7c7967c0c84a9b828118c9ba7808abfe69f783c3795ecbe1714d91d56b64b9e8e7f86d3fff9c8084b5ec69fcf586b23c29dc078db3fda0fe8cfaed8ab7a5a39bc2ec6a1410270ea7d41ecbd90e45fc60062bc"}}}}}, 0xfce)
r14 = openat$cgroup_devices(r8, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0)
splice(r4, 0x0, r14, 0x0, 0x8, 0x0)

1.061527437s ago: executing program 3 (id=2618):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1ae8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="c475fff12a938e13bdf045dbb8bd6dc48822ad44632e2e38ea0097ef40b8e1df0959adafa1367b134084c01f98626ddd0b8da591d705b958e963c1d65c795b4f321959f81b59b9330fad08c1d111ce49ed2e8b72a5c097cb2ab40e9fe654b2cbdc64e03e4b6b6f0ab667ff51ce82ce3757b665f4d44962312e6322150266420a83dac125f514f608dd27cffe2286cd499ca207536cac230cdfa4441094ae1a90fe50fc63cca600b6af7fa4aa20ccd9e3c7d6a6998561653733cd678ebc3eed8b2cf389cfddfa782794260c1d22b837a20cbf85341896cb1f9f798783eb3d9d7fa35f403a512822898afe37b6066c1579ea1d922e4d8e951d34fdee48b82616110a51f68ac8ea0e2773189a16df28af530ace79ed87635002db51c13b63d150c6805546051b68fc94a454195e0be1d619cdc6a20e92e8d9fbab8cea60e3c6f625398e091942be4d7ffe678efa81a64d702083feefbc38347c9daa7f9d64f6378efb986d9120de4008983eca0a4f3a1c590615c81f90088a76a0973d0ab53576cee7f44d2621349ffa3eeeeffb35715cf866f93ea55787e9351afece17e0e596b2777936d2a8995b29f457fcdfe8171f065f9aa5e87af2d691529ad1bb59bc778ad38705706fc17854b6a45561b7fb0e430021e82ec8eb961c8bf0d6db3ec465e50267c3d58eef1d40e2b7fabadf048680c022d334f8fd8a9435f39e8c155b3d4834fdb47df21dbbf337bfb38a007e8e8fcef70df3f9d283d8de476decd5741f11754139b7b830fa79d61f31f64483cb4c9f9cfe85ddf1347e4bfc22e0e164ae1c12025cecde905d42de88d632e4412ef39bcd0eda3f8670861e9a2e8e7bff0011e61f7429834b4bf26de286385bd2bbbfb1a9ddd0c04f172a08302e0ac2301926b3b4c469550b1bcafb60b6d66c2212815b8c86252cda8d885e00c54c7591c08f11c0f25aff11baf9e222bf9f29ae2f83e003ecdb923f6586de02f7e2339ae2fb6a40d9f154eafd8df852eb9f3e27f4cf41397bdabad1f3a6b7d9ba57c7f906911ec147dd42bef374435beff9610b0e02870abb2f81b2fbfce427c78e68f99585d0bd86a0dbf8b43914da9ebe59ee3e041eda963ade5754eec19e4d70c9ed09ba8258c6eaed72f918feea648fa40d162cd0fa75514d844f9af35da21d33e1026eacdfd750ae007bbf7c82b3284df7de983aa531aa7b74ad923fccd08e59fa5339459258d7c44daee39fb9b10eb72a530bdf5f0cfc8cd34e27442e1eea09ab983c15f8aff838bce3bb7f228e39eb994ae6ec56c257512f06c757e6c19a9c62484b0f65a6c8e37a5a8bf0ecfa47f2c202e01210afaf93348d57a462c02496603d2b1c4d950cbad348fd"], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r5, 0x0)
ppoll(0x0, 0x0, &(0x7f00000003c0)={0x0, 0x989680}, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x11, 0x0, 0x0, @u32=0x7fffffff}]}]}, 0x2c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@RTM_DELMDB={0x18, 0x55, 0x1}, 0x18}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000002cd40009800800014000000006c80002800c000180080001400000000324"], 0x140}}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x14, 0x19, {0x80000000, 0xffffff00, 0x400002}}}}, 0x30}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000800)

1.034583754s ago: executing program 1 (id=2609):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)

1.013499341s ago: executing program 0 (id=2610):
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x1, 0x0, 0x806, 0xffffffff}, 0x10)
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, 0x0, &(0x7f0000000040))

968.890004ms ago: executing program 3 (id=2611):
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x80000)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
getpeername$tipc(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10)
accept4(r0, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f0000000180)=0x80, 0x80800)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)=@gettaction={0x118, 0x32, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@action_gd=@TCA_ACT_TAB={0x34, 0x1, [{0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x14, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_gd=@TCA_ACT_TAB={0x34, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0x14, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}, @action_gd=@TCA_ACT_TAB={0x78, 0x1, [{0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x79b}}, {0x10, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0xa}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x40400000}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x5c1}]}, 0x118}, 0x1, 0x0, 0x0, 0x24000040}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan1\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000400)={0x1d, r2, 0x1, {0x1, 0xfe, 0x3}}, 0x18)
recvmmsg$unix(r1, &(0x7f0000000c00)=[{{&(0x7f0000000440), 0x6e, &(0x7f0000000600)=[{&(0x7f00000004c0)=""/232, 0xe8}, {&(0x7f00000005c0)=""/53, 0x35}], 0x2, &(0x7f0000000640)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff]}}], 0x58}}, {{&(0x7f00000006c0), 0x6e, &(0x7f0000000800)=[{&(0x7f0000000740)=""/76, 0x4c}, {&(0x7f00000007c0)=""/51, 0x33}], 0x2, &(0x7f0000000840)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r7=>0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [<r9=>0xffffffffffffffff, 0xffffffffffffffff, <r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000940)=""/3, 0x3}, {&(0x7f0000000980)=""/60, 0x3c}, {&(0x7f00000009c0)=""/24, 0x18}, {&(0x7f0000000a00)=""/109, 0x6d}, {&(0x7f0000000a80)=""/89, 0x59}, {&(0x7f0000000b00)=""/71, 0x47}], 0x6}}], 0x3, 0x40010000, 0x0)
r13 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$sock_inet6_SIOCSIFDSTADDR(r13, 0x8918, &(0x7f0000000cc0)={@empty, 0x2c, r2})
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000d00)={0x9}, 0x4)
getsockopt$SO_TIMESTAMP(r5, 0x1, 0x40, &(0x7f0000000d40), &(0x7f0000000d80)=0x4)
bind$isdn_base(r9, &(0x7f0000000dc0)={0x22, 0x7, 0x5, 0x30, 0x8}, 0x6)
sendmsg$nl_route(r4, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)=@newnexthop={0x1c, 0x68, 0x2, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x2, 0x0, 0x2d}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x844}, 0xc000)
r14 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockname(r14, &(0x7f0000000f00)=@pppol2tpv3, &(0x7f0000000f80)=0x80)
recvmmsg(r6, &(0x7f0000000fc0), 0x0, 0x40010003, &(0x7f0000001000)={0x77359400})
pipe(&(0x7f0000001040))
r15 = accept$netrom(r11, &(0x7f0000001080)={{0x3, @bcast}, [@remote, @remote, @default, @default, @bcast, @netrom, @default, @bcast]}, &(0x7f0000001100)=0x48)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f0000001140)={'veth0_vlan\x00'})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000001180)={<r16=>0x0, @in6={{0xa, 0x4e20, 0x7f, @dev={0xfe, 0x80, '\x00', 0xa}, 0xa7}}, 0x4, 0x40}, &(0x7f0000001240)=0x90)
setsockopt$inet_sctp6_SCTP_CONTEXT(r8, 0x84, 0x11, &(0x7f0000001280)={r16, 0x5}, 0x8)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f00000012c0)={{r12}, 0x3f1, 0xffffffffffffffff, 0x8})
recvmsg$can_raw(r7, &(0x7f0000001640)={&(0x7f0000001300)=@in6={0xa, 0x0, 0x0, @private2}, 0x80, &(0x7f0000001500)=[{&(0x7f0000001380)=""/198, 0xc6}, {&(0x7f0000001480)=""/84, 0x54}], 0x2, &(0x7f0000001540)=""/231, 0xe7}, 0x12141)
r17 = syz_genetlink_get_family_id$batadv(&(0x7f00000016c0), r3)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r10, &(0x7f0000001780)={&(0x7f0000001680)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001740)={&(0x7f0000001700)={0x34, r17, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
pselect6(0x40, &(0x7f00000017c0)={0x5, 0x8, 0x0, 0x2, 0x5a0a000000, 0xec0, 0x2, 0x58}, &(0x7f0000001800)={0x4, 0x5, 0x7aa6, 0xfffffffffffffff6, 0x4, 0x2, 0x2, 0x6}, &(0x7f0000001840)={0xb5f, 0x0, 0x74, 0xd8f, 0x8, 0x6, 0x67db, 0x96}, &(0x7f0000001880)={0x77359400}, &(0x7f0000001900)={&(0x7f00000018c0)={[0x7]}, 0x8})
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001940))
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001a80)={&(0x7f0000001a00)={0x50, 0x0, 0x200, 0x9, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0x57}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x50}, 0x5)

968.151574ms ago: executing program 1 (id=2622):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)

928.698077ms ago: executing program 0 (id=2612):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$inet6(0x10, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xffeffffc}, {0x16}]}, 0x10)
sendto$inet6(r1, &(0x7f00000002c0)="100000001200050f0c1000000049b23e", 0x10, 0x0, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58)
r2 = accept$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000006100), 0x49f, 0x0, 0x0)

927.733475ms ago: executing program 4 (id=2613):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_opts(r0, 0x29, 0x48, &(0x7f0000000180)=ANY=[@ANYBLOB="010470000000000000080000000000000000000000000000fe80000000000000000000005a00"], 0x28)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_80211_join_ibss(&(0x7f0000000000)='wlan0\x00', 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$int_out(r3, 0x5460, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000080)={0xbf, 0x99, 0x15, 0x6, 0xff, 0x5, 0xfb, 0x8, 0xec, 0x2, 0x81, 0x84, 0x8, 0x5}, 0xe)
sendto$inet6(r4, &(0x7f0000000040)='T', 0x1, 0x8910, &(0x7f0000000280)={0xa, 0xfffc, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c)
ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, &(0x7f00000000c0)={r4})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="60000000020603000000000000830000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000000008001240ffffffff12000300686173683a6e65742c706f7274000000050004"], 0x60}, 0x1, 0x0, 0x0, 0x4008801}, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r4, 0x84, 0x21, &(0x7f0000000000)=0x4, 0x4)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000300)=0xf2d8, 0x4)
shutdown(r4, 0x1)
recvmmsg(r4, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/214, 0xd6}], 0x1, 0x0, 0x39}, 0x5}], 0x1, 0x20, 0x0)
shutdown(r1, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000340)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10)
recvmmsg(r1, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c210280080001000800000006000200010000001ffe020000", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

899.138566ms ago: executing program 3 (id=2614):
unshare(0x2c020400)
unshare(0x60000400)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000780)=ANY=[@ANYBLOB="48010000100001000000000000000000e00000020000000000000000000000000a010101000000000000000000000000000000004e2100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffdfff0000000000000000000000000000000033000000fe8000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000000004000000010000000000000000000a000000000000000000000048000100736861323536000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048460000000000000000000000000008001d00000000000800220003"], 0x148}}, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=ANY=[@ANYBLOB="b40000001800010000000000fedbdf250200000000010009000000000600150004000000900016808c0008808800018078000380"], 0xb4}, 0x1, 0x0, 0x0, 0x40084}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {0x0, 0xffe0}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x1c, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xf, 0x6, 0x1}}, @TCA_GRED_LIMIT={0x8, 0x5, 0x2}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x51}, 0x20040000)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
r8 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_SIOCADDRT(r8, 0x890b, &(0x7f0000000340)={@dev={0xfe, 0x80, '\x00', 0x40}, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, 0x3, 0x2, 0x5, 0x500, 0xb7, 0xc20022})
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
write$tun(r7, &(0x7f0000000480)=ANY=[@ANYBLOB="00032fdc2e5df17d8e0035f1000800ec0619006808002a00303aff000000000000002e00000000000000017805000000694da02910003300fe8000000000000000000000000000bbfe8000000000000009000000000000aa0000000000000012d815dcfd4b4d55c23003e7afe5f56b"], 0x62)
getsockopt$netrom_NETROM_N2(r6, 0x103, 0x3, 0x0, &(0x7f0000000080))
sendmmsg$inet6(r5, &(0x7f0000003a00)=[{{&(0x7f0000000580)={0xa, 0x0, 0x0, @loopback, 0x9}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000200)="c5df6a3b", 0x4}], 0x1}}, {{&(0x7f0000000b40)={0xa, 0x4e21, 0x900000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000140)="af", 0x1}], 0x1}}], 0x2, 0xc0c0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value, &(0x7f0000000100)=0x8)
ppoll(&(0x7f0000000240)=[{r5, 0x2}], 0x1, &(0x7f0000000300), 0x0, 0x0)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x8, '\x00', 0x7b67, 0x9, 0x0, 0xaad}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r12, {0xe, 0x7}, {0x1, 0xfff1}, {0xa}}}, 0x24}}, 0x20004804)
ioctl$FS_IOC_FSGETXATTR(r9, 0x801c581f, &(0x7f0000000400)={0x2, 0xb7, 0x2, 0x4, 0x9})
sendmsg$AUDIT_TTY_SET(r10, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x18, 0x3f9, 0x2, 0x70bd2c, 0x25dfdbfe, {0x1, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

891.602768ms ago: executing program 1 (id=2615):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r4, 0x29, 0x17, &(0x7f0000000040), 0x4)
setsockopt$inet6_IPV6_DSTOPTS(r4, 0x29, 0x3b, &(0x7f0000000180)={0x1}, 0x8)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x33}}, 0x1c)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000910435000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000b0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000004a000b0000000000adc3106f87252e410b7178905ee7feaec2d106c1bb5119fe3d5fe55ae492b77a45bfb812eceed06b485e56a25637ed0fb093ae57000538e0886eb62bb41a869975302acaf4d3f43589b732d6cfa9967f6ca5f0116789b259fe7b8041257afc12867b1cab0b065bc0ece541c671969821404b017af940bfa7e8c1a2ea1b7fbdf932137ca0e1119ad2e7ba404788b1726143ebebe072208df5a5c1e6cb92ecc53920e30a14f56090148551"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc0000000010007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="58f76b8f1d400000975b4916f9edfadf84e76c35", @ANYRES32=r5, @ANYBLOB="00000000000000002000128008000100736974001400028006001000018000000800140008000000"], 0x40}}, 0x0)
r8 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_fanout_data(r8, 0x107, 0x16, &(0x7f0000000280)={0x3, &(0x7f00000001c0)=[{0x0, 0x1, 0xe8, 0x5}, {0x0, 0x40, 0x80, 0x866}, {0x5, 0x3, 0x3, 0xff}]}, 0x10)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0xfe, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r8, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r8, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$ax25_SO_BINDTODEVICE(r8, 0x101, 0x19, &(0x7f0000000040)=@bpq0, 0x10)

786.850643ms ago: executing program 0 (id=2616):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c002e000300000003000000"], 0x40}}, 0x0)

774.74349ms ago: executing program 4 (id=2617):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x5c, r1, 0x207, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}]}, 0x5c}}, 0x880)

742.171302ms ago: executing program 4 (id=2619):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38)
recvmmsg(r2, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0x4b00}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)=""/254, 0xfe}], 0x1}, 0x7}], 0x2, 0x143, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="f9ffffff000000000000003d1304e200000000019500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
sendto$rxrpc(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r5, &(0x7f0000001280)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @empty}}, 0x24)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="19002dbd7000fcffffff1b000000180001801400020064756d6d7930"], 0x2c}}, 0x0)

717.52738ms ago: executing program 3 (id=2620):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'wlan0\x00'})
r3 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl(r3, 0x8b33, &(0x7f0000000040))
write$cgroup_devices(r2, 0x0, 0x9)
mkdirat$cgroup(r1, &(0x7f00000004c0)='syz0\x00', 0x1ff)
write$cgroup_devices(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="473ee1d829da199908b28a9465aebea30479fbc21a9837654630d62b26c8a418e8bdaa787c2bbb0b2e568b827e1cfaadd1630e873fad67b675e220b3edd68b1c72e2b27d57b28339fc4cf6bfbbfe9fd7dd", @ANYBLOB="aa63bc269666d7"], 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000340)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000200000600000000850000002e00000095000000000000008c3868f01c0b839579d850115a0a9ecca7298485f35183d55f08c8cc4b926b739b6932d8b088db67bf234507301ee97bab8dffaf258be1a0c236922d"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="b9ff03316844268cb89e14f00800", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='xprt_reserve\x00', r4}, 0x18)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0xffffffffffffff09)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r7, &(0x7f0000000080)={0xa, 0x4e21, 0xd, @loopback, 0x4}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r7, 0x29, 0x1, 0x0, 0x0)

627.661074ms ago: executing program 1 (id=2621):
r0 = socket(0x15, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'macvlan1\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000921bfd2288fd73f69fb43982c18f428775f58397848ee2ca4ff142ee35816318b40299d7de5ec6aac37915f1"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000100)={r2, r3}, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYBLOB="800202000a00020057"], 0x48}}, 0x48000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead0"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x26, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x400008a, 0x0)
r7 = socket$kcm(0x11, 0x3, 0x300)
setsockopt$sock_attach_bpf(r7, 0x1, 0x28, &(0x7f0000000040), 0x4)
recvmsg(r7, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x2)
sendmsg$key(r6, &(0x7f0000000000)={0x9, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x2, 0x9, 0x0, 0x9, 0x2, 0x0, 0xffffffff, 0x25dfdbfe}, 0x10}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r8}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r9, &(0x7f0000000200), 0x806000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f00000002c0)=0xa, 0x4)
getsockopt(r0, 0x200000000114, 0x2710, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x600000b, 0x6e071, 0xffffffffffffffff, 0x80000000)
syz_emit_ethernet(0x104, &(0x7f0000000000)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xf6, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @redirect={0x5, 0x2, 0x0, @rand_addr=0x64010100, {0x36, 0x4, 0x1, 0x7, 0x4a4, 0x67, 0x4, 0x3, 0x14, 0x1000, @loopback, @dev={0xac, 0x14, 0x14, 0x1e}, {[@lsrr={0x83, 0x1b, 0x4a, [@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2b}, @remote, @remote, @remote, @empty]}, @timestamp_prespec={0x44, 0xc, 0xa2, 0x3, 0x7, [{@multicast2, 0xf9fa}]}, @lsrr={0x83, 0x17, 0xe8, [@dev={0xac, 0x14, 0x14, 0x29}, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @empty]}, @timestamp={0x44, 0xc, 0xe, 0x0, 0x4, [0xa9a7, 0x3]}, @lsrr={0x83, 0x27, 0x41, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @loopback, @empty, @multicast2, @empty, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @rr={0x7, 0xf, 0x61, [@remote, @dev={0xac, 0x14, 0x14, 0x3c}, @broadcast]}, @timestamp_addr={0x44, 0x24, 0xfa, 0x1, 0x8, [{@local, 0x53}, {@remote, 0x80000000}, {@loopback, 0x81}, {@local, 0x3}]}, @lsrr={0x83, 0x1f, 0xe3, [@multicast2, @broadcast, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @multicast1, @broadcast]}]}}, "bdf9"}}}}}, 0x0)

627.461724ms ago: executing program 4 (id=2623):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x304)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000a40))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000003c000701fcffffff00000000017c0000100036800c00020008000000007000000c0001800602"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

619.381916ms ago: executing program 0 (id=2624):
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x1, 0x0, 0x806, 0xffffffff}, 0x10)
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000000000), 0x0)

616.66894ms ago: executing program 3 (id=2625):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x6, 0x4, 0x1, 0x0, r1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2}, &(0x7f0000000840), &(0x7f0000000880)=r1, 0x1000000}, 0x20)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket$inet6(0xa, 0x3, 0x1)
write$tun(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xfdef)
pipe(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000006c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000700)="b26e2e1973", 0x5}], 0x1, 0x0, 0x0, 0x4000}}], 0x1, 0x4445)
recvmsg$unix(r7, &(0x7f00000046c0)={0x0, 0x0, &(0x7f0000004500)=[{&(0x7f0000001080)=""/54, 0x36}], 0x1, &(0x7f00000045c0)}, 0x120)
write$cgroup_devices(r5, &(0x7f0000000080)=ANY=[@ANYBLOB='b '], 0x47)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0)
ioctl$sock_rose_SIOCDELRT(r5, 0x890c, &(0x7f00000000c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={'rose', 0x0}, 0x8, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r9, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="3103efff00000000000408000000040003"], 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r11, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xa006}, 0x4)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r13 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r12, &(0x7f00000014c0)={@val={0x0, 0x800}, @val={0x0, 0x0, 0x3}, @mpls={[{0x8, 0x0, 0x1}], @ipv4=@gre={{0x5, 0x4, 0x0, 0x0, 0xfbc, 0x0, 0x11, 0x0, 0x21, 0x0, @dev, @broadcast}, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [], "50726483718ba3e6d08f7571cc59e627d3ed353e879da15784c220746fc2eba11f56fe932b544f53b43a34b265bd5d44fd38791b56b3b8767c382bc52ee2b8fcbbd661f151afd5315d5f502920c297a3916d7ea039eb558ebb06336662367e15363058de9b806035d5c980832248d1fc96c6b2fb2a4dffa91026dd0228974f70bea2a8e3fe0c9aae345d6e19f2"}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "ac10ef31176d1af88e863d588661a0756365388ef6f2d7b69fb82dc9e7de475e5aad52fa5b61fb1730a4f8ba342b81d86460c5cc35df8bdc3e55e1e92140c9ed10cfd396d4fb331e1901da8dfd47cd7431fd6cb967f7d84f0ba6de4a73b26c286edc3684534e70f60b30b7aefec9309c13a29b35e134d47c3579870d43bcc2babd71412ade39c68b036b5e7a6e90c25efe7a5b3ff3fae0fe7459e71cb431cb8f6a45a9a21d938cbd1de67fde856f05154095c3d86b9f4bac02987d8a06aae5f8d3da56748f1f6b1e9de4d1afaea08c70a943b080bf77494e5dcc17fe38bb0a0b36a008f7805cfdbe5a89e2e12e013b6ff42e3f9e825f3d604768f87273edad56c12c8a5eacd9b63ea6fa1ecf16139cb19c579c4f0a125a755439e6dc9c1637c0d23c1c281af2982cca306b2d3dbaede299bfe4f2ebd822abfabafef3f159049cc24f01a412fafe3d43841a6a4dbed78566e34544a074d4c01cedbb22527e955e8f93ef5a927fdec293a3c78693cae45de7481fdf0f65a43b50d26904594676b7af375752c99e2ba3e00286ab9d438af7b8834c0e71d245c0428ecc5a59f29ab0bca9b1913b9bb5373a94e1daae374d0ed7e7ffd0a1188c83e61e8ee28625483a96a246b9e1cdc8da085de61834a15afd5e7726d711c5ecc008914b9b9f35603330113e548e4509516bac6bc1150b2ace667a540ec84d22c0d0200056918fa3ac596cddd501f7b34f3b97c12c3c10e4b0c67ef01059c2feed93f9169498278daabd27d8537882a87b2edd4b2e6789b90d065ba7a064b2b4ecc1622c8662b3145844c12491ee85dd2acbe057479db9d24e500d9f1af37745f39e7fc7d4e513fa839556155db1ba6d62465a464184f2f4f9c4c822e64c6a357d7bc06caf64db283f0a3a427b400b7dd4df488c9e30db1fdb1774038d32557b69f9c1eba7ec66309bc68c19200aa5f05ec21c1cc9a12667cbae2863198913eac1de18df558c1b5fbceb0e6b521e120e98b39ecc8cabb6c25cdc31d827eeb549fe548f6b29d4f65b176ea0a20411d750f02c660cba2c62935fad8c51324f6f437daa53c81ff2e19b94140f1d72a2540b3fa74ffe85c696a4e4411d4449744ca4b5e8b921c7d62208b88a1df38030c4e09cd264a9c534259737ed6ea798cbc2d0054845dc84e97295efad0f5228fc61710e75a4445a889e230887845fa7f02be62593c352cb344a0f947bdb6c4cf3aab5ecedbd4fdde781c496db32a51f700b2fc19b2c36e257bbb2c735e0f03cd9e49700aee6edaa6952bdc2feef2d2e5463b6778fde3c7ef73477e22a181816883192beee132b3866c4ec977e0cd0b995de650c4c7d3e6e483685f75f9d82f69868d67e64a59e7320707847040bed7bb8c24d5e6a1da326d3226e71933484a2c619592a00db3b086d5fee139abaae14d65698937ef8c066acc7134f085e1e8ccd04a67e128c2d775740f0727c14dfbf8a2ed7f25d353285ab0fd03a8788d725163d27ac13ced25669301f672fb1f404451d85e92e1d0049fa9558c8492cc336ddd5133cb1b307f2901341fb6a021e1b751f22412e76fad6ea2b4a7d756559619fa47b22bc55ef8fdc19fbd6136becc60ff19748e60452e704752c82beb4861ea118875e9fe75a9e6c10c8b922dd8054ef8dd15963db6d505e7eab028322801bb4328d8257e726d937ca83c8efca320c8ecd24313eb5e8114c604781ed936a82740340ac6692bfc3613d2f49bf8284cf60cee6513fd154034e49af838146872e8735962da7f7bbd301f2fd85e597c1b6f8418352ebec83286f9dfab4a0b4dbb8b9c7b55aaf9ac1628d1493c1786c78a8a0b8c58596f1e1ba92b7fcdb80e867fdd299c78b902ac2de3c6d6bad6c5fb0c5db603b7c3c7ff8a64dc4488e07d2b506db960db1503ad72dab8ef405549a5f12a62052be8f7ad3fad32ba8560a8874c06f815ec9912dfcc16d8e0f8c9ab9afceae435a63dcdd1dc6b1e4d186f306ec1c8af08e69ad8fc9860c9bad1af0654c51e0711ecfa47c6b4411010076c975057db6609b47fda736f6ef81863387e3c971479a572145aab35a24475ffea35c1626b644ba12ef8d92cf9310f722b493b2da8ea4c5dcd99d75167e1404642aafbf5db3f8ce95382d7bbd550c0bae73af75dc913ead260ce475b30879d4279efeae49e88b0071661725e9ec5b3579c1716d70971fd301d8ee090a98120bf35ffa62101077362a2a3564022b0bff01e76e641fc01ff731a834509600aadeffe2f00276de348a3c57778865063bd8e348b6e68b5c74298ba911a184f5bfdefd6473272c174c9e644abdf22b3ac39e246ae947ffef4773bcfec3b2a8d03dc8971471dfc50cd5ef6d32ae3486f7d14b0137e80a313910d9bc87aed8c41c6563f646b39c2a26f4add083ab6efb5753fc6b78e7907b9cd8a2cabdf87e202239fffc99e0446915c3bc147635398f73201d7369902225184d8da01641759645bf92b5d73ab153f2150264c3333ce12747ce2642aa04aeeb85513170a67dd93b010e8fd0f3cb290e1fc0040d32bdad7d8b41c4f2d10a3c170dbc3e264e29714a34dd220c2bf3e273d7cb3a9397b16a47c85cca75e4cac2def7c976fb7f38b24bdb8f80486e9cec55574d9f2864085289fd2fc497a3a7fab762877629db9ff70201f07897246f9f5211ced9266b732e9988805669dc1bc8e4ddd235562c7785e2379f1f0dd1e71a98b6d204e6c1a1ee163ceb35f6c436bb2547522bed2a55814a3f5f53d3eceee6c847c12af75fdc8452116ab891a5c6424a79b33c4b56a5412700a907f3eca800fcfba133f8bab9ebae32c699b548aff3ac702699f293fceb7445a7107956adad16a6b73a2fe0c88232f2d9831b238b92c511e4a6e02f784ee328bd979c4728ba0f86cc4ed9a69c6d5bc23496729a6512c4664006afc08de2f4dd89e52108f7c081d11facccb91ebc82415691b6bf05818638b3a4d809ae307f4b2d867a34417dbaad8c01a3773d8ebe56890230bd4a2e2a027d59839e1710cb5d25cec245ed8f86b7d4ed8e4ec48c53387ab1ea059406bf2612a6c730750b41a47bdf51cbec2c3f1b07fd6aba2ea390e138868d71f0a73990e87b383757a199f53bcd25f93b15efaf84a9a3758f5cbc2223a809ba784a5af2d36a3b99e3d143310ecf2bb9d2dd8fe9defdfa3d82e005c52514f13beb97476fb7a0f7ab62892977c9da0b950dbbc89bdd58472619f3bdbf46def88488e7bdf0633ee908a4e4e795e92037b74db18672e168514e2ad0a2df94357f2dc2c593b251894657c6bea65abfcd76b7037bd5817ab73be94f00031150f375442e0f0d0e7236ed4150637c14f62ecb6713f897889d77d814ead5774d726f307fe32c020cdefda72151798fcde65af6fbe6594eeb078a8c414b949c0c2217a0cc82049c43f6fb3cb7c00fc0305b86dddde708dd8a61a63e799abdd49d6ff1c41b8ecb230891037ca36d7a7e1f6280f52a5d45ff872f11df408ae09fc9b9d371ccf4f2777626ad84426d925dac9bbacc785acb5c29cbf9d6aec77d5ac48778ab4682b7bb611f342a72c26417a5e432e5d956844e19739e61999a78c615acc09f415032031ac6cb839da764331d131acbe66b502e7f1a5b9dc68df7f5524e7bc6fdfa982b39af2cbff69052d04be78821282dbfc034e64943004375f16cf4741526aaafebfc1a6d4a38d4c345aa22c94922f145b6c449a216b6c382565598125156fad8097c2e7ea65063cdfe34e50fb75939f3b3cf5ab8a3448ead3cc36358f45b0eaabf8ff2b64a1923407226f24420978d03d6bcefc2b45a74425017c11146e25f6d41912f39afecaa19090123ea2605994978b00a347aba322cd10822933e3f5988477ce1b2aff651553ec4977b185e5c7aaa4c64b4fb49cfc0cad75e85c0617e19f26fd0932a4bba0821d5a4d9449773c2d3c25e8aee59155346502b72a4d6818f143695acd5b83a336d02e2d1b9da5740e287c4694012f9648656c51cd44431c54301ea55f48197d1280421793598db89820937aa6a41d69618f55fd9c40dc0742e77d4ddf4a68a6cecba47ff0a22e2734bc9556193642b92838c891b4ed109af35190332aabb9aab184076cfc99f08814bebe47fccd12005ad926a643c791ecda50458a1106a033408fb90da10f8d6e42b3a462e9f9a1a2752c21967884ea79a1148f3dd0304bef05747458c7859dbf7f6df08074e9ac221677b70546909329c5557adb255cc33c1f9b762188e2498a7744f066df3fb8bee6261db37489b63f9bda047a06cbc588ff1255e3b63a86a5ca353160e0dc4088ea691c768f5d36397cb64c6db2d5bd39473a9d1209d021b8017434874ed5f99d9fc27d5549eaecdcfb7093549acaea45610221192942e108def0efbc004bbfef195af7dcdc0b75097eba13d621c2ca5ee3bfd2845b21a910e8ea21536768e1e5081997ae7415a55e58e1294d8ff3bc95faf96a65501b922382f4f75a0f938b290fd66bb3ccdc33734bafa18a3765d23f151951b8c8c6939de018c4e9ca253dff4a1fc70a601bba8c2e146a79166745e5fd1748c638a7a945e5f5aea0a93c7861446ef5996e37231e573245dae58b168c0564c8b27ada3fde66bb00f51f7e47970855d1057739ccf583666055187173bfd1454a5fbcfd59f39b6ad63fbfbe0fea9a6b336a41ec316acedd38cc6fab7de1190c97bed6e8f1cdb47d59941955f87a59d953c0f60f68a63fcf8f6f76b3eb5d79d94a2eeb3fb28781b1bbd31937c6f6e2d6fa7d2f4134702fdc0a2250bbec420c73a89c1643379235a492c2cbb3280ec3e676fcc1b33aaa645234eebefb1c28c52646a33c1989a386d537cd5ebf89f50b575b37b9a337f653919a569229009"}, {}, {}, {0x8, 0x6558, 0x0, "20e62929c11cb0549208c925145acbdc02d1fec745f9b654f2d97c9269199fc2293765cfbba8e22fa0ba230c891eb5a9490864bc2e2993a2831d52a0f75fda3f213ec297d9acaa7a8aedc6826e3274b7f48681313b4b677b469a77dd667c84aaf2766d84d9f6dd1b6aa2ab1860b1394813e57c4c6d557a4d049d74cdc674b82da3e6c6f0b9a890edc47dd5a6801c24ba1da62ac03a3620d1f109122a34cd8f552730c4239a81f09bc9174d89403e8011a5436bc7abbd69d49f68a786837a51689f7a4b422061f4768c9052c000016fffffe700e53f083b13e53ef485d121779c5da2b6ce80f9cc4a030570a1cc071d9a6845b6018baaa77418d5fb030700f7b63620c369c466108465b7c7967c0c84a9b828118c9ba7808abfe69f783c3795ecbe1714d91d56b64b9e8e7f86d3fff9c8084b5ec69fcf586b23c29dc078db3fda0fe8cfaed8ab7a5a39bc2ec6a1410270ea7d41ecbd90e45fc60062bc"}}}}}, 0xfce)
r14 = openat$cgroup_devices(r8, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0)
splice(r4, 0x0, r14, 0x0, 0x8, 0x0)

539.686677ms ago: executing program 0 (id=2626):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000200005020000000001000000020020000000efff000000000500130001000000080002"], 0x2c}}, 0x26048880)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000300000d000000000000000000000000000000000000000000000000000000000000a00747e5ebca8a9f6f548f165736469b3f3662abad965f2e6623831b840cf5be49f91ec53b714d6db8e8dd5c775e2f6e7ce1919a83287c9a1444cd04be951c68135d1a4a1dc8d4ab4226bdd6081dca36d0bf2a67deb7abdd0391912e41e3b6d97795cc2bfe684727a1595f0821054f9a797d368d6a1773f2d171b129f6d5443aac81ed17a808a54b9564b30ab9e4b980a7582888b2ac96b7c97eaf0f964fef9ddcaa55c6f5754caa0dc36853e2bf8a1a4242ed37d6166fbac782d9c33259d9c48d0b4ccd30b7b4b6e530f3efd36aee97f3ed1cfc60ee7d6d529f8e8edb0b5fc47047ecadb300497d"], &(0x7f0000000a80)=""/172, 0x3e, 0xac, 0x9}, 0x28)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x80000}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r5, 0x0, 0x1}, 0x18)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r6, 0x0, 0x1}, 0x18)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$netlink(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000002580), 0x0, 0x0, 0x0, 0x60004810}, 0x20048880)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x3, 0x2, 0x301, 0x0, 0x0, {0xa}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20000800)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r10, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, &(0x7f0000000200)={<r11=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r10, 0x84, 0x7a, &(0x7f0000000340)={r11, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r9, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r9, 0x84, 0x7c, &(0x7f0000000080)={r11, 0x5, 0x3ff}, 0x8)
bind$802154_dgram(r8, &(0x7f0000000200)={0x24, @short={0x2, 0x3, 0xaaa0}}, 0x14)

539.103355ms ago: executing program 4 (id=2627):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)

484.851297ms ago: executing program 2 (id=2628):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x18, 0x802, 0x3)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f00000003c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r0)
sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x80084}, 0x4004050)
sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB='\a\x00', @ANYRES32, @ANYBLOB="08000400000000000c0003000000000000000100080005000000000008000100", @ANYRES32=0x0, @ANYBLOB='\x00'/11], 0x50}}, 0x44)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
getsockopt(r3, 0x1, 0x4c, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @multicast2}, 0x20000003}}, 0x2e)
ioctl$PPPIOCGCHAN(r4, 0x80047437, &(0x7f0000001300))
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r3, &(0x7f0000000780)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000740)={&(0x7f0000000540)={0x1e8, r6, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xd2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e21, @private=0xa010102}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}]}, @TIPC_NLA_BEARER={0xe4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @local}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0xd, @rand_addr=' \x01\x00', 0x3}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @rand_addr=0x64010102}}, {0x14, 0x2, @in={0x2, 0x4e23, @rand_addr=0x64010102}}}}, @TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'vcan0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x0, @loopback, 0xb3}}, {0x14, 0x2, @in={0x2, 0x4e21, @broadcast}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7fff}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xc}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10000}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x8010}, 0x6044001)
unshare(0x22020400)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r8, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r9=>0x0}, &(0x7f00000010c0)=0x8)
bind$inet(r3, &(0x7f00000007c0)={0x2, 0x4e21, @local}, 0x10)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r7, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={r9, 0x81}, &(0x7f0000000240)=0x8)
r10 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r10, &(0x7f0000000480), 0x10)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000180)='syzkaller\x00'}, 0x94)
syz_genetlink_get_family_id$nl80211(0x0, r1)
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="e2ccfe6a"], 0x14}, 0x1, 0x0, 0x0, 0x840}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r11}, 0x10)
poll(&(0x7f00000022c0), 0x58, 0x8)

461.650151ms ago: executing program 4 (id=2629):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x7fff}, &(0x7f00000001c0)=0x8)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x0, 0x0, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10)
setsockopt$inet_mreq(r3, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x150, &(0x7f0000000840)={@remote, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @rand_addr=0x64010102}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2, "8b8f229ce6d96f36a33d256a3fd82d838d400b7a0c0959b6564cbb2bee9c8d1c71cc370df496c3befd3c6d64b17aabd0849740c6de38b0fdec71c714b73b7d0057ff0a81e97f834df4668b32333a5555d5fe82f743be9effffffffe2e376c24ad315a1ae8a5a9d3380bff6b3b8b36699c8637936afc8cc1bd2c6ca39e44c0da8b04a1d36e88099688532f9659e2777ebdc20b37d3e7d8196de7b1c097e33bd66cf4516e4b5aeddadfbe4de7d57e6b47239c79305af3c5c817fcf28eb7dd85477327e6b75275d8f3a14294747daf8ba1bacb4c60a173cceeec914a094fa"}}}}}, 0x0)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={<r7=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r5, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB], 0x30, 0x4040001}], 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1b, &(0x7f0000000240)={r7}, &(0x7f0000000280)=0x8)
setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)
unshare(0x62040200)
write$tun(0xffffffffffffffff, 0x0, 0x3e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000740)={"8c3ef01be86258108b331b07f91efab2", 0x0, 0x0, {0x6, 0x40}, {0x3, 0x1}, 0x6, [0x3, 0x5, 0x9, 0x7, 0x7, 0x5, 0x10, 0x953, 0x1, 0x4, 0x8, 0x9000000000000000, 0x2, 0x4, 0x2, 0x5]})
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}}, 0x84)
socket$netlink(0x10, 0x3, 0x4)

0s ago: executing program 0 (id=2630):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x5c, 0x0, 0x207, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}]}, 0x5c}}, 0x880)

kernel console output (not intermixed with test programs):

4'.
[  117.433723][ T9349] mac80211_hwsim hwsim8 syzkaller0: entered allmulticast mode
[  117.477043][ T9356] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  117.487967][ T9357] syzkaller0: entered promiscuous mode
[  117.494072][ T9357] syzkaller0: entered allmulticast mode
[  117.526429][ T9353] netlink: 28 bytes leftover after parsing attributes in process `syz.0.944'.
[  117.538911][ T9353] netlink: 28 bytes leftover after parsing attributes in process `syz.0.944'.
[  117.549608][ T9349] sch_tbf: burst 127 is lower than device syzkaller0 mtu (313) !
[  117.552745][ T9365] FAULT_INJECTION: forcing a failure.
[  117.552745][ T9365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.573579][ T9355] tipc: Resetting bearer <eth:syzkaller0>
[  117.583455][ T9365] CPU: 0 UID: 0 PID: 9365 Comm: syz.1.949 Not tainted syzkaller #0 PREEMPT(full) 
[  117.583482][ T9365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.583493][ T9365] Call Trace:
[  117.583500][ T9365]  <TASK>
[  117.583508][ T9365]  dump_stack_lvl+0x189/0x250
[  117.583533][ T9365]  ? __pfx____ratelimit+0x10/0x10
[  117.583557][ T9365]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.583576][ T9365]  ? __pfx__printk+0x10/0x10
[  117.583597][ T9365]  ? __might_fault+0xb0/0x130
[  117.583622][ T9365]  ? rcu_is_watching+0x15/0xb0
[  117.583641][ T9365]  should_fail_ex+0x414/0x560
[  117.583664][ T9365]  _copy_from_user+0x2d/0xb0
[  117.583684][ T9365]  __sys_bpf+0x1ed/0x870
[  117.583706][ T9365]  ? __pfx___sys_bpf+0x10/0x10
[  117.583732][ T9365]  ? ksys_write+0x22a/0x250
[  117.583755][ T9365]  ? __pfx_ksys_write+0x10/0x10
[  117.583774][ T9365]  ? rcu_is_watching+0x15/0xb0
[  117.583793][ T9365]  __x64_sys_bpf+0x7c/0x90
[  117.583812][ T9365]  do_syscall_64+0xfa/0x3b0
[  117.583829][ T9365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.583846][ T9365]  ? clear_bhb_loop+0x60/0xb0
[  117.583864][ T9365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.583881][ T9365] RIP: 0033:0x7f2348b8ebe9
[  117.583896][ T9365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.583912][ T9365] RSP: 002b:00007f23499c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  117.583931][ T9365] RAX: ffffffffffffffda RBX: 00007f2348db5fa0 RCX: 00007f2348b8ebe9
[  117.583944][ T9365] RDX: 0000000000000094 RSI: 0000200000001080 RDI: 0000000000000005
[  117.583965][ T9365] RBP: 00007f23499c6090 R08: 0000000000000000 R09: 0000000000000000
[  117.583976][ T9365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.583987][ T9365] R13: 00007f2348db6038 R14: 00007f2348db5fa0 R15: 00007ffe9b77dd48
[  117.584007][ T9365]  </TASK>
[  117.780221][ T9355] tipc: Disabling bearer <eth:syzkaller0>
[  117.814593][ T9363] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  117.836280][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.951'.
[  117.953033][ T9383] netlink: 20 bytes leftover after parsing attributes in process `syz.4.955'.
[  117.977090][ T9383] openvswitch: netlink: Flow key attr not present in new flow.
[  118.127895][ T9404] FAULT_INJECTION: forcing a failure.
[  118.127895][ T9404] name failslab, interval 1, probability 0, space 0, times 0
[  118.228013][ T9408] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  118.237134][ T9410] netlink: 12 bytes leftover after parsing attributes in process `syz.1.966'.
[  118.253722][ T9404] CPU: 0 UID: 0 PID: 9404 Comm: syz.2.962 Not tainted syzkaller #0 PREEMPT(full) 
[  118.253746][ T9404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.253757][ T9404] Call Trace:
[  118.253762][ T9404]  <TASK>
[  118.253770][ T9404]  dump_stack_lvl+0x189/0x250
[  118.253795][ T9404]  ? __pfx____ratelimit+0x10/0x10
[  118.253818][ T9404]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.253837][ T9404]  ? __pfx__printk+0x10/0x10
[  118.253860][ T9404]  ? fs_reclaim_acquire+0x7d/0x100
[  118.253882][ T9404]  ? rcu_is_watching+0x15/0xb0
[  118.253898][ T9404]  ? __pfx___might_resched+0x10/0x10
[  118.253913][ T9404]  ? lock_acquire+0x5f/0x360
[  118.253934][ T9404]  should_fail_ex+0x414/0x560
[  118.253957][ T9404]  should_failslab+0xa8/0x100
[  118.253978][ T9404]  __kmalloc_cache_node_noprof+0x73/0x3d0
[  118.253997][ T9404]  ? __get_vm_area_node+0x13f/0x300
[  118.254018][ T9404]  __get_vm_area_node+0x13f/0x300
[  118.254040][ T9404]  __vmalloc_node_range_noprof+0x301/0x12f0
[  118.254062][ T9404]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  118.254082][ T9404]  ? lock_release+0x4b/0x3e0
[  118.254101][ T9404]  ? lock_release+0x4b/0x3e0
[  118.254124][ T9404]  ? rcu_is_watching+0x15/0xb0
[  118.254143][ T9404]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  118.254173][ T9404]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  118.254200][ T9404]  ? lock_acquire+0x5f/0x360
[  118.254222][ T9404]  ? _parse_integer_limit+0x1ae/0x1f0
[  118.254246][ T9404]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  118.254266][ T9404]  __vmalloc_noprof+0xb1/0xf0
[  118.254286][ T9404]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  118.254308][ T9404]  bpf_prog_alloc_no_stats+0x4a/0x4b0
[  118.254332][ T9404]  bpf_prog_alloc+0x3c/0x1a0
[  118.254352][ T9404]  bpf_prog_load+0x735/0x1930
[  118.254377][ T9404]  ? __pfx_bpf_prog_load+0x10/0x10
[  118.254397][ T9404]  ? __might_fault+0xb0/0x130
[  118.254423][ T9404]  ? lock_release+0x4b/0x3e0
[  118.254443][ T9404]  ? __might_fault+0xb0/0x130
[  118.254462][ T9404]  ? __might_fault+0xcc/0x130
[  118.254482][ T9404]  ? bpf_lsm_bpf+0x9/0x20
[  118.254501][ T9404]  ? security_bpf+0x7e/0x300
[  118.254523][ T9404]  __sys_bpf+0x528/0x870
[  118.254543][ T9404]  ? __pfx___sys_bpf+0x10/0x10
[  118.254569][ T9404]  ? ksys_write+0x22a/0x250
[  118.254589][ T9404]  ? __pfx_ksys_write+0x10/0x10
[  118.254607][ T9404]  ? rcu_is_watching+0x15/0xb0
[  118.254626][ T9404]  __x64_sys_bpf+0x7c/0x90
[  118.254643][ T9404]  do_syscall_64+0xfa/0x3b0
[  118.254659][ T9404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.254676][ T9404]  ? clear_bhb_loop+0x60/0xb0
[  118.254693][ T9404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.254708][ T9404] RIP: 0033:0x7f5007f8ebe9
[  118.254721][ T9404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.254735][ T9404] RSP: 002b:00007f5008d26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.254752][ T9404] RAX: ffffffffffffffda RBX: 00007f50081b5fa0 RCX: 00007f5007f8ebe9
[  118.254764][ T9404] RDX: 0000000000000094 RSI: 0000200000001080 RDI: 0000000000000005
[  118.254774][ T9404] RBP: 00007f5008d26090 R08: 0000000000000000 R09: 0000000000000000
[  118.254785][ T9404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.254794][ T9404] R13: 00007f50081b6038 R14: 00007f50081b5fa0 R15: 00007ffe370851d8
[  118.254814][ T9404]  </TASK>
[  118.254823][ T9404] syz.2.962: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  118.600347][ T9404] CPU: 0 UID: 0 PID: 9404 Comm: syz.2.962 Not tainted syzkaller #0 PREEMPT(full) 
[  118.600367][ T9404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  118.600376][ T9404] Call Trace:
[  118.600381][ T9404]  <TASK>
[  118.600387][ T9404]  dump_stack_lvl+0x189/0x250
[  118.600409][ T9404]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.600423][ T9404]  ? __pfx__printk+0x10/0x10
[  118.600441][ T9404]  ? lock_release+0x4b/0x3e0
[  118.600462][ T9404]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  118.600482][ T9404]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  118.600500][ T9404]  warn_alloc+0x214/0x310
[  118.600525][ T9404]  ? __pfx_warn_alloc+0x10/0x10
[  118.600549][ T9404]  ? __get_vm_area_node+0x13f/0x300
[  118.600572][ T9404]  ? __get_vm_area_node+0x2b5/0x300
[  118.600596][ T9404]  __vmalloc_node_range_noprof+0x326/0x12f0
[  118.600619][ T9404]  ? lock_release+0x4b/0x3e0
[  118.600640][ T9404]  ? lock_release+0x4b/0x3e0
[  118.600665][ T9404]  ? rcu_is_watching+0x15/0xb0
[  118.600686][ T9404]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  118.600709][ T9404]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  118.600732][ T9404]  ? lock_acquire+0x5f/0x360
[  118.600754][ T9404]  ? _parse_integer_limit+0x1ae/0x1f0
[  118.600779][ T9404]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  118.600801][ T9404]  __vmalloc_noprof+0xb1/0xf0
[  118.600824][ T9404]  ? bpf_prog_alloc_no_stats+0x4a/0x4b0
[  118.600847][ T9404]  bpf_prog_alloc_no_stats+0x4a/0x4b0
[  118.600871][ T9404]  bpf_prog_alloc+0x3c/0x1a0
[  118.600892][ T9404]  bpf_prog_load+0x735/0x1930
[  118.600919][ T9404]  ? __pfx_bpf_prog_load+0x10/0x10
[  118.600940][ T9404]  ? __might_fault+0xb0/0x130
[  118.600968][ T9404]  ? lock_release+0x4b/0x3e0
[  118.600989][ T9404]  ? __might_fault+0xb0/0x130
[  118.601010][ T9404]  ? __might_fault+0xcc/0x130
[  118.601031][ T9404]  ? bpf_lsm_bpf+0x9/0x20
[  118.601051][ T9404]  ? security_bpf+0x7e/0x300
[  118.601074][ T9404]  __sys_bpf+0x528/0x870
[  118.601095][ T9404]  ? __pfx___sys_bpf+0x10/0x10
[  118.601121][ T9404]  ? ksys_write+0x22a/0x250
[  118.601150][ T9404]  ? __pfx_ksys_write+0x10/0x10
[  118.601170][ T9404]  ? rcu_is_watching+0x15/0xb0
[  118.601189][ T9404]  __x64_sys_bpf+0x7c/0x90
[  118.601214][ T9404]  do_syscall_64+0xfa/0x3b0
[  118.601231][ T9404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.601247][ T9404]  ? clear_bhb_loop+0x60/0xb0
[  118.601266][ T9404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.601283][ T9404] RIP: 0033:0x7f5007f8ebe9
[  118.601299][ T9404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.601314][ T9404] RSP: 002b:00007f5008d26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  118.601333][ T9404] RAX: ffffffffffffffda RBX: 00007f50081b5fa0 RCX: 00007f5007f8ebe9
[  118.601350][ T9404] RDX: 0000000000000094 RSI: 0000200000001080 RDI: 0000000000000005
[  118.601362][ T9404] RBP: 00007f5008d26090 R08: 0000000000000000 R09: 0000000000000000
[  118.601373][ T9404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.601384][ T9404] R13: 00007f50081b6038 R14: 00007f50081b5fa0 R15: 00007ffe370851d8
[  118.601404][ T9404]  </TASK>
[  118.601464][ T9404] Mem-Info:
[  118.913828][ T9404] active_anon:4540 inactive_anon:0 isolated_anon:0
[  118.913828][ T9404]  active_file:3412 inactive_file:39851 isolated_file:0
[  118.913828][ T9404]  unevictable:768 dirty:321 writeback:0
[  118.913828][ T9404]  slab_reclaimable:11863 slab_unreclaimable:205158
[  118.913828][ T9404]  mapped:29328 shmem:1356 pagetables:1286
[  118.913828][ T9404]  sec_pagetables:0 bounce:0
[  118.913828][ T9404]  kernel_misc_reclaimable:0
[  118.913828][ T9404]  free:1217285 free_pcp:17418 free_cma:0
[  118.969379][ T9404] Node 0 active_anon:18160kB inactive_anon:0kB active_file:13648kB inactive_file:159200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117112kB dirty:1284kB writeback:0kB shmem:3888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14108kB pagetables:5000kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  119.027114][ T9404] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  119.086207][ T9404] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  119.157577][ T9404] lowmem_reserve[]: 0 2497 2499 2499 2499
[  119.167022][ T9404] Node 0 DMA32 free:973424kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17784kB inactive_anon:0kB active_file:13648kB inactive_file:157636kB unevictable:1536kB writepending:1308kB present:3129332kB managed:2557444kB mlocked:0kB bounce:0kB free_pcp:45796kB local_pcp:21208kB free_cma:0kB
[  119.200418][ T9404] lowmem_reserve[]: 0 0 1 1 1
[  119.205205][ T9404] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1576kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  119.235181][ T9404] lowmem_reserve[]: 0 0 0 0 0
[  119.240353][ T9404] Node 1 Normal free:3882908kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:23776kB local_pcp:10112kB free_cma:0kB
[  119.294657][ T9404] lowmem_reserve[]: 0 0 0 0 0
[  119.308955][ T9404] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  119.333756][ T9404] Node 0 DMA32: 1133*4kB (UME) 505*8kB (UME) 329*16kB (UME) 523*32kB (UME) 153*64kB (UME) 60*128kB (UME) 39*256kB (UME) 17*512kB (UM) 10*1024kB (UM) 8*2048kB (UM) 215*4096kB (M) = 973996kB
[  119.407741][ T9404] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  119.454430][ T9404] Node 1 Normal: 195*4kB (UME) 54*8kB (UME) 52*16kB (UME) 49*32kB (UME) 22*64kB (UME) 12*128kB (UME) 4*256kB (UME) 5*512kB (UM) 2*1024kB (UM) 2*2048kB (UE) 944*4096kB (M) = 3882908kB
[  119.478795][ T9404] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  119.508525][ T9404] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  119.534578][ T9404] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  119.544654][ T9404] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  119.556286][ T9404] 44618 total pagecache pages
[  119.576901][ T9404] 0 pages in swap cache
[  119.582966][ T9404] Free swap  = 124996kB
[  119.587513][ T9404] Total swap = 124996kB
[  119.593321][ T9404] 2097051 pages RAM
[  119.597795][ T9404] 0 pages HighMem/MovableOnly
[  119.604840][ T9404] 425664 pages reserved
[  119.609622][ T9404] 0 pages cma reserved
[  119.614174][ T9477] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  119.630258][ T9480] nftables ruleset with unbound chain
[  119.717881][ T9491] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  119.725804][ T9496] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  119.741206][ T9491] syzkaller0: entered promiscuous mode
[  119.747650][ T9491] syzkaller0: entered allmulticast mode
[  119.858815][ T9489] tipc: Resetting bearer <eth:syzkaller0>
[  119.894498][ T9489] tipc: Disabling bearer <eth:syzkaller0>
[  120.144126][ T9540] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  120.193961][ T9545] netlink: 'syz.3.1005': attribute type 1 has an invalid length.
[  120.202933][ T9544] nbd: couldn't find a device at index 65546
[  120.225043][ T9545] netlink: 'syz.3.1005': attribute type 2 has an invalid length.
[  120.759787][ T9590] netlink: 'syz.1.1021': attribute type 1 has an invalid length.
[  120.783816][ T9590] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  120.983971][ T9607] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  121.000194][ T9607] syzkaller0: entered promiscuous mode
[  121.016881][ T9607] syzkaller0: entered allmulticast mode
[  121.056555][ T9605] wg1 speed is unknown, defaulting to 1000
[  121.072587][ T9607] tipc: Resetting bearer <eth:syzkaller0>
[  121.120607][ T9606] tipc: Resetting bearer <eth:syzkaller0>
[  121.136249][ T9606] tipc: Disabling bearer <eth:syzkaller0>
[  121.145883][ T9630] netlink: 'syz.2.1034': attribute type 1 has an invalid length.
[  121.216349][ T9630] bond3: (slave bridge2): Enslaving as a backup interface with an up link
[  121.751902][ T9688] wg1 speed is unknown, defaulting to 1000
[  122.247401][ T9714] __nla_validate_parse: 19 callbacks suppressed
[  122.247419][ T9714] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1056'.
[  122.309792][ T9714] workqueue: Failed to create a rescuer kthread for wq "nbd64-recv": -EINTR
[  122.309861][ T9714] block (null): Could not allocate knbd recv work queue.
[  122.326764][ T9714] nbd: failed to add new device
[  122.814286][ T9742] block nbd0: Unsupported socket: shutdown callout must be supported.
[  122.842196][ T9744] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1064'.
[  122.842196][ T9745] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1064'.
[  122.979328][ T9756] delete_channel: no stack
[  123.026738][ T9758] wg1 speed is unknown, defaulting to 1000
[  123.197472][ T9770] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1073'.
[  123.447270][ T9778] netlink: 'syz.1.1076': attribute type 7 has an invalid length.
[  123.456829][ T9778] netlink: 'syz.1.1076': attribute type 8 has an invalid length.
[  123.545560][ T9782] tipc: Resetting bearer <eth:team0>
[  123.700132][ T9802] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1085'.
[  123.796180][ T9808] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.1088'.
[  123.944547][ T9821] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1093'.
[  123.957911][ T9821] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1093'.
[  124.052710][ T9827] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1096'.
[  124.342488][ T9859] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1108'.
[  124.373701][ T9861] syzkaller1: entered promiscuous mode
[  124.380379][ T9861] syzkaller1: entered allmulticast mode
[  124.447563][ T9869] netlink: 'syz.3.1113': attribute type 1 has an invalid length.
[  124.688771][ T9882] netlink: 'syz.3.1116': attribute type 1 has an invalid length.
[  125.671708][ T9955] wg1 speed is unknown, defaulting to 1000
[  125.752882][ T9960] 8021q: adding VLAN 0 to HW filter on device bond5
[  125.945215][ T9971] wg1 speed is unknown, defaulting to 1000
[  126.079581][ T9992] netlink: 'syz.2.1144': attribute type 10 has an invalid length.
[  126.330888][T10022] netlink: set zone limit has 4 unknown bytes
[  126.432471][T10033] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  126.623201][T10040] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  126.624680][T10046] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[  126.743257][T10053] netlink: 'syz.4.1161': attribute type 10 has an invalid length.
[  126.761495][T10048] wg1 speed is unknown, defaulting to 1000
[  127.224949][T10079] RDS: rds_bind could not find a transport for ::ffff:10.1.1.0, load rds_tcp or rds_rdma?
[  127.276280][T10083] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  127.386785][T10095] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  127.424297][T10095] syzkaller0: entered promiscuous mode
[  127.430415][T10095] syzkaller0: entered allmulticast mode
[  127.436021][T10103] netlink: 'syz.4.1179': attribute type 8 has an invalid length.
[  127.459232][T10095] tipc: Resetting bearer <eth:syzkaller0>
[  127.476808][T10094] tipc: Resetting bearer <eth:syzkaller0>
[  127.481442][T10105] netlink: 'syz.1.1181': attribute type 11 has an invalid length.
[  127.510548][T10094] tipc: Disabling bearer <eth:syzkaller0>
[  127.764148][T10133] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  128.097336][T10163] tipc: Enabling of bearer <et�:g> rejected, media not registered
[  128.117234][T10166] sctp: [Deprecated]: syz.4.1194 (pid 10166) Use of int in maxseg socket option.
[  128.117234][T10166] Use struct sctp_assoc_value instead
[  128.185593][T10170] __nla_validate_parse: 17 callbacks suppressed
[  128.185611][T10170] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1198'.
[  128.190036][T10172] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1199'.
[  128.211740][T10172] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1199'.
[  128.339580][T10178] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  128.543533][T10193] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  128.557586][T10195] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  128.565257][T10195] syzkaller0: entered promiscuous mode
[  128.572647][T10195] syzkaller0: entered allmulticast mode
[  128.635617][T10194] tipc: Resetting bearer <eth:syzkaller0>
[  128.657167][T10194] tipc: Disabling bearer <eth:syzkaller0>
[  128.819827][T10208] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1208'.
[  128.834921][T10208] IPVS: stopping master sync thread 10212 ...
[  129.049247][T10218] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1210'.
[  129.088889][T10214] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1209'.
[  129.161314][T10220] netlink: 'syz.4.1211': attribute type 6 has an invalid length.
[  129.232634][T10221] netlink: 'syz.4.1211': attribute type 6 has an invalid length.
[  129.732699][T10235] netlink: 'syz.0.1216': attribute type 1 has an invalid length.
[  129.779365][T10232] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1215'.
[  129.804577][T10239] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  130.029853][T10255] netlink: 'syz.1.1224': attribute type 2 has an invalid length.
[  130.050566][T10256] IPVS: set_ctl: invalid protocol: 4 0.0.0.0:20004
[  130.066670][T10250] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  130.209847][T10268] FAULT_INJECTION: forcing a failure.
[  130.209847][T10268] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.240416][T10268] CPU: 1 UID: 0 PID: 10268 Comm: syz.1.1229 Not tainted syzkaller #0 PREEMPT(full) 
[  130.240442][T10268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.240452][T10268] Call Trace:
[  130.240459][T10268]  <TASK>
[  130.240467][T10268]  dump_stack_lvl+0x189/0x250
[  130.240499][T10268]  ? __pfx____ratelimit+0x10/0x10
[  130.240522][T10268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.240542][T10268]  ? __pfx__printk+0x10/0x10
[  130.240562][T10268]  ? __might_fault+0xb0/0x130
[  130.240588][T10268]  ? rcu_is_watching+0x15/0xb0
[  130.240606][T10268]  should_fail_ex+0x414/0x560
[  130.240631][T10268]  _copy_from_user+0x2d/0xb0
[  130.240651][T10268]  ____sys_sendmsg+0x2fe/0x830
[  130.240672][T10268]  ? __pfx_____sys_sendmsg+0x10/0x10
[  130.240688][T10268]  ? __might_fault+0xb0/0x130
[  130.240712][T10268]  ? import_iovec+0x74/0xa0
[  130.240732][T10268]  ___sys_sendmsg+0x21f/0x2a0
[  130.240752][T10268]  ? __pfx____sys_sendmsg+0x10/0x10
[  130.240786][T10268]  ? __fget_files+0x2a/0x420
[  130.240801][T10268]  ? __fget_files+0x3a0/0x420
[  130.240821][T10268]  __x64_sys_sendmsg+0x19b/0x260
[  130.240839][T10268]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  130.240862][T10268]  ? __pfx_ksys_write+0x10/0x10
[  130.240882][T10268]  ? rcu_is_watching+0x15/0xb0
[  130.240901][T10268]  ? rcu_is_watching+0x15/0xb0
[  130.240919][T10268]  do_syscall_64+0xfa/0x3b0
[  130.240935][T10268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.240952][T10268]  ? clear_bhb_loop+0x60/0xb0
[  130.240970][T10268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.240986][T10268] RIP: 0033:0x7f2348b8ebe9
[  130.241006][T10268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.241022][T10268] RSP: 002b:00007f23499c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  130.241043][T10268] RAX: ffffffffffffffda RBX: 00007f2348db5fa0 RCX: 00007f2348b8ebe9
[  130.241056][T10268] RDX: 0000000024000044 RSI: 0000200000000040 RDI: 0000000000000003
[  130.241068][T10268] RBP: 00007f23499c6090 R08: 0000000000000000 R09: 0000000000000000
[  130.241080][T10268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.241090][T10268] R13: 00007f2348db6038 R14: 00007f2348db5fa0 R15: 00007ffe9b77dd48
[  130.241111][T10268]  </TASK>
[  130.630050][T10275] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1231'.
[  130.701120][T10284] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  130.869810][T10278] wg1 speed is unknown, defaulting to 1000
[  130.962069][T10308] FAULT_INJECTION: forcing a failure.
[  130.962069][T10308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.965487][T10307] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1239'.
[  130.975734][T10308] CPU: 1 UID: 0 PID: 10308 Comm: syz.4.1242 Not tainted syzkaller #0 PREEMPT(full) 
[  130.975758][T10308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.975770][T10308] Call Trace:
[  130.975778][T10308]  <TASK>
[  130.975787][T10308]  dump_stack_lvl+0x189/0x250
[  130.975820][T10308]  ? __pfx____ratelimit+0x10/0x10
[  130.975843][T10308]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.975861][T10308]  ? __pfx__printk+0x10/0x10
[  130.975881][T10308]  ? __might_fault+0xb0/0x130
[  130.975907][T10308]  ? rcu_is_watching+0x15/0xb0
[  130.975925][T10308]  should_fail_ex+0x414/0x560
[  130.975947][T10308]  _copy_from_iter+0x1db/0x16f0
[  130.975968][T10308]  ? snprintf+0xda/0x120
[  130.975986][T10308]  ? __pfx__copy_from_iter+0x10/0x10
[  130.976004][T10308]  ? rcu_is_watching+0x15/0xb0
[  130.976019][T10308]  ? aa_label_sk_perm+0x4cd/0x630
[  130.976045][T10308]  ping_v4_sendmsg+0x222/0x1750
[  130.976067][T10308]  ? tomoyo_check_inet_address+0x667/0x8c0
[  130.976087][T10308]  ? ip4_datagram_release_cb+0x82/0xbb0
[  130.976107][T10308]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[  130.976134][T10308]  ? ip4_datagram_release_cb+0x82/0xbb0
[  130.976153][T10308]  ? rcu_is_watching+0x15/0xb0
[  130.976169][T10308]  ? inet_sendmsg+0x14f/0x370
[  130.976189][T10308]  ? __local_bh_enable_ip+0x12d/0x1c0
[  130.976209][T10308]  ? inet_sendmsg+0x14f/0x370
[  130.976229][T10308]  ? inet_sendmsg+0x2f4/0x370
[  130.976250][T10308]  __sock_sendmsg+0x19c/0x270
[  130.976274][T10308]  ____sys_sendmsg+0x505/0x830
[  130.976293][T10308]  ? __pfx_____sys_sendmsg+0x10/0x10
[  130.976320][T10308]  ? __might_fault+0xb0/0x130
[  130.976344][T10308]  ? import_iovec+0x74/0xa0
[  130.976363][T10308]  ___sys_sendmsg+0x21f/0x2a0
[  130.976381][T10308]  ? __pfx____sys_sendmsg+0x10/0x10
[  130.976413][T10308]  ? __fget_files+0x2a/0x420
[  130.976427][T10308]  ? __fget_files+0x3a0/0x420
[  130.976445][T10308]  __x64_sys_sendmsg+0x19b/0x260
[  130.976464][T10308]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  130.976485][T10308]  ? __pfx_ksys_write+0x10/0x10
[  130.976504][T10308]  ? rcu_is_watching+0x15/0xb0
[  130.976522][T10308]  ? rcu_is_watching+0x15/0xb0
[  130.976539][T10308]  do_syscall_64+0xfa/0x3b0
[  130.976555][T10308]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.976571][T10308]  ? clear_bhb_loop+0x60/0xb0
[  130.976590][T10308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.976606][T10308] RIP: 0033:0x7efc6298ebe9
[  130.976621][T10308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.976635][T10308] RSP: 002b:00007efc637d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  130.976654][T10308] RAX: ffffffffffffffda RBX: 00007efc62bb5fa0 RCX: 00007efc6298ebe9
[  130.976667][T10308] RDX: 0000000024000044 RSI: 0000200000000040 RDI: 0000000000000003
[  130.976678][T10308] RBP: 00007efc637d9090 R08: 0000000000000000 R09: 0000000000000000
[  130.976690][T10308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.976700][T10308] R13: 00007efc62bb6038 R14: 00007efc62bb5fa0 R15: 00007fffa3c5edd8
[  130.976719][T10308]  </TASK>
[  131.221589][T10312] netlink: 'syz.1.1239': attribute type 15 has an invalid length.
[  131.260252][T10307] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1239'.
[  131.298836][T10312] netlink: 'syz.1.1239': attribute type 17 has an invalid length.
[  131.483778][T10312] tipc: Resetting bearer <eth:team0>
[  131.658378][T10327] wg1 speed is unknown, defaulting to 1000
[  131.761687][T10337] FAULT_INJECTION: forcing a failure.
[  131.761687][T10337] name failslab, interval 1, probability 0, space 0, times 0
[  131.778537][T10337] CPU: 1 UID: 0 PID: 10337 Comm: syz.0.1252 Not tainted syzkaller #0 PREEMPT(full) 
[  131.778560][T10337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  131.778571][T10337] Call Trace:
[  131.778577][T10337]  <TASK>
[  131.778584][T10337]  dump_stack_lvl+0x189/0x250
[  131.778610][T10337]  ? __pfx____ratelimit+0x10/0x10
[  131.778633][T10337]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.778653][T10337]  ? __pfx__printk+0x10/0x10
[  131.778675][T10337]  ? __pfx___might_resched+0x10/0x10
[  131.778690][T10337]  ? lock_acquire+0x5f/0x360
[  131.778712][T10337]  should_fail_ex+0x414/0x560
[  131.778735][T10337]  should_failslab+0xa8/0x100
[  131.778758][T10337]  __kmalloc_noprof+0xcb/0x4f0
[  131.778780][T10337]  ? ip_options_get+0x51/0x4c0
[  131.778799][T10337]  ip_options_get+0x51/0x4c0
[  131.778819][T10337]  ip_cmsg_send+0x591/0xa70
[  131.778845][T10337]  ping_v4_sendmsg+0x5d6/0x1750
[  131.778871][T10337]  ? ip4_datagram_release_cb+0x82/0xbb0
[  131.778890][T10337]  ? __pfx_ping_v4_sendmsg+0x10/0x10
[  131.778916][T10337]  ? ip4_datagram_release_cb+0x82/0xbb0
[  131.778936][T10337]  ? rcu_is_watching+0x15/0xb0
[  131.778953][T10337]  ? inet_sendmsg+0x14f/0x370
[  131.778973][T10337]  ? __local_bh_enable_ip+0x12d/0x1c0
[  131.779002][T10337]  ? inet_sendmsg+0x14f/0x370
[  131.779022][T10337]  ? inet_sendmsg+0x2f4/0x370
[  131.779048][T10337]  __sock_sendmsg+0x19c/0x270
[  131.779071][T10337]  ____sys_sendmsg+0x505/0x830
[  131.779090][T10337]  ? __pfx_____sys_sendmsg+0x10/0x10
[  131.779107][T10337]  ? __might_fault+0xb0/0x130
[  131.779131][T10337]  ? import_iovec+0x74/0xa0
[  131.779151][T10337]  ___sys_sendmsg+0x21f/0x2a0
[  131.779169][T10337]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.779202][T10337]  ? __fget_files+0x2a/0x420
[  131.779217][T10337]  ? __fget_files+0x3a0/0x420
[  131.779236][T10337]  __x64_sys_sendmsg+0x19b/0x260
[  131.779255][T10337]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  131.779276][T10337]  ? __pfx_ksys_write+0x10/0x10
[  131.779295][T10337]  ? rcu_is_watching+0x15/0xb0
[  131.779313][T10337]  ? rcu_is_watching+0x15/0xb0
[  131.779331][T10337]  do_syscall_64+0xfa/0x3b0
[  131.779347][T10337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.779364][T10337]  ? clear_bhb_loop+0x60/0xb0
[  131.779382][T10337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.779399][T10337] RIP: 0033:0x7fcc9ab8ebe9
[  131.779412][T10337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.779428][T10337] RSP: 002b:00007fcc9bae3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.779448][T10337] RAX: ffffffffffffffda RBX: 00007fcc9adb5fa0 RCX: 00007fcc9ab8ebe9
[  131.779462][T10337] RDX: 0000000024000044 RSI: 0000200000000040 RDI: 0000000000000003
[  131.779474][T10337] RBP: 00007fcc9bae3090 R08: 0000000000000000 R09: 0000000000000000
[  131.779485][T10337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.779496][T10337] R13: 00007fcc9adb6038 R14: 00007fcc9adb5fa0 R15: 00007ffe9ada6918
[  131.779516][T10337]  </TASK>
[  132.385735][T10356] sctp: [Deprecated]: syz.0.1258 (pid 10356) Use of int in maxseg socket option.
[  132.385735][T10356] Use struct sctp_assoc_value instead
[  132.444827][T10357] netlink: 'syz.1.1257': attribute type 4 has an invalid length.
[  132.607431][T10370] FAULT_INJECTION: forcing a failure.
[  132.607431][T10370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.634539][T10370] CPU: 0 UID: 0 PID: 10370 Comm: syz.3.1262 Not tainted syzkaller #0 PREEMPT(full) 
[  132.634565][T10370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.634575][T10370] Call Trace:
[  132.634581][T10370]  <TASK>
[  132.634589][T10370]  dump_stack_lvl+0x189/0x250
[  132.634613][T10370]  ? __pfx____ratelimit+0x10/0x10
[  132.634636][T10370]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.634654][T10370]  ? __pfx__printk+0x10/0x10
[  132.634690][T10370]  ? rcu_is_watching+0x15/0xb0
[  132.634708][T10370]  should_fail_ex+0x414/0x560
[  132.634730][T10370]  _copy_to_user+0x31/0xb0
[  132.634750][T10370]  simple_read_from_buffer+0xe1/0x170
[  132.634774][T10370]  proc_fail_nth_read+0x1b3/0x220
[  132.634793][T10370]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.634812][T10370]  ? rw_verify_area+0x2a6/0x4d0
[  132.634832][T10370]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.634849][T10370]  vfs_read+0x1fd/0xa30
[  132.634868][T10370]  ? fdget_pos+0x247/0x320
[  132.634884][T10370]  ? __pfx___mutex_lock+0x10/0x10
[  132.634907][T10370]  ? __pfx_vfs_read+0x10/0x10
[  132.634929][T10370]  ? __fget_files+0x3a0/0x420
[  132.634942][T10370]  ? __fget_files+0x2a/0x420
[  132.634959][T10370]  ksys_read+0x145/0x250
[  132.634980][T10370]  ? __pfx_ksys_read+0x10/0x10
[  132.634998][T10370]  ? rcu_is_watching+0x15/0xb0
[  132.635015][T10370]  ? rcu_is_watching+0x15/0xb0
[  132.635038][T10370]  do_syscall_64+0xfa/0x3b0
[  132.635054][T10370]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.635070][T10370]  ? clear_bhb_loop+0x60/0xb0
[  132.635088][T10370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.635104][T10370] RIP: 0033:0x7fa7f458d5fc
[  132.635119][T10370] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  132.635134][T10370] RSP: 002b:00007fa7f5316030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  132.635153][T10370] RAX: ffffffffffffffda RBX: 00007fa7f47b5fa0 RCX: 00007fa7f458d5fc
[  132.635169][T10370] RDX: 000000000000000f RSI: 00007fa7f53160a0 RDI: 0000000000000004
[  132.635181][T10370] RBP: 00007fa7f5316090 R08: 0000000000000000 R09: 0000000000000000
[  132.635191][T10370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.635201][T10370] R13: 00007fa7f47b6038 R14: 00007fa7f47b5fa0 R15: 00007ffdf13c6df8
[  132.635220][T10370]  </TASK>
[  132.914283][T10376] FAULT_INJECTION: forcing a failure.
[  132.914283][T10376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.927736][T10376] CPU: 0 UID: 0 PID: 10376 Comm: syz.4.1264 Not tainted syzkaller #0 PREEMPT(full) 
[  132.927761][T10376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.927771][T10376] Call Trace:
[  132.927777][T10376]  <TASK>
[  132.927784][T10376]  dump_stack_lvl+0x189/0x250
[  132.927808][T10376]  ? __pfx____ratelimit+0x10/0x10
[  132.927831][T10376]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.927850][T10376]  ? __pfx__printk+0x10/0x10
[  132.927872][T10376]  ? rcu_is_watching+0x15/0xb0
[  132.927890][T10376]  should_fail_ex+0x414/0x560
[  132.927913][T10376]  _copy_to_user+0x31/0xb0
[  132.927934][T10376]  simple_read_from_buffer+0xe1/0x170
[  132.927960][T10376]  proc_fail_nth_read+0x1b3/0x220
[  132.927981][T10376]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.928000][T10376]  ? rw_verify_area+0x2a6/0x4d0
[  132.928019][T10376]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.928038][T10376]  vfs_read+0x1fd/0xa30
[  132.928056][T10376]  ? fdget_pos+0x247/0x320
[  132.928073][T10376]  ? __pfx___mutex_lock+0x10/0x10
[  132.928097][T10376]  ? __pfx_vfs_read+0x10/0x10
[  132.928120][T10376]  ? __fget_files+0x3a0/0x420
[  132.928135][T10376]  ? __fget_files+0x2a/0x420
[  132.928153][T10376]  ksys_read+0x145/0x250
[  132.928174][T10376]  ? __pfx_ksys_read+0x10/0x10
[  132.928193][T10376]  ? rcu_is_watching+0x15/0xb0
[  132.928212][T10376]  ? rcu_is_watching+0x15/0xb0
[  132.928236][T10376]  do_syscall_64+0xfa/0x3b0
[  132.928253][T10376]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.928270][T10376]  ? clear_bhb_loop+0x60/0xb0
[  132.928288][T10376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.928305][T10376] RIP: 0033:0x7efc6298d5fc
[  132.928322][T10376] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  132.928337][T10376] RSP: 002b:00007efc637d9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  132.928357][T10376] RAX: ffffffffffffffda RBX: 00007efc62bb5fa0 RCX: 00007efc6298d5fc
[  132.928370][T10376] RDX: 000000000000000f RSI: 00007efc637d90a0 RDI: 0000000000000004
[  132.928382][T10376] RBP: 00007efc637d9090 R08: 0000000000000000 R09: 0000000000000000
[  132.928393][T10376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.928403][T10376] R13: 00007efc62bb6038 R14: 00007efc62bb5fa0 R15: 00007fffa3c5edd8
[  132.928423][T10376]  </TASK>
[  133.296799][T10392] wg1 speed is unknown, defaulting to 1000
[  133.402346][T10398] __nla_validate_parse: 6 callbacks suppressed
[  133.402363][T10398] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1271'.
[  133.637446][T10416] netlink: 'syz.3.1278': attribute type 30 has an invalid length.
[  133.647661][T10416] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1278'.
[  133.658089][T10416] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4)
[  133.814520][T10433] netlink: 'syz.0.1282': attribute type 12 has an invalid length.
[  133.843980][T10433] xt_socket: unknown flags 0x50
[  133.960007][T10439] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1283'.
[  134.033918][T10441] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1285'.
[  134.061147][T10441] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  134.073457][T10441] openvswitch: netlink: Message has 1 unknown bytes.
[  134.120979][T10445] wg1 speed is unknown, defaulting to 1000
[  134.372428][T10468] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1291'.
[  134.389753][T10469] 8021q: adding VLAN 0 to HW filter on device batadv1
[  134.397531][T10469] team0: Failed to send port change of device batadv1 via netlink (err -105)
[  134.407862][T10469] team0: Failed to send options change via netlink (err -105)
[  134.416136][T10469] team0: Port device batadv1 added
[  134.451777][T10472] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1294'.
[  134.504431][T10472] nbd: socks must be embedded in a SOCK_ITEM attr
[  134.734950][T10484] IPVS: Scheduler module ip_vs_sip not found
[  134.872044][T10487] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1297'.
[  134.954980][T10499] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1299'.
[  135.017352][T10501] rdma_op ffff8880245189f0 conn xmit_rdma 0000000000000000
[  135.168668][   T51] Bluetooth: hci4: command 0x0405 tx timeout
[  135.491578][T10532] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1313'.
[  135.493296][T10535] ip6_vti0: entered allmulticast mode
[  135.507866][T10542] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1317'.
[  135.508079][T10541] netlink: 'syz.2.1314': attribute type 10 has an invalid length.
[  135.517137][T10536] netlink: 'syz.2.1314': attribute type 10 has an invalid length.
[  135.534793][T10538] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  135.550057][T10536] netlink: 'syz.2.1314': attribute type 10 has an invalid length.
[  135.568293][T10536] batadv0: entered promiscuous mode
[  135.582482][T10536] batadv0: entered allmulticast mode
[  135.590700][T10536] bond0: (slave batadv0): Releasing backup interface
[  135.608150][T10536] bridge0: port 1(batadv0) entered blocking state
[  135.615511][T10536] bridge0: port 1(batadv0) entered disabled state
[  135.629412][T10548] bridge2: entered promiscuous mode
[  135.645435][T10535] dvmrp8: entered allmulticast mode
[  135.935838][T10535] wg1 speed is unknown, defaulting to 1000
[  135.939378][T10568] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  135.958969][ T6837] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  135.968365][ T6837] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  135.979824][T10568] syzkaller0: entered promiscuous mode
[  135.996835][T10568] syzkaller0: entered allmulticast mode
[  136.135795][T10568] tipc: Resetting bearer <eth:syzkaller0>
[  136.147353][T10568] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.155548][T10568] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.193228][T10567] tipc: Resetting bearer <eth:syzkaller0>
[  136.283617][T10567] tipc: Disabling bearer <eth:syzkaller0>
[  136.299281][T10581] netlink: 'syz.2.1327': attribute type 13 has an invalid length.
[  136.307514][T10581] netlink: 'syz.2.1327': attribute type 17 has an invalid length.
[  136.334325][T10580] netlink: 'syz.0.1329': attribute type 1 has an invalid length.
[  136.420652][T10581] dummy0: left promiscuous mode
[  136.436240][T10581] dummy0: left allmulticast mode
[  136.461318][T10581] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  136.529395][T10581] bond1: left promiscuous mode
[  136.539346][T10581] vxcan3: left promiscuous mode
[  136.561810][T10533] ip6_vti0: left allmulticast mode
[  136.570123][T10533] dvmrp8: left allmulticast mode
[  136.625542][T10587] pim6reg: entered allmulticast mode
[  136.636961][T10588] pim6reg: left allmulticast mode
[  136.687297][T10594] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  136.687380][T10578] wg1 speed is unknown, defaulting to 1000
[  136.787971][T10605] netlink: 'syz.3.1344': attribute type 1 has an invalid length.
[  136.907035][T10613] FAULT_INJECTION: forcing a failure.
[  136.907035][T10613] name failslab, interval 1, probability 0, space 0, times 0
[  136.931003][T10613] CPU: 1 UID: 0 PID: 10613 Comm: syz.0.1336 Not tainted syzkaller #0 PREEMPT(full) 
[  136.931026][T10613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  136.931035][T10613] Call Trace:
[  136.931042][T10613]  <TASK>
[  136.931049][T10613]  dump_stack_lvl+0x189/0x250
[  136.931073][T10613]  ? __pfx____ratelimit+0x10/0x10
[  136.931096][T10613]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.931114][T10613]  ? __pfx__printk+0x10/0x10
[  136.931134][T10613]  ? fs_reclaim_acquire+0x7d/0x100
[  136.931157][T10613]  ? rcu_is_watching+0x15/0xb0
[  136.931172][T10613]  ? __pfx___might_resched+0x10/0x10
[  136.931186][T10613]  ? lock_acquire+0x5f/0x360
[  136.931207][T10613]  should_fail_ex+0x414/0x560
[  136.931228][T10613]  should_failslab+0xa8/0x100
[  136.931250][T10613]  __kmalloc_noprof+0xcb/0x4f0
[  136.931269][T10613]  ? skcipher_recvmsg+0xc6/0x11c0
[  136.931310][T10613]  ? sock_kmalloc+0xd6/0x160
[  136.931328][T10613]  sock_kmalloc+0xd6/0x160
[  136.931346][T10613]  af_alg_alloc_areq+0x8d/0x260
[  136.931373][T10613]  skcipher_recvmsg+0x356/0x11c0
[  136.931394][T10613]  ? aa_sk_perm+0x81e/0x950
[  136.931421][T10613]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  136.931440][T10613]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  136.931457][T10613]  ? security_socket_recvmsg+0x7e/0x2e0
[  136.931476][T10613]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  136.931496][T10613]  sock_recvmsg+0x22c/0x270
[  136.931518][T10613]  ____sys_recvmsg+0x1c9/0x460
[  136.931539][T10613]  ? __pfx_____sys_recvmsg+0x10/0x10
[  136.931563][T10613]  ? import_iovec+0x74/0xa0
[  136.931583][T10613]  ___sys_recvmsg+0x1b5/0x510
[  136.931599][T10613]  ? get_pid_task+0x20/0x1f0
[  136.931621][T10613]  ? __pfx____sys_recvmsg+0x10/0x10
[  136.931641][T10613]  ? __fget_files+0x2a/0x420
[  136.931655][T10613]  ? rcu_is_watching+0x15/0xb0
[  136.931677][T10613]  ? __fget_files+0x3a0/0x420
[  136.931696][T10613]  __x64_sys_recvmsg+0x198/0x260
[  136.931713][T10613]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  136.931732][T10613]  ? __pfx_ksys_write+0x10/0x10
[  136.931752][T10613]  ? rcu_is_watching+0x15/0xb0
[  136.931770][T10613]  ? rcu_is_watching+0x15/0xb0
[  136.931787][T10613]  do_syscall_64+0xfa/0x3b0
[  136.931802][T10613]  ? rcu_is_watching+0x15/0xb0
[  136.931816][T10613]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.931831][T10613]  ? clear_bhb_loop+0x60/0xb0
[  136.931849][T10613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.931864][T10613] RIP: 0033:0x7fcc9ab8ebe9
[  136.931879][T10613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.931894][T10613] RSP: 002b:00007fcc9bae3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  136.931913][T10613] RAX: ffffffffffffffda RBX: 00007fcc9adb5fa0 RCX: 00007fcc9ab8ebe9
[  136.931926][T10613] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000009
[  136.931937][T10613] RBP: 00007fcc9bae3090 R08: 0000000000000000 R09: 0000000000000000
[  136.931947][T10613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.931957][T10613] R13: 00007fcc9adb6038 R14: 00007fcc9adb5fa0 R15: 00007ffe9ada6918
[  136.931977][T10613]  </TASK>
[  137.324142][T10621] netlink: 'syz.4.1339': attribute type 13 has an invalid length.
[  137.392053][T10621] netlink: 'syz.4.1339': attribute type 17 has an invalid length.
[  137.500783][T10629] netlink: 'syz.3.1341': attribute type 1 has an invalid length.
[  137.558455][T10629] 8021q: adding VLAN 0 to HW filter on device bond5
[  137.668752][T10621] ip6gretap0: left promiscuous mode
[  137.676200][T10621] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.685469][T10621] 8021q: adding VLAN 0 to HW filter on device team0
[  137.715617][T10621] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  137.765429][T10632] ipvlan2: entered allmulticast mode
[  137.793821][T10632] bond5: entered allmulticast mode
[  137.865348][T10629] bond5: (slave gretap1): making interface the new active one
[  137.908921][T10629] gretap1: entered allmulticast mode
[  137.915424][T10629] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  137.919166][T10620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.991982][T10652] tun0: tun_chr_ioctl cmd 2148553947
[  138.014142][T10652] tun0: tun_chr_ioctl cmd 1074025673
[  138.014165][T10627] wg1 speed is unknown, defaulting to 1000
[  138.020429][T10654] tun0: tun_chr_ioctl cmd 2148553947
[  138.573594][T10674] team0: Port device batadv1 removed
[  138.581200][T10674] bond5: (slave gretap1): Releasing active interface
[  138.588082][T10674] gretap1: left allmulticast mode
[  138.635678][T10676] wg1 speed is unknown, defaulting to 1000
[  138.802412][T10685] wg1 speed is unknown, defaulting to 1000
[  138.877349][T10695] syz_tun: entered allmulticast mode
[  138.913205][T10695] dvmrp8: entered allmulticast mode
[  139.121653][T10709] FAULT_INJECTION: forcing a failure.
[  139.121653][T10709] name failslab, interval 1, probability 0, space 0, times 0
[  139.135513][T10709] CPU: 1 UID: 0 PID: 10709 Comm: syz.1.1367 Not tainted syzkaller #0 PREEMPT(full) 
[  139.135538][T10709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  139.135549][T10709] Call Trace:
[  139.135556][T10709]  <TASK>
[  139.135563][T10709]  dump_stack_lvl+0x189/0x250
[  139.135588][T10709]  ? __pfx____ratelimit+0x10/0x10
[  139.135611][T10709]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.135630][T10709]  ? __pfx__printk+0x10/0x10
[  139.135653][T10709]  ? __pfx___might_resched+0x10/0x10
[  139.135670][T10709]  ? lock_acquire+0x5f/0x360
[  139.135694][T10709]  should_fail_ex+0x414/0x560
[  139.135717][T10709]  should_failslab+0xa8/0x100
[  139.135742][T10709]  __kmalloc_noprof+0xcb/0x4f0
[  139.135763][T10709]  ? sock_kmalloc+0xd6/0x160
[  139.135784][T10709]  sock_kmalloc+0xd6/0x160
[  139.135803][T10709]  skcipher_recvmsg+0x55c/0x11c0
[  139.135834][T10709]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  139.135856][T10709]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  139.135874][T10709]  ? security_socket_recvmsg+0x7e/0x2e0
[  139.135894][T10709]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  139.135914][T10709]  sock_recvmsg+0x22c/0x270
[  139.135937][T10709]  ____sys_recvmsg+0x1c9/0x460
[  139.135959][T10709]  ? __pfx_____sys_recvmsg+0x10/0x10
[  139.135984][T10709]  ? import_iovec+0x74/0xa0
[  139.136004][T10709]  ___sys_recvmsg+0x1b5/0x510
[  139.136022][T10709]  ? get_pid_task+0x20/0x1f0
[  139.136043][T10709]  ? __pfx____sys_recvmsg+0x10/0x10
[  139.136064][T10709]  ? __fget_files+0x2a/0x420
[  139.136078][T10709]  ? rcu_is_watching+0x15/0xb0
[  139.136103][T10709]  ? __fget_files+0x3a0/0x420
[  139.136122][T10709]  __x64_sys_recvmsg+0x198/0x260
[  139.136142][T10709]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  139.136164][T10709]  ? __pfx_ksys_write+0x10/0x10
[  139.136183][T10709]  ? rcu_is_watching+0x15/0xb0
[  139.136202][T10709]  ? rcu_is_watching+0x15/0xb0
[  139.136220][T10709]  do_syscall_64+0xfa/0x3b0
[  139.136236][T10709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.136253][T10709]  ? clear_bhb_loop+0x60/0xb0
[  139.136271][T10709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.136288][T10709] RIP: 0033:0x7f2348b8ebe9
[  139.136304][T10709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.136319][T10709] RSP: 002b:00007f23499c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  139.136338][T10709] RAX: ffffffffffffffda RBX: 00007f2348db5fa0 RCX: 00007f2348b8ebe9
[  139.136350][T10709] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000009
[  139.136360][T10709] RBP: 00007f23499c6090 R08: 0000000000000000 R09: 0000000000000000
[  139.136369][T10709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.136377][T10709] R13: 00007f2348db6038 R14: 00007f2348db5fa0 R15: 00007ffe9b77dd48
[  139.136391][T10709]  </TASK>
[  139.422546][T10695] wg1 speed is unknown, defaulting to 1000
[  139.513327][T10694] syz_tun: left allmulticast mode
[  139.518490][T10694] dvmrp8: left allmulticast mode
[  139.673721][T10720] __nla_validate_parse: 6 callbacks suppressed
[  139.673739][T10720] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1369'.
[  139.855405][T10722] : entered promiscuous mode
[  139.991359][T10730] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  140.002926][T10730] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  140.033383][T10733] pim6reg1: entered promiscuous mode
[  140.040487][T10733] pim6reg1: entered allmulticast mode
[  140.192058][T10747] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  140.352472][T10759] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1383'.
[  140.387896][T10759] ipvlan2: entered promiscuous mode
[  140.682096][T10790] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  140.856039][T10804] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1396'.
[  140.867394][T10804] validate_nla: 1 callbacks suppressed
[  140.867410][T10804] netlink: 'syz.3.1396': attribute type 4 has an invalid length.
[  140.892266][T10798] syzkaller1: entered allmulticast mode
[  140.914725][T10798] netlink: 'syz.0.1395': attribute type 4 has an invalid length.
[  140.927859][T10806] syzkaller1: entered promiscuous mode
[  140.934838][T10806] syzkaller1: entered allmulticast mode
[  140.943999][T10804] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1396'.
[  141.267595][T10817] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1401'.
[  141.366800][T10819] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1402'.
[  141.381533][T10819] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1402'.
[  141.606601][T10828] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  141.617629][T10834] FAULT_INJECTION: forcing a failure.
[  141.617629][T10834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.652304][T10834] CPU: 0 UID: 0 PID: 10834 Comm: syz.2.1408 Not tainted syzkaller #0 PREEMPT(full) 
[  141.652326][T10834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.652335][T10834] Call Trace:
[  141.652341][T10834]  <TASK>
[  141.652348][T10834]  dump_stack_lvl+0x189/0x250
[  141.652371][T10834]  ? __pfx____ratelimit+0x10/0x10
[  141.652394][T10834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.652410][T10834]  ? __pfx__printk+0x10/0x10
[  141.652433][T10834]  ? rcu_is_watching+0x15/0xb0
[  141.652451][T10834]  should_fail_ex+0x414/0x560
[  141.652473][T10834]  _copy_to_user+0x31/0xb0
[  141.652491][T10834]  simple_read_from_buffer+0xe1/0x170
[  141.652515][T10834]  proc_fail_nth_read+0x1b3/0x220
[  141.652534][T10834]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.652553][T10834]  ? rw_verify_area+0x2a6/0x4d0
[  141.652573][T10834]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.652592][T10834]  vfs_read+0x1fd/0xa30
[  141.652612][T10834]  ? fdget_pos+0x247/0x320
[  141.652628][T10834]  ? __pfx___mutex_lock+0x10/0x10
[  141.652653][T10834]  ? __pfx_vfs_read+0x10/0x10
[  141.652675][T10834]  ? __fget_files+0x3a0/0x420
[  141.652689][T10834]  ? __fget_files+0x2a/0x420
[  141.652707][T10834]  ksys_read+0x145/0x250
[  141.652728][T10834]  ? __pfx_ksys_read+0x10/0x10
[  141.652748][T10834]  ? rcu_is_watching+0x15/0xb0
[  141.652766][T10834]  ? rcu_is_watching+0x15/0xb0
[  141.652784][T10834]  do_syscall_64+0xfa/0x3b0
[  141.652801][T10834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.652817][T10834]  ? clear_bhb_loop+0x60/0xb0
[  141.652836][T10834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.652852][T10834] RIP: 0033:0x7f5007f8d5fc
[  141.652868][T10834] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  141.652883][T10834] RSP: 002b:00007f5008d26030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  141.652902][T10834] RAX: ffffffffffffffda RBX: 00007f50081b5fa0 RCX: 00007f5007f8d5fc
[  141.652915][T10834] RDX: 000000000000000f RSI: 00007f5008d260a0 RDI: 000000000000000a
[  141.652926][T10834] RBP: 00007f5008d26090 R08: 0000000000000000 R09: 0000000000000000
[  141.652937][T10834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.652948][T10834] R13: 00007f50081b6038 R14: 00007f50081b5fa0 R15: 00007ffe370851d8
[  141.652967][T10834]  </TASK>
[  142.006241][T10842] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1409'.
[  142.059753][T10841] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1411'.
[  142.070791][   T51] Bluetooth: hci4: link tx timeout
[  142.076044][   T51] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  142.084171][   T51] Bluetooth: hci4: link tx timeout
[  142.091385][   T51] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  142.131340][T10844] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1412'.
[  142.619252][T10880] tap0: tun_chr_ioctl cmd 1074025680
[  142.625347][T10880] netlink: 'syz.3.1426': attribute type 10 has an invalid length.
[  142.648701][T10882] netlink: 'syz.3.1426': attribute type 10 has an invalid length.
[  143.171789][T10922] openvswitch: netlink: EtherType 0 is less than min 600
[  143.240436][T10927] netlink: 'syz.3.1441': attribute type 5 has an invalid length.
[  143.366002][T10937] syzkaller0: entered promiscuous mode
[  143.383237][T10937] syzkaller0: entered allmulticast mode
[  144.124495][T10984] !
: renamed from dummy0 (while UP)
[  144.158959][   T51] Bluetooth: hci4: command 0x0405 tx timeout
[  144.311662][T11001] wg1 speed is unknown, defaulting to 1000
[  144.605915][T11027] batadv0: left allmulticast mode
[  144.611432][T11027] batadv0: left promiscuous mode
[  144.619358][T11027] bridge0: port 1(batadv0) entered disabled state
[  144.668932][T11027] bond1: (slave vxcan3): Releasing backup interface
[  144.715480][T11027] bond3: (slave bridge2): Releasing backup interface
[  144.980237][T11026] wg1 speed is unknown, defaulting to 1000
[  145.123950][ T8524] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  145.132496][ T8524] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  145.141907][ T8524] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  145.150451][ T8524] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  145.317588][T11065] __nla_validate_parse: 11 callbacks suppressed
[  145.317607][T11065] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1477'.
[  145.472621][T11069] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1479'.
[  145.791566][T11078] wg1 speed is unknown, defaulting to 1000
[  145.796339][T11101] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1485'.
[  145.937721][T11110] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1488'.
[  146.000493][T11116] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1489'.
[  146.086715][T11125] netlink: 'syz.4.1490': attribute type 10 has an invalid length.
[  146.220311][   T51] Bluetooth: hci4: command 0x0405 tx timeout
[  146.305622][T11148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1499'.
[  146.317914][T11147] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1500'.
[  146.341565][T11147] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1500'.
[  146.351305][T11147] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1500'.
[  146.360899][T11147] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1500'.
[  146.416984][T11147] wg1 speed is unknown, defaulting to 1000
[  146.833238][T11171] vlan0: entered promiscuous mode
[  146.847744][T11171] rdma_rxe: rxe_newlink: failed to add lo
[  147.055600][T11188] wg1 speed is unknown, defaulting to 1000
[  147.144060][T11199] netlink: 'syz.3.1514': attribute type 9 has an invalid length.
[  147.155992][T11194] wg1 speed is unknown, defaulting to 1000
[  147.295989][T11204] IPVS: set_ctl: invalid protocol: 50 224.0.0.1:20001
[  147.603083][T11225] netlink: 'syz.1.1520': attribute type 10 has an invalid length.
[  147.718447][T11235] netlink: 'syz.1.1524': attribute type 21 has an invalid length.
[  147.758958][ T8540] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  147.778306][ T8540] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  147.797096][ T8540] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  147.809659][T11236] openvswitch: netlink: Flow key attr not present in new flow.
[  147.847799][ T8540] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  147.900186][T11247] wg1 speed is unknown, defaulting to 1000
[  147.992531][T11249] netlink: del zone limit has 4 unknown bytes
[  148.375780][T11283] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  148.444082][T11283] syzkaller0: entered promiscuous mode
[  148.450061][T11283] syzkaller0: entered allmulticast mode
[  148.489481][T11282] tipc: Resetting bearer <eth:syzkaller0>
[  148.616726][T11282] tipc: Disabling bearer <eth:syzkaller0>
[  148.653167][T11292] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  148.664401][ T8712] IPVS: starting estimator thread 0...
[  148.701174][T11301] macvlan2: entered allmulticast mode
[  148.706844][T11301] ip6gretap0: entered allmulticast mode
[  148.737962][T11301] ip6gretap0: left allmulticast mode
[  148.753074][T11304] netlink: 'syz.1.1544': attribute type 1 has an invalid length.
[  148.768914][T11298] IPVS: using max 51 ests per chain, 122400 per kthread
[  148.788789][T11305] tap0: tun_chr_ioctl cmd 1074025677
[  148.794652][T11305] tap0: linktype set to 800
[  148.972168][T11323] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  149.121756][T11335] bridge_slave_0: left allmulticast mode
[  149.127601][T11335] bridge_slave_0: left promiscuous mode
[  149.138939][T11335] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.166955][T11335] bridge_slave_1: left allmulticast mode
[  149.198217][T11335] bridge_slave_1: left promiscuous mode
[  149.208992][T11335] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.227455][T11335] bond0: (slave bond_slave_0): Releasing backup interface
[  149.249556][T11335] bond_slave_0: left promiscuous mode
[  149.260975][T11335] bond0: (slave bond_slave_1): Releasing backup interface
[  149.268756][T11347] netlink: 'syz.2.1558': attribute type 3 has an invalid length.
[  149.276982][T11335] bond_slave_1: left promiscuous mode
[  149.285916][T11335] team_slave_0: left promiscuous mode
[  149.292723][T11347] netlink: 'syz.2.1558': attribute type 1 has an invalid length.
[  149.311181][T11335] team0: Port device team_slave_0 removed
[  149.317620][T11335] team_slave_1: left promiscuous mode
[  149.335354][T11335] team0: Port device team_slave_1 removed
[  149.342305][T11335] batman_adv: batadv0: Removing interface: batadv_slave_0
[  149.354205][T11335] batman_adv: batadv0: Removing interface: batadv_slave_1
[  149.371777][T11335] bond2: (slave bridge2): Removing an active aggregator
[  149.399992][T11335] bond2: (slave bridge2): Releasing backup interface
[  149.423568][T11335] bridge2: left promiscuous mode
[  149.429000][T11335] bridge2: left allmulticast mode
[  149.436564][T11335] bond0: (slave bond3): Releasing backup interface
[  149.444513][T11335] bond3: left promiscuous mode
[  149.452155][T11335] bond4: (slave geneve2): Releasing active interface
[  149.606032][T11365] 8021q: adding VLAN 0 to HW filter on device bond4
[  149.644942][T11365] bond0: (slave bond4): Enslaving as an active interface with an up link
[  150.514429][T11412] __nla_validate_parse: 25 callbacks suppressed
[  150.514447][T11412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1575'.
[  150.537992][T11410] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  150.843652][T11418] wg1 speed is unknown, defaulting to 1000
[  150.889798][T11419] geneve2: entered promiscuous mode
[  150.905341][T11419] geneve2: entered allmulticast mode
[  150.972510][T11422] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1578'.
[  151.088118][T11428] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.095796][T11428] syzkaller0: entered promiscuous mode
[  151.101447][T11428] syzkaller0: entered allmulticast mode
[  151.147156][T11428] tipc: Resetting bearer <eth:syzkaller0>
[  151.157512][T11427] tipc: Resetting bearer <eth:syzkaller0>
[  151.178330][T11427] tipc: Disabling bearer <eth:syzkaller0>
[  151.178938][T11430] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  151.328414][T11438] wg1 speed is unknown, defaulting to 1000
[  151.400003][T11441] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  151.782468][T11464] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  151.916771][T11466] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  151.945230][T11475] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1589'.
[  151.998706][T11478] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1590'.
[  152.016963][T11478] netlink: 'syz.4.1590': attribute type 1 has an invalid length.
[  152.380294][T11450] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  152.386240][T11450] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  152.495434][T11450] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  152.510428][T11450] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  152.536098][T11521] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  152.591045][T11527] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1603'.
[  152.604142][T11450] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  152.615180][T11450] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  152.671543][T11450] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  152.682210][T11450] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  152.714603][T11538] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1606'.
[  152.724403][T11538] openvswitch: netlink: Flow key attr not present in new flow.
[  152.741212][T11540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1607'.
[  153.134670][T11575] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  153.138096][T11567] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1615'.
[  153.163130][T11577] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  153.227953][T11573] pimreg: entered allmulticast mode
[  153.258084][T11573] pimreg: left allmulticast mode
[  153.530431][T11597] wg1 speed is unknown, defaulting to 1000
[  153.672038][T11618] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1629'.
[  153.814897][T11626] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1632'.
[  153.860261][T11629] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  153.949299][ T8713] IPVS: starting estimator thread 0...
[  153.957734][T11632] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  154.008321][T11646] tipc: Resetting bearer <eth:team0>
[  154.049434][T11643] IPVS: using max 51 ests per chain, 122400 per kthread
[  154.197615][T11651] team0: Mode changed to "loadbalance"
[  154.333376][T11672] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  154.370397][T11672] syzkaller0: entered promiscuous mode
[  154.376277][T11672] syzkaller0: entered allmulticast mode
[  154.499576][T11689] tipc: Resetting bearer <eth:syzkaller0>
[  154.573922][T11669] tipc: Resetting bearer <eth:syzkaller0>
[  154.606440][T11669] tipc: Disabling bearer <eth:syzkaller0>
[  154.823438][T11712] veth0: entered promiscuous mode
[  154.876819][T11711] veth0: left promiscuous mode
[  154.955012][T11716] wg1 speed is unknown, defaulting to 1000
[  155.073455][T11734] wg1 speed is unknown, defaulting to 1000
[  155.299897][T11748] netlink: 'syz.0.1658': attribute type 1 has an invalid length.
[  155.323246][T11737] netlink: 'syz.2.1656': attribute type 13 has an invalid length.
[  155.337873][T11737] netlink: 'syz.2.1656': attribute type 17 has an invalid length.
[  155.514347][T11737] 8021q: adding VLAN 0 to HW filter on device bond0
[  155.522704][T11737] 8021q: adding VLAN 0 to HW filter on device team0
[  155.534633][T11737] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  155.598067][T11763] __nla_validate_parse: 4 callbacks suppressed
[  155.598083][T11763] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1663'.
[  155.654635][T11780] netlink: 13 bytes leftover after parsing attributes in process `syz.4.1664'.
[  156.164034][T11801] wg1 speed is unknown, defaulting to 1000
[  156.446545][T11817] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1674'.
[  156.545404][T11823] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  157.251385][T11867] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1688'.
[  157.362325][T11875] wg1 speed is unknown, defaulting to 1000
[  157.730913][T11904] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1697'.
[  157.771244][T11903] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1697'.
[  157.800498][T11906] wg1 speed is unknown, defaulting to 1000
[  158.374230][T11933] tipc: Resetting bearer <eth:team0>
[  158.386545][T11933] batman_adv: batadv0: Interface deactivated: 
0!

[  158.439442][T11933] batman_adv: batadv0: Removing interface: 
0!

[  158.478351][T11933] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  158.498624][T11933] batman_adv: batadv0: Removing interface: ip6gretap1
[  158.527720][T11933] bond4: (slave veth3): Releasing backup interface
[  158.586312][T11948] dvmrp8: entered allmulticast mode
[  158.719972][T11948] dvmrp8: left allmulticast mode
[  158.736448][T11955] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  158.817257][T11955] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  158.875373][T11955] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  158.900490][T11966] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1715'.
[  158.900496][T11967] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1715'.
[  158.937328][T11966] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1715'.
[  158.950758][T11966] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1715'.
[  158.973800][T11955] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  158.979529][T11972] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  159.015933][T11977] netem: incorrect gi model size
[  159.024630][T11977] netem: change failed
[  159.040781][ T8524] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  159.055367][ T8524] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  159.079139][   T49] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  159.103951][   T49] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  159.286302][T11995] netlink: 'syz.1.1727': attribute type 10 has an invalid length.
[  159.344100][T11995] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.369092][T11995] team0: Device bond0 failed to register rx_handler
[  159.556045][T12010] netlink: 'syz.3.1732': attribute type 4 has an invalid length.
[  159.571666][T12010] netlink: 'syz.3.1732': attribute type 12 has an invalid length.
[  160.512327][T12076] netlink: 'syz.1.1753': attribute type 7 has an invalid length.
[  160.538449][T12076] netlink: 'syz.1.1753': attribute type 8 has an invalid length.
[  160.617851][T12076] __nla_validate_parse: 10 callbacks suppressed
[  160.617871][T12076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1753'.
[  160.649164][T12076] netlink: 'syz.1.1753': attribute type 1 has an invalid length.
[  160.657512][T12076] netlink: 'syz.1.1753': attribute type 7 has an invalid length.
[  160.669501][T12076] netlink: 'syz.1.1753': attribute type 8 has an invalid length.
[  160.677351][T12076] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1753'.
[  160.802652][T12090] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.823637][T12090] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  160.840224][T12090] netdevsim netdevsim1 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  160.893529][T12090] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  160.906549][T12090] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  160.918164][T12090] netdevsim netdevsim1 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  161.010831][T12090] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  161.024380][T12090] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  161.034571][T12090] netdevsim netdevsim1 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  161.095118][T12090] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  161.119808][T12090] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  161.150731][T12090] netdevsim netdevsim1 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  161.244627][T12107] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1762'.
[  161.246365][ T8533] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  161.262350][ T8533] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  161.298150][ T8533] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  161.327058][ T8533] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  161.335263][T12122] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1768'.
[  161.346744][ T8533] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  161.356445][ T8533] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  161.394115][ T8533] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  161.405114][ T8533] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  161.413489][ T8533] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  161.425057][T12120] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1766'.
[  161.443123][T12120] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1766'.
[  161.466648][ T8533] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  161.479468][ T8533] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  161.516298][ T8533] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  161.604666][T12135] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  161.621985][T12141] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1776'.
[  161.634088][T12141] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  161.654328][T12141] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (7)
[  161.688668][T12141] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1776'.
[  161.697130][T12139] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1774'.
[  161.737514][T12141] unknown channel width for channel at 909000KHz?
[  161.791633][T12155] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1779'.
[  161.822711][T12155] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  161.836069][T12157] gtp0: entered promiscuous mode
[  161.927140][T12163] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.936113][T12163] 8021q: adding VLAN 0 to HW filter on device team0
[  161.949284][T12163] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  161.998376][T12163] veth0_to_team: entered promiscuous mode
[  162.006599][T12163] veth0_to_team: entered allmulticast mode
[  162.083982][T12184] vlan2: entered allmulticast mode
[  162.090469][T12184] bridge0: entered allmulticast mode
[  162.097903][T12184] openvswitch: netlink: nsh attribute has 2 unknown bytes.
[  162.120404][T12180] syzkaller0: entered promiscuous mode
[  162.126258][T12180] syzkaller0: entered allmulticast mode
[  162.133823][ T8533] syzkaller0: tun_net_xmit 70
[  162.140775][T12180] syzkaller0: tun_chr_ioctl cmd 1074025677
[  162.146693][T12180] syzkaller0: Linktype set failed because interface is up
[  162.189035][T12189] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  162.346039][T12208] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  162.554705][T12227] netlink: 'syz.0.1803': attribute type 1 has an invalid length.
[  162.580026][T12227] 8021q: adding VLAN 0 to HW filter on device bond5
[  162.603565][T12227] vlan3: entered promiscuous mode
[  162.617637][T12227] bond5: entered promiscuous mode
[  162.623548][T12227] vlan3: entered allmulticast mode
[  162.630614][T12227] bond5: entered allmulticast mode
[  162.647055][T12235] tap0: tun_chr_ioctl cmd 1074025677
[  162.662303][T12235] tap0: linktype set to 774
[  162.674216][T12227] bond5: (slave gretap1): making interface the new active one
[  162.682439][T12227] gretap1: entered promiscuous mode
[  162.687773][T12227] gretap1: entered allmulticast mode
[  162.697710][T12227] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  162.897621][T12258] sctp: [Deprecated]: syz.3.1813 (pid 12258) Use of struct sctp_assoc_value in delayed_ack socket option.
[  162.897621][T12258] Use struct sctp_sack_info instead
[  162.909432][T12260] macvlan3: entered promiscuous mode
[  163.020776][T12262] wg1 speed is unknown, defaulting to 1000
[  163.044582][T12269] netlink: 'syz.4.1815': attribute type 11 has an invalid length.
[  163.162726][T12278] bond5: (slave gretap1): Releasing active interface
[  163.180719][T12278] gretap1: left promiscuous mode
[  163.185980][T12278] gretap1: left allmulticast mode
[  163.201684][T12282] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  163.245885][T12282] bond6: (slave bridge3): making interface the new active one
[  163.256101][T12282] bond6: (slave bridge3): Enslaving as an active interface with an up link
[  163.499254][T12301] nbd: socks must be embedded in a SOCK_ITEM attr
[  163.506581][T12301] block nbd0: shutting down sockets
[  163.667012][   T30] audit: type=1107 audit(1756395267.959:6): pid=12316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='\
�-1W�\)b{OXpq$�y?o�"tC�QE16�k�a���RP�TX�8HgM|�@+�jt���J�0B��f�����3�
��/Rh(�j�H�=���;��i���Tl���ǵ�K�cOq���Z�����}�QY?!7�>�__�'����롱��tTQIś�L�\�+�=�9��2Į�WS�/{ִ7����<���[Hx�% =ļ�e��z�KϞ�?u��fFa���� �td
[  163.667012][   T30] :b'
[  163.702387][T12318] bond5: entered promiscuous mode
[  163.783340][T12329] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  163.874601][T12338] delete_channel: no stack
[  163.990318][T12350] bridge0: entered promiscuous mode
[  164.007325][T12350] vlan4: entered promiscuous mode
[  164.017764][T12350] bridge0: port 1(vlan4) entered blocking state
[  164.041962][T12350] bridge0: port 1(vlan4) entered disabled state
[  164.055133][T12350] vlan4: entered allmulticast mode
[  164.060640][T12350] bridge0: entered allmulticast mode
[  164.067364][T12350] vlan4: left allmulticast mode
[  164.072621][T12350] bridge0: left allmulticast mode
[  164.093236][T12346] syzkaller1: entered promiscuous mode
[  164.100938][T12346] syzkaller1: entered allmulticast mode
[  164.999254][T12393] validate_nla: 2 callbacks suppressed
[  164.999273][T12393] netlink: 'syz.2.1862': attribute type 1 has an invalid length.
[  165.016408][T12393] netlink: 'syz.2.1862': attribute type 1 has an invalid length.
[  165.025392][T12393] block nbd0: shutting down sockets
[  165.160269][T12414] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  165.366309][T12434] wg1 speed is unknown, defaulting to 1000
[  165.457780][T12446] netlink: 'syz.2.1877': attribute type 10 has an invalid length.
[  165.482545][T12446] veth0_macvtap: left promiscuous mode
[  165.489545][T12446] team0: Device veth0_macvtap failed to register rx_handler
[  165.666235][T12456] __nla_validate_parse: 27 callbacks suppressed
[  165.666254][T12456] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1880'.
[  165.898816][T12462] wg1 speed is unknown, defaulting to 1000
[  166.007519][T12470] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1884'.
[  166.044156][T12470] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1884'.
[  166.125291][T12472] wg1 speed is unknown, defaulting to 1000
[  166.235352][T12483] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  166.461531][T12500] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1891'.
[  166.483267][T12499] wg1 speed is unknown, defaulting to 1000
[  166.682200][T12512] bond0: (slave bond4): Releasing backup interface
[  166.724507][T12514] netlink: 'syz.3.1896': attribute type 1 has an invalid length.
[  166.730200][T12516] 8021q: adding VLAN 0 to HW filter on device bond7
[  166.775308][T12521] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1896'.
[  166.808690][T12521] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1896'.
[  166.829695][T12514] 8021q: adding VLAN 0 to HW filter on device bond7
[  166.870325][T12524] bond3: entered promiscuous mode
[  166.904949][T12527] veth7: entered promiscuous mode
[  166.933130][T12527] bond7: (slave veth7): Enslaving as an active interface with a down link
[  166.975647][T12531] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  166.990630][T12531] syzkaller0: entered promiscuous mode
[  166.996222][T12531] syzkaller0: entered allmulticast mode
[  167.015872][T12531] netlink: 'syz.1.1900': attribute type 12 has an invalid length.
[  167.042636][T12530] tipc: Resetting bearer <eth:syzkaller0>
[  167.069836][T12530] tipc: Disabling bearer <eth:syzkaller0>
[  167.542120][T12548] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1904'.
[  167.615057][T12554] syz_tun: entered allmulticast mode
[  167.648268][T12554] dvmrp8: entered allmulticast mode
[  167.713603][T12554] wg1 speed is unknown, defaulting to 1000
[  167.806385][T12553] syz_tun: left allmulticast mode
[  167.811795][T12553] dvmrp8: left allmulticast mode
[  167.846112][T12567] netlink: 'syz.3.1910': attribute type 15 has an invalid length.
[  167.924978][T12567] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1910'.
[  167.983736][T12570] wg1 speed is unknown, defaulting to 1000
[  168.100603][T12578] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  168.177821][T12579] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  168.190491][T12579] tipc: Failed to remove unknown binding: 66,1,1/0:4219699445/4219699448
[  168.203166][ T8712] IPVS: starting estimator thread 0...
[  168.213950][T12578] tipc: Failed to remove unknown binding: 66,1,1/0:4219699445/4219699448
[  168.229550][T12587] sctp: [Deprecated]: syz.4.1914 (pid 12587) Use of struct sctp_assoc_value in delayed_ack socket option.
[  168.229550][T12587] Use struct sctp_sack_info instead
[  168.257458][T12579] netlink: 788 bytes leftover after parsing attributes in process `syz.0.1913'.
[  168.279009][T12578] tipc: Failed to remove unknown binding: 66,1,1/0:4219699445/4219699448
[  168.310296][T12584] IPVS: using max 47 ests per chain, 112800 per kthread
[  168.426412][T12596] netlink: 'syz.3.1918': attribute type 1 has an invalid length.
[  168.450064][T12596] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1918'.
[  168.623921][T12616] sctp: [Deprecated]: syz.0.1923 (pid 12616) Use of int in maxseg socket option.
[  168.623921][T12616] Use struct sctp_assoc_value instead
[  168.723482][T12628] siw: device registration error -23
[  168.754541][T12631] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  168.926860][T12651] batadv_slave_1: mtu less than device minimum
[  169.002924][T12666] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  169.038303][T12666] syzkaller0: entered promiscuous mode
[  169.043997][T12666] syzkaller0: entered allmulticast mode
[  169.065756][T12666] tipc: Resetting bearer <eth:syzkaller0>
[  169.077587][T12662] tipc: Resetting bearer <eth:syzkaller0>
[  169.114404][T12662] tipc: Disabling bearer <eth:syzkaller0>
[  169.202525][T12678] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  169.491237][T12698] syzkaller0: entered promiscuous mode
[  169.498114][T12705] netlink: 'syz.2.1950': attribute type 2 has an invalid length.
[  169.511019][T12698] syzkaller0: entered allmulticast mode
[  169.549366][T12698] netlink: 'syz.1.1948': attribute type 18 has an invalid length.
[  169.718132][T12725] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  169.737793][T12720] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  169.915956][T12739] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  170.206495][T12750] dummy0: entered promiscuous mode
[  170.213908][T12750] macsec1: entered promiscuous mode
[  170.231276][T12750] macsec1: entered allmulticast mode
[  170.247511][T12750] dummy0: entered allmulticast mode
[  170.256180][T12750] dummy0: left allmulticast mode
[  170.265211][T12750] dummy0: left promiscuous mode
[  170.497797][T12773] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  170.507523][T12773] syzkaller0: entered promiscuous mode
[  170.513427][T12773] syzkaller0: entered allmulticast mode
[  170.523925][T12773] tipc: Resetting bearer <eth:syzkaller0>
[  170.531540][T12772] tipc: Resetting bearer <eth:syzkaller0>
[  170.540489][T12772] tipc: Disabling bearer <eth:syzkaller0>
[  170.691829][T12777] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  170.752662][T12788] __nla_validate_parse: 83 callbacks suppressed
[  170.752681][T12788] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1974'.
[  170.881907][T12799] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1973'.
[  171.222277][T12823] wg1 speed is unknown, defaulting to 1000
[  171.292769][T12825] wg1 speed is unknown, defaulting to 1000
[  171.493242][T12829] syzkaller0: entered promiscuous mode
[  171.580433][T12829] syzkaller0: entered allmulticast mode
[  172.046445][T12849] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  223.989774][T12867] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1988'.
[  224.021373][T12865] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1990'.
[  224.030845][T12865] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1990'.
[  224.059403][T12869] Set syz0 is full, maxelem 0 reached
[  224.197756][T12881] wg1 speed is unknown, defaulting to 1000
[  224.615851][T12901] wg1 speed is unknown, defaulting to 1000
[  224.696601][T12906] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  224.824580][T12915] tipc: Can't bind to reserved service type 2
[  224.848362][T12915] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  224.859272][T12915] syzkaller0: entered promiscuous mode
[  224.886204][T12915] syzkaller0: entered allmulticast mode
[  225.050251][T12915] tipc: Resetting bearer <eth:syzkaller0>
[  225.089695][T12914] tipc: Resetting bearer <eth:syzkaller0>
[  225.111818][T12914] tipc: Disabling bearer <eth:syzkaller0>
[  225.112889][T12924] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  225.124981][T12924] IPv6: NLM_F_CREATE should be set when creating new route
[  225.196176][T12930] wg1 speed is unknown, defaulting to 1000
[  225.280448][T12926] netlink: 'syz.3.2005': attribute type 4 has an invalid length.
[  225.288314][T12926] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2005'.
[  225.330512][T12939] netlink: 'syz.1.2007': attribute type 13 has an invalid length.
[  225.338364][T12939] netlink: 'syz.1.2007': attribute type 17 has an invalid length.
[  225.459995][T12926] �: renamed from bond0 (while UP)
[  225.599893][T12951] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2007'.
[  225.620074][T12949] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2010'.
[  225.649743][T12939] 8021q: adding VLAN 0 to HW filter on device bond0
[  225.687850][T12939] tipc: Resetting bearer <eth:team0>
[  225.705267][T12939] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  225.749990][T12953] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.784830][T12945] wg1 speed is unknown, defaulting to 1000
[  225.961557][T12939] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  226.046567][T12947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  226.091045][T12970] wg1 speed is unknown, defaulting to 1000
[  226.115564][T12967] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  226.421532][T12979] Set syz0 is full, maxelem 0 reached
[  226.506425][T12985] FAULT_INJECTION: forcing a failure.
[  226.506425][T12985] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  226.534340][T12985] CPU: 0 UID: 0 PID: 12985 Comm: syz.4.2017 Not tainted syzkaller #0 PREEMPT(full) 
[  226.534366][T12985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.534377][T12985] Call Trace:
[  226.534384][T12985]  <TASK>
[  226.534392][T12985]  dump_stack_lvl+0x189/0x250
[  226.534419][T12985]  ? __pfx____ratelimit+0x10/0x10
[  226.534442][T12985]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.534461][T12985]  ? __pfx__printk+0x10/0x10
[  226.534484][T12985]  ? lock_acquire+0x5f/0x360
[  226.534510][T12985]  should_fail_ex+0x414/0x560
[  226.534534][T12985]  prepare_alloc_pages+0x213/0x610
[  226.534554][T12985]  __alloc_frozen_pages_noprof+0x123/0x370
[  226.534574][T12985]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  226.534598][T12985]  alloc_pages_mpol+0x232/0x4a0
[  226.534621][T12985]  alloc_pages_noprof+0xa9/0x190
[  226.534641][T12985]  pte_alloc_one+0x21/0x170
[  226.534659][T12985]  __pte_alloc+0x25/0x1a0
[  226.534676][T12985]  __handle_mm_fault+0x49b3/0x5440
[  226.534701][T12985]  ? __pfx___handle_mm_fault+0x10/0x10
[  226.534720][T12985]  ? rcu_is_watching+0x15/0xb0
[  226.534743][T12985]  ? find_vma+0xe7/0x160
[  226.534761][T12985]  ? __pfx_find_vma+0x10/0x10
[  226.534782][T12985]  handle_mm_fault+0x40a/0x8e0
[  226.534807][T12985]  do_user_addr_fault+0x764/0x1390
[  226.534839][T12985]  exc_page_fault+0x76/0xf0
[  226.534869][T12985]  asm_exc_page_fault+0x26/0x30
[  226.534887][T12985] RIP: 0010:rep_movs_alternative+0x30/0x90
[  226.534908][T12985] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 8d 09 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  226.534925][T12985] RSP: 0018:ffffc900046ffbb8 EFLAGS: 00050246
[  226.534942][T12985] RAX: 00007ffffffff001 RBX: 0000000000000008 RCX: 0000000000000008
[  226.534954][T12985] RDX: 0000000000000001 RSI: 0000200000000a00 RDI: ffffc900046ffc20
[  226.534966][T12985] RBP: ffffc900046ffcb0 R08: ffffc900046ffc27 R09: 1ffff920008dff84
[  226.534979][T12985] R10: dffffc0000000000 R11: fffff520008dff85 R12: dffffc0000000000
[  226.534992][T12985] R13: 1ffff920008dff80 R14: ffffc900046ffc20 R15: 0000200000000a00
[  226.535014][T12985]  _copy_from_user+0x7a/0xb0
[  226.535033][T12985]  hci_dev_cmd+0xa2/0x7b0
[  226.535051][T12985]  ? __pfx_hci_dev_cmd+0x10/0x10
[  226.535066][T12985]  ? __ia32_sys_capget+0x50/0x60
[  226.535083][T12985]  ? hci_sock_ioctl+0x5e5/0x910
[  226.535102][T12985]  sock_do_ioctl+0xdc/0x300
[  226.535124][T12985]  ? __pfx_sock_do_ioctl+0x10/0x10
[  226.535143][T12985]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  226.535175][T12985]  sock_ioctl+0x576/0x790
[  226.535194][T12985]  ? lock_release+0x4b/0x3e0
[  226.535216][T12985]  ? __pfx_sock_ioctl+0x10/0x10
[  226.535236][T12985]  ? __fget_files+0x2a/0x420
[  226.535251][T12985]  ? __fget_files+0x3a0/0x420
[  226.535265][T12985]  ? __fget_files+0x2a/0x420
[  226.535281][T12985]  ? bpf_lsm_file_ioctl+0x9/0x20
[  226.535301][T12985]  ? __pfx_sock_ioctl+0x10/0x10
[  226.535321][T12985]  __se_sys_ioctl+0xf9/0x170
[  226.535342][T12985]  do_syscall_64+0xfa/0x3b0
[  226.535359][T12985]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.535376][T12985]  ? clear_bhb_loop+0x60/0xb0
[  226.535395][T12985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.535411][T12985] RIP: 0033:0x7efc6298ebe9
[  226.535426][T12985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.535440][T12985] RSP: 002b:00007efc637d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  226.535458][T12985] RAX: ffffffffffffffda RBX: 00007efc62bb5fa0 RCX: 00007efc6298ebe9
[  226.535471][T12985] RDX: 0000200000000a00 RSI: 00000000400448e0 RDI: 0000000000000004
[  226.535483][T12985] RBP: 00007efc637d9090 R08: 0000000000000000 R09: 0000000000000000
[  226.535494][T12985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.535503][T12985] R13: 00007efc62bb6038 R14: 00007efc62bb5fa0 R15: 00007fffa3c5edd8
[  226.535523][T12985]  </TASK>
[  227.002945][T12991] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2019'.
[  227.043989][T12996] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2021'.
[  227.061685][T12989] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  227.157230][T13003] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2026'.
[  227.181327][T13008] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  227.230549][T13005] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2025'.
[  227.770253][T13067] FAULT_INJECTION: forcing a failure.
[  227.770253][T13067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.785439][T13069] netlink: 'syz.3.2041': attribute type 13 has an invalid length.
[  227.806597][T13069] netlink: 'syz.3.2041': attribute type 17 has an invalid length.
[  227.814867][T13067] CPU: 0 UID: 0 PID: 13067 Comm: syz.1.2045 Not tainted syzkaller #0 PREEMPT(full) 
[  227.814893][T13067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  227.814903][T13067] Call Trace:
[  227.814910][T13067]  <TASK>
[  227.814917][T13067]  dump_stack_lvl+0x189/0x250
[  227.814942][T13067]  ? __pfx____ratelimit+0x10/0x10
[  227.814967][T13067]  ? __pfx_dump_stack_lvl+0x10/0x10
[  227.814984][T13067]  ? __pfx__printk+0x10/0x10
[  227.815009][T13067]  ? rcu_is_watching+0x15/0xb0
[  227.815027][T13067]  should_fail_ex+0x414/0x560
[  227.815051][T13067]  _copy_to_user+0x31/0xb0
[  227.815071][T13067]  simple_read_from_buffer+0xe1/0x170
[  227.815096][T13067]  proc_fail_nth_read+0x1b3/0x220
[  227.815116][T13067]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  227.815136][T13067]  ? rw_verify_area+0x2a6/0x4d0
[  227.815155][T13067]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  227.815172][T13067]  vfs_read+0x1fd/0xa30
[  227.815192][T13067]  ? fdget_pos+0x247/0x320
[  227.815208][T13067]  ? __pfx___mutex_lock+0x10/0x10
[  227.815231][T13067]  ? __pfx_vfs_read+0x10/0x10
[  227.815253][T13067]  ? __fget_files+0x3a0/0x420
[  227.815267][T13067]  ? __fget_files+0x2a/0x420
[  227.815285][T13067]  ksys_read+0x145/0x250
[  227.815305][T13067]  ? __fget_files+0x3a0/0x420
[  227.815320][T13067]  ? __pfx_ksys_read+0x10/0x10
[  227.815340][T13067]  ? __pfx_sock_ioctl+0x10/0x10
[  227.815362][T13067]  ? rcu_is_watching+0x15/0xb0
[  227.815380][T13067]  do_syscall_64+0xfa/0x3b0
[  227.815396][T13067]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.815413][T13067]  ? clear_bhb_loop+0x60/0xb0
[  227.815431][T13067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.815448][T13067] RIP: 0033:0x7f2348b8d5fc
[  227.815463][T13067] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  227.815477][T13067] RSP: 002b:00007f23499c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  227.815497][T13067] RAX: ffffffffffffffda RBX: 00007f2348db5fa0 RCX: 00007f2348b8d5fc
[  227.815511][T13067] RDX: 000000000000000f RSI: 00007f23499c60a0 RDI: 0000000000000003
[  227.815522][T13067] RBP: 00007f23499c6090 R08: 0000000000000000 R09: 0000000000000000
[  227.815533][T13067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  227.815543][T13067] R13: 00007f2348db6038 R14: 00007f2348db5fa0 R15: 00007ffe9b77dd48
[  227.815563][T13067]  </TASK>
[  228.091442][T13069] 8021q: adding VLAN 0 to HW filter on device �
[  228.109412][T13069] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.195971][T13075] wg1 speed is unknown, defaulting to 1000
[  228.244479][T13069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  228.309597][T13069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  228.347519][T13094] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  228.380168][T13069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  228.716739][T13120] wg1 speed is unknown, defaulting to 1000
[  228.967554][T13126] wg1 speed is unknown, defaulting to 1000
[  229.027612][T13132] __nla_validate_parse: 15 callbacks suppressed
[  229.027630][T13132] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2062'.
[  229.055671][T13134] netlink: 232 bytes leftover after parsing attributes in process `syz.0.2063'.
[  229.087397][T13134] netlink: 'syz.0.2063': attribute type 10 has an invalid length.
[  229.106690][T13134] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2063'.
[  229.164866][T13141] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  229.325011][T13136] tipc: Resetting bearer <eth:team0>
[  229.789333][T13136] hsr1: left allmulticast mode
[  229.794339][T13136] batadv_slave_0: left allmulticast mode
[  229.802971][T13136] geneve2: left promiscuous mode
[  229.808142][T13136] geneve2: left allmulticast mode
[  229.842625][T13136] bond0: left promiscuous mode
[  229.852482][T13136] macvlan2: left promiscuous mode
[  229.870884][T13136] veth3: left promiscuous mode
[  229.884316][T13134] veth0_vlan: left promiscuous mode
[  229.890210][T13134] veth0_vlan: entered promiscuous mode
[  229.896628][T13134] veth0_vlan: entered allmulticast mode
[  229.905888][T13134] bridge0: port 1(veth0_vlan) entered blocking state
[  229.913515][T13134] bridge0: port 1(veth0_vlan) entered disabled state
[  229.931705][T13134] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  230.035293][ T8524] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.052806][ T8524] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 256 - 0
[  230.067018][ T8524] netdevsim netdevsim1 eth0: unset [1, 1] type 2 family 0 port 6081 - 0
[  230.076502][ T8524] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.085252][ T8524] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 256 - 0
[  230.094408][ T8524] netdevsim netdevsim1 eth1: unset [1, 1] type 2 family 0 port 6081 - 0
[  230.164280][T13160] dvmrp8: entered allmulticast mode
[  230.172954][T13164] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2071'.
[  230.194735][ T8524] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.194789][T13164] netlink: 'syz.2.2071': attribute type 7 has an invalid length.
[  230.205840][ T8524] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 256 - 0
[  230.221131][ T8524] netdevsim netdevsim1 eth2: unset [1, 1] type 2 family 0 port 6081 - 0
[  230.230137][ T8524] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.238970][ T8524] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 256 - 0
[  230.244287][T13162] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  230.254799][ T8524] netdevsim netdevsim1 eth3: unset [1, 1] type 2 family 0 port 6081 - 0
[  230.267599][T13157] wg1 speed is unknown, defaulting to 1000
[  230.301291][T13160] wg1 speed is unknown, defaulting to 1000
[  230.485313][T13182] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2075'.
[  230.689251][T13200] tun0: tun_chr_ioctl cmd 1074025675
[  230.694707][T13200] tun0: persist enabled
[  230.700476][T13200] tun0: tun_chr_ioctl cmd 1074025675
[  230.706954][T13200] tun0: persist enabled
[  230.730804][T13200] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2081'.
[  230.768969][T13208] tipc: Enabled bearer <ib:caif0>, priority 14
[  230.831110][T13213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2084'.
[  230.890522][T13217] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  231.139276][T13231] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2090'.
[  231.442220][T13258] netlink: 248 bytes leftover after parsing attributes in process `syz.3.2099'.
[  231.574100][T13264] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  231.742937][T13266] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2103'.
[  231.982536][T13295] wg1 speed is unknown, defaulting to 1000
[  232.087385][T13306] netlink: 'syz.4.2114': attribute type 1 has an invalid length.
[  232.224530][T13317] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  232.276040][T13317] netlink: 'syz.4.2116': attribute type 10 has an invalid length.
[  232.347652][T13321] veth0_to_team: left allmulticast mode
[  232.355961][T13321] batadv_slave_1: left promiscuous mode
[  232.365699][T13321] veth0_vlan: left allmulticast mode
[  232.388134][T13321] veth3: left promiscuous mode
[  232.397773][T13321] bridge1: left promiscuous mode
[  232.410385][T13321] bridge1: left allmulticast mode
[  232.416698][T13321] bond2: left promiscuous mode
[  232.429114][T13321] bond2: left allmulticast mode
[  232.434367][T13321] bridge3: left allmulticast mode
[  232.452996][T13321] vlan2: left allmulticast mode
[  232.458342][T13321] bridge0: left allmulticast mode
[  232.472580][T13321] vlan3: left promiscuous mode
[  232.477538][T13321] bond5: left promiscuous mode
[  232.485342][T13321] vlan3: left allmulticast mode
[  232.503296][T13321] bond5: left allmulticast mode
[  232.509117][T13321] macvlan3: left promiscuous mode
[  232.641698][T13342] syzkaller0: entered promiscuous mode
[  232.657157][T13342] syzkaller0: entered allmulticast mode
[  233.036697][T13350] infiniband syz2: set down
[  233.053877][T13350] infiniband syz2: added ipvlan1
[  233.076424][T13371] sctp: [Deprecated]: syz.3.2131 (pid 13371) Use of struct sctp_assoc_value in delayed_ack socket option.
[  233.076424][T13371] Use struct sctp_sack_info instead
[  233.112022][T13350] RDS/IB: syz2: added
[  233.116137][T13350] smc: adding ib device syz2 with port count 1
[  233.128911][T13350] smc:    ib device syz2 port 1 has pnetid 
[  233.247757][T13382] netlink: 'syz.3.2134': attribute type 1 has an invalid length.
[  233.314940][T13382] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.335970][T13385] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  233.393079][T13382] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.415359][T13382] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address
[  233.426948][T13382] bond0: (slave vxcan3): Error -95 calling set_mac_address
[  233.477011][T13393] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  233.640209][T13401] wg1 speed is unknown, defaulting to 1000
[  233.717184][T13406] netlink: 'syz.4.2140': attribute type 10 has an invalid length.
[  233.755401][T13406] netlink: 'syz.4.2140': attribute type 10 has an invalid length.
[  233.785776][T13406] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  234.162140][T13429] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  234.350735][T13440] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  234.762479][T13449] dvmrp8: entered allmulticast mode
[  234.867046][T13449] wg1 speed is unknown, defaulting to 1000
[  235.076878][T13458] __nla_validate_parse: 13 callbacks suppressed
[  235.076898][T13458] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2154'.
[  235.169996][T13461] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2154'.
[  235.517560][T13476] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.555436][T13476] bond0: (slave rose0): Enslaving as an active interface with an up link
[  235.599618][T13480] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2160'.
[  235.658695][T13479] veth5: entered promiscuous mode
[  235.683415][T13479] netlink: 'syz.2.2161': attribute type 3 has an invalid length.
[  235.706715][T13486] netlink: 788 bytes leftover after parsing attributes in process `syz.1.2162'.
[  235.842029][T13495] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2162'.
[  236.631098][T13546] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  236.693980][T13557] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2180'.
[  236.738714][T13548] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2180'.
[  236.848390][T13566] wg1 speed is unknown, defaulting to 1000
[  236.879013][T13571] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2184'.
[  236.918614][T13559] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2182'.
[  236.961291][T13572] wg1 speed is unknown, defaulting to 1000
[  237.152349][T13585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2189'.
[  237.677621][T13607] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  237.787120][T13591] netlink: 'syz.0.2186': attribute type 6 has an invalid length.
[  237.856426][T13607] syzkaller0: entered promiscuous mode
[  237.885299][T13607] syzkaller0: entered allmulticast mode
[  237.921629][T13607] syzkaller0: mtu less than device minimum
[  238.015122][T13603] tipc: Resetting bearer <eth:syzkaller0>
[  238.064627][T13603] tipc: Disabling bearer <eth:syzkaller0>
[  238.162907][T13628] netlink: 'syz.4.2199': attribute type 5 has an invalid length.
[  238.205268][T13633] netlink: 'syz.0.2200': attribute type 2 has an invalid length.
[  238.303861][T13636] wg1 speed is unknown, defaulting to 1000
[  238.513688][T13649] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  238.643533][T13639] wg1 speed is unknown, defaulting to 1000
[  239.499116][T13673] netlink: get zone limit has 8 unknown bytes
[  239.509316][T13673] IPVS: set_ctl: invalid protocol: 29 100.1.1.1:20000
[  239.521801][T13671] netlink: 'syz.4.2210': attribute type 39 has an invalid length.
[  239.583474][T13673] geneve0: entered promiscuous mode
[  239.590623][T13673] geneve0: entered allmulticast mode
[  239.604120][ T8524] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.633007][ T8524] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.654874][ T8524] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.691454][ T8524] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.836855][T13671] netlink: 'syz.4.2210': attribute type 39 has an invalid length.
[  239.845539][T13671] netlink: 'syz.4.2210': attribute type 39 has an invalid length.
[  239.853794][T13671] netlink: 'syz.4.2210': attribute type 39 has an invalid length.
[  239.861945][T13692] veth0_vlan: entered allmulticast mode
[  239.883450][T13671] netlink: 'syz.4.2210': attribute type 39 has an invalid length.
[  239.891774][T13671] netlink: 'syz.4.2210': attribute type 39 has an invalid length.
[  239.932685][T13671] netlink: 'syz.4.2210': attribute type 39 has an invalid length.
[  240.099915][T13704] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  240.107472][T13704] syzkaller0: entered promiscuous mode
[  240.113574][T13704] syzkaller0: entered allmulticast mode
[  240.154991][T13704] tipc: Resetting bearer <eth:syzkaller0>
[  240.179562][T13703] tipc: Resetting bearer <eth:syzkaller0>
[  240.208851][T13703] tipc: Disabling bearer <eth:syzkaller0>
[  240.313259][T13714] __nla_validate_parse: 11 callbacks suppressed
[  240.313277][T13714] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2223'.
[  240.390012][T13718] wg1 speed is unknown, defaulting to 1000
[  240.557790][T13723] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  240.692049][T13562] Set syz1 is full, maxelem 65536 reached
[  240.697789][T13733] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2230'.
[  240.698095][T13733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2230'.
[  240.722551][T13730] 8021q: adding VLAN 0 to HW filter on device bond6
[  240.747836][T13734] bond6: (slave bridge10): making interface the new active one
[  240.762826][T13734] bond6: (slave bridge10): Enslaving as an active interface with an up link
[  240.806809][T13738] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2232'.
[  240.823067][T13730] bond6: (slave vlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  241.245134][T13778] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2245'.
[  241.250251][T13779] IPVS: Error connecting to the multicast addr
[  241.330886][T13775] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2243'.
[  241.352064][T13787] IPVS: set_ctl: invalid protocol: 2368 0.32.0.0:11264
[  241.582720][T13806] Set syz1 is full, maxelem 65536 reached
[  241.634819][T13808] macvlan4: entered allmulticast mode
[  241.656053][T13808] veth1_vlan: entered allmulticast mode
[  241.916770][T13808] veth1_vlan: left allmulticast mode
[  242.025398][T13816] macsec1: entered promiscuous mode
[  242.037938][T13816] dummy0: entered promiscuous mode
[  242.043992][T13816] macsec1: entered allmulticast mode
[  242.056595][T13816] dummy0: entered allmulticast mode
[  242.070879][T13816] dummy0: left allmulticast mode
[  242.088412][T13816] dummy0: left promiscuous mode
[  242.235680][T13834] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2260'.
[  242.297837][T13832] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2259'.
[  242.349021][T13834] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  242.672483][T13871] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2269'.
[  242.682002][T13871] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2269'.
[  242.704413][T13868] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  243.116375][T13910] tap0: tun_chr_ioctl cmd 1074025677
[  243.122467][T13910] tap0: linktype set to 0
[  243.180905][T13914] bridge0: entered allmulticast mode
[  243.190729][T13914] bridge0 (unregistering): left allmulticast mode
[  243.467584][T13925] wg1 speed is unknown, defaulting to 1000
[  243.494317][T13932] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  243.655277][T13942] wg1 speed is unknown, defaulting to 1000
[  244.103622][T13980] IPVS: Unknown mcast interface: netpci0
[  244.180763][T13986] validate_nla: 31 callbacks suppressed
[  244.180781][T13986] netlink: 'syz.2.2307': attribute type 23 has an invalid length.
[  244.344585][T14002] bond0: entered promiscuous mode
[  244.401487][T14002] bond0: entered allmulticast mode
[  244.431921][T14002] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.564292][T14015] wg1 speed is unknown, defaulting to 1000
[  244.991006][T14059] vlan2: entered promiscuous mode
[  244.996409][T14059] bond0: entered promiscuous mode
[  245.002189][T14059] vlan2: entered allmulticast mode
[  245.002692][T14061] netlink: 'syz.2.2330': attribute type 12 has an invalid length.
[  245.007542][T14059] bond0: entered allmulticast mode
[  245.081612][T14068] netlink: ct family unspecified
[  245.086681][T14068] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  245.156846][T14071] netlink: 'syz.2.2330': attribute type 12 has an invalid length.
[  245.188255][   T30] audit: type=1800 audit(1756395349.479:7): pid=14083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2336" name="memory.events" dev="tmpfs" ino=2466 res=0 errno=0
[  245.262495][T14087] netlink: 'syz.3.2336': attribute type 10 has an invalid length.
[  245.292824][T14087] batadv_slave_0: entered allmulticast mode
[  245.299775][T14087] �: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  245.323494][   T30] audit: type=1804 audit(1756395349.609:8): pid=14084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2336" name="/newroot/477/memory.events" dev="tmpfs" ino=2466 res=1 errno=0
[  245.393771][T14097] __nla_validate_parse: 20 callbacks suppressed
[  245.393787][T14097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2341'.
[  245.417016][T14094] wg1 speed is unknown, defaulting to 1000
[  245.437583][T14101] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2338'.
[  245.455465][T14093] wg1 speed is unknown, defaulting to 1000
[  245.561942][T14113] sctp: [Deprecated]: syz.2.2346 (pid 14113) Use of int in max_burst socket option deprecated.
[  245.561942][T14113] Use struct sctp_assoc_value instead
[  245.593517][T14115] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2345'.
[  245.605312][T14115] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2345'.
[  245.614985][T14115] netlink: 'syz.4.2345': attribute type 5 has an invalid length.
[  245.642130][T14115] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2345'.
[  245.746976][T14115] wg1 speed is unknown, defaulting to 1000
[  245.795164][T14125] netlink: 192 bytes leftover after parsing attributes in process `syz.4.2345'.
[  245.956651][T14134] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2352'.
[  246.154670][T14149] wg1 speed is unknown, defaulting to 1000
[  246.456481][T14159] wg1 speed is unknown, defaulting to 1000
[  246.553242][T14171] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2364'.
[  246.707074][T14178] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2366'.
[  246.843135][T14185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2368'.
[  246.886254][T14185] vxcan1: entered allmulticast mode
[  247.083948][T14195] 8021q: adding VLAN 0 to HW filter on device bond5
[  247.159730][T14200] wg1 speed is unknown, defaulting to 1000
[  247.331834][T14232] 8021q: VLANs not supported on ip6_vti0
[  247.583938][   T49] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.602866][   T49] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.625850][   T49] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.664046][   T49] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.788263][T14263] team0: Mode changed to "loadbalance"
[  247.795416][T14266] 8021q: VLANs not supported on ipvlan1
[  248.312610][T14309] netlink: 'syz.4.2405': attribute type 1 has an invalid length.
[  248.629817][T14343] bridge3: entered promiscuous mode
[  248.640861][T14343] bridge3: entered allmulticast mode
[  248.862610][T14366] netlink: 'syz.0.2418': attribute type 13 has an invalid length.
[  248.880493][T14366] netlink: 'syz.0.2418': attribute type 17 has an invalid length.
[  248.947398][T14377] openvswitch: netlink: nsh attribute has 2338 unknown bytes.
[  248.972198][T14377] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  250.054783][T14455] wg1 speed is unknown, defaulting to 1000
[  250.176669][T14487] netlink: 'syz.4.2452': attribute type 10 has an invalid length.
[  250.226415][T14487] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.276705][T14487] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  250.303055][T14491] netlink: 'syz.0.2453': attribute type 6 has an invalid length.
[  250.315368][T14487] netlink: 'syz.4.2452': attribute type 10 has an invalid length.
[  250.327459][T14491] netlink: 'syz.0.2453': attribute type 6 has an invalid length.
[  250.390847][T14487] batadv0: entered promiscuous mode
[  250.398989][T14487] batadv0: entered allmulticast mode
[  250.415898][T14487] bond0: (slave batadv0): Releasing backup interface
[  250.440253][T14487] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  250.464796][T14510] __nla_validate_parse: 156 callbacks suppressed
[  250.464817][T14510] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2457'.
[  250.516435][T14507] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2456'.
[  250.754326][T14532] IPVS: set_ctl: invalid protocol: 137 172.20.20.187:20004
[  250.784893][T14535] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2467'.
[  250.806382][T14536] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2465'.
[  250.815755][T14535] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2467'.
[  250.974277][T14546] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2469'.
[  251.000836][T14550] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2468'.
[  251.026171][T14550] tunl0: entered promiscuous mode
[  251.032578][T14550] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  251.085247][T14554] netlink: 161716 bytes leftover after parsing attributes in process `syz.4.2471'.
[  251.105028][T14554] netlink: zone id is out of range
[  251.115008][T14554] netlink: zone id is out of range
[  251.131931][T14554] netlink: zone id is out of range
[  251.146517][T14544] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2471'.
[  251.155813][T14554] netlink: zone id is out of range
[  251.164838][T14554] netlink: zone id is out of range
[  251.170242][T14554] netlink: zone id is out of range
[  251.222734][T14572] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2479'.
[  251.694385][T14631] ip6tnl0: entered allmulticast mode
[  251.937686][T14653] wg1 speed is unknown, defaulting to 1000
[  251.946571][T14658] netlink: 'syz.4.2505': attribute type 1 has an invalid length.
[  251.974432][T14657] netlink: 'syz.4.2505': attribute type 1 has an invalid length.
[  252.157447][T14672] delete_channel: no stack
[  252.796607][T14713] netlink: 'syz.2.2524': attribute type 1 has an invalid length.
[  252.880112][T14719] bond6: entered promiscuous mode
[  252.899050][T14719] bond6: entered allmulticast mode
[  252.996194][T14719] 8021q: adding VLAN 0 to HW filter on device bond6
[  253.208817][T14729] smc: net device bond0 applied user defined pnetid SBZ2
[  253.234235][T14721] wg1 speed is unknown, defaulting to 1000
[  253.425383][T14727] wg1 speed is unknown, defaulting to 1000
[  253.612961][T14748] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.635638][T14748] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.901970][T14757] wg1 speed is unknown, defaulting to 1000
[  254.294745][T14767] veth0_to_bridge: entered promiscuous mode
[  254.314630][T14765] tap0: tun_chr_ioctl cmd 1074025677
[  254.331488][T14765] tap0: linktype set to 780
[  254.390612][T14767] veth0_to_bridge: left promiscuous mode
[  254.802044][T14787] wg1 speed is unknown, defaulting to 1000
[  255.002956][T14800] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.280745][T14823] hsr_slave_1 (unregistering): left promiscuous mode
[  255.595246][T14831] __nla_validate_parse: 20 callbacks suppressed
[  255.595259][T14831] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2557'.
[  255.685087][T14837] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2560'.
[  255.748238][T14843] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2562'.
[  255.767809][T14842] wg1 speed is unknown, defaulting to 1000
[  255.810553][ T1300] net_ratelimit: 2 callbacks suppressed
[  255.810573][ T1300] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[  303.012575][T14867] netlink: 'syz.1.2568': attribute type 13 has an invalid length.
[  303.020635][T14867] netlink: 'syz.1.2568': attribute type 17 has an invalid length.
[  303.036816][T14867] gretap0: refused to change device tx_queue_len
[  303.044041][T14867] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  303.191148][T14880] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2571'.
[  303.221581][T14880] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2571'.
[  303.252289][T14886] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2571'.
[  303.254124][T14887] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  303.278908][T14880] netlink: 'syz.4.2571': attribute type 4 has an invalid length.
[  303.689677][T14895] netlink: 20824 bytes leftover after parsing attributes in process `syz.1.2576'.
[  303.691026][T14902] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  303.766363][T14906] netlink: 'syz.4.2578': attribute type 27 has an invalid length.
[  303.801238][T14906] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  303.841244][T14895] netlink: 'syz.1.2576': attribute type 10 has an invalid length.
[  303.863102][T14895] !
: entered promiscuous mode
[  303.870730][T14895] !
: entered allmulticast mode
[  303.877042][T14895] bond0: (slave 
0!
): Enslaving as an active interface with an up link
[  304.258228][T14922] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  304.442538][T14934] ip6_vti0: entered allmulticast mode
[  304.458422][T14934] dvmrp8: entered allmulticast mode
[  304.530104][T14938] syzkaller0: entered allmulticast mode
[  304.537715][T14936] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  304.546317][T14934] wg1 speed is unknown, defaulting to 1000
[  304.554871][T14936] syzkaller0: entered promiscuous mode
[  304.562671][T14938] netlink: 'syz.3.2589': attribute type 2 has an invalid length.
[  304.574657][T14939] netlink: 'syz.1.2587': attribute type 23 has an invalid length.
[  304.576620][T14936] syzkaller0: entered allmulticast mode
[  304.627298][T14938] : entered promiscuous mode
[  304.644984][T14936] tipc: Resetting bearer <eth:syzkaller0>
[  304.674016][T14935] tipc: Resetting bearer <eth:syzkaller0>
[  304.686585][T14935] tipc: Disabling bearer <eth:syzkaller0>
[  304.831956][T14951] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2594'.
[  304.953527][T14933] ip6_vti0: left allmulticast mode
[  304.959557][T14933] dvmrp8: left allmulticast mode
[  304.992396][T14957] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  305.023107][T14957] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.186566][T14972] netlink: 'syz.2.2599': attribute type 13 has an invalid length.
[  305.205218][T14972] netlink: 'syz.2.2599': attribute type 17 has an invalid length.
[  305.216638][T14957] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  305.231395][T14957] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.284991][T14972] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.293375][T14972] 8021q: adding VLAN 0 to HW filter on device team0
[  305.305044][T14972] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  305.325571][T14974] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  305.381447][T14972] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2599'.
[  305.394582][T14972] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2599'.
[  305.432814][T14957] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  305.448026][T14957] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.469192][T14978] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  305.486219][T14973] wg1 speed is unknown, defaulting to 1000
[  305.509789][T14957] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  305.519888][T14957] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.624706][ T8520] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  305.633562][ T8520] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  305.661613][ T8520] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  305.670242][ T8520] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  305.696398][ T8520] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  305.705204][ T8520] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  305.753198][ T8520] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  305.769730][ T8520] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  305.796248][T14986] syzkaller0: entered allmulticast mode
[  305.824820][T14986] netlink: 'syz.0.2605': attribute type 2 has an invalid length.
[  305.873160][T14986] : entered promiscuous mode
[  306.098335][T15007] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  306.181458][T15013] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2615'.
[  306.391183][T15027] mac80211_hwsim hwsim8 syzkaller0: left promiscuous mode
[  306.413374][T15027] : entered promiscuous mode
[  306.563203][T15043] erspan0: entered allmulticast mode
[  306.595633][T15043] dvmrp8: entered allmulticast mode
[  306.606392][T15047] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2628'.
[  306.736191][T15043] wg1 speed is unknown, defaulting to 1000
[  307.008549][    C1] ==================================================================
[  307.016658][    C1] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x471/0x4b0
[  307.024600][    C1] Read of size 2 at addr ffff888055b8ec2a by task syz.1.2621/15028
[  307.032511][    C1] 
[  307.034851][    C1] CPU: 1 UID: 0 PID: 15028 Comm: syz.1.2621 Not tainted syzkaller #0 PREEMPT(full) 
[  307.034881][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  307.034905][    C1] Call Trace:
[  307.034917][    C1]  <TASK>
[  307.034927][    C1]  dump_stack_lvl+0x189/0x250
[  307.034954][    C1]  ? rcu_is_watching+0x15/0xb0
[  307.034974][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.034994][    C1]  ? rcu_is_watching+0x15/0xb0
[  307.035012][    C1]  ? lock_release+0x4b/0x3e0
[  307.035041][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  307.035065][    C1]  ? __virt_addr_valid+0x4a5/0x5c0
[  307.035091][    C1]  print_report+0xca/0x240
[  307.035110][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  307.035137][    C1]  kasan_report+0x118/0x150
[  307.035168][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  307.035199][    C1]  rose_timer_expiry+0x471/0x4b0
[  307.035229][    C1]  call_timer_fn+0x17e/0x5f0
[  307.035258][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  307.035285][    C1]  ? call_timer_fn+0xbe/0x5f0
[  307.035312][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  307.035344][    C1]  ? rcu_is_watching+0x15/0xb0
[  307.035362][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  307.035387][    C1]  __run_timer_base+0x61a/0x860
[  307.035406][    C1]  ? ktime_get+0x3e/0x1f0
[  307.035429][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  307.035464][    C1]  run_timer_softirq+0xb7/0x180
[  307.035491][    C1]  handle_softirqs+0x283/0x870
[  307.035511][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  307.035528][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  307.035549][    C1]  __irq_exit_rcu+0xca/0x1f0
[  307.035569][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  307.035593][    C1]  irq_exit_rcu+0x9/0x30
[  307.035611][    C1]  sysvec_apic_timer_interrupt+0x57/0xc0
[  307.035649][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.035670][    C1] RIP: 0033:0x7f2348a68016
[  307.035695][    C1] Code: 77 f8 48 89 f8 48 89 eb eb 12 66 2e 0f 1f 84 00 00 00 00 00 48 8b 4b 08 48 83 c3 08 48 39 d1 72 f3 48 83 e8 08 48 39 f2 73 17 <66> 2e 0f 1f 84 00 00 00 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72
[  307.035712][    C1] RSP: 002b:00007ffe9b77dce0 EFLAGS: 00000297
[  307.035732][    C1] RAX: 00007f234832c448 RBX: 00007f2348325e60 RCX: ffffffff81f76d04
[  307.035747][    C1] RDX: ffffffff81f76d04 RSI: ffffffff81f76d38 RDI: 00007f234832e8a8
[  307.035763][    C1] RBP: 00007f2348323328 R08: 00007f2348328de0 R09: 00007f2348da2000
[  307.035778][    C1] R10: 00007f23481fd008 R11: 0000000000000018 R12: 00007f2348323320
[  307.035793][    C1] R13: 000000000000001a R14: 00007ffe9b77de68 R15: 00007f23481fd008
[  307.035813][    C1]  ? filemap_map_pages+0x1004/0x1740
[  307.035835][    C1]  ? filemap_map_pages+0x1004/0x1740
[  307.035855][    C1]  ? filemap_map_pages+0x1038/0x1740
[  307.035879][    C1]  </TASK>
[  307.035887][    C1] 
[  307.041547][T15042] erspan0: left allmulticast mode
[  307.045261][    C1] Allocated by task 14384:
[  307.055944][T15042] dvmrp8: left allmulticast mode
[  307.058648][    C1]  kasan_save_track+0x3e/0x80
[  307.058679][    C1]  __kasan_kmalloc+0x93/0xb0
[  307.058707][    C1]  __kmalloc_cache_noprof+0x230/0x3d0
[  307.058784][    C1]  __genradix_ptr_alloc+0x352/0x4a0
[  307.058812][    C1]  __genradix_prealloc+0x44/0x90
[  307.341655][    C1]  sctp_stream_init+0x14b/0x440
[  307.346589][    C1]  sctp_connect_new_asoc+0x3a6/0x690
[  307.351869][    C1]  sctp_sendmsg+0x155c/0x2810
[  307.356612][    C1]  __sock_sendmsg+0x19c/0x270
[  307.361298][    C1]  ____sys_sendmsg+0x52d/0x830
[  307.366046][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  307.370769][    C1]  __sys_sendmmsg+0x227/0x430
[  307.375535][    C1]  __x64_sys_sendmmsg+0xa0/0xc0
[  307.380379][    C1]  do_syscall_64+0xfa/0x3b0
[  307.384962][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.390847][    C1] 
[  307.393162][    C1] Freed by task 14381:
[  307.397206][    C1]  kasan_save_track+0x3e/0x80
[  307.402146][    C1]  kasan_save_free_info+0x46/0x50
[  307.407249][    C1]  __kasan_slab_free+0x5b/0x80
[  307.412095][    C1]  kfree+0x18e/0x440
[  307.415998][    C1]  genradix_free_recurse+0x5d/0xa0
[  307.421110][    C1]  genradix_free_recurse+0x5d/0xa0
[  307.426219][    C1]  sctp_stream_free+0xd5/0x110
[  307.430974][    C1]  sctp_association_free+0x26d/0x7f0
[  307.436247][    C1]  sctp_do_sm+0x3eba/0x5a20
[  307.440739][    C1]  sctp_primitive_SHUTDOWN+0x98/0xc0
[  307.446011][    C1]  sctp_close+0x409/0x900
[  307.450322][    C1]  inet_release+0x144/0x190
[  307.454896][    C1]  sock_close+0xc3/0x240
[  307.459209][    C1]  __fput+0x44c/0xa70
[  307.463185][    C1]  task_work_run+0x1d4/0x260
[  307.467763][    C1]  do_exit+0x6b5/0x2300
[  307.471999][    C1]  do_group_exit+0x21c/0x2d0
[  307.476601][    C1]  get_signal+0x1286/0x1340
[  307.481098][    C1]  arch_do_signal_or_restart+0x9a/0x750
[  307.486634][    C1]  exit_to_user_mode_loop+0x75/0x110
[  307.491906][    C1]  do_syscall_64+0x2bd/0x3b0
[  307.496487][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.502555][    C1] 
[  307.504860][    C1] The buggy address belongs to the object at ffff888055b8ec00
[  307.504860][    C1]  which belongs to the cache kmalloc-512 of size 512
[  307.518985][    C1] The buggy address is located 42 bytes inside of
[  307.518985][    C1]  freed 512-byte region [ffff888055b8ec00, ffff888055b8ee00)
[  307.533029][    C1] 
[  307.535341][    C1] The buggy address belongs to the physical page:
[  307.541736][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888055b8d400 pfn:0x55b8c
[  307.551792][    C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  307.560305][    C1] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  307.568818][    C1] page_type: f5(slab)
[  307.572794][    C1] raw: 00fff00000000240 ffff88801a441c80 ffffea0001f10210 ffffea00014c3910
[  307.581552][    C1] raw: ffff888055b8d400 0000000000100006 00000000f5000000 0000000000000000
[  307.590123][    C1] head: 00fff00000000240 ffff88801a441c80 ffffea0001f10210 ffffea00014c3910
[  307.598951][    C1] head: ffff888055b8d400 0000000000100006 00000000f5000000 0000000000000000
[  307.607611][    C1] head: 00fff00000000002 ffffea000156e301 00000000ffffffff 00000000ffffffff
[  307.616273][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  307.624922][    C1] page dumped because: kasan: bad access detected
[  307.631324][    C1] page_owner tracks the page as allocated
[  307.637106][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5853, tgid 5853 (syz-executor), ts 58147703050, free_ts 58146737660
[  307.657755][    C1]  post_alloc_hook+0x240/0x2a0
[  307.662516][    C1]  get_page_from_freelist+0x21e4/0x22c0
[  307.668048][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  307.673837][    C1]  alloc_pages_mpol+0x232/0x4a0
[  307.678686][    C1]  allocate_slab+0x8a/0x370
[  307.683262][    C1]  ___slab_alloc+0xbeb/0x1410
[  307.688126][    C1]  __kmalloc_noprof+0x305/0x4f0
[  307.692976][    C1]  tomoyo_init_log+0x1a6e/0x1f70
[  307.698031][    C1]  tomoyo_supervisor+0x340/0x1480
[  307.703319][    C1]  tomoyo_path_number_perm+0x438/0x5a0
[  307.708774][    C1]  tomoyo_path_mkdir+0xa8/0xe0
[  307.713521][    C1]  security_path_mkdir+0x171/0x380
[  307.718616][    C1]  do_mkdirat+0x1bd/0x590
[  307.723032][    C1]  __x64_sys_mkdirat+0x87/0xa0
[  307.727793][    C1]  do_syscall_64+0xfa/0x3b0
[  307.732279][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.738440][    C1] page last free pid 5853 tgid 5853 stack trace:
[  307.744766][    C1]  __free_frozen_pages+0xbc4/0xd30
[  307.749916][    C1]  stack_depot_save_flags+0x436/0x860
[  307.755281][    C1]  kasan_save_track+0x4f/0x80
[  307.759969][    C1]  __kasan_slab_alloc+0x6c/0x80
[  307.764997][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  307.770453][    C1]  getname_kernel+0x5a/0x2f0
[  307.775199][    C1]  kern_path+0x1d/0x50
[  307.779345][    C1]  do_loopback+0xea/0x430
[  307.783693][    C1]  __se_sys_mount+0x317/0x410
[  307.788364][    C1]  do_syscall_64+0xfa/0x3b0
[  307.792850][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.798814][    C1] 
[  307.801116][    C1] Memory state around the buggy address:
[  307.806816][    C1]  ffff888055b8eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  307.814948][    C1]  ffff888055b8eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  307.823001][    C1] >ffff888055b8ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  307.831049][    C1]                                   ^
[  307.836402][    C1]  ffff888055b8ec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  307.844481][    C1]  ffff888055b8ed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  307.852621][    C1] ==================================================================
[  307.861029][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  307.868326][    C1] CPU: 1 UID: 0 PID: 15028 Comm: syz.1.2621 Not tainted syzkaller #0 PREEMPT(full) 
[  307.877703][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  307.887776][    C1] Call Trace:
[  307.891052][    C1]  <TASK>
[  307.893977][    C1]  dump_stack_lvl+0x99/0x250
[  307.898557][    C1]  ? __asan_memcpy+0x40/0x70
[  307.903144][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.908335][    C1]  ? __pfx__printk+0x10/0x10
[  307.913107][    C1]  vpanic+0x281/0x750
[  307.917084][    C1]  ? __pfx_vpanic+0x10/0x10
[  307.921597][    C1]  ? rcu_is_watching+0x15/0xb0
[  307.926443][    C1]  panic+0xb9/0xc0
[  307.930420][    C1]  ? __pfx_panic+0x10/0x10
[  307.934975][    C1]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  307.940869][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  307.946851][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  307.951964][    C1]  check_panic_on_warn+0x89/0xb0
[  307.956901][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  307.962004][    C1]  end_report+0x78/0x160
[  307.966248][    C1]  kasan_report+0x129/0x150
[  307.970777][    C1]  ? rose_timer_expiry+0x471/0x4b0
[  307.976080][    C1]  rose_timer_expiry+0x471/0x4b0
[  307.981025][    C1]  call_timer_fn+0x17e/0x5f0
[  307.985636][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  307.991085][    C1]  ? call_timer_fn+0xbe/0x5f0
[  307.995750][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  308.000854][    C1]  ? rcu_is_watching+0x15/0xb0
[  308.005625][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  308.011078][    C1]  __run_timer_base+0x61a/0x860
[  308.015918][    C1]  ? ktime_get+0x3e/0x1f0
[  308.020328][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  308.025717][    C1]  run_timer_softirq+0xb7/0x180
[  308.030959][    C1]  handle_softirqs+0x283/0x870
[  308.035714][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  308.040463][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  308.045736][    C1]  __irq_exit_rcu+0xca/0x1f0
[  308.050309][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  308.055493][    C1]  irq_exit_rcu+0x9/0x30
[  308.059813][    C1]  sysvec_apic_timer_interrupt+0x57/0xc0
[  308.065432][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  308.071404][    C1] RIP: 0033:0x7f2348a68016
[  308.075806][    C1] Code: 77 f8 48 89 f8 48 89 eb eb 12 66 2e 0f 1f 84 00 00 00 00 00 48 8b 4b 08 48 83 c3 08 48 39 d1 72 f3 48 83 e8 08 48 39 f2 73 17 <66> 2e 0f 1f 84 00 00 00 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72
[  308.095584][    C1] RSP: 002b:00007ffe9b77dce0 EFLAGS: 00000297
[  308.101784][    C1] RAX: 00007f234832c448 RBX: 00007f2348325e60 RCX: ffffffff81f76d04
[  308.109838][    C1] RDX: ffffffff81f76d04 RSI: ffffffff81f76d38 RDI: 00007f234832e8a8
[  308.117970][    C1] RBP: 00007f2348323328 R08: 00007f2348328de0 R09: 00007f2348da2000
[  308.125932][    C1] R10: 00007f23481fd008 R11: 0000000000000018 R12: 00007f2348323320
[  308.133894][    C1] R13: 000000000000001a R14: 00007ffe9b77de68 R15: 00007f23481fd008
[  308.141876][    C1]  ? filemap_map_pages+0x1004/0x1740
[  308.147155][    C1]  ? filemap_map_pages+0x1004/0x1740
[  308.152619][    C1]  ? filemap_map_pages+0x1038/0x1740
[  308.157905][    C1]  </TASK>
[  308.161226][    C1] Kernel Offset: disabled
[  308.165638][    C1] Rebooting in 86400 seconds..