last executing test programs:

2m39.431070495s ago: executing program 1 (id=898):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0x3}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='`', 0x1}], 0x1}}, {{&(0x7f00000006c0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000140)="ed", 0x1}], 0x1, &(0x7f0000000040)=[@ip_retopts={{0x10, 0x84, 0x8}}], 0x10}}], 0x2, 0xa9fe000000000000)

2m38.940563762s ago: executing program 1 (id=901):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'syz_tun\x00'})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x2}, @ETHTOOL_A_LINKMODES_HEADER={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004850}, 0x4044014)

2m38.893371928s ago: executing program 1 (id=904):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x9, [{0x1}]}]}, {0x0, [0x2e, 0x2e]}}, 0x0, 0x34, 0x0, 0x1, 0x3ff}, 0x28)
r0 = socket(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000001c40)=0x4)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000500), r1)
sendmsg$NBD_CMD_RECONFIGURE(r1, &(0x7f0000000700)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x4c, r3, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xffffffffffffffff}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000801)
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000100)=0xffff0080)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r1)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000080)="88b0bae0e826425499f4d4ddb99bbe211a", 0x11}, 0x1, 0x0, 0x0, 0x8004}, 0x24044044)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r4, @ANYBLOB="0100000000000000000003000000080001"], 0xe0}}, 0x0)
r6 = socket(0x28, 0x5, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r7, 0x0, 0x0)
setsockopt$sock_int(r7, 0x1, 0x31, &(0x7f0000000140)=0xdf6, 0x4)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r8, &(0x7f0000000440), 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r9)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r12=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r1, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)={0x4c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0x7a8670e044eced78}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x10001}]}, 0x4c}}, 0x4000080)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x38, r10, 0x1, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x1}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x2}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x2710}, @ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004850}, 0x4044014)
bind$vsock_stream(r6, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x80, 0x20, 0x8, 0x2, {{0x45, 0x4, 0x1, 0x8, 0x114, 0x68, 0x0, 0x9, 0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, {[@ssrr={0x89, 0x7, 0x51, [@empty]}, @noop, @cipso={0x86, 0x62, 0x1, [{0x5, 0xd, "7e0d4edd7ff9c6fbaccea5"}, {0x0, 0x12, "ce1372b71c6978d0546012f0965492c9"}, {0x2, 0xf, "9d7f654e047faffc6ecb48c0d8"}, {0x5, 0x7, "106e759ccc"}, {0x5, 0xa, "8684b1b7ee80b2bb"}, {0x6, 0xb, "51e9c746c45f44325e"}, {0x7, 0x12, "3073da82ff4d8427d2bb9582ab72611f"}]}, @timestamp_addr={0x44, 0x3c, 0xe2, 0x1, 0xd, [{@local, 0x6f2}, {@local, 0x6}, {@empty, 0x700001}, {@local, 0xa}, {@multicast2, 0x5}, {@local, 0x1ff}, {@remote, 0x2}]}, @noop, @ssrr={0x89, 0x13, 0xf9, [@initdev={0xac, 0x1e, 0x0, 0x0}, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @timestamp={0x44, 0x24, 0xc5, 0x0, 0x0, [0x0, 0xff1, 0x10, 0x2, 0x9, 0x5, 0x6, 0xfff]}, @ssrr={0x89, 0x7, 0x81, [@empty]}, @end, @timestamp={0x44, 0x18, 0xe9, 0x0, 0x7, [0x4, 0x0, 0x2005, 0x5, 0x9]}]}}}}})
write(r0, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40101}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

2m38.576542139s ago: executing program 0 (id=910):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000007000000324900007f00000001000080", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000010000"], 0x50)

2m38.566291918s ago: executing program 1 (id=912):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000300)={0x40, r3, 0x1, 0x0, 0x25dfdbfd, {{0x2}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xad6, 0x6d}}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7a}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x40}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000001200)={0x60000010})
r6 = epoll_create1(0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r4, &(0x7f0000000300)={0x10000000})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f0000000600))
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x8100, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
close(r8)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
ppoll(&(0x7f0000000500)=[{r9}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
shutdown(r8, 0x0)
recvmmsg(r8, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="911079000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x8}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x54, r3, 0x300, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r11}, @val={0xc, 0x99, {0xffffffff, 0x2c}}}}, [@NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x7493ffaf9d86b265, 0x2, 0x5, 0x0, {0x2, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x400, 0xfffffff9, 0xd}}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x45)
getsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000240), &(0x7f00000003c0)=0x4)

2m38.518095186s ago: executing program 0 (id=913):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0x4, &(0x7f00000003c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, [@call={0x85, 0x0, 0x0, 0x1d}]}, &(0x7f0000000380)='GPL\x00'}, 0x94)

2m38.440547355s ago: executing program 4 (id=914):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'syz_tun\x00'})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x2}, @ETHTOOL_A_LINKMODES_HEADER={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004850}, 0x4044014)

2m38.400946912s ago: executing program 0 (id=916):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x102})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX=r2], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000540), &(0x7f0000000280)=r3}, 0x20)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x10, 0x803, 0x0)
r7 = openat$tun(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f0000000280)={0x3, &(0x7f0000000180)=[{0xff, 0x6, 0x1, 0x3a90}, {0x1, 0x10, 0x7f, 0xfffffff2}, {0x8, 0x80, 0x9, 0x2}]})
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffd}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd2a, 0x8000002, {0x0, 0x0, 0x0, r9, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xff, 0x1, 0x7ffe}, {0x8, 0x6a6, 0xffff, 0x5, 0x2, 0x2}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x24008004}, 0x0)
listen(r4, 0x3)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, 0x0, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r11, 0x0, 0x20000000}, 0x20)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000001ac0)={@mcast2}, 0x14)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)

2m38.330705134s ago: executing program 4 (id=917):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x4081, @empty, 0x101}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x9, 0x6c02, 0x3, 0x0, {0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x28}}}}, 0x32)

2m38.120496814s ago: executing program 4 (id=920):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000010003c3bfa300000000000007030000f0ffffff7a0af0fff8ffffff71a4f0ff00000000650a0200000000ff2d400500000000004400000001ede4ff6b03000000000000cc440000000000007a0a00fe00ffffffdb03000001000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275dff00000001b6bf01c8e8b19aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec36574a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f4720082f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8cde6aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a42b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75cafd2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719ba9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeeaaed7b35e3460bd571e09196ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691df8b4b7ecd27ce82f7df3e7d1daac43738612e4fee18a22da19fcdb0613684e128cb06ded90b9a341304c2890cda1f96b95add69279063eaa76c336adad0b80b4be2511e3a69d040000000000000090205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecb4d91675767999a556b3df4dd146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd0000000069ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa83a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d0f9dd53478dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23886ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d78d6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ba0d48fceb72b30bbeeaab3e6b12ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4c52ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c3c4e853800f56124eec7505744b29c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc24f30daca3c9b184e140792297d023ef525e2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f271bad21d688af35a2bd02c15d20f3d62a50e20260642c25f304c8034a5f4d8e45e701dbd84294d1096e715662b8223e10e98c4c38451fc5c702084e3fa9b184e0d0fba44acf3bb8a846cf680dfbf312cddfdb2043288fa6b67fa762c8b75d4478756ef240f2b314e4d77a3afb4fcec92248327004d1dac7ac87a6f8cb04d82acc307d60e4713bd9a8f29091d3048c669a5f5439e0a906ce098d177b9579882586511cfe6a23e57c44d1654899f077b5636e4181f3de6b814bedcac5290ad801800000000000000000000000000000064563875944a308cfd7bccc4bdc6ca5107b7affa9962afe1b3c64ad26ebfde3bb82020147e20db88bd0358769e9b407f74795e153e59d16b1675ae8cde3ca8ee3eea9eb93cea89d52275f8e9bf4e00000080353bd348938c446fa3d59c62db01c6d30bc9f6b3862c949c7fce4db56e58349c9fa363c662c34d461a58bfebd2a3cdb17906b0f9dafd31a80533e4aa064e4b8e891fcc82fbffe0f55220862750edd1a317338d6b1fad87bc6bcd0cd22c3172bb64c6f893c99e445fa387097e5359b644477c23a72eeb00e34c84d7a8bb462a10fb2d981f90b9c74a06d8470fff093e699a7c3b09d81118dafc74e7603d8c8e5a6d14c444663499eff6bd25f3c356dc31fa93f7053d09fa45eaebfaa7da6ba8ac5bc4b660e2c3745f5b41c361d5750a7c11850a91e51927679f255500e2cfd2f0c592e13713271d74105aa1202d7acbbd10cc2b9d31c23f0cdf710e277ab78aab43da554167f56362187667e61e0f6a4a00a0d247f241146c64bc266f91fe0ed2358e03a415a52304aea86c3527c87e94a15578ea5230222c5c20220b4fd2e5506699820e3cc8de3faeb163f2a65009bfee4d53fe5e4723377cba9b52ab0b21e881b4e89f22d676c3020df1b39b678c71d989a91cd88ff69cf6fd14e700"/3715], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x28012, r0, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', <r1=>0x0, 0x4, 0x5, 0x1b, 0x3, 0x2c, @ipv4={'\x00', '\xff\xff', @loopback}, @local, 0x20, 0x10, 0x800, 0x52}})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000180)={'syztnl2\x00', &(0x7f0000000100)={'syztnl2\x00', r1, 0x2f, 0x3, 0x8, 0x7, 0x1a, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x700, 0x6, 0xfffffffb}})

2m37.936538626s ago: executing program 4 (id=923):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x8, 0x12, r0, 0xfffff000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

2m37.911687159s ago: executing program 0 (id=924):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x13, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xd01b}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x2a}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x1, @mcast2, 0x5907}], 0x1c)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYRES8, @ANYRES8=0x0], 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000400)={'sit0\x00', &(0x7f00000004c0)={'gre0\x00', <r3=>0x0, 0x40, 0x40, 0x401, 0x9, {{0xf, 0x4, 0x2, 0xa, 0x3c, 0x67, 0x0, 0x20, 0x4, 0x0, @rand_addr=0x64010102, @multicast2, {[@noop, @ra={0x94, 0x4, 0x1}, @noop, @ssrr={0x89, 0x1f, 0x34, [@empty, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0xb}, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @rand_addr=0x64010100]}]}}}}})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000091"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x100000, 0xffffffffffffffff, 0x4}, 0x38)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r5, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0003230c1100"})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000010a20000000000a03000000000000000000070000040900010073797a300000000088000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000003ef0001800e000100636f6e6e6c696d69740000000c000280080001400000e41f08000340000001"], 0xd0}, 0x1, 0x0, 0x0, 0x60000800}, 0x4000024)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000480), r7)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=<r11=>0x0)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r11], 0x1c}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000100)=<r12=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000140)=<r13=>0x0)
sendmsg$NFC_CMD_SE_IO(r7, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x124, r10, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r12}, @NFC_ATTR_SE_APDU={0xf8, 0x19, "56d8821ad02a20305a8725c45e78940e3f6dde57d72ee1f4910a49d6a516878c22eda664c4541bcab04f30804f28b6cc7610bc75a5c0e76e1c98cd24074c61c0e5bfb27be9e13a970b23f1b4555d471d741a65278b75c72a09e927638c41a02453de7343c5ed40c593e77a8d5bb3be5d0ea07a988574670b4f8f73b293436e852e31a092222efff94ae6ae8c300ff6367959d93a88add0381bfc7b0d17a5bfd5732794ac993d304ef70a3eb43d257f2549785814f2f2aee83f6afaeaf6be411c1846673c49c15ce651b153991048bd4e325633875791e0497adf18231b117cd791fb4a6da8abea8110b3f821afae617989e3f6d3"}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r13}]}, 0x124}, 0x1, 0x0, 0x0, 0x1}, 0x4000)

2m37.881428418s ago: executing program 4 (id=925):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0x1}]}}}]}, 0x3c}, 0x1, 0x41}, 0x0)

2m37.704182996s ago: executing program 0 (id=926):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0xfffffffc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfff)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000d40)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000001e00000000000000200018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r9, 0x0, 0x60, 0x8, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000000)=""/2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
listen(r6, 0xfffff3c6)
r10 = socket$netlink(0x10, 0x3, 0x8000000004)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x2, 0x25dfdbfc, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x2, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, 0xfffffffd}}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x3, 0x1, 0xe4, {0x0, 0x0, 0x8, 0x401}}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8010}, 0x2000000)
writev(r10, &(0x7f00000000c0)=[{0x0}], 0x1)

2m37.580054047s ago: executing program 4 (id=927):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x4000, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004"], 0x328}}, 0x84)

2m37.555632726s ago: executing program 1 (id=928):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x3c, 0x10001, 0x9, 0x8000, 0x2, 0xffffff01, 0x8, 0x3, 0x80000001}})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'veth0_to_team\x00', 0x800})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$pptp(0x18, 0x1, 0x2)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
ppoll(&(0x7f0000000500)=[{r5}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x2000000000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0)
bind$pptp(r4, 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x40000)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
write$tun(r0, &(0x7f0000000440)={@void, @void, @llc={@snap={0xaa, 0x0, "a549", "1e9603", 0x809b, "6c25b8b70ff600487b3c52e6cd2f4d16ed8c943999e22819b5d4b614ca00a14594410958f9b67ebc21eb06d32617e85b47a07d5459e3f2764b89684a286b859a6babaca2bf8a53b7996fefc12ed50b51bec609e0543a6c089cf1110bb5428cd8912d3cc0fef2e440ec3b8b5be798b95a470b40962a43d03f0f59c3710cfbcf353348adb4e2b51bbd6c"}}}, 0x92)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000c002}, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x40014}, 0x880)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000600))

2m37.172660025s ago: executing program 32 (id=927):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x4000, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004"], 0x328}}, 0x84)

2m37.128287299s ago: executing program 0 (id=930):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000077124c00000000009500000000000000b671196972a67900bfc652ef9c929feae5a3000805000000"], &(0x7f0000000080)='GPL\x00'}, 0x94)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f00000001c0)=0x3, 0x4)
recvmmsg(r0, &(0x7f0000003e00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/27, 0x1b}, 0x7}], 0x1, 0x45833af92e4b39ff, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x8}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r3, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
r4 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r5 = openat$cgroup_procs(r2, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x40)
pread64(r5, &(0x7f0000001840)=""/4096, 0x1000, 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={0x0, 0xfffffffb, 0x7, 0x6}, 0x10)

2m37.128014367s ago: executing program 33 (id=930):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000077124c00000000009500000000000000b671196972a67900bfc652ef9c929feae5a3000805000000"], &(0x7f0000000080)='GPL\x00'}, 0x94)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f00000001c0)=0x3, 0x4)
recvmmsg(r0, &(0x7f0000003e00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/27, 0x1b}, 0x7}], 0x1, 0x45833af92e4b39ff, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x8}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r3, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
r4 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r5 = openat$cgroup_procs(r2, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x40)
pread64(r5, &(0x7f0000001840)=""/4096, 0x1000, 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={0x0, 0xfffffffb, 0x7, 0x6}, 0x10)

2m37.127798847s ago: executing program 1 (id=931):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000011000101000000000000200000000000", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)

2m36.847147106s ago: executing program 34 (id=931):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000011000101000000000000200000000000", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)

11.877809134s ago: executing program 6 (id=2776):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) (async)
unshare(0x42020000) (async, rerun: 32)
r0 = socket(0x10, 0x3, 0x0) (rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

8.268657586s ago: executing program 6 (id=2819):
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, 0x0, 0x8)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3)
socket(0x8, 0x3, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010003000000140012800b0001006d6163736563000078ff028008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n'], 0x44}, 0x1, 0x4000}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

8.019871661s ago: executing program 6 (id=2824):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
unshare(0x62040200) (async)
unshare(0x62040200)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r1, 0x5421, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002021702500000000002020207b1af8ff00000000bfa10000951234d35864aa628023ce005f3d367c00000701fefff7ffffffb702000008000000b703003e6d000083850054308de8c7749781c53da224ccde11e1586e8521a654fc2538faaff61c75b305f68d9e6e226e602f10e29e98c99a9db3afbe80cf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socket$inet6(0xa, 0x1, 0x0) (async)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@private2, 0x0, 0x0, 0x1, 0x1, 0x4000}, 0x20)
close(r3)
syz_init_net_socket$llc(0x1a, 0x1, 0x0) (async)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000061000000b70000004000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) (async)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0xf)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r4, &(0x7f0000000100), 0x2, 0x0) (async)
r5 = openat$cgroup_type(r4, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r5, &(0x7f0000000280), 0x9) (async)
write$cgroup_type(r5, &(0x7f0000000280), 0x9)
r6 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000180)={0x797c31887b4e971d, @loopback, 0x4e23, 0x4, 'ovf\x00', 0x20, 0x400, 0xd}, 0x2c)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)) (async)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg(r9, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)
sendmsg$inet(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="92", 0x1}], 0x1}, 0x3)
openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) (async)
r10 = openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000200)=0x1, 0x12)

2.900448275s ago: executing program 6 (id=2851):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x400000000000000, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020f000015000000000000000000000005000500000000000a00ffffff800000000000000000000000000000000000000004000000000000080012000000020000000000020000000600000000000000090000000000000000000000000000000000000000000000ff01000000000000000000000000000105000600000000000a000002ffffffffff0200000000000000000000000000010000000000000000010018"], 0xa8}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000400000014000600fe880000000000000002000000000001080002000700000008000c0002000000140005"], 0x4c}}, 0x20000000)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto(r4, &(0x7f0000000200)="1400595ad7e81a176187b420fd07c7b089edf81ce14a87005b49402e4695b262aed64d33262fe7de8b9ad920c78bc85da143024c32712e377e52f055f28216446e8cc44af2f56f", 0x47, 0x8000, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x2c, r6, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, &(0x7f0000000000)=[{{0x4, 0x0, 0x1, 0x1}, {0x2, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x1, 0x1}}], 0x10)
close(r7)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r1}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000c700000095", @ANYRES8=r1, @ANYRESOCT=r1], &(0x7f0000000300)='GPL\x00', 0x8, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x94)

2.061535462s ago: executing program 2 (id=2863):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', <r2=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000d40)={0x0, 0xe0, &(0x7f0000000d00)={&(0x7f0000000600)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000180ff0000000100000000000000fdffff01000000000000020000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000000000001050003000000000088000080060001000a0000001400020020010000000000000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r2], 0x22c}}, 0x0)

1.976657s ago: executing program 5 (id=2865):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) (async)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x2, 0x0)
socket(0x28, 0x5, 0x0) (async)
socket(0x28, 0x5, 0x0)
socket(0x28, 0x5, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r8}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r8}, 0x10)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket(0x22, 0x2, 0x2) (async)
r10 = socket(0x22, 0x2, 0x2)
setsockopt$netrom_NETROM_T1(r10, 0x103, 0x1, &(0x7f0000000040)=0x9, 0x4)
ioctl$FS_IOC_GETFSLABEL(r9, 0x400452c8, &(0x7f0000000100)) (async)
ioctl$FS_IOC_GETFSLABEL(r9, 0x400452c8, &(0x7f0000000100))

1.908645792s ago: executing program 2 (id=2866):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000380), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000003c0))
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.887044809s ago: executing program 6 (id=2867):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x8, 0xdd, 0xff}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x75, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0={0x18, 0x0, 0x0, 0x20}]}, &(0x7f0000000200)='GPL\x00'}, 0x94)

1.765055159s ago: executing program 7 (id=2869):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000030400000000002f000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800000000040002800800200001"], 0x3c}}, 0x0)

1.764175158s ago: executing program 2 (id=2870):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c000000100085060000", @ANYRES32=r2, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r3, 0x0, 0x3}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x60088}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

1.651949011s ago: executing program 6 (id=2872):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2721, 0x0, &(0x7f00000000c0))
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000017c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="01000100b443900b71", @ANYRES32, @ANYRES8=r1], 0x2c}, 0x1, 0x0, 0x0, 0x54014840}, 0x20000000)
unshare(0x22020600)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSFLAGS1(r2, 0x40047459, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000040)={'syztnl2\x00', <r3=>0x0, 0x29, 0x2, 0x7, 0x4, 0x40, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, 0x0, 0x700, 0xfff, 0x2}})
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14)
getpeername$packet(r0, &(0x7f00000001c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000480)=0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000001880)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002b40), r5)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r5, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000002bc0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010028bd7000fddbdf253e00000008000300", @ANYRES32=r6, @ANYBLOB="59405be3fd7bc95790feb99e5b7993ae191ebd8f69163bb815244bf42ea275cda51635e6dd93329c5baaf424000000000fc23c7e96759c46051698546c5817f7d84c9ed37347d921f76347fdfa8bd246313273fdc6d01bc671b21b4fdaedc255d3d96e4f8ac0c2f938f8aa474150fa2dca6d20ebbb1f8a392bc26fdcbd3b7cdbccdb773e8bc29b0680d3ac55f6333b02ebfcd71b6ffaee2965ce9c9388833cf63532a71fed1e3e8dc35b932cba2b79f27507bb6590f131605f2ba6cb4f071038"], 0x1c}}, 0x40000)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000004c0)={'team0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r10=>0x0})
r11 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r11, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @private1, 0x1}, 0x1c)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0x3, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r10, 0x28000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @multicast1}]}}}]}, 0x3c}, 0x1, 0x2, 0x0, 0x40000}, 0x80)
sendmsg$ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000700)=ANY=[@ANYBLOB="54131c", @ANYRES16=r1, @ANYBLOB="000225bd7000fddbdf25170000007000018008000100", @ANYRES32=r10, @ANYRESOCT, @ANYRES32=r3, @ANYBLOB="1400020064766d72703100000000000000000000080003000200000020000180080003000100000014000200766574683100000000000000000000003000018008000100", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r10, @ANYBLOB="14000200766574683000"/20, @ANYRESOCT=r9, @ANYRESDEC, @ANYRES32=r8], 0x110}, 0x1, 0x0, 0x0, 0x40044d5}, 0x80)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r12, 0x8933, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002400)=ANY=[@ANYBLOB="b7000000f8000000bfa300000000000007030000f4ffffff620af0fff8ffffff71a4f0ff000000002d100200000000001d400200000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffc3030000e10000009f000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d66a77ac8daab82167606068067500c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923030000000000000014e72ba7a54f0c33d39000d06a59ff616236fd9aa5b4e377184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049ef6a989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7592566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270fa3d0ee281eaa11ad47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42e54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65807ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91c11ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6cb5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cdb70f617af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028af0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00672f0814bf895e3a6dfbc711243f58a817895f5c4eaf7de8411a831ef65508f416ae3fd1db8386f6aae40515273adcff6196bb45476ec0a5279ed223f772aee25947b1f0d275c0e495b050f10a0b5d19b578a2b4096b9df527211bb39a29224c34a517dc344a195697b0c158d3519c04fe7621ebeef0bc369a1431a90c4117bdfe358e0e869e9f3e5443813261c1c3c78ab2584603e4468de7d0dc93691491050666f4ea5f083a1b281ed230569921856befe07538fbf33f43fa4ad583867bee301ae1e2566ae7a7afb7fc54895a2fef928d91a162affb4d373c7628a2871d7d19eaf06ed5f58f799c8ff391d3752b115073702ee257ade173dd2f736ed5939f219ba42f7650b9a262f6ee4af52aba3e669a835555ea1674f89d7f98ee1a1c7f977e0a93fdf91606d01c1a9dacfd4328502948bed0bc9514e4f66846bc1f245aa5abad88d56679092fee01007cade7ee72a49a498d51a26ba5cf0896cd9143d457262976f682bf31833ee99b5301f349dd2815e76a8b9a6cec5e000bd6bdafcb9536379b6cd0351cfe345abb1f"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2fe4a74041c1ce1c}, 0x48)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
unshare(0x6a040000)

1.628602497s ago: executing program 7 (id=2873):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000011000101000000000000000600000000", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)

1.523677783s ago: executing program 5 (id=2874):
gettid()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="bca0eb35d52202b80248b552331810c3b454e7a1c7ca3d779c92f0139a005ad5b61573cdc7f6f47a06749ed8eff43cfabcce5e6888284616b8e93b5ade5a2957f82de9512a"], 0x14}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r3, 0x1}, 0x18)
sendmmsg$inet(r2, &(0x7f00000016c0)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @remote}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000280)="d36df3f7", 0x4}], 0x1}}], 0x1, 0x40)
sendmsg$RDMA_NLDEV_CMD_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x1401, 0x1, 0x70bd2b, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x40008800}, 0x20000014)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0xf}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0x13, 0x0, &(0x7f0000000900))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x59)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=@getnetconf={0x14, 0x52, 0x20, 0x70bd2d, 0x25dfdbfc, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0f000000040000"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x1, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000110f0000000000dcdf2500000000", @ANYRES32=0x0, @ANYBLOB="04010000000000002400128009000100766c616e000000001400028006000100000000000600050088a8000008000500", @ANYRES32=r10, @ANYBLOB="08001f00", @ANYRES32=r10], 0x54}}, 0x0)
r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r11, @ANYBLOB="010026bd7000ffdadf251d0000000c000600010000000100000084002f800c000200000000"], 0xa4}, 0x1, 0x0, 0x0, 0x880}, 0x40)

1.382470136s ago: executing program 3 (id=2875):
socket$igmp6(0xa, 0x3, 0x2)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fbdbdd254400000008000300", @ANYRES32=r2, @ANYBLOB="1409000900000005000800030000000000000000"], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x4040)

1.312457107s ago: executing program 7 (id=2876):
r0 = socket(0x10, 0x803, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket(0x400000000010, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x1, 0x8, 0xb}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$kcm(0x10, 0x3, 0x10)
socket$kcm(0x21, 0x2, 0x2)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, 0x0, &(0x7f00000001c0))
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="05000000060000000800000005"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda98800000ffe2800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

1.281492558s ago: executing program 5 (id=2877):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x9, [{0x1}]}]}, {0x0, [0x2e, 0x2e]}}, 0x0, 0x34, 0x0, 0x1, 0x3ff}, 0x28)
r0 = socket(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000001c40)=0x4)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000500), r1)
sendmsg$NBD_CMD_RECONFIGURE(r1, &(0x7f0000000700)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x44, r3, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xffffffffffffffff}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x44}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000801)
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000100)=0xffff0080)
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000000)=0x8)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r1)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000080)="88b0bae0e826425499f4d4ddb99bbe211a", 0x11}, 0x1, 0x0, 0x0, 0x8004}, 0x24044044)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, 0x0, 0x0)
r5 = socket(0x28, 0x5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, 0x0, 0x0)
setsockopt$sock_int(r6, 0x1, 0x31, &(0x7f0000000140)=0xdf6, 0x4)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r7, &(0x7f0000000440), 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r8)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r11=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r1, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)={0x4c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0x7a8670e044eced78}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x10001}]}, 0x4c}}, 0x4000080)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x38, r9, 0x1, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x1}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x2}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x2710}, @ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004850}, 0x4044014)
bind$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x80, 0x20, 0x8, 0x2, {{0x45, 0x4, 0x1, 0x8, 0x114, 0x68, 0x0, 0x9, 0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, {[@ssrr={0x89, 0x7, 0x51, [@empty]}, @noop, @cipso={0x86, 0x62, 0x1, [{0x5, 0xd, "7e0d4edd7ff9c6fbaccea5"}, {0x0, 0x12, "ce1372b71c6978d0546012f0965492c9"}, {0x2, 0xf, "9d7f654e047faffc6ecb48c0d8"}, {0x5, 0x7, "106e759ccc"}, {0x5, 0xa, "8684b1b7ee80b2bb"}, {0x6, 0xb, "51e9c746c45f44325e"}, {0x7, 0x12, "3073da82ff4d8427d2bb9582ab72611f"}]}, @timestamp_addr={0x44, 0x3c, 0xe2, 0x1, 0xd, [{@local, 0x6f2}, {@local, 0x6}, {@empty, 0x700001}, {@local, 0xa}, {@multicast2, 0x5}, {@local, 0x1ff}, {@remote, 0x2}]}, @noop, @ssrr={0x89, 0x13, 0xf9, [@initdev={0xac, 0x1e, 0x0, 0x0}, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @timestamp={0x44, 0x24, 0xc5, 0x0, 0x0, [0x0, 0xff1, 0x10, 0x2, 0x9, 0x5, 0x6, 0xfff]}, @ssrr={0x89, 0x7, 0x81, [@empty]}, @end, @timestamp={0x44, 0x18, 0xe9, 0x0, 0x7, [0x4, 0x0, 0x2005, 0x5, 0x9]}]}}}}})
write(r0, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40101}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

1.247878401s ago: executing program 2 (id=2878):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x4, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x300)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000000c0)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x11, 0x7f, 0x20000a2e, 0xffffffff, 0x0, 0x40000003, 0x7, 0x3, 0x3000000}})
r4 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
unshare(0x28000600)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480))
pipe(&(0x7f0000000340))
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000004000000009000000080000008c800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000008000000000", @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'/28], 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000000000000000000000850000000f000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='ext4_writepages\x00', r6}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={r5, 0x58, &(0x7f0000000380)}, 0x10)
r7 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x40)
pread64(r7, &(0x7f0000001840)=""/4096, 0x1000, 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, 0xffffffffffffffff, 0x0)

1.096408824s ago: executing program 3 (id=2879):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000006687000000000000000000850000007b00000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x90ff}, 0x80)

1.034833326s ago: executing program 3 (id=2880):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x8, 0x12, r0, 0xfffff000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x5}, [@printk={@li, {0x3, 0x3, 0x3, 0xa, 0x0}, {0x5, 0x1, 0xb, 0x1, 0x5}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffe00}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x64}, {0x85, 0x0, 0x0, 0x19}}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0xde, &(0x7f0000003e40)=""/222}, 0x94)

1.027525052s ago: executing program 7 (id=2881):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x4, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x94)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x1, @mcast1, 0x2}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22, 0x0, @mcast1, 0x4}, 0x1c)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e22d991000000000000a80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

780.561882ms ago: executing program 7 (id=2882):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x8, 0x12, r0, 0xfffff000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x5}}, &(0x7f0000000000)='GPL\x00', 0x8, 0xde, &(0x7f0000003e40)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x64}, 0x94)

749.862434ms ago: executing program 3 (id=2883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080), 0x50)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
socket(0x22, 0x2, 0x4)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x18, 0x24, 0x301, 0x0, 0x80, {0x11}, [@nested={0x4, 0x12b}]}, 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440))
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={<r8=>0x0, 0x0, 0x0, 0x4, 0x8}, &(0x7f0000000340)=0x18)
getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000003c0)=@assoc_value={r8, 0x4}, &(0x7f0000000400)=0x8)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="e1000000000000000000050000000073797a5f74756e0000d8ae9f1e57b0518045008b0159b100000000090050fc00090001000000"], 0x34}}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r12=>0x0})
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r12, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1}, &(0x7f0000000580), &(0x7f0000000380)}, 0x20)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r12, @ANYRES64, @ANYRES32=r2, @ANYRES64], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r14}, 0x10)

705.893527ms ago: executing program 7 (id=2884):
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f00000001c0)=@ethtool_ringparam={0x4, 0x0, 0x45, 0xfffffffe, 0x8fc3, 0x1, 0x20000, 0x0, 0xf}})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x1, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0x2}, {0x0, 0xa00, 0x40800000000000, 0x7fffffffffffffd}}}, 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYBLOB="a0000000210001000000000004000000fc000000fffffffd0000000000000001ff01000000000000000000000000000100000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000050001100ff0200000000000000000000000000010a010100000000000000000000000000fc0000000000000000000000000000000a0101000000000000000000000000003c000000000000000a000a00"], 0xa0}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'tunl0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYBLOB="000000000000000028001280090001006970697000000000"], 0x48}, 0x1, 0x2}, 0x0)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff})
ioctl$int_in(r6, 0x5452, &(0x7f00000000c0)=0x7)
vmsplice(r6, &(0x7f0000001c80)=[{&(0x7f00000019c0)="547ca44de2e19cdc24892d4cacca39b43e828821258bfbbbf3ef3cb7330cd177875b067b8ca128ebec27e185b525a93b7db5a67994ad98e53c509e59bd0b6e9ccdeb87358d97d95c74c41f578420b45d99fdab496616e1571c291d17b8e25ca49058ec274c739bed572bbd5a1112f66678fc0e712ca843f49d68b1680a256253499aa5ba", 0x84}, {&(0x7f0000001a80)}], 0x2, 0x1)
r7 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./file0\x00'}, 0x18)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x6, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="180000000900000000000000040000003816e0ff0100000095000000000000005f0c4856099a61e9ed7448c7fb94a1661a0a4017aeb2d5d32ffad17c37c0"], &(0x7f00000002c0)='GPL\x00', 0x356f, 0x0, 0x0, 0x41100, 0x25, '\x00', r5, 0x25, r6, 0x8, &(0x7f0000000440)={0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000740)=[r7, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000780)=[{0x2, 0x1, 0xa, 0xa}, {0x2, 0x2, 0x3}, {0x5, 0x5, 0x6, 0x5}, {0x5, 0x2, 0x10}, {0x3, 0x1, 0x6}, {0x1, 0x4, 0x6, 0x3}, {0x3, 0x8, 0x2, 0x3}, {0x5, 0x4, 0x3, 0x8}, {0x4, 0x5, 0x2, 0x4}], 0x10, 0x72}, 0x94)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="1f003300d00000000802110000010802110000"], 0x3c}}, 0x10)
bind$qrtr(0xffffffffffffffff, &(0x7f0000000000), 0xc)

662.527391ms ago: executing program 5 (id=2885):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x3c8, 0x0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x418, 0x3d8, 0x3d8, 0x418, 0x3d8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @loopback}, @local, [0xff, 0xffffffff, 0x0, 0xff000000], [0xffffff00, 0xff000000], 'erspan0\x00', 'wlan0\x00', {}, {0xff}, 0x2b, 0x3, 0x3}, 0x0, 0x1a0, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [0x0, 0x0, 0xff000000, 0xff], [0xffffff00, 0xffffff00, 0xff000000, 0xffffffff], 'team_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {}, 0x886215f4d37bb4bb, 0x90, 0x1, 0x69}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0xffffffffffffffce, r8, 0x1, 0x70bd2c, 0x0, {{}, {@void, @void}}}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x24004000)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1}, 0x1c)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000e80)={{{@in=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{}, 0x0, @in=@local}}, &(0x7f0000000900)=0xe8)
r10 = gettid()
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000a00)={{{@in6=@private0, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@dev}, 0x0, @in6=@local}}, &(0x7f0000000b00)=0xe8)
r12 = socket$kcm(0x2, 0x5, 0x84)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, <r13=>0x0}, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000440)=@abs={0x1, 0x0, 0x4e24}, 0x6e, 0x0, 0x0, &(0x7f0000000b40)=[@cred={{0x1c, 0x1, 0x2, {0x0, r9}}}, @cred={{0x1c, 0x1, 0x2, {r10, r11, r13}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58, 0x400}, 0x800)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000c40)=<r14=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000cc0)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in=@initdev}, 0x0, @in6=@initdev}}, &(0x7f0000000dc0)=0xe8)
getsockopt$sock_cred(r7, 0x1, 0x11, 0x0, &(0x7f0000000e40))
sendmmsg$unix(r5, &(0x7f0000000f80)=[{{0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1c000000677da7aab57446cd0bbbcdc7fd6f060b00000008000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r7, @ANYRES32=r5, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r12, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r14, @ANYRES32=r15, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x10}}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)="98e8b6e7d50653c2f862736fae148aa43c999e11268d5bc7f0f8abb91f293ae988d8b32a1ca9580af01acf2184e153741973710551e6ab8fffc45bec0f362a6355fe250db01284f260b66b2fe5069c084d191a95cea3e398bf64432c535c132e2dc26074b9b2ef1d007f1bad02367a09162e8e26b5462dab34dc68f3f02c5f4bf63340ae33c05beaec673fa79c6a6b0ce0aa9ac78609c6680d7eb3cf24432b8c8ef9c8dc172055f1af29af8c280f8d5b676b83ac2f6ffa17b778fdea51d7afab7d54900b70aa66e62f", 0xc9}], 0x1, 0x0, 0x0, 0x4000000}}], 0x2, 0x40008d0)
r16 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r16, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r6, @ANYBLOB="05005b"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB, @ANYRES32=r1, @ANYBLOB="40eadb1599919114475572a4e2ef24a8901e8742638a9da9821b493460181b65736a60d78f4faa4fab04fc6ed8df6564d37ae31db2b48e7bc072af4213e07f6f3b4b86033b77fc1009dcc612"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

556.300525ms ago: executing program 2 (id=2886):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000040)={{{@in=@private, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2b}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x1, 0x4, 0x8000000000000000}, 0x0, 0x0, 0x1}, {{@in6=@mcast1, 0x0, 0x6c}, 0x0, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xbd000000}}, 0xe8)
ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000140)) (async)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

432.679878ms ago: executing program 2 (id=2887):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, <r0=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x5, &(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x93, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000140), &(0x7f0000000180), 0x8, 0xa5, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'ip6gre0\x00', &(0x7f00000003c0)={'syztnl0\x00', <r3=>0x0, 0x4, 0xf0, 0x7, 0x7, 0x40, @local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x18, 0x0, 0x8}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=@bridge_getlink={0x80, 0x12, 0x2, 0x70bd2a, 0x25dfdbfd, {0x7, 0x0, 0x0, r1, 0x4060, 0x830}, [@IFLA_IFALIAS={0x14, 0x14, 'veth0_virt_wifi\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x6}, @IFLA_NET_NS_PID={0x8, 0x13, r2}, @IFLA_OPERSTATE={0x5, 0x10, 0x2}, @IFLA_MASTER={0x8, 0xa, r3}, @IFLA_PROP_LIST={0x2c, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ip_vti0\x00'}, {0x14, 0x35, 'veth0_to_bond\x00'}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4}, 0x20008004)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000580)={'veth0\x00', 0x3})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r5, &(0x7f0000000740)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000640)={0xa4, r6, 0x626, 0x70bd2d, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @local}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x24, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780), 0x900, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000007c0)={'macsec0\x00', 0x1000})
r8 = socket$kcm(0x29, 0x0, 0x0)
ioctl$TUNDETACHFILTER(r7, 0x401054d6, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r9, 0x40089413, &(0x7f0000000800)=0x9)
ioctl$SIOCGSTAMPNS(r8, 0x8907, &(0x7f0000000840))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000008c0)={'batadv_slave_0\x00', <r10=>0x0})
sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000a80)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000a40)={&(0x7f0000000900)={0x13c, 0x0, 0x4, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x60, 0x2, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x513d931bec836091}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x60, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x4}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}, {0x4}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}]}, 0x13c}, 0x1, 0x0, 0x0, 0x4044000}, 0x20000800)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), r5)
sendmsg$NL80211_CMD_SET_KEY(r5, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x2c, r11, 0x400, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8000, 0x4a}}}}, [@NL80211_ATTR_KEY_DEFAULT={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
r12 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000c00)={r0}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000e40)={r12, 0x0, 0xa, 0xfe, &(0x7f0000000c40)="11bd83d01eb0a19a2b91", &(0x7f0000000c80)=""/254, 0xa, 0x0, 0x11, 0x42, &(0x7f0000000d80)="f8f0013e0e06fc9b185af5fe2f647e7d11", &(0x7f0000000dc0)="f9403d5265e7eb6b43f251c226fffbeb5a6bc134b4aa9bf00ead778d6d32f8de7601d2c9a830354cf98fff85fa72a0162830dbe145db0accd7ad3516a587a5911255", 0x2, 0x0, 0x7}, 0x50)
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000017c0)={&(0x7f0000000f00)={0x880, r11, 0x800, 0x70bd27, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_BEACON_HEAD={0x3e2, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x7}, @device_b, @device_b, @from_mac=@broadcast, {0x0, 0x5}, @value=@ver_80211n={0x0, 0x6, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0x0, @random=0x8, 0x2, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @val={0x5, 0xe6, {0x5, 0xf5, 0x5, "106aca5d9233f65cf44a914e439d73e317ac5082e59cc5976a2f31534ff346ebab1f906bc0f02b22c18bba5a4862c9653e73a096165e3ba3ca2c06d152b7280f5ea47e2077ba99f8022eb337030aa333f0a66fbb83f506d9aeb67d824dd9dfe06ea46e649a5e179927ee5ed9150e3fc1de15f3bc632cb38a8b8002641c39636491c775920f73be868970ec23756268a4f6de6ee673b3da2d5e7dc4f492acdc7ef134eacb9f6147f459e061e889de2f6f4b8490e25d56e0116cd85142318fdf0b180db60b90e6cfc9c4858b43dbc535f3c407e7afef5017492b296d483ab6b2124e132e"}}, @void, @void, @void, @void, @void, @val={0x71, 0x7, {0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x28}}, @val={0x76, 0x6, {0xf, 0x6, 0x15, 0x3}}, [{0xdd, 0xa4, "27821c36188fd58847bf003fa9b2ce2c98191a6f745bef8f6144e89671fa91fc0374c61072807d3d5d5d7f80d4a7939f55eb8cd64a44590190840415efa8bd9874bf3f2b9d552ae7daf2fef96d718675915032a021706ff2682af0510ffd9be3b60fa459cec0695a119496bb8f5cb1b7d159c6ca732da2b61d12230d67c34c0bf7959a0e15c67793d05b4780aa59869084e5d67097de49febcdb56c6e91e77fb90b33c64"}, {0xdd, 0xf, "bd308dd25f15bbf6789e095fe99503"}, {0xdd, 0xd2, "05dcd77f96dd935087eee4aee884a2983a5945887dd87590c29153066d03dad044751799311302b47d2d53e1a026a42e838c13129a1baca550513f2d5acd76a024689d8ae63dc616b49151ba9f4b006844f6804e457152cfe3935370e18a1c98b1895dd1dca92b21e2aa68b312ced2a70d956b7c0dbf296732a61a6066c769e97ceeea41c4d2b660e1a6e71fac0dbe4003249b2b4de36162a0c5117d557d39467f701f71280a7f77c00369a32c13a3e30e99abd4050475916c8c26a7a8a049c8b603fb55ee744bdebfb89fe0826d64953206"}, {0xdd, 0x75, "76d6967797ff2a4f29db2597d1da8f1e180d1af4d2fae6fa46edf49b4a3d399df9a45a0e7731f6314ba3af64779dfe7703ead17f6a477374339e6d9095bf35d677ee0029d831163ec78fbba6f064d56e4da13a164ed42ecba2f79fd82c2506ea495d2dddeb768e975338f242b12a215a3e57d34bc1"}, {0xdd, 0xb1, "c42d1bb329ea8ad0bd0144e036f9ba320c24761314e2851206617f1c73db257c7c162777789e0c9d6fde1db924781782d1cbbeb82b24497b0178ff719c0994d602f22224ab307bdb7c60af7130f8f5ae2125e8cf4629e839fa0ae37fd7dea052ddc4f946be1ad14054a398922f77c492bb74e8cba50aa5650107ea587cffa724e5fda74737d7a2e98dc9366b9502e43983fde89a48f6882e2cea95d6a23554553704cd24913e4b1693a95d4c95f46a56ed"}]}}, @NL80211_ATTR_BEACON_HEAD={0x2ef, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x9}, @device_b, @device_b, @random="919efc8281e1", {0xe, 0x3}, @value=@ver_80211n={0x0, 0xe, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}}, 0x2, @random=0x9, 0x68, @val={0x0, 0x6, @default_ibss_ssid}, @val={0x1, 0x4, [{0x4}, {0x12, 0x1}, {0xb, 0x1}, {0x12, 0x1}]}, @val={0x3, 0x1, 0xb}, @val={0x4, 0x6, {0x3, 0x8, 0x9, 0x5}}, @val={0x6, 0x2, 0x1}, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0x81, 0x34, 0x3}}, @void, @val={0x72, 0x6}, @void, @void, [{0xdd, 0x73, "6b768543fae289936563827d372118658f693a9072dc666e8ece7a9632789c749feeaadc52b5aff2f8c3010c3573446b8f8f8b5be71f8ad28e7d833e43026655950b6960b638207ef9d0bcb090c05e3f4a121b40250eee92aa53133b4175f56efb0d94fc382a60e27ac183b7710e90f95878e6"}, {0xdd, 0xef, "3e2169f72fbcdcb6b9d66918c6590a6de1f965befa1d33d8b33d2240e7889b37a1305604e73d61a03fe902a45ccb79a7cb90714361c7b7c07ff95664376164db24a8cd904b4f332e0badffc1ad73e59e45eb21f62587c295fc187dcd0147c19b9e6c7619420074ec99fcbcfbf38aaa557d278e685740764c07d4b9e6734b397e1da465259d7ec2d6a775bc0ae76252f9c43c4196edee21b02d66598930aabc12645b5f231baea2809c1ade8edbd69906b36961b0f326c6ad5419d44e60dad54763d018e19347361ead3e76720e63398872689787c441581543bbf92e9d99d87bcbdcf3e29c61bb35266046346a9840"}, {0xdd, 0x44, "90529b4b13e35e833732782aff1d64e4df625bcbadf93cbce3ed4f8851eeb87525361bc1fa27cd4c80c7655b4d75c3cea87ca3e6776ead33ecd63f4ece8d982d8c8f4a07"}, {0xdd, 0xea, "6dbd463da6a9eebdf7e122d4ffc439416168dafe704f5c69f640b89272ebf18a0a7f87d2345998160f4bf4ecc49d0613e2f28d3842b7a64ff3ef3cdde4c85a046cd91c2d28e1072852f8c160e2eaf7b36be2421939311bbcf249c4f4f51b22342f0ce11b56dc9b221b8a9c347c01f1d1cd8ab5d43db0d5508b5bad6ee7ec60e5c4c2a7df8ca0fd68000d783cb55ddd66f6ace98f23c66d88125a82c1e4dca479380965e9e2aaf9b3e1de0e0a68d14e91af317e71987b620f313f765fd483d39ab5ca80c5dd75a63bc1a30ae8cec4af57fe71e20ecadfaf0f5da8e06f913ff165cc4b6f4937a7dcc146f3"}]}}, @NL80211_ATTR_IE={0x17e, 0x2a, [@mic={0x8c, 0x10, {0x79b, "9f652d33a7d6", @short="17645dbd204281a0"}}, @random_vendor={0xdd, 0x8f, "ca4c7b524375d10ad137b964d9450e543399da4ef698d38d7dd2ee70746f29a5c8f42345e0dca13a927bcd4512209c50433622d915d37a59d6a6f7d77a3f840744061035e8a7d0ad989a96598918a26af10acf1aa37d1555c48a829514282427d033f1b95401f521864311b023f611fd0a4e9b8bfd95d94e41c7a49eade3d4865da1bfb5328ae21d24f76864b9b202"}, @perr={0x84, 0xd5, {0x8, 0xd, [{{}, @device_a, 0xb8, @void, 0x3e}, {{0x0, 0x1}, @device_b, 0x2, @value=@broadcast, 0x3c}, {{}, @device_a, 0xf93b, @void, 0x23}, {{0x0, 0x1}, @device_a, 0x4, @value, 0x3c}, {{}, @broadcast, 0x8, @void, 0xc}, {{0x0, 0x1}, @device_b, 0x10001, @value=@device_b, 0x3c}, {{}, @device_b, 0xbc07, @void, 0x3b}, {{0x0, 0x1}, @device_b, 0x80000001, @value=@device_b, 0x2}, {{0x0, 0x1}, @device_a, 0xf42, @value=@device_b, 0x7}, {{0x0, 0x1}, @device_b, 0x6, @value=@broadcast, 0x3c}, {{0x0, 0x1}, @device_b, 0xc, @value=@broadcast, 0x17}, {{}, @broadcast, 0xffffbae1, @void, 0x30}, {{}, @broadcast, 0x4, @void, 0x36}]}}]}, @NL80211_ATTR_IE_ASSOC_RESP={0x9, 0x80, [@channel_switch={0x25, 0x3, {0x1, 0xb4, 0xff}}]}, @NL80211_ATTR_IE_PROBE_RESP={0xa, 0x7f, [@chsw_timing={0x68, 0x4, {0x8, 0x7f}}]}]}, 0x880}, 0x1, 0x0, 0x0, 0x8d0538ea917d06d8}, 0x4050)
write$tun(r7, &(0x7f0000001840)={@void, @val={0x2, 0x3, 0x4, 0x3, 0xb7, 0xe5ce}, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @remote, @val={@void, {0x8100, 0x3, 0x1, 0x3}}, {@mpls_mc={0x8848, {[{0x4}, {0x2fb}, {0x9, 0x0, 0x1}, {0x3}], @ipv6=@gre_packet={0x9, 0x6, "9b70b4", 0x2a8, 0x2f, 0x1, @loopback, @dev={0xfe, 0x80, '\x00', 0x34}, {[@fragment={0x0, 0x0, 0x6, 0x0, 0x0, 0xf, 0x65}, @fragment={0x2b, 0x0, 0x1, 0x1, 0x0, 0x0, 0x65}, @srh={0x2f, 0xa, 0x4, 0x5, 0x8, 0x50, 0x1, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @local, @loopback, @rand_addr=' \x01\x00']}, @fragment={0x6, 0x0, 0x8f, 0x1, 0x0, 0x0, 0x67}], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x60, 0x1, [0x3, 0xcc], "720e1deeb2b49c04cf7f22edea83f85a45a7261b27972a5fdd36caf1f5f167806f44d4ad5c95716862fed6085b9576037ce73d5dddf2842c5149382a3b66a46270ce8f33ccdaf4a56d3bf94cec08af2c6ef8c56fc075c6dc67cc18fa48f5307a"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0x5, 0x9], "1f859dfb5bc7730a04c2d465e1edaf8bf63ec03ab9bfc829c93c8a74c770ab3d177671f92136612124861192fa4ffa3434493931aa2794659e4d5b9eebd9c4ad"}, {0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x86dd, [0x9, 0xcf82, 0x9], "eccdb246e3277189c2f3b0cc10249aa76409f07c636769ed6612a06b0212e44c2ca12cc5fa7723a96a187d9691ca1122d42ffe4635bc7a43d9af9df63080e15c42816b6737189906a6131835eaa05faa8d2883788aaf9e7a034a4335c2fee2d9bc15f7d59201c483f9203631b849809d80d49979a33e4325e3f3296a5163ca5b78"}, {0x8, 0x88be, 0x2, {{0x9, 0x1, 0xbc, 0x1, 0x0, 0x1, 0x0, 0x3}, 0x1, {0x805}}}, {0x8, 0x22eb, 0x4, {{0x6, 0x2, 0xf, 0x0, 0x1, 0x2, 0x1, 0x4}, 0x2, {0x83f, 0x40, 0x2, 0x1a, 0x0, 0x0, 0x1}}}, {0x8, 0x6558, 0x0, "581a778eec4174b57c2f8b6d2b35da927a69c2f63ae4ee9e72cb37c44af763196dd83e1121c87c284f97afd55d2877248e9ae3bc6a201026be014f63db7d6db520b9cd1c11db840a1f99acbd99c46be1867beb2a9ec6aa906cdb60aa613791170ee8e5544d4f1ca3c183fd9b9988cd0a0e50017bc3a79143f951f28e50638d9965531b53423ff7ddec3df76874226582b11fafedfadead784f2c8f0f27fce2cd707c5c9a6bcfc064a14873e50b06a9c57d918267c84836f822f566cbd4abc622650e386a72"}}}}}}}}}, 0x2fc)
r13 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r13, 0x89f3, &(0x7f0000001bc0)={'ip6gre0\x00', &(0x7f0000001b40)={'syztnl1\x00', r3, 0x29, 0x6, 0xd5, 0x4000000, 0x21, @rand_addr=' \x01\x00', @dev={0xfe, 0x80, '\x00', 0x3b}, 0x1, 0x20, 0x5, 0x6}})
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f0000001cc0)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001c80)={&(0x7f0000001c40)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c0}, 0x44000)
connect$pppoe(r5, &(0x7f0000001d00)={0x18, 0x0, {0x1, @broadcast, 'vcan0\x00'}}, 0x1e)
ioctl$TUNSETTXFILTER(r7, 0x400454d1, &(0x7f0000001d40)={0x0, 0x8, [@random="8055a5f58144", @local, @random="e5823192531e", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}, @random="8467522fd929", @multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @empty]})
syz_genetlink_get_family_id$mptcp(&(0x7f0000001d80), 0xffffffffffffffff)

171.637858ms ago: executing program 3 (id=2888):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="d4000000000101040000000000000000020000002400018014000180080001007f00000108000200ac1414000cf502800500010000000000240002801400018008000100e000000108000200e00000010c00028005000100000000000800074000000000080008400000000a0400164008001540000000030400170058000d"], 0xd4}}, 0x0)

170.382023ms ago: executing program 5 (id=2889):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x0, 0x5, 0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x58}}, 0xc000)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}, 0x1, 0x0, 0x6000000}, 0x0)

524.25µs ago: executing program 3 (id=2890):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000001540)=@ringbuf={{0x18, 0x3, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x5, 0x0, 0xb, 0x2}, {}, {0x4, 0x1, 0xb, 0x9, 0x0, 0xd7ff}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='syzkaller\x00', 0x5, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)

0s ago: executing program 5 (id=2891):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0x4, &(0x7f00000003c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x1d}], {0x95, 0x0, 0x0, 0x10000000}}, &(0x7f0000000380)='GPL\x00'}, 0x94)

0s ago: executing program 2 (id=2892):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x12000, 0x0)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r2, 0x100)
accept4(r2, 0x0, 0x0, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="28000000101401002cbd7000fedbdf25080003000100000008004a0001000000080011"], 0x28}, 0x1, 0x0, 0x0, 0x2404c836}, 0x0)
shutdown(r2, 0x1)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a00030000060a010400000000000000000a0000010900010073797a3100000000d4020480d00201800a0001006d61746368000000c00202800e000100636f6e6e6c696d69740000000a00010071756f746100000053000300524fe5f7bfa25e1e47f1c3117c2eae4a49645f9b7406df29429e67f9ddc94aa356735e7babefb4578cf664e11b402b55e7b9d16bfca2d8afc172001988423a8762760891d68cab90ac84fe41a3e116000800024000000001da0003002409bb5468e4f70765c9bcb52a477bfaf974f96d6b0a7833dec945cb62643cfbd9bbd4e3d37640a10fb588a4caba4e8ae63304e3e6bac6df94b98fa8d712744782b3dc22a002194edfe83c86e6b1c50590a0975f5258a81f2d96486c39fb026106a671c9c4c094bb27be60c53487eba7a5ef3c093f5ae446e8883d13fb259f717d516b3c61db4901277716024c2967992f9031459766cf4f9507759a687b2f3c908c2c061e0b5de8e1275832ffcd0f8f412b97c22b44b6dfcd244617fe50403668ab8f0783f9daf2c9472129661f69fc56b067f25d8b00000800024000000003c2000300c26a1f0623dee8c8edb605bce29840447a3d0e5bf1ff02a634342f0ab3ae0b89bebcdd0fe8e052a8151ab5ca6fe43472c04f01ef85eab6e87f3821f3fc408f9a9908b36b403e446e9b71f50bb21242fb44bd35081e7cc810d01928fe186571372a179088eddac0ea62b8cabf01e1b069b405ee87a2d510f7d111d8ed2dc26bbe5260a5e6386db6d6e02feaa0d5317eebcc6196b4acf373f00169b4c03b4a90cf42da9fc310c300aab79a7658fbfc6e8977bf4f96fc2ae8e939ed007228d50000080002400000000094000300c167cc561df986b646e75dc4ec1f875c52562e49ccc52f75c319802ca24b7f96e049c940178515da05c344eb9b67eb75d3fd3d8c4b85bb4ed940e5aca75b286b9e82f06e1fa93d0954a1d958e2a39985001f027b30557f7d94694e221768e7fe7c77e2bd1bf2b8712829eb90242718dbf8546705f613d520dac4673c327248ca266b59c787a922d46c1444e9cfa7d5690900020073797a3200"], 0x328}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)

kernel console output (not intermixed with test programs):

ckdep_hardirqs_on+0x9c/0x150
[  190.119829][T10072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.119848][T10072]  ? clear_bhb_loop+0x60/0xb0
[  190.119870][T10072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.119888][T10072] RIP: 0033:0x7fc930b8ebe9
[  190.119906][T10072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.119922][T10072] RSP: 002b:00007fc931adc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.119941][T10072] RAX: ffffffffffffffda RBX: 00007fc930db5fa0 RCX: 00007fc930b8ebe9
[  190.119954][T10072] RDX: 000000002008c014 RSI: 0000200000000580 RDI: 0000000000000004
[  190.119966][T10072] RBP: 00007fc931adc090 R08: 0000000000000000 R09: 0000000000000000
[  190.119977][T10072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.119987][T10072] R13: 00007fc930db6038 R14: 00007fc930db5fa0 R15: 00007fff7af44f98
[  190.120018][T10072]  </TASK>
[  191.363674][T10111] veth5: entered promiscuous mode
[  191.953481][T10141] __nla_validate_parse: 7 callbacks suppressed
[  191.953499][T10141] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1353'.
[  192.274409][T10161] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1357'.
[  192.330692][T10161] vlan2: entered promiscuous mode
[  192.336873][T10161] team0: entered promiscuous mode
[  192.342289][T10161] team_slave_0: entered promiscuous mode
[  192.355318][T10161] team_slave_1: entered promiscuous mode
[  192.911139][T10198] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1369'.
[  192.970699][T10193] tipc: Started in network mode
[  193.042720][T10193] tipc: Node identity aa2b096e50c3, cluster identity 4711
[  193.159137][T10193] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  193.232118][T10193] tipc: Resetting bearer <eth:syzkaller0>
[  193.280852][T10192] tipc: Disabling bearer <eth:syzkaller0>
[  193.340870][T10210] netlink: 'syz.7.1373': attribute type 1 has an invalid length.
[  193.353855][T10210] netlink: 'syz.7.1373': attribute type 1 has an invalid length.
[  193.403448][T10215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1372'.
[  193.679497][T10225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1375'.
[  193.691475][T10210] 8021q: adding VLAN 0 to HW filter on device bond2
[  193.722646][T10210] bond1: (slave bond2): making interface the new active one
[  193.741941][T10210] bond1: (slave bond2): Enslaving as an active interface with an up link
[  194.145996][ T5868] IPVS: starting estimator thread 0...
[  194.247296][T10238] IPVS: using max 27 ests per chain, 64800 per kthread
[  194.272676][T10234] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  194.332723][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  194.452121][T10245] ieee802154 phy0 wpan0: encryption failed: -22
[  194.477894][T10245] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1381'.
[  195.115582][T10276] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1390'.
[  195.134332][T10276] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1390'.
[  195.911853][T10288] ieee802154 phy0 wpan0: encryption failed: -22
[  195.926256][T10288] netlink: 196 bytes leftover after parsing attributes in process `syz.6.1395'.
[  195.987384][T10288] 0ªî{X¹¦: left promiscuous mode
[  196.057580][T10288] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.199825][T10288] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.215330][T10288] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.469998][T10288] mac80211_hwsim hwsim24 wlan0: left promiscuous mode
[  196.533251][T10303] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1401'.
[  196.572571][   T36] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.611275][   T36] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.632594][   T36] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.704480][   T36] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  197.019446][T10324] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1407'.
[  197.122345][T10324] gretap0: entered promiscuous mode
[  197.158874][T10324] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1407'.
[  197.203682][T10324] 0ªî{X¹¦: renamed from gretap0
[  197.254376][T10324] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  197.505964][T10334] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1411'.
[  197.531878][T10340] ieee802154 phy0 wpan0: encryption failed: -22
[  197.560757][T10340] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1413'.
[  197.801943][T10351] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  197.838591][T10363] netlink: 'syz.7.1421': attribute type 1 has an invalid length.
[  197.845163][T10351] netlink: 788 bytes leftover after parsing attributes in process `syz.5.1418'.
[  197.871331][T10363] netlink: 'syz.7.1421': attribute type 1 has an invalid length.
[  198.081738][T10363] 8021q: adding VLAN 0 to HW filter on device bond4
[  198.091256][T10378] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1426'.
[  198.103215][T10363] bond3: (slave bond4): making interface the new active one
[  198.112657][T10363] bond3: (slave bond4): Enslaving as an active interface with an up link
[  198.217341][T10378] vlan2: entered promiscuous mode
[  198.229140][T10378] team0: entered promiscuous mode
[  198.234530][T10378] team_slave_0: entered promiscuous mode
[  198.245039][T10378] team_slave_1: entered promiscuous mode
[  198.315266][T10389] FAULT_INJECTION: forcing a failure.
[  198.315266][T10389] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.329572][T10389] CPU: 0 UID: 0 PID: 10389 Comm: syz.5.1431 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  198.329597][T10389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  198.329607][T10389] Call Trace:
[  198.329614][T10389]  <TASK>
[  198.329623][T10389]  dump_stack_lvl+0x189/0x250
[  198.329649][T10389]  ? __pfx____ratelimit+0x10/0x10
[  198.329670][T10389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.329689][T10389]  ? __pfx__printk+0x10/0x10
[  198.329711][T10389]  ? __might_fault+0xb0/0x130
[  198.329756][T10389]  should_fail_ex+0x414/0x560
[  198.329781][T10389]  _copy_from_user+0x2d/0xb0
[  198.329798][T10389]  ____sys_sendmsg+0x2fe/0x830
[  198.329828][T10389]  ? __pfx_____sys_sendmsg+0x10/0x10
[  198.329860][T10389]  ? import_iovec+0x74/0xa0
[  198.329880][T10389]  ___sys_sendmsg+0x21f/0x2a0
[  198.329907][T10389]  ? __pfx____sys_sendmsg+0x10/0x10
[  198.329965][T10389]  ? __fget_files+0x2a/0x420
[  198.329988][T10389]  ? __fget_files+0x3a0/0x420
[  198.330021][T10389]  __x64_sys_sendmsg+0x19b/0x260
[  198.330048][T10389]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  198.330082][T10389]  ? __pfx_ksys_write+0x10/0x10
[  198.330103][T10389]  ? rcu_is_watching+0x15/0xb0
[  198.330125][T10389]  ? do_syscall_64+0xbe/0x3b0
[  198.330150][T10389]  do_syscall_64+0xfa/0x3b0
[  198.330169][T10389]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.330188][T10389]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.330205][T10389]  ? clear_bhb_loop+0x60/0xb0
[  198.330224][T10389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.330240][T10389] RIP: 0033:0x7f1c4eb8ebe9
[  198.330256][T10389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.330271][T10389] RSP: 002b:00007f1c4f9a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.330289][T10389] RAX: ffffffffffffffda RBX: 00007f1c4edb5fa0 RCX: 00007f1c4eb8ebe9
[  198.330302][T10389] RDX: 0000000004000081 RSI: 0000200000000000 RDI: 0000000000000003
[  198.330313][T10389] RBP: 00007f1c4f9a7090 R08: 0000000000000000 R09: 0000000000000000
[  198.330324][T10389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.330334][T10389] R13: 00007f1c4edb6038 R14: 00007f1c4edb5fa0 R15: 00007ffc3023f448
[  198.330362][T10389]  </TASK>
[  198.330459][T10386] tipc: Started in network mode
[  198.581587][T10386] tipc: Node identity 3e54f278100e, cluster identity 4711
[  198.594699][T10386] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  198.622993][T10404] tipc: Resetting bearer <eth:syzkaller0>
[  198.634312][T10394] syzkaller0: entered promiscuous mode
[  198.651434][T10394] syzkaller0: entered allmulticast mode
[  198.704590][T10410] netlink: 'syz.5.1435': attribute type 10 has an invalid length.
[  198.713749][T10385] tipc: Resetting bearer <eth:syzkaller0>
[  198.735459][T10410] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1435'.
[  198.754569][T10385] tipc: Disabling bearer <eth:syzkaller0>
[  198.860060][T10410] veth0_vlan: entered allmulticast mode
[  198.866568][T10410] bridge0: port 3(veth0_vlan) entered blocking state
[  198.878823][T10410] bridge0: port 3(veth0_vlan) entered disabled state
[  198.911905][T10410] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  199.198841][T10421] syzkaller1: entered promiscuous mode
[  199.210011][T10421] syzkaller1: entered allmulticast mode
[  199.547388][T10438] 8021q: VLANs not supported on vcan0
[  199.786528][T10454] netlink: 788 bytes leftover after parsing attributes in process `syz.5.1454'.
[  199.988007][T10467] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1460'.
[  200.003797][T10467] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1460'.
[  200.055167][T10467] dummy0: entered promiscuous mode
[  200.065749][T10467] batadv_slave_1: entered promiscuous mode
[  200.072581][T10467] debugfs: 'hsr1' already exists in 'hsr'
[  200.078837][T10467] Cannot create hsr debugfs directory
[  200.084511][T10467] hsr1: Slave A (dummy0) is not up; please bring it up to get a fully working HSR network
[  200.095305][T10467] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network
[  200.108436][T10471] tipc: Invalid UDP bearer configuration
[  200.108476][T10471] tipc: Enabling of bearer <udp:sy{±> rejected, failed to enable media
[  200.233984][T10479] netlink: 'syz.5.1466': attribute type 1 has an invalid length.
[  200.248367][T10479] netlink: 'syz.5.1466': attribute type 1 has an invalid length.
[  200.302695][T10482] netlink: 'syz.7.1467': attribute type 1 has an invalid length.
[  200.316682][T10482] netlink: 'syz.7.1467': attribute type 1 has an invalid length.
[  200.342691][T10479] 8021q: adding VLAN 0 to HW filter on device bond3
[  200.352628][T10479] bond2: (slave bond3): making interface the new active one
[  200.361450][T10479] bond2: (slave bond3): Enslaving as an active interface with an up link
[  200.547109][T10482] 8021q: adding VLAN 0 to HW filter on device bond6
[  200.576024][T10482] bond5: (slave bond6): making interface the new active one
[  200.584138][T10482] bond5: (slave bond6): Enslaving as an active interface with an up link
[  200.856671][T10511] netlink: 'syz.3.1478': attribute type 9 has an invalid length.
[  200.913216][T10514] netlink: 'syz.6.1479': attribute type 29 has an invalid length.
[  201.204383][T10530] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  201.297686][T10530] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  201.775334][T10548] bond_slave_0: entered promiscuous mode
[  201.781119][T10548] bond_slave_1: entered promiscuous mode
[  201.809223][T10548] bond_slave_0: left promiscuous mode
[  201.814742][T10548] bond_slave_1: left promiscuous mode
[  201.987636][T10549] team_slave_0: left promiscuous mode
[  201.996458][T10549] team0 (unregistering): Port device team_slave_0 removed
[  202.003837][T10549] team_slave_1: left promiscuous mode
[  202.011706][T10549] team0 (unregistering): Port device team_slave_1 removed
[  202.120481][T10555] netlink: 'syz.3.1492': attribute type 11 has an invalid length.
[  202.333900][T10569] FAULT_INJECTION: forcing a failure.
[  202.333900][T10569] name failslab, interval 1, probability 0, space 0, times 0
[  202.348140][T10569] CPU: 1 UID: 0 PID: 10569 Comm: syz.6.1498 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  202.348167][T10569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  202.348178][T10569] Call Trace:
[  202.348185][T10569]  <TASK>
[  202.348193][T10569]  dump_stack_lvl+0x189/0x250
[  202.348221][T10569]  ? __pfx____ratelimit+0x10/0x10
[  202.348243][T10569]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.348264][T10569]  ? __pfx__printk+0x10/0x10
[  202.348294][T10569]  ? __pfx___might_resched+0x10/0x10
[  202.348322][T10569]  ? fs_reclaim_acquire+0x7d/0x100
[  202.348353][T10569]  should_fail_ex+0x414/0x560
[  202.348380][T10569]  should_failslab+0xa8/0x100
[  202.348407][T10569]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  202.348431][T10569]  ? __alloc_skb+0x112/0x2d0
[  202.348458][T10569]  __alloc_skb+0x112/0x2d0
[  202.348485][T10569]  netlink_ack+0x146/0xa50
[  202.348505][T10569]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  202.348545][T10569]  netlink_rcv_skb+0x28c/0x470
[  202.348564][T10569]  ? __lock_acquire+0xab9/0xd20
[  202.348589][T10569]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  202.348614][T10569]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  202.348648][T10569]  ? netlink_deliver_tap+0x2e/0x1b0
[  202.348679][T10569]  netlink_unicast+0x82c/0x9e0
[  202.348709][T10569]  ? __pfx_netlink_unicast+0x10/0x10
[  202.348731][T10569]  ? netlink_sendmsg+0x642/0xb30
[  202.348752][T10569]  ? skb_put+0x11b/0x210
[  202.348779][T10569]  netlink_sendmsg+0x805/0xb30
[  202.348812][T10569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.348838][T10569]  ? aa_sock_msg_perm+0xf1/0x1d0
[  202.348865][T10569]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  202.348885][T10569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.348908][T10569]  __sock_sendmsg+0x21c/0x270
[  202.348932][T10569]  ____sys_sendmsg+0x505/0x830
[  202.348962][T10569]  ? __pfx_____sys_sendmsg+0x10/0x10
[  202.348993][T10569]  ? import_iovec+0x74/0xa0
[  202.349014][T10569]  ___sys_sendmsg+0x21f/0x2a0
[  202.349042][T10569]  ? __pfx____sys_sendmsg+0x10/0x10
[  202.349104][T10569]  ? __fget_files+0x2a/0x420
[  202.349128][T10569]  ? __fget_files+0x3a0/0x420
[  202.349163][T10569]  __x64_sys_sendmsg+0x19b/0x260
[  202.349191][T10569]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  202.349225][T10569]  ? __pfx_ksys_write+0x10/0x10
[  202.349246][T10569]  ? rcu_is_watching+0x15/0xb0
[  202.349270][T10569]  ? do_syscall_64+0xbe/0x3b0
[  202.349297][T10569]  do_syscall_64+0xfa/0x3b0
[  202.349376][T10569]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.349398][T10569]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.349417][T10569]  ? clear_bhb_loop+0x60/0xb0
[  202.349439][T10569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.349458][T10569] RIP: 0033:0x7fc930b8ebe9
[  202.349475][T10569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.349491][T10569] RSP: 002b:00007fc931adc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.349512][T10569] RAX: ffffffffffffffda RBX: 00007fc930db5fa0 RCX: 00007fc930b8ebe9
[  202.349525][T10569] RDX: 000000002008c014 RSI: 0000200000000580 RDI: 0000000000000004
[  202.349537][T10569] RBP: 00007fc931adc090 R08: 0000000000000000 R09: 0000000000000000
[  202.349549][T10569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  202.349558][T10569] R13: 00007fc930db6038 R14: 00007fc930db5fa0 R15: 00007fff7af44f98
[  202.349590][T10569]  </TASK>
[  202.783035][T10584] netlink: 'syz.2.1503': attribute type 58 has an invalid length.
[  202.804248][T10583] netlink: 'syz.2.1503': attribute type 58 has an invalid length.
[  202.816642][T10581] veth11: entered promiscuous mode
[  202.822147][T10584] __nla_validate_parse: 9 callbacks suppressed
[  202.822163][T10584] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1503'.
[  202.823907][T10583] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1503'.
[  203.424184][T10618] netlink: 788 bytes leftover after parsing attributes in process `syz.7.1514'.
[  203.514579][T10608] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.540700][T10608] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  203.850066][T10631] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1518'.
[  203.954403][T10634] validate_nla: 2 callbacks suppressed
[  203.954421][T10634] netlink: 'syz.3.1519': attribute type 1 has an invalid length.
[  203.970316][T10634] netlink: 'syz.3.1519': attribute type 1 has an invalid length.
[  204.138612][T10638] FAULT_INJECTION: forcing a failure.
[  204.138612][T10638] name failslab, interval 1, probability 0, space 0, times 0
[  204.188478][T10638] CPU: 0 UID: 0 PID: 10638 Comm: syz.7.1520 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  204.188502][T10638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  204.188511][T10638] Call Trace:
[  204.188519][T10638]  <TASK>
[  204.188526][T10638]  dump_stack_lvl+0x189/0x250
[  204.188550][T10638]  ? __pfx____ratelimit+0x10/0x10
[  204.188569][T10638]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.188587][T10638]  ? __pfx__printk+0x10/0x10
[  204.188612][T10638]  ? __pfx___might_resched+0x10/0x10
[  204.188626][T10638]  ? fs_reclaim_acquire+0x7d/0x100
[  204.188653][T10638]  should_fail_ex+0x414/0x560
[  204.188675][T10638]  should_failslab+0xa8/0x100
[  204.188697][T10638]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  204.188718][T10638]  ? rcu_is_watching+0x15/0xb0
[  204.188733][T10638]  ? ethnl_default_set_doit+0x3d6/0x890
[  204.188761][T10638]  kmemdup_noprof+0x2b/0x70
[  204.188778][T10638]  ethnl_default_set_doit+0x3d6/0x890
[  204.188812][T10638]  genl_family_rcv_msg_doit+0x215/0x300
[  204.188835][T10638]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  204.188863][T10638]  ? bpf_lsm_capable+0x9/0x20
[  204.188882][T10638]  ? security_capable+0x7e/0x2e0
[  204.188908][T10638]  genl_rcv_msg+0x60e/0x790
[  204.188929][T10638]  ? __pfx_genl_rcv_msg+0x10/0x10
[  204.188943][T10638]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  204.188978][T10638]  netlink_rcv_skb+0x208/0x470
[  204.188995][T10638]  ? __lock_acquire+0xab9/0xd20
[  204.189017][T10638]  ? __pfx_genl_rcv_msg+0x10/0x10
[  204.189033][T10638]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  204.189070][T10638]  ? down_read+0x1ad/0x2e0
[  204.189093][T10638]  genl_rcv+0x28/0x40
[  204.189113][T10638]  netlink_unicast+0x82c/0x9e0
[  204.189139][T10638]  ? __pfx_netlink_unicast+0x10/0x10
[  204.189159][T10638]  ? netlink_sendmsg+0x642/0xb30
[  204.189176][T10638]  ? skb_put+0x11b/0x210
[  204.189201][T10638]  netlink_sendmsg+0x805/0xb30
[  204.189229][T10638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  204.189252][T10638]  ? aa_sock_msg_perm+0xf1/0x1d0
[  204.189274][T10638]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  204.189291][T10638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  204.189311][T10638]  __sock_sendmsg+0x21c/0x270
[  204.189332][T10638]  ____sys_sendmsg+0x505/0x830
[  204.189360][T10638]  ? __pfx_____sys_sendmsg+0x10/0x10
[  204.189390][T10638]  ? import_iovec+0x74/0xa0
[  204.189410][T10638]  ___sys_sendmsg+0x21f/0x2a0
[  204.189444][T10638]  ? __pfx____sys_sendmsg+0x10/0x10
[  204.189502][T10638]  ? __fget_files+0x2a/0x420
[  204.189524][T10638]  ? __fget_files+0x3a0/0x420
[  204.189556][T10638]  __x64_sys_sendmsg+0x19b/0x260
[  204.189581][T10638]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  204.189613][T10638]  ? __pfx_ksys_write+0x10/0x10
[  204.189630][T10638]  ? rcu_is_watching+0x15/0xb0
[  204.189652][T10638]  ? do_syscall_64+0xbe/0x3b0
[  204.189676][T10638]  do_syscall_64+0xfa/0x3b0
[  204.189694][T10638]  ? lockdep_hardirqs_on+0x9c/0x150
[  204.189711][T10638]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.189727][T10638]  ? clear_bhb_loop+0x60/0xb0
[  204.189747][T10638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.189762][T10638] RIP: 0033:0x7f23db78ebe9
[  204.189777][T10638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.189791][T10638] RSP: 002b:00007f23dc619038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  204.189809][T10638] RAX: ffffffffffffffda RBX: 00007f23db9b5fa0 RCX: 00007f23db78ebe9
[  204.189820][T10638] RDX: 0000000004044014 RSI: 0000200000000200 RDI: 0000000000000003
[  204.189829][T10638] RBP: 00007f23dc619090 R08: 0000000000000000 R09: 0000000000000000
[  204.189838][T10638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.189847][T10638] R13: 00007f23db9b6038 R14: 00007f23db9b5fa0 R15: 00007ffeea350838
[  204.189875][T10638]  </TASK>
[  204.621547][T10644] netlink: 'syz.2.1523': attribute type 11 has an invalid length.
[  204.621617][T10634] 8021q: adding VLAN 0 to HW filter on device bond5
[  204.635774][T10644] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1523'.
[  204.644851][T10634] bond4: (slave bond5): making interface the new active one
[  204.654407][T10634] bond4: (slave bond5): Enslaving as an active interface with an up link
[  204.848171][T10648] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1525'.
[  204.975161][T10659] 8021q: VLANs not supported on vcan0
[  205.056667][T10666] tipc: Started in network mode
[  205.062208][T10666] tipc: Node identity e6cda98cc61, cluster identity 4711
[  205.070120][T10666] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  205.090606][T10666] syzkaller0: entered promiscuous mode
[  205.096349][T10666] syzkaller0: entered allmulticast mode
[  205.303445][T10676] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1534'.
[  205.313300][T10676] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1534'.
[  205.330378][T10676] dummy0: entered promiscuous mode
[  205.338675][T10676] batadv_slave_1: entered promiscuous mode
[  205.349497][T10676] debugfs: 'hsr1' already exists in 'hsr'
[  205.375347][T10676] Cannot create hsr debugfs directory
[  205.753437][T10654] tipc: Resetting bearer <eth:syzkaller0>
[  205.831719][T10654] tipc: Disabling bearer <eth:syzkaller0>
[  206.100185][T10710] vlan2: entered promiscuous mode
[  206.105393][T10710] veth0: entered promiscuous mode
[  206.151019][T10711] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1550'.
[  206.304935][T10723] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1553'.
[  206.325136][T10722] netlink: 'syz.7.1552': attribute type 11 has an invalid length.
[  206.452022][T10732] netlink: 'syz.2.1557': attribute type 1 has an invalid length.
[  206.470711][T10732] netlink: 'syz.2.1557': attribute type 1 has an invalid length.
[  206.668029][T10750] netlink: 'syz.7.1558': attribute type 5 has an invalid length.
[  206.804588][T10732] 8021q: adding VLAN 0 to HW filter on device bond3
[  206.843805][T10732] bond2: (slave bond3): making interface the new active one
[  206.854099][T10757] netlink: 'syz.3.1563': attribute type 9 has an invalid length.
[  206.873130][T10732] bond2: (slave bond3): Enslaving as an active interface with an up link
[  206.906393][   T49] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  206.955014][   T49] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  207.001562][   T49] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  207.055428][   T49] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  207.273170][T10775] veth11: entered promiscuous mode
[  207.559979][T10794] syzkaller0: entered promiscuous mode
[  207.574725][T10794] syzkaller0: entered allmulticast mode
[  207.586669][T10792] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  207.659563][T10792] tipc: Resetting bearer <eth:syzkaller0>
[  207.738076][T10792] tipc: Disabling bearer <eth:syzkaller0>
[  207.942134][T10816] __nla_validate_parse: 5 callbacks suppressed
[  207.942153][T10816] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1587'.
[  208.009142][T10816] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1587'.
[  208.366755][T10847] netlink: 'syz.5.1601': attribute type 10 has an invalid length.
[  208.386791][T10847] syz_tun: entered allmulticast mode
[  208.403802][T10847] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  208.420559][T10849] netlink: 'syz.3.1600': attribute type 13 has an invalid length.
[  208.445895][T10849] netlink: 'syz.3.1600': attribute type 17 has an invalid length.
[  208.461637][T10850] ieee802154 phy0 wpan0: encryption failed: -22
[  208.481333][T10850] netlink: 196 bytes leftover after parsing attributes in process `syz.6.1602'.
[  208.505256][T10849] 0ªî{X¹¦: left promiscuous mode
[  208.564712][T10859] netlink: 'syz.3.1600': attribute type 1 has an invalid length.
[  208.586223][T10859] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1600'.
[  208.605537][T10859] netlink: 45 bytes leftover after parsing attributes in process `syz.3.1600'.
[  208.682199][T10849] syz_tun: left allmulticast mode
[  208.711209][T10849] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.728599][T10849] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.896849][T10876] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1609'.
[  208.956481][T10876] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  209.054296][T10874] 8021q: adding VLAN 0 to HW filter on device bond8
[  209.078177][T10874] bond7: (slave bond8): making interface the new active one
[  209.090372][T10874] bond7: (slave bond8): Enslaving as an active interface with an up link
[  209.114698][T10894] mac80211_hwsim hwsim26 wlan1: entered allmulticast mode
[  209.171799][T10894] validate_nla: 2 callbacks suppressed
[  209.171815][T10894] netlink: 'syz.6.1617': attribute type 10 has an invalid length.
[  209.306738][T10894] mac80211_hwsim hwsim26 wlan1: left allmulticast mode
[  209.342949][T10894] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  209.700573][T10922] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1626'.
[  209.945491][T10931] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1628'.
[  210.058196][T10931] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1628'.
[  210.147874][T10942] ieee802154 phy0 wpan0: encryption failed: -22
[  210.163825][T10942] netlink: 196 bytes leftover after parsing attributes in process `syz.5.1634'.
[  210.531006][T10942] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.538953][T10942] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.593323][T10960] netlink: 'syz.6.1640': attribute type 11 has an invalid length.
[  210.734310][T10942] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.762870][T10942] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  211.097479][   T13] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.140488][   T13] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.191096][   T13] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.230810][   T13] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.323146][T10973] IPv6: NLM_F_REPLACE set, but no existing node found!
[  211.584111][T10985] netlink: 'syz.6.1649': attribute type 1 has an invalid length.
[  211.652500][T10985] netlink: 'syz.6.1649': attribute type 1 has an invalid length.
[  211.892634][T10995] FAULT_INJECTION: forcing a failure.
[  211.892634][T10995] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.914485][T10995] CPU: 1 UID: 0 PID: 10995 Comm: syz.7.1652 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  211.914510][T10995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  211.914521][T10995] Call Trace:
[  211.914528][T10995]  <TASK>
[  211.914536][T10995]  dump_stack_lvl+0x189/0x250
[  211.914562][T10995]  ? __pfx____ratelimit+0x10/0x10
[  211.914584][T10995]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.914604][T10995]  ? __pfx__printk+0x10/0x10
[  211.914627][T10995]  ? __might_fault+0xb0/0x130
[  211.914662][T10995]  should_fail_ex+0x414/0x560
[  211.914690][T10995]  _copy_from_user+0x2d/0xb0
[  211.914708][T10995]  tcp_v4_parse_md5_keys+0xec/0x600
[  211.914737][T10995]  ? __pfx_tcp_v4_parse_md5_keys+0x10/0x10
[  211.914761][T10995]  ? __lock_acquire+0xab9/0xd20
[  211.914806][T10995]  ? __local_bh_enable_ip+0x12d/0x1c0
[  211.914825][T10995]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  211.914856][T10995]  do_tcp_setsockopt+0x10d5/0x1f10
[  211.914886][T10995]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  211.914909][T10995]  ? __pfx___mutex_lock+0x10/0x10
[  211.914929][T10995]  ? copy_from_user_nofault+0xa7/0x160
[  211.914964][T10995]  ? sock_common_setsockopt+0x36/0xc0
[  211.914985][T10995]  ? tcp_setsockopt+0x3d/0xe0
[  211.915006][T10995]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  211.915029][T10995]  smc_setsockopt+0x232/0xab0
[  211.915059][T10995]  ? __pfx_smc_setsockopt+0x10/0x10
[  211.915077][T10995]  ? aa_sock_opt_perm+0xff/0x1b0
[  211.915106][T10995]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  211.915125][T10995]  ? __pfx_smc_setsockopt+0x10/0x10
[  211.915148][T10995]  do_sock_setsockopt+0x17c/0x1b0
[  211.915179][T10995]  __x64_sys_setsockopt+0x13f/0x1b0
[  211.915209][T10995]  do_syscall_64+0xfa/0x3b0
[  211.915229][T10995]  ? lockdep_hardirqs_on+0x9c/0x150
[  211.915250][T10995]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.915269][T10995]  ? clear_bhb_loop+0x60/0xb0
[  211.915292][T10995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.915310][T10995] RIP: 0033:0x7f23db78ebe9
[  211.915327][T10995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.915343][T10995] RSP: 002b:00007f23dc619038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  211.915363][T10995] RAX: ffffffffffffffda RBX: 00007f23db9b5fa0 RCX: 00007f23db78ebe9
[  211.915376][T10995] RDX: 0000000000000020 RSI: 0000000000000006 RDI: 0000000000000005
[  211.915387][T10995] RBP: 00007f23dc619090 R08: 00000000000000d8 R09: 0000000000000000
[  211.915398][T10995] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  211.915410][T10995] R13: 00007f23db9b6038 R14: 00007f23db9b5fa0 R15: 00007ffeea350838
[  211.915441][T10995]  </TASK>
[  212.281294][T10992] 8021q: adding VLAN 0 to HW filter on device bond2
[  212.290761][T10992] bond1: (slave bond2): making interface the new active one
[  212.299198][T10992] bond1: (slave bond2): Enslaving as an active interface with an up link
[  212.432127][T11000] veth5: entered promiscuous mode
[  212.511985][T11005] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  212.549433][T11010] syzkaller0: entered promiscuous mode
[  212.555227][T11010] syzkaller0: entered allmulticast mode
[  212.734589][T11032] FAULT_INJECTION: forcing a failure.
[  212.734589][T11032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.751230][T11032] CPU: 1 UID: 0 PID: 11032 Comm: syz.5.1660 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  212.751257][T11032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  212.751268][T11032] Call Trace:
[  212.751275][T11032]  <TASK>
[  212.751283][T11032]  dump_stack_lvl+0x189/0x250
[  212.751310][T11032]  ? __pfx____ratelimit+0x10/0x10
[  212.751332][T11032]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.751354][T11032]  ? __pfx__printk+0x10/0x10
[  212.751378][T11032]  ? __might_fault+0xb0/0x130
[  212.751413][T11032]  should_fail_ex+0x414/0x560
[  212.751440][T11032]  _copy_from_user+0x2d/0xb0
[  212.751459][T11032]  __sys_sendto+0x25c/0x520
[  212.751486][T11032]  ? __pfx___sys_sendto+0x10/0x10
[  212.751506][T11032]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  212.751550][T11032]  ? __fget_files+0x3a0/0x420
[  212.751585][T11032]  ? ksys_write+0x22a/0x250
[  212.751610][T11032]  ? __pfx_ksys_write+0x10/0x10
[  212.751629][T11032]  ? rcu_is_watching+0x15/0xb0
[  212.751653][T11032]  __x64_sys_sendto+0xde/0x100
[  212.751681][T11032]  do_syscall_64+0xfa/0x3b0
[  212.751702][T11032]  ? lockdep_hardirqs_on+0x9c/0x150
[  212.751723][T11032]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.751742][T11032]  ? clear_bhb_loop+0x60/0xb0
[  212.751764][T11032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.751783][T11032] RIP: 0033:0x7f1c4eb8ebe9
[  212.751800][T11032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.751816][T11032] RSP: 002b:00007f1c4f9a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  212.751835][T11032] RAX: ffffffffffffffda RBX: 00007f1c4edb5fa0 RCX: 00007f1c4eb8ebe9
[  212.751849][T11032] RDX: 0000000000000900 RSI: 0000000000000000 RDI: 0000000000000004
[  212.751860][T11032] RBP: 00007f1c4f9a7090 R08: 00002000000001c0 R09: 0000000000000048
[  212.751872][T11032] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  212.751883][T11032] R13: 00007f1c4edb6038 R14: 00007f1c4edb5fa0 R15: 00007ffc3023f448
[  212.751913][T11032]  </TASK>
[  213.005268][T10999] tipc: Resetting bearer <eth:syzkaller0>
[  213.061124][T11036] netlink: 'syz.5.1662': attribute type 1 has an invalid length.
[  213.070250][T11036] netlink: 'syz.5.1662': attribute type 1 has an invalid length.
[  213.091161][T10999] tipc: Disabling bearer <eth:syzkaller0>
[  213.171262][T11036] 8021q: adding VLAN 0 to HW filter on device bond5
[  213.193563][T11036] bond4: (slave bond5): making interface the new active one
[  213.227144][T11036] bond4: (slave bond5): Enslaving as an active interface with an up link
[  213.428264][T11048] FAULT_INJECTION: forcing a failure.
[  213.428264][T11048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.476502][T11048] CPU: 0 UID: 0 PID: 11048 Comm: syz.5.1665 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  213.476530][T11048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  213.476541][T11048] Call Trace:
[  213.476549][T11048]  <TASK>
[  213.476557][T11048]  dump_stack_lvl+0x189/0x250
[  213.476584][T11048]  ? __pfx____ratelimit+0x10/0x10
[  213.476607][T11048]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.476628][T11048]  ? __pfx__printk+0x10/0x10
[  213.476653][T11048]  ? __might_fault+0xb0/0x130
[  213.476689][T11048]  should_fail_ex+0x414/0x560
[  213.476716][T11048]  _copy_from_iter+0x1db/0x16f0
[  213.476745][T11048]  ? rcu_is_watching+0x15/0xb0
[  213.476766][T11048]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  213.476792][T11048]  ? __pfx__copy_from_iter+0x10/0x10
[  213.476819][T11048]  ? __build_skb_around+0x257/0x3e0
[  213.476846][T11048]  ? netlink_sendmsg+0x642/0xb30
[  213.476867][T11048]  ? skb_put+0x11b/0x210
[  213.476893][T11048]  netlink_sendmsg+0x6b2/0xb30
[  213.476926][T11048]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.476952][T11048]  ? aa_sock_msg_perm+0xf1/0x1d0
[  213.476979][T11048]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  213.476998][T11048]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.477022][T11048]  __sock_sendmsg+0x21c/0x270
[  213.477046][T11048]  ____sys_sendmsg+0x505/0x830
[  213.477076][T11048]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.477110][T11048]  ? import_iovec+0x74/0xa0
[  213.477132][T11048]  ___sys_sendmsg+0x21f/0x2a0
[  213.477160][T11048]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.477223][T11048]  ? __fget_files+0x2a/0x420
[  213.477248][T11048]  ? __fget_files+0x3a0/0x420
[  213.477284][T11048]  __x64_sys_sendmsg+0x19b/0x260
[  213.477312][T11048]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  213.477348][T11048]  ? __pfx_ksys_write+0x10/0x10
[  213.477368][T11048]  ? rcu_is_watching+0x15/0xb0
[  213.477392][T11048]  ? do_syscall_64+0xbe/0x3b0
[  213.477418][T11048]  do_syscall_64+0xfa/0x3b0
[  213.477439][T11048]  ? lockdep_hardirqs_on+0x9c/0x150
[  213.477460][T11048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.477479][T11048]  ? clear_bhb_loop+0x60/0xb0
[  213.477507][T11048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.477525][T11048] RIP: 0033:0x7f1c4eb8ebe9
[  213.477542][T11048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.477558][T11048] RSP: 002b:00007f1c4f9a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.477578][T11048] RAX: ffffffffffffffda RBX: 00007f1c4edb5fa0 RCX: 00007f1c4eb8ebe9
[  213.477592][T11048] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  213.477603][T11048] RBP: 00007f1c4f9a7090 R08: 0000000000000000 R09: 0000000000000000
[  213.477614][T11048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.477625][T11048] R13: 00007f1c4edb6038 R14: 00007f1c4edb5fa0 R15: 00007ffc3023f448
[  213.477655][T11048]  </TASK>
[  213.782576][T11050] __nla_validate_parse: 3 callbacks suppressed
[  213.782594][T11050] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1666'.
[  213.799327][T11050] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1666'.
[  214.034626][T11052] bond0: (slave wlan1): Releasing backup interface
[  214.034858][T11059] netlink: 'syz.7.1671': attribute type 1 has an invalid length.
[  214.066450][T11059] netlink: 'syz.7.1671': attribute type 1 has an invalid length.
[  214.090229][T11062] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1669'.
[  214.140248][T11062] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1669'.
[  214.168864][T11068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1673'.
[  214.181269][T11068] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1673'.
[  214.318666][T11059] 8021q: adding VLAN 0 to HW filter on device bond10
[  214.356770][T11059] bond9: (slave bond10): making interface the new active one
[  214.389607][T11059] bond9: (slave bond10): Enslaving as an active interface with an up link
[  215.244985][T11114] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1689'.
[  215.287857][T11114] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1689'.
[  216.267746][T11121] netlink: 312 bytes leftover after parsing attributes in process `syz.7.1694'.
[  216.441637][T11135] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1700'.
[  216.812989][T11164] veth1_to_bond: entered allmulticast mode
[  216.864379][T11164] veth1_to_bond: left allmulticast mode
[  216.997058][T11173] netlink: 'syz.5.1712': attribute type 30 has an invalid length.
[  217.222676][T11190] FAULT_INJECTION: forcing a failure.
[  217.222676][T11190] name failslab, interval 1, probability 0, space 0, times 0
[  217.265791][T11190] CPU: 1 UID: 0 PID: 11190 Comm: syz.6.1719 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  217.265819][T11190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  217.265830][T11190] Call Trace:
[  217.265838][T11190]  <TASK>
[  217.265848][T11190]  dump_stack_lvl+0x189/0x250
[  217.265875][T11190]  ? __pfx____ratelimit+0x10/0x10
[  217.265897][T11190]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.265919][T11190]  ? __pfx__printk+0x10/0x10
[  217.265950][T11190]  ? __pfx___might_resched+0x10/0x10
[  217.265967][T11190]  ? fs_reclaim_acquire+0x7d/0x100
[  217.265998][T11190]  should_fail_ex+0x414/0x560
[  217.266026][T11190]  should_failslab+0xa8/0x100
[  217.266052][T11190]  __kmalloc_noprof+0xcb/0x4f0
[  217.266074][T11190]  ? tcp_sigpool_alloc_ahash+0x144/0xc70
[  217.266101][T11190]  tcp_sigpool_alloc_ahash+0x144/0xc70
[  217.266133][T11190]  ? __pfx_tcp_sigpool_alloc_ahash+0x10/0x10
[  217.266163][T11190]  ? __might_fault+0xb0/0x130
[  217.266199][T11190]  tcp_md5_alloc_sigpool+0x1b/0x50
[  217.266224][T11190]  tcp_md5_do_add+0x107/0x3a0
[  217.266252][T11190]  tcp_v4_parse_md5_keys+0x412/0x600
[  217.266284][T11190]  ? __pfx_tcp_v4_parse_md5_keys+0x10/0x10
[  217.266309][T11190]  ? __lock_acquire+0xab9/0xd20
[  217.266357][T11190]  ? __local_bh_enable_ip+0x12d/0x1c0
[  217.266375][T11190]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  217.266407][T11190]  do_tcp_setsockopt+0x10d5/0x1f10
[  217.266438][T11190]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  217.266462][T11190]  ? __pfx___mutex_lock+0x10/0x10
[  217.266484][T11190]  ? copy_from_user_nofault+0xa7/0x160
[  217.266520][T11190]  ? sock_common_setsockopt+0x36/0xc0
[  217.266540][T11190]  ? tcp_setsockopt+0x3d/0xe0
[  217.266561][T11190]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  217.266585][T11190]  smc_setsockopt+0x232/0xab0
[  217.266615][T11190]  ? __pfx_smc_setsockopt+0x10/0x10
[  217.266634][T11190]  ? aa_sock_opt_perm+0xff/0x1b0
[  217.266662][T11190]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  217.266681][T11190]  ? __pfx_smc_setsockopt+0x10/0x10
[  217.266703][T11190]  do_sock_setsockopt+0x17c/0x1b0
[  217.266733][T11190]  __x64_sys_setsockopt+0x13f/0x1b0
[  217.266764][T11190]  do_syscall_64+0xfa/0x3b0
[  217.266785][T11190]  ? lockdep_hardirqs_on+0x9c/0x150
[  217.266806][T11190]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.266825][T11190]  ? clear_bhb_loop+0x60/0xb0
[  217.266848][T11190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.266866][T11190] RIP: 0033:0x7fc930b8ebe9
[  217.266884][T11190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.266901][T11190] RSP: 002b:00007fc931adc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  217.266920][T11190] RAX: ffffffffffffffda RBX: 00007fc930db5fa0 RCX: 00007fc930b8ebe9
[  217.266933][T11190] RDX: 0000000000000020 RSI: 0000000000000006 RDI: 0000000000000005
[  217.266944][T11190] RBP: 00007fc931adc090 R08: 00000000000000d8 R09: 0000000000000000
[  217.266955][T11190] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  217.266967][T11190] R13: 00007fc930db6038 R14: 00007fc930db5fa0 R15: 00007fff7af44f98
[  217.267000][T11190]  </TASK>
[  217.910296][T11212] netlink: 'syz.5.1728': attribute type 1 has an invalid length.
[  217.973266][T11212] bond6 (unregistering): Released all slaves
[  218.172250][T11227] netlink: 'syz.5.1733': attribute type 1 has an invalid length.
[  218.182379][T11227] netlink: 'syz.5.1733': attribute type 1 has an invalid length.
[  218.329444][T11231] 8021q: adding VLAN 0 to HW filter on device bond7
[  218.339020][T11231] bond6: (slave bond7): making interface the new active one
[  218.347284][T11231] bond6: (slave bond7): Enslaving as an active interface with an up link
[  218.363218][T11235] 0ªî{X¹¦: entered promiscuous mode
[  218.410663][T11234] netdevsim netdevsim7 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  218.488801][T11230] 1ªî{X¹¦: renamed from 
30ªî{X¹¦
[  218.504121][T11230] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  218.707862][T11234] netdevsim netdevsim7 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  218.871441][T11234] netdevsim netdevsim7 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  218.914950][T11255] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  218.932265][T11267] tipc: Resetting bearer <eth:syzkaller0>
[  218.953461][T11243] syzkaller0: entered promiscuous mode
[  218.964791][T11243] syzkaller0: entered allmulticast mode
[  218.992122][T11242] tipc: Resetting bearer <eth:syzkaller0>
[  219.020466][T11242] tipc: Disabling bearer <eth:syzkaller0>
[  219.077602][T11234] netdevsim netdevsim7 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  219.205457][T11277] netlink: 'syz.5.1757': attribute type 1 has an invalid length.
[  219.220387][T11277] netlink: 'syz.5.1757': attribute type 1 has an invalid length.
[  219.328766][T11281] netlink: 'syz.6.1748': attribute type 1 has an invalid length.
[  219.381051][T11281] netlink: 'syz.6.1748': attribute type 1 has an invalid length.
[  219.427177][T11283] __nla_validate_parse: 8 callbacks suppressed
[  219.427194][T11283] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1750'.
[  219.450937][T11287] netlink: 'syz.2.1751': attribute type 39 has an invalid length.
[  219.473049][ T3022] netdevsim netdevsim7 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  219.562128][T11288] 8021q: adding VLAN 0 to HW filter on device bond4
[  219.573704][T11288] bond3: (slave bond4): making interface the new active one
[  219.582298][T11288] bond3: (slave bond4): Enslaving as an active interface with an up link
[  219.638058][ T3022] netdevsim netdevsim7 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  219.703154][ T3022] netdevsim netdevsim7 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  219.753432][ T3022] netdevsim netdevsim7 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  219.864017][T11306] netlink: 'syz.3.1758': attribute type 10 has an invalid length.
[  219.909383][T11311] syzkaller0: entered promiscuous mode
[  219.917033][T11311] syzkaller0: entered allmulticast mode
[  219.925034][T11310] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  219.996726][T11310] tipc: Resetting bearer <eth:syzkaller0>
[  220.043840][T11310] tipc: Disabling bearer <eth:syzkaller0>
[  220.261545][T11330] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1764'.
[  220.371293][T11338] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1767'.
[  221.009293][T11375] openvswitch: netlink: Key 6 has unexpected len 0 expected 2
[  221.071410][T11377] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  221.114955][T11377] block nbd0: Unsupported socket: shutdown callout must be supported.
[  221.780815][T11424] bond6: (slave vti0): The slave device specified does not support setting the MAC address
[  221.792048][T11424] bond6: (slave vti0): Setting fail_over_mac to active for active-backup mode
[  221.805594][T11424] bond6: (slave vti0): making interface the new active one
[  221.813938][T11424] bond6: (slave vti0): Enslaving as an active interface with an up link
[  221.854734][T11420] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1795'.
[  222.009957][ T5878] Bluetooth: hci4: command 0x0406 tx timeout
[  222.128603][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.150137][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.385028][T11457] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1804'.
[  222.710851][T11469] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  222.730037][T11473] validate_nla: 1 callbacks suppressed
[  222.730055][T11473] netlink: 'syz.3.1810': attribute type 4 has an invalid length.
[  222.757624][T11469] syzkaller0: entered promiscuous mode
[  222.765765][T11473] netlink: 'syz.3.1810': attribute type 17 has an invalid length.
[  222.782054][T11469] syzkaller0: entered allmulticast mode
[  222.833097][T11469] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  222.913683][T11478] team_slave_0: left promiscuous mode
[  222.923443][T11482] ieee802154 phy0 wpan0: encryption failed: -22
[  222.937370][T11478] team0 (unregistering): Port device team_slave_0 removed
[  222.954501][T11478] team_slave_1: left promiscuous mode
[  222.964778][T11486] netlink: 'syz.6.1816': attribute type 1 has an invalid length.
[  222.964992][T11478] team0 (unregistering): Port device team_slave_1 removed
[  222.980849][T11484] netlink: 'syz.3.1815': attribute type 1 has an invalid length.
[  222.981997][T11486] netlink: 'syz.6.1816': attribute type 1 has an invalid length.
[  222.990495][T11484] netlink: 'syz.3.1815': attribute type 1 has an invalid length.
[  223.025151][T11470] tipc: Resetting bearer <eth:syzkaller0>
[  223.103763][T11491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1817'.
[  223.278122][T11469] tipc: Resetting bearer <eth:syzkaller0>
[  223.338278][T11469] tipc: Disabling bearer <eth:syzkaller0>
[  223.370858][T11503] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1821'.
[  223.409206][T11503] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1821'.
[  223.727785][T11520] veth9: entered promiscuous mode
[  223.908466][T11534] wg1 speed is unknown, defaulting to 1000
[  223.946396][T11534] wg1 speed is unknown, defaulting to 1000
[  224.006950][T11541] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1831'.
[  224.025589][T11534] wg1 speed is unknown, defaulting to 1000
[  224.072540][T11534] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  224.117324][T11541] netlink: 788 bytes leftover after parsing attributes in process `syz.3.1831'.
[  224.182145][T11534] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  224.357314][T11534] wg1 speed is unknown, defaulting to 1000
[  224.388136][T11534] wg1 speed is unknown, defaulting to 1000
[  224.408078][T11534] wg1 speed is unknown, defaulting to 1000
[  224.416500][T11534] wg1 speed is unknown, defaulting to 1000
[  224.460263][T11534] wg1 speed is unknown, defaulting to 1000
[  224.500365][T11534] wg1 speed is unknown, defaulting to 1000
[  224.701373][T11568] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1845'.
[  224.710736][T11569] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1843'.
[  224.714103][T11562] wg1 speed is unknown, defaulting to 1000
[  224.938589][T11580] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1847'.
[  224.955395][T11582] ieee802154 phy0 wpan0: encryption failed: -22
[  224.962974][T11582] netlink: 196 bytes leftover after parsing attributes in process `syz.5.1849'.
[  225.238899][T11584] wg1 speed is unknown, defaulting to 1000
[  225.698480][T11603] mac80211_hwsim hwsim30 wlan1: entered allmulticast mode
[  225.713179][T11603] netlink: 'syz.5.1856': attribute type 10 has an invalid length.
[  225.855005][T11607] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1858'.
[  225.868434][T11607] netlink: 'syz.5.1858': attribute type 1 has an invalid length.
[  225.877193][T11609] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1859'.
[  225.891250][T11609] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1859'.
[  225.907319][T11607] 8021q: adding VLAN 0 to HW filter on device bond0
[  225.928230][T11607] bond0: (slave rose0): Enslaving as an active interface with an up link
[  226.099131][T11620] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1860'.
[  226.153913][T11624] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1861'.
[  226.163132][T11624] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1861'.
[  226.794658][T11656] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  226.958811][T11658] wg1 speed is unknown, defaulting to 1000
[  227.486016][T11683] netlink: 'syz.2.1877': attribute type 1 has an invalid length.
[  227.861947][T11704] netlink: 'syz.2.1880': attribute type 4 has an invalid length.
[  227.917245][T11706] delete_channel: no stack
[  229.004558][T11744] wg1 speed is unknown, defaulting to 1000
[  229.027885][T11750] netlink: 'syz.7.1891': attribute type 11 has an invalid length.
[  229.058564][T11745] siw: device registration error -23
[  229.087575][T11748] ieee802154 phy0 wpan0: encryption failed: -22
[  229.342585][T11748] veth5: left promiscuous mode
[  229.366302][T11748] vlan2: left promiscuous mode
[  229.517024][   T49] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.538401][   T49] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.632645][T11760] netlink: 'syz.7.1895': attribute type 13 has an invalid length.
[  229.658847][   T49] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.720575][   T49] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.877672][T11762] __nla_validate_parse: 12 callbacks suppressed
[  229.877693][T11762] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1894'.
[  230.018281][T11766] syzkaller1: entered promiscuous mode
[  230.023815][T11766] syzkaller1: entered allmulticast mode
[  230.056825][T11781] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1900'.
[  230.220284][T11788] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1904'.
[  230.305149][T11788] bond0: entered promiscuous mode
[  230.321699][T11788] syz_tun: entered promiscuous mode
[  230.329455][T11788] bond0: left promiscuous mode
[  230.339177][T11795] netlink: 'syz.2.1905': attribute type 1 has an invalid length.
[  230.352463][T11788] syz_tun: left promiscuous mode
[  230.413022][T11801] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1905'.
[  230.466728][T11800] netlink: 788 bytes leftover after parsing attributes in process `syz.6.1907'.
[  230.529090][T11806] netlink: 'syz.7.1908': attribute type 1 has an invalid length.
[  230.563809][T11806] 8021q: adding VLAN 0 to HW filter on device bond11
[  230.590954][T11806] 8021q: adding VLAN 0 to HW filter on device batadv1
[  230.600646][T11806] bond11: (slave batadv1): making interface the new active one
[  230.610210][T11806] bond11: (slave batadv1): Enslaving as an active interface with an up link
[  230.690056][T11807] bond0: (slave syz_tun): Releasing backup interface
[  230.889847][T11820] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1916'.
[  230.919418][T11820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1916'.
[  231.111754][T11837] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1921'.
[  231.279125][T11845] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1921'.
[  231.346639][ T6960] IPVS: starting estimator thread 0...
[  231.446615][T11852] IPVS: using max 26 ests per chain, 62400 per kthread
[  231.621160][T11866] netlink: 84 bytes leftover after parsing attributes in process `syz.7.1930'.
[  231.792925][T11877] ieee802154 phy0 wpan0: encryption failed: -22
[  232.006947][ T2996] netdevsim netdevsim7 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  232.046892][ T2996] netdevsim netdevsim7 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  232.104570][T11880] vlan2: entered promiscuous mode
[  232.125814][T11880] veth0: entered promiscuous mode
[  232.174588][ T2996] netdevsim netdevsim7 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  232.185693][ T2996] netdevsim netdevsim7 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  232.293019][T11897] netlink: 'syz.3.1942': attribute type 1 has an invalid length.
[  232.324986][T11905] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  232.427452][T11907] bridge_slave_0: left allmulticast mode
[  232.476261][T11907] bridge_slave_0: left promiscuous mode
[  232.505671][T11907] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.533180][T11907] bridge_slave_1: left allmulticast mode
[  232.561967][T11907] bridge_slave_1: left promiscuous mode
[  232.573206][T11907] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.600715][T11907] bond0: (slave bond_slave_0): Releasing backup interface
[  232.609988][T11907] bond0: (slave bond_slave_1): Releasing backup interface
[  232.619609][T11907] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.629205][T11907] bond2: (slave bond3): Releasing backup interface
[  232.683451][T11922] syzkaller1: entered promiscuous mode
[  232.689468][T11922] syzkaller1: entered allmulticast mode
[  233.131652][T11947] FAULT_INJECTION: forcing a failure.
[  233.131652][T11947] name failslab, interval 1, probability 0, space 0, times 0
[  233.150104][T11947] CPU: 0 UID: 0 PID: 11947 Comm: syz.2.1959 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  233.150132][T11947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  233.150143][T11947] Call Trace:
[  233.150151][T11947]  <TASK>
[  233.150158][T11947]  dump_stack_lvl+0x189/0x250
[  233.150186][T11947]  ? __pfx____ratelimit+0x10/0x10
[  233.150210][T11947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.150231][T11947]  ? __pfx__printk+0x10/0x10
[  233.150259][T11947]  ? __pfx___might_resched+0x10/0x10
[  233.150277][T11947]  ? fs_reclaim_acquire+0x7d/0x100
[  233.150309][T11947]  should_fail_ex+0x414/0x560
[  233.150336][T11947]  should_failslab+0xa8/0x100
[  233.150364][T11947]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  233.150388][T11947]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  233.150407][T11947]  ? tcp_sigpool_alloc_ahash+0x83e/0xc70
[  233.150438][T11947]  kstrdup+0x42/0x100
[  233.150460][T11947]  tcp_sigpool_alloc_ahash+0x83e/0xc70
[  233.150495][T11947]  ? __pfx_tcp_sigpool_alloc_ahash+0x10/0x10
[  233.150515][T11947]  ? __might_fault+0xb0/0x130
[  233.150556][T11947]  tcp_md5_alloc_sigpool+0x1b/0x50
[  233.150580][T11947]  tcp_md5_do_add+0x107/0x3a0
[  233.150607][T11947]  tcp_v4_parse_md5_keys+0x412/0x600
[  233.150639][T11947]  ? __pfx_tcp_v4_parse_md5_keys+0x10/0x10
[  233.150663][T11947]  ? __lock_acquire+0xab9/0xd20
[  233.150707][T11947]  ? __local_bh_enable_ip+0x12d/0x1c0
[  233.150727][T11947]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  233.150756][T11947]  do_tcp_setsockopt+0x10d5/0x1f10
[  233.150787][T11947]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  233.150811][T11947]  ? __pfx___mutex_lock+0x10/0x10
[  233.150832][T11947]  ? copy_from_user_nofault+0xa7/0x160
[  233.150867][T11947]  ? sock_common_setsockopt+0x36/0xc0
[  233.150888][T11947]  ? tcp_setsockopt+0x3d/0xe0
[  233.150908][T11947]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  233.150932][T11947]  smc_setsockopt+0x232/0xab0
[  233.150964][T11947]  ? __pfx_smc_setsockopt+0x10/0x10
[  233.150982][T11947]  ? aa_sock_opt_perm+0xff/0x1b0
[  233.151011][T11947]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  233.151029][T11947]  ? __pfx_smc_setsockopt+0x10/0x10
[  233.151051][T11947]  do_sock_setsockopt+0x17c/0x1b0
[  233.151080][T11947]  __x64_sys_setsockopt+0x13f/0x1b0
[  233.151108][T11947]  do_syscall_64+0xfa/0x3b0
[  233.151129][T11947]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.151150][T11947]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.151168][T11947]  ? clear_bhb_loop+0x60/0xb0
[  233.151190][T11947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.151207][T11947] RIP: 0033:0x7f5393f8ebe9
[  233.151223][T11947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.151238][T11947] RSP: 002b:00007f5394ec2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  233.151258][T11947] RAX: ffffffffffffffda RBX: 00007f53941b5fa0 RCX: 00007f5393f8ebe9
[  233.151270][T11947] RDX: 0000000000000020 RSI: 0000000000000006 RDI: 0000000000000005
[  233.151281][T11947] RBP: 00007f5394ec2090 R08: 00000000000000d8 R09: 0000000000000000
[  233.151291][T11947] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  233.151302][T11947] R13: 00007f53941b6038 R14: 00007f53941b5fa0 R15: 00007ffe2e4ebdd8
[  233.151331][T11947]  </TASK>
[  233.984331][T11966] wg1 speed is unknown, defaulting to 1000
[  234.638898][T12009] openvswitch: netlink: Key type 251 is out of range max 32
[  234.734831][T12014] 8021q: VLANs not supported on vcan0
[  235.668471][T12044] netlink: 'syz.6.1995': attribute type 1 has an invalid length.
[  235.735035][T12046] bond12 (unregistering): Released all slaves
[  235.808631][T12044] 8021q: adding VLAN 0 to HW filter on device bond7
[  235.865493][ T6245] batman_adv: batadv0: Removing interface: netdevsim0
[  235.903430][T12052] bond7: (slave gretap0): making interface the new active one
[  235.917576][T12052] bond7: (slave gretap0): Enslaving as an active interface with an up link
[  236.207766][T12070] __nla_validate_parse: 13 callbacks suppressed
[  236.207783][T12070] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2001'.
[  236.219544][T12072] netlink: 312 bytes leftover after parsing attributes in process `syz.7.2002'.
[  236.690256][ T6245] bond0 (unregistering): Released all slaves
[  236.801779][ T6245] bond1 (unregistering): Released all slaves
[  236.827410][T12084] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2006'.
[  236.842032][T12085] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2004'.
[  237.016328][ T6245] tipc: Disabling bearer <udp:syz2>
[  237.025178][ T6245] tipc: Left network mode
[  237.192201][T12108] trusted_key: syz.2.2015 sent an empty control message without MSG_MORE.
[  237.248766][T12112] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2015'.
[  237.299519][ T6245] dummy0: left promiscuous mode
[  237.322725][ T6245] hsr_slave_0: left promiscuous mode
[  237.336290][ T6245] hsr_slave_1: left promiscuous mode
[  238.038794][T12122] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2020'.
[  238.215805][T12129] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2023'.
[  238.220036][T12136] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2023'.
[  238.298167][T12126] netlink: 248 bytes leftover after parsing attributes in process `syz.5.2020'.
[  238.511660][T12151] veth13: entered promiscuous mode
[  238.751310][T12161] netlink: 'syz.2.2030': attribute type 7 has an invalid length.
[  238.781124][T12161] netlink: 'syz.2.2030': attribute type 8 has an invalid length.
[  238.811209][ T5874] Bluetooth: hci2: command tx timeout
[  239.249811][T12181] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  239.352715][T12181] syzkaller0: entered promiscuous mode
[  239.361366][T12181] syzkaller0: entered allmulticast mode
[  239.370623][T12181] tipc: Resetting bearer <eth:syzkaller0>
[  239.541341][   T36] tipc: Resetting bearer <eth:syzkaller0>
[  239.551954][T12181] tipc: Resetting bearer <eth:syzkaller0>
[  240.266131][ T1227] tipc: Node number set to 4209510766
[  240.517259][T12200] ieee802154 phy0 wpan0: encryption failed: -22
[  240.524730][T12200] netlink: 196 bytes leftover after parsing attributes in process `syz.7.2044'.
[  241.540633][T12218] netlink: 'syz.6.2047': attribute type 5 has an invalid length.
[  241.664987][T12181] tipc: Disabling bearer <eth:syzkaller0>
[  242.011286][T12240] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2054'.
[  242.042582][T12242] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2052'.
[  242.091273][T12237] wg1 speed is unknown, defaulting to 1000
[  242.211692][T12244] netlink: 'syz.3.2055': attribute type 1 has an invalid length.
[  242.443105][T12262] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2057'.
[  242.483044][T12262] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2057'.
[  242.524472][T12268] netlink: 'syz.7.2062': attribute type 13 has an invalid length.
[  242.541620][T12268] netlink: 'syz.7.2062': attribute type 17 has an invalid length.
[  242.771207][T12280] netlink: 'syz.7.2062': attribute type 10 has an invalid length.
[  242.792404][T12280] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2062'.
[  242.871651][T12286] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2063'.
[  242.931679][T12268] 8021q: adding VLAN 0 to HW filter on device bond0
[  243.021386][T12268] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  243.307046][ T5874] Bluetooth: hci3: link tx timeout
[  243.313168][ T5874] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  243.326680][ T5874] Bluetooth: hci3: link tx timeout
[  243.331832][ T5874] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  243.379994][ T5874] Bluetooth: hci3: link tx timeout
[  243.385521][ T5874] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  243.472835][T12281] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  243.573998][T12316] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2069'.
[  243.584488][T12316] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2069'.
[  243.709207][T12264] wg1 speed is unknown, defaulting to 1000
[  243.759140][T12300] wg1 speed is unknown, defaulting to 1000
[  243.896716][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2073'.
[  243.914222][T12333] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2075'.
[  244.041262][T12335] netlink: 'syz.2.2077': attribute type 1 has an invalid length.
[  244.301090][T12352] FAULT_INJECTION: forcing a failure.
[  244.301090][T12352] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.317463][T12352] CPU: 1 UID: 0 PID: 12352 Comm: syz.3.2083 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  244.317513][T12352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  244.317535][T12352] Call Trace:
[  244.317549][T12352]  <TASK>
[  244.317564][T12352]  dump_stack_lvl+0x189/0x250
[  244.317614][T12352]  ? __pfx____ratelimit+0x10/0x10
[  244.317656][T12352]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.317702][T12352]  ? __pfx__printk+0x10/0x10
[  244.317755][T12352]  ? __might_fault+0xb0/0x130
[  244.317832][T12352]  should_fail_ex+0x414/0x560
[  244.317887][T12352]  _copy_from_iter+0x1db/0x16f0
[  244.317949][T12352]  ? rcu_is_watching+0x15/0xb0
[  244.317990][T12352]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  244.318030][T12352]  ? __pfx__copy_from_iter+0x10/0x10
[  244.318053][T12352]  ? __build_skb_around+0x257/0x3e0
[  244.318077][T12352]  ? netlink_sendmsg+0x642/0xb30
[  244.318096][T12352]  ? skb_put+0x11b/0x210
[  244.318120][T12352]  netlink_sendmsg+0x6b2/0xb30
[  244.318151][T12352]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.318177][T12352]  ? aa_sock_msg_perm+0xf1/0x1d0
[  244.318210][T12352]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  244.318229][T12352]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.318252][T12352]  __sock_sendmsg+0x21c/0x270
[  244.318276][T12352]  ____sys_sendmsg+0x505/0x830
[  244.318305][T12352]  ? __pfx_____sys_sendmsg+0x10/0x10
[  244.318340][T12352]  ? import_iovec+0x74/0xa0
[  244.318361][T12352]  ___sys_sendmsg+0x21f/0x2a0
[  244.318388][T12352]  ? __pfx____sys_sendmsg+0x10/0x10
[  244.318446][T12352]  ? __fget_files+0x2a/0x420
[  244.318471][T12352]  ? __fget_files+0x3a0/0x420
[  244.318506][T12352]  __x64_sys_sendmsg+0x19b/0x260
[  244.318534][T12352]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  244.318569][T12352]  ? __pfx_ksys_write+0x10/0x10
[  244.318589][T12352]  ? rcu_is_watching+0x15/0xb0
[  244.318613][T12352]  ? do_syscall_64+0xbe/0x3b0
[  244.318639][T12352]  do_syscall_64+0xfa/0x3b0
[  244.318659][T12352]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.318679][T12352]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.318698][T12352]  ? clear_bhb_loop+0x60/0xb0
[  244.318720][T12352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.318738][T12352] RIP: 0033:0x7febd878ebe9
[  244.318754][T12352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.318770][T12352] RSP: 002b:00007febd9556038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  244.318789][T12352] RAX: ffffffffffffffda RBX: 00007febd89b5fa0 RCX: 00007febd878ebe9
[  244.318801][T12352] RDX: 0000000000004040 RSI: 00002000000006c0 RDI: 0000000000000005
[  244.318812][T12352] RBP: 00007febd9556090 R08: 0000000000000000 R09: 0000000000000000
[  244.318823][T12352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.318834][T12352] R13: 00007febd89b6038 R14: 00007febd89b5fa0 R15: 00007ffd1caecc18
[  244.318864][T12352]  </TASK>
[  244.830758][T12369] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  245.104767][T12376] 8021q: VLANs not supported on vcan0
[  245.380293][ T5874] Bluetooth: hci3: command 0x0406 tx timeout
[  245.441952][T12389] netlink: 'syz.7.2094': attribute type 10 has an invalid length.
[  245.466633][T12389] syz_tun: entered allmulticast mode
[  245.468462][T12393] netlink: 'syz.5.2096': attribute type 16 has an invalid length.
[  245.482262][T12393] netlink: 'syz.5.2096': attribute type 3 has an invalid length.
[  245.518439][T12389] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  245.827353][T12414] netlink: 'syz.2.2104': attribute type 1 has an invalid length.
[  246.738973][T12466] wg1 speed is unknown, defaulting to 1000
[  246.983125][T12484] validate_nla: 1 callbacks suppressed
[  246.983143][T12484] netlink: 'syz.7.2131': attribute type 10 has an invalid length.
[  247.154402][T12493] __nla_validate_parse: 6 callbacks suppressed
[  247.154421][T12493] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2135'.
[  247.324897][T12493] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2135'.
[  247.334749][T12493] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2135'.
[  247.485090][T12493] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2135'.
[  247.504147][T12493] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2135'.
[  247.654693][T12513] ieee802154 phy0 wpan0: encryption failed: -22
[  247.688072][T12513] netlink: 196 bytes leftover after parsing attributes in process `syz.5.2142'.
[  247.832589][T12493] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2135'.
[  247.858290][T12493] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2135'.
[  247.991354][T12524] 8021q: adding VLAN 0 to HW filter on device bond9
[  247.999738][T12526] netlink: 9 bytes leftover after parsing attributes in process `syz.5.2148'.
[  248.026771][T12526] gretap0: entered promiscuous mode
[  248.033217][T12526] netlink: 21 bytes leftover after parsing attributes in process `syz.5.2148'.
[  248.053168][T12526] gretap0: left promiscuous mode
[  248.059137][T12526] gretap0: entered allmulticast mode
[  248.073659][T12524] bond1: (slave ip6gretap1): Releasing backup interface
[  248.085528][T12524] bond1: (slave ip6gretap1): the permanent HWaddr of slave - f2:19:4c:c5:62:fe - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  248.113384][T12534] FAULT_INJECTION: forcing a failure.
[  248.113384][T12534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.129849][T12534] CPU: 1 UID: 0 PID: 12534 Comm: syz.7.2150 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  248.129876][T12534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  248.129886][T12534] Call Trace:
[  248.129893][T12534]  <TASK>
[  248.129901][T12534]  dump_stack_lvl+0x189/0x250
[  248.129931][T12534]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.129973][T12534]  should_fail_ex+0x414/0x560
[  248.129999][T12534]  _copy_from_user+0x2d/0xb0
[  248.130019][T12534]  ___sys_sendmsg+0x158/0x2a0
[  248.130047][T12534]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.130117][T12534]  ? __fget_files+0x2a/0x420
[  248.130141][T12534]  ? __fget_files+0x3a0/0x420
[  248.130176][T12534]  __x64_sys_sendmsg+0x19b/0x260
[  248.130205][T12534]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  248.130241][T12534]  ? __pfx_ksys_write+0x10/0x10
[  248.130261][T12534]  ? rcu_is_watching+0x15/0xb0
[  248.130286][T12534]  ? do_syscall_64+0xbe/0x3b0
[  248.130313][T12534]  do_syscall_64+0xfa/0x3b0
[  248.130334][T12534]  ? lockdep_hardirqs_on+0x9c/0x150
[  248.130355][T12534]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.130372][T12534]  ? clear_bhb_loop+0x60/0xb0
[  248.130394][T12534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.130412][T12534] RIP: 0033:0x7f23db78ebe9
[  248.130429][T12534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.130444][T12534] RSP: 002b:00007f23dc619038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  248.130464][T12534] RAX: ffffffffffffffda RBX: 00007f23db9b5fa0 RCX: 00007f23db78ebe9
[  248.130477][T12534] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  248.130488][T12534] RBP: 00007f23dc619090 R08: 0000000000000000 R09: 0000000000000000
[  248.130499][T12534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.130510][T12534] R13: 00007f23db9b6038 R14: 00007f23db9b5fa0 R15: 00007ffeea350838
[  248.130539][T12534]  </TASK>
[  248.365378][T12524] bond1: (slave veth5): Releasing backup interface
[  248.388938][T12524] bond4: (slave bond5): Releasing backup interface
[  248.402291][T12524] bond6: (slave vti0): Releasing backup interface
[  248.788908][T12551] netlink: 'syz.6.2158': attribute type 1 has an invalid length.
[  248.832560][T12560] veth3: entered promiscuous mode
[  248.844216][T12560] bond4: (slave veth3): Enslaving as an active interface with an up link
[  249.034193][T12571] netlink: 'syz.6.2168': attribute type 1 has an invalid length.
[  249.966463][T12643] macvtap1: entered allmulticast mode
[  249.968929][T12642] netlink: 'syz.6.2193': attribute type 1 has an invalid length.
[  249.972906][T12643] bridge_slave_1: entered allmulticast mode
[  249.991862][T12643] batman_adv: batadv0: Adding interface: macvtap1
[  250.002721][T12643] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  250.032145][T12643] batman_adv: batadv0: Interface activated: macvtap1
[  250.450417][T12667] gretap0: entered promiscuous mode
[  250.500404][T12667] gretap0: left promiscuous mode
[  251.234329][T12718] netlink: 'syz.2.2220': attribute type 10 has an invalid length.
[  251.243556][T12718] !
: entered allmulticast mode
[  251.249929][T12718] bridge0: port 1(
0!
) entered blocking state
[  251.257040][T12718] bridge0: port 1(
0!
) entered disabled state
[  251.267180][T12718] A link change request failed with some changes committed already. Interface 
0!
 may have been left with an inconsistent configuration, please check.
[  251.421480][T12728] tipc: Invalid UDP bearer configuration
[  251.421534][T12728] tipc: Enabling of bearer <udp:sy{±> rejected, failed to enable media
[  251.581001][T12735] veth0_to_bridge: entered promiscuous mode
[  251.621857][T12733] veth0_to_bridge: left promiscuous mode
[  252.151433][T12766] 0ªî{X¹¦: entered promiscuous mode
[  252.172837][T12769] __nla_validate_parse: 16 callbacks suppressed
[  252.172854][T12769] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2236'.
[  252.180091][T12766] netlink: 5 bytes leftover after parsing attributes in process `syz.6.2235'.
[  252.223500][T12766] 0ªî{X¹¦: left promiscuous mode
[  252.242803][T12766] 0ªî{X¹¦: entered allmulticast mode
[  252.267224][T12771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2237'.
[  252.421871][T12779] mac80211_hwsim hwsim34 wlan1: entered allmulticast mode
[  252.457774][T12781] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2241'.
[  252.471882][T12779] netlink: 'syz.3.2240': attribute type 10 has an invalid length.
[  252.652468][T12787] netlink: 'syz.6.2244': attribute type 3 has an invalid length.
[  252.889832][T12801] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2248'.
[  252.913793][T12801] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2248'.
[  253.100903][T12811] ieee802154 phy0 wpan0: encryption failed: -22
[  253.119507][T12811] netlink: 196 bytes leftover after parsing attributes in process `syz.5.2251'.
[  253.150516][T12815] ieee802154 phy0 wpan0: encryption failed: -22
[  253.167204][T12815] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2252'.
[  253.238842][T12815] 1ªî{X¹¦: left promiscuous mode
[  253.388376][T12828] netlink: 'syz.3.2258': attribute type 3 has an invalid length.
[  253.559300][T12836] wg0 speed is unknown, defaulting to 1000
[  253.574891][T12834] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2262'.
[  253.588440][T12836] wg0 speed is unknown, defaulting to 1000
[  253.614199][T12834] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2262'.
[  253.625013][T12836] wg0 speed is unknown, defaulting to 1000
[  253.719660][T12845] veth1: entered promiscuous mode
[  253.759587][T12845] bridge1: entered promiscuous mode
[  253.786673][T12845] hsr2: Slave A (veth1) is not up; please bring it up to get a fully working HSR network
[  253.803155][T12845] hsr2: entered promiscuous mode
[  253.902304][T12851] bond10 (unregistering): Released all slaves
[  254.224141][T12836] infiniband syz2: set down
[  254.231394][   T24] wg0 speed is unknown, defaulting to 1000
[  254.268422][T12836] infiniband syz2: added wg0
[  254.274892][T12836] syz2: rxe_create_cq: returned err = -12
[  254.282017][T12872] ieee802154 phy0 wpan0: encryption failed: -22
[  254.289094][T12836] infiniband syz2: Couldn't create ib_mad CQ
[  254.301073][T12836] infiniband syz2: Couldn't open port 1
[  254.392835][T12836] RDS/IB: syz2: added
[  254.411752][T12836] smc: adding ib device syz2 with port count 1
[  254.438650][T12836] smc:    ib device syz2 port 1 has pnetid 
[  254.455364][   T24] wg0 speed is unknown, defaulting to 1000
[  254.470333][T12836] wg0 speed is unknown, defaulting to 1000
[  254.829425][T12889] bond8 (unregistering): Released all slaves
[  255.330800][T12915] netlink: 'syz.3.2288': attribute type 14 has an invalid length.
[  255.388965][T12836] wg0 speed is unknown, defaulting to 1000
[  255.774511][ T1304] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[  255.785035][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  256.003096][T12836] wg0 speed is unknown, defaulting to 1000
[  256.104986][T12950] netlink: 'syz.7.2297': attribute type 1 has an invalid length.
[  256.213734][T12952] vlan2: entered allmulticast mode
[  256.224634][T12950] tipc: Failed to remove unknown binding: 66,1,1/0:1139694513/1139694515
[  256.236193][T12952] bond12: entered allmulticast mode
[  256.251410][T12950] tipc: Failed to remove unknown binding: 66,1,1/0:1139694513/1139694515
[  256.503178][T12836] wg0 speed is unknown, defaulting to 1000
[  256.799713][T12836] wg0 speed is unknown, defaulting to 1000
[  257.703999][T13016] netlink: 'syz.2.2317': attribute type 21 has an invalid length.
[  257.750904][T13016] __nla_validate_parse: 6 callbacks suppressed
[  257.750922][T13016] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2317'.
[  257.785697][T13016] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2317'.
[  257.974645][T13032] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2324'.
[  258.261211][T13038] bond10 (unregistering): Released all slaves
[  258.291468][T13041] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  258.317940][T13052] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2330'.
[  258.339135][T13044] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2328'.
[  258.350590][T13047] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2328'.
[  258.486630][T13055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2331'.
[  258.514836][T13059] netlink: 788 bytes leftover after parsing attributes in process `syz.2.2333'.
[  258.739087][T13069] tipc: Started in network mode
[  258.744315][T13069] tipc: Node identity 5eaf6f8b0155, cluster identity 4711
[  258.772499][T13069] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  258.800429][T13068] tipc: Disabling bearer <eth:syzkaller0>
[  258.963917][T13079] ieee802154 phy0 wpan0: encryption failed: -22
[  258.971306][T13079] netlink: 196 bytes leftover after parsing attributes in process `syz.7.2341'.
[  259.023356][T13085] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2344'.
[  259.131305][T13079] veth3: left promiscuous mode
[  259.201314][T13079] hsr2: left promiscuous mode
[  259.469962][T13105] 0ªî{X¹¦: entered promiscuous mode
[  259.480429][T13105] 0ªî{X¹¦: left promiscuous mode
[  259.485587][T13105] 0ªî{X¹¦: entered allmulticast mode
[  259.891583][T13134] bond0 (unregistering): Released all slaves
[  259.993835][T13146] netlink: 'syz.7.2367': attribute type 11 has an invalid length.
[  260.159976][T13153] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.184562][T13153] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.282398][T13157] veth5: entered promiscuous mode
[  260.292748][T13157] bond4: (slave veth5): Enslaving as an active interface with an up link
[  260.830758][T13190] netlink: 'syz.3.2382': attribute type 13 has an invalid length.
[  260.866413][T13190] netlink: 'syz.3.2382': attribute type 17 has an invalid length.
[  261.143003][T13207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.292031][T13190] 0ªî{X¹¦: left allmulticast mode
[  261.334011][T13190] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  261.494982][T13219] ipvlan3: entered promiscuous mode
[  261.512099][T13219] bridge0: port 1(ipvlan3) entered blocking state
[  261.519903][T13219] bridge0: port 1(ipvlan3) entered disabled state
[  261.529194][T13219] ipvlan3: entered allmulticast mode
[  261.535057][T13219] 1ªî{X¹¦: entered allmulticast mode
[  261.548110][T13219] ipvlan3: left allmulticast mode
[  261.562527][T13219] 1ªî{X¹¦: left allmulticast mode
[  261.613688][T13226] FAULT_INJECTION: forcing a failure.
[  261.613688][T13226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.628179][T13226] CPU: 0 UID: 0 PID: 13226 Comm: syz.6.2394 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  261.628205][T13226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  261.628217][T13226] Call Trace:
[  261.628224][T13226]  <TASK>
[  261.628231][T13226]  dump_stack_lvl+0x189/0x250
[  261.628258][T13226]  ? __pfx____ratelimit+0x10/0x10
[  261.628281][T13226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  261.628302][T13226]  ? __pfx__printk+0x10/0x10
[  261.628338][T13226]  should_fail_ex+0x414/0x560
[  261.628363][T13226]  _copy_to_user+0x31/0xb0
[  261.628382][T13226]  simple_read_from_buffer+0xe1/0x170
[  261.628412][T13226]  proc_fail_nth_read+0x1b3/0x220
[  261.628435][T13226]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.628457][T13226]  ? rw_verify_area+0x2a6/0x4d0
[  261.628478][T13226]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.628497][T13226]  vfs_read+0x200/0x980
[  261.628524][T13226]  ? __pfx_vfs_read+0x10/0x10
[  261.628543][T13226]  ? bpf_trace_run2+0x186/0x4b0
[  261.628565][T13226]  ? bpf_trace_run2+0x322/0x4b0
[  261.628581][T13226]  ? __might_fault+0xb0/0x130
[  261.628598][T13226]  ? bpf_trace_run2+0x186/0x4b0
[  261.628622][T13226]  ksys_read+0x145/0x250
[  261.628641][T13226]  ? __pfx_ksys_read+0x10/0x10
[  261.628658][T13226]  ? rcu_is_watching+0x15/0xb0
[  261.628673][T13226]  ? trace_sys_enter+0x25/0x100
[  261.628697][T13226]  do_syscall_64+0xfa/0x3b0
[  261.628714][T13226]  ? lockdep_hardirqs_on+0x9c/0x150
[  261.628730][T13226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.628745][T13226]  ? clear_bhb_loop+0x60/0xb0
[  261.628762][T13226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.628783][T13226] RIP: 0033:0x7fc930b8d5fc
[  261.628796][T13226] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  261.628810][T13226] RSP: 002b:00007fc931adc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  261.628825][T13226] RAX: ffffffffffffffda RBX: 00007fc930db5fa0 RCX: 00007fc930b8d5fc
[  261.628835][T13226] RDX: 000000000000000f RSI: 00007fc931adc0a0 RDI: 0000000000000006
[  261.628844][T13226] RBP: 00007fc931adc090 R08: 0000000000000000 R09: 0000000000000000
[  261.628852][T13226] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000002
[  261.628861][T13226] R13: 00007fc930db6038 R14: 00007fc930db5fa0 R15: 00007fff7af44f98
[  261.628883][T13226]  </TASK>
[  261.868236][T13195] wg1 speed is unknown, defaulting to 1000
[  261.877316][T13195] wg0 speed is unknown, defaulting to 1000
[  262.012562][T13231] netlink: 'syz.6.2397': attribute type 1 has an invalid length.
[  262.437131][T13252] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  262.494120][T13249] tipc: Disabling bearer <eth:syzkaller0>
[  262.547924][T13260] ieee802154 phy0 wpan0: encryption failed: -22
[  262.782815][T13269] __nla_validate_parse: 15 callbacks suppressed
[  262.782834][T13269] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2411'.
[  262.828508][T13273] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2413'.
[  262.859201][T13274] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2411'.
[  263.209549][T13285] wg1 speed is unknown, defaulting to 1000
[  263.301762][T13285] wg0 speed is unknown, defaulting to 1000
[  263.369757][T13298] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2419'.
[  263.486501][T13298] bond0 (unregistering): Released all slaves
[  263.754078][T13311] IPVS: set_ctl: invalid protocol: 4 224.0.0.1:20000
[  263.772619][T13314] ieee802154 phy0 wpan0: encryption failed: -22
[  264.024319][T13314] batman_adv: batadv0: Interface deactivated: macvtap1
[  264.062819][T13314] bridge_slave_1: left allmulticast mode
[  264.331355][T13330] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2430'.
[  264.510165][T13334] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2432'.
[  264.561899][T13289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2415'.
[  264.587888][T13289] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2415'.
[  264.603158][T13338] FAULT_INJECTION: forcing a failure.
[  264.603158][T13338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.621466][T13338] CPU: 0 UID: 0 PID: 13338 Comm: syz.7.2433 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  264.621495][T13338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  264.621506][T13338] Call Trace:
[  264.621515][T13338]  <TASK>
[  264.621524][T13338]  dump_stack_lvl+0x189/0x250
[  264.621551][T13338]  ? __pfx____ratelimit+0x10/0x10
[  264.621573][T13338]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.621594][T13338]  ? __pfx__printk+0x10/0x10
[  264.621618][T13338]  ? __might_fault+0xb0/0x130
[  264.621654][T13338]  should_fail_ex+0x414/0x560
[  264.621681][T13338]  _copy_from_iter+0x1db/0x16f0
[  264.621718][T13338]  ? __pfx__copy_from_iter+0x10/0x10
[  264.621746][T13338]  ? rcu_is_watching+0x15/0xb0
[  264.621764][T13338]  ? trace_kmalloc+0x1f/0xd0
[  264.621786][T13338]  ? kernfs_fop_write_iter+0x158/0x4f0
[  264.621815][T13338]  kernfs_fop_write_iter+0x19f/0x4f0
[  264.621846][T13338]  vfs_write+0x548/0xa90
[  264.621875][T13338]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  264.621900][T13338]  ? __pfx_vfs_write+0x10/0x10
[  264.621934][T13338]  ? __fget_files+0x2a/0x420
[  264.621968][T13338]  ksys_write+0x145/0x250
[  264.621993][T13338]  ? __pfx_ksys_write+0x10/0x10
[  264.622012][T13338]  ? rcu_is_watching+0x15/0xb0
[  264.622034][T13338]  ? do_syscall_64+0xbe/0x3b0
[  264.622060][T13338]  do_syscall_64+0xfa/0x3b0
[  264.622081][T13338]  ? lockdep_hardirqs_on+0x9c/0x150
[  264.622102][T13338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.622120][T13338]  ? clear_bhb_loop+0x60/0xb0
[  264.622149][T13338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.622167][T13338] RIP: 0033:0x7f23db78ebe9
[  264.622186][T13338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.622201][T13338] RSP: 002b:00007f23dc619038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  264.622219][T13338] RAX: ffffffffffffffda RBX: 00007f23db9b5fa0 RCX: 00007f23db78ebe9
[  264.622232][T13338] RDX: 0000000000000040 RSI: 00002000000000c0 RDI: 0000000000000007
[  264.622244][T13338] RBP: 00007f23dc619090 R08: 0000000000000000 R09: 0000000000000000
[  264.622255][T13338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.622265][T13338] R13: 00007f23db9b6038 R14: 00007f23db9b5fa0 R15: 00007ffeea350838
[  264.622296][T13338]  </TASK>
[  264.650679][T13336] netlink: 'syz.2.2415': attribute type 13 has an invalid length.
[  264.780767][T13333] wg1 speed is unknown, defaulting to 1000
[  264.885402][T13336] netlink: 'syz.2.2415': attribute type 17 has an invalid length.
[  264.982634][T13333] wg0 speed is unknown, defaulting to 1000
[  265.160932][T13336] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.202376][T13336] !
: left allmulticast mode
[  265.254682][T13336] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  265.502987][T13361] wg1 speed is unknown, defaulting to 1000
[  265.511866][T13364] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2439'.
[  265.769316][T13361] wg0 speed is unknown, defaulting to 1000
[  267.025104][T13395] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  267.047031][T13394] IPVS: stopping backup sync thread 13395 ...
[  267.794856][T13413] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2456'.
[  268.154966][T13419] veth13: entered promiscuous mode
[  268.313032][T13425] wg1 speed is unknown, defaulting to 1000
[  268.348906][T13425] wg0 speed is unknown, defaulting to 1000
[  268.557499][T13429] netlink: 424 bytes leftover after parsing attributes in process `syz.2.2462'.
[  268.600839][T13429] netlink: 424 bytes leftover after parsing attributes in process `syz.2.2462'.
[  268.644760][T13430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2463'.
[  268.781786][T13430] bond0 (unregistering): Released all slaves
[  269.300555][T13448] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2469'.
[  269.394411][T13448] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2469'.
[  269.563357][T13453] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2470'.
[  269.608842][T13453] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2470'.
[  270.308676][T13482] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2481'.
[  270.391952][T13482] bond9 (unregistering): Released all slaves
[  270.488028][T13483] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2480'.
[  270.817054][T13491] batadv0: entered allmulticast mode
[  270.860939][T13491] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.019798][T13494] netlink: 'syz.2.2485': attribute type 10 has an invalid length.
[  271.355442][T13504] bond9 (unregistering): Released all slaves
[  271.638603][T13515] netlink: 'syz.7.2489': attribute type 11 has an invalid length.
[  272.380764][T13543] bond13 (unregistering): Released all slaves
[  272.743065][T13551] veth5: left promiscuous mode
[  273.059711][T13562] netlink: 'syz.7.2508': attribute type 5 has an invalid length.
[  273.180650][T13566] wg1 speed is unknown, defaulting to 1000
[  273.206888][ T5869] Bluetooth: hci1: command 0x0406 tx timeout
[  273.212958][ T5880] Bluetooth: hci2: command 0x0406 tx timeout
[  273.213445][T13566] wg0 speed is unknown, defaulting to 1000
[  273.227452][T13574] __nla_validate_parse: 6 callbacks suppressed
[  273.227471][T13574] netlink: 9 bytes leftover after parsing attributes in process `syz.7.2513'.
[  273.246927][T13570] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2511'.
[  273.312995][T13574] gretap0: entered promiscuous mode
[  273.315898][T13579] netlink: 5 bytes leftover after parsing attributes in process `syz.7.2513'.
[  273.328983][T13579] 30ªî{X¹¦: renamed from gretap0
[  273.361823][T13579] 30ªî{X¹¦: left promiscuous mode
[  273.403885][T13579] 30ªî{X¹¦: entered allmulticast mode
[  273.438309][T13579] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  273.469842][T13569] netlink: 'syz.2.2512': attribute type 1 has an invalid length.
[  273.700376][T13593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2520'.
[  273.748441][T13593] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2520'.
[  273.759069][T13601] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2518'.
[  273.806601][T13602] syzkaller0: entered promiscuous mode
[  273.817804][T13602] syzkaller0: entered allmulticast mode
[  273.962840][T13605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2524'.
[  274.129423][T13611] mac80211_hwsim hwsim35 wlan1: entered allmulticast mode
[  274.149439][T13611] netlink: 'syz.6.2526': attribute type 10 has an invalid length.
[  274.302353][T13617] wg1 speed is unknown, defaulting to 1000
[  274.337682][T13617] wg0 speed is unknown, defaulting to 1000
[  274.414462][T13625] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2529'.
[  274.507330][T13627] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2531'.
[  274.544207][T13629] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2531'.
[  275.064680][T13647] smc: ib device syz2 ibport 1 applied user defined pnetid S
[  275.292628][T13658] vlan2: entered promiscuous mode
[  276.189857][T13696] netlink: 'syz.6.2552': attribute type 1 has an invalid length.
[  276.243194][T13696] sctp: [Deprecated]: syz.6.2552 (pid 13696) Use of struct sctp_assoc_value in delayed_ack socket option.
[  276.243194][T13696] Use struct sctp_sack_info instead
[  277.540658][T13782] bond0: (slave syz_tun): Releasing backup interface
[  277.552466][T13782] bridge_slave_0: left allmulticast mode
[  277.559667][T13782] bridge_slave_0: left promiscuous mode
[  277.565538][T13782] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.575497][T13782] bridge_slave_1: left allmulticast mode
[  277.581844][T13782] bridge_slave_1: left promiscuous mode
[  277.588627][T13782] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.600469][T13782] bond0: (slave bond_slave_0): Releasing backup interface
[  277.609567][T13782] bond0: (slave bond_slave_1): Releasing backup interface
[  277.621889][T13782] batman_adv: batadv0: Removing interface: batadv_slave_0
[  277.629938][T13782] batman_adv: batadv0: Removing interface: batadv_slave_1
[  277.639309][T13782] bond1: (slave bond2): Releasing backup interface
[  277.651841][T13782] bond3: (slave bond4): Releasing backup interface
[  277.660838][T13782] bond5: (slave bond6): Releasing backup interface
[  277.672921][T13782] bond7: (slave bond8): Releasing backup interface
[  277.681690][T13782] bond9: (slave bond10): Releasing backup interface
[  277.690889][T13782] bond11: (slave batadv1): Releasing active interface
[  277.706918][T13782] bond4: (slave veth3): Releasing backup interface
[  277.715538][T13782] bond4: (slave veth5): Releasing backup interface
[  278.432623][T13806] veth5: entered promiscuous mode
[  278.595061][T13815] 8021q: adding VLAN 0 to HW filter on device bond14
[  278.608293][T13815] bond13: (slave bond14): Enslaving as an active interface with an up link
[  278.633008][T13811] syzkaller1: entered promiscuous mode
[  278.650434][T13811] syzkaller1: entered allmulticast mode
[  278.769461][T13832] __nla_validate_parse: 15 callbacks suppressed
[  278.769478][T13832] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2593'.
[  278.786255][T13832] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2593'.
[  279.005916][T13846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2597'.
[  279.466962][T13869] netlink: 'syz.6.2604': attribute type 1 has an invalid length.
[  279.616889][T13883] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2609'.
[  279.955583][T13898] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2611'.
[  279.976543][T13898] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2611'.
[  280.488500][T13915] wg1 speed is unknown, defaulting to 1000
[  280.497636][T13915] wg0 speed is unknown, defaulting to 1000
[  281.224516][T13934] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  281.527626][T13941] netlink: 196 bytes leftover after parsing attributes in process `syz.5.2625'.
[  281.733647][T13956] netlink: 212376 bytes leftover after parsing attributes in process `syz.6.2628'.
[  281.943145][T13965] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  281.957593][T13965] syzkaller0: entered promiscuous mode
[  281.972437][T13965] syzkaller0: entered allmulticast mode
[  282.033488][T13965] sch_tbf: burst 127 is lower than device veth1_to_batadv mtu (1514) !
[  282.121685][T13965] tipc: Resetting bearer <eth:syzkaller0>
[  282.169003][T13965] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2630'.
[  282.442249][T13962] tipc: Resetting bearer <eth:syzkaller0>
[  282.468101][T13962] tipc: Disabling bearer <eth:syzkaller0>
[  282.958822][T14004] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2642'.
[  283.244331][T14017] FAULT_INJECTION: forcing a failure.
[  283.244331][T14017] name failslab, interval 1, probability 0, space 0, times 0
[  283.294534][T14017] CPU: 1 UID: 0 PID: 14017 Comm: syz.7.2649 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  283.294561][T14017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  283.294572][T14017] Call Trace:
[  283.294579][T14017]  <TASK>
[  283.294587][T14017]  dump_stack_lvl+0x189/0x250
[  283.294612][T14017]  ? __pfx____ratelimit+0x10/0x10
[  283.294641][T14017]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.294662][T14017]  ? __pfx__printk+0x10/0x10
[  283.294692][T14017]  ? __pfx___might_resched+0x10/0x10
[  283.294709][T14017]  ? fs_reclaim_acquire+0x7d/0x100
[  283.294740][T14017]  should_fail_ex+0x414/0x560
[  283.294767][T14017]  should_failslab+0xa8/0x100
[  283.294793][T14017]  __kmalloc_noprof+0xcb/0x4f0
[  283.294815][T14017]  ? ethnl_default_notify+0x1af/0xb70
[  283.294842][T14017]  ethnl_default_notify+0x1af/0xb70
[  283.294875][T14017]  ? __pfx_ethnl_default_notify+0x10/0x10
[  283.294910][T14017]  ? trace_kmalloc+0x1f/0xd0
[  283.294928][T14017]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  283.294956][T14017]  ? mutex_is_locked+0x17/0x50
[  283.294974][T14017]  ? rtnl_is_locked+0x15/0x20
[  283.295003][T14017]  ethnl_default_set_doit+0x4f8/0x890
[  283.295037][T14017]  genl_family_rcv_msg_doit+0x215/0x300
[  283.295062][T14017]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  283.295096][T14017]  ? bpf_lsm_capable+0x9/0x20
[  283.295118][T14017]  ? security_capable+0x7e/0x2e0
[  283.295147][T14017]  genl_rcv_msg+0x60e/0x790
[  283.295170][T14017]  ? __pfx_genl_rcv_msg+0x10/0x10
[  283.295186][T14017]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  283.295225][T14017]  netlink_rcv_skb+0x208/0x470
[  283.295246][T14017]  ? __lock_acquire+0xab9/0xd20
[  283.295271][T14017]  ? __pfx_genl_rcv_msg+0x10/0x10
[  283.295291][T14017]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  283.295333][T14017]  ? down_read+0x1ad/0x2e0
[  283.295381][T14017]  genl_rcv+0x28/0x40
[  283.295403][T14017]  netlink_unicast+0x82c/0x9e0
[  283.295434][T14017]  ? __pfx_netlink_unicast+0x10/0x10
[  283.295457][T14017]  ? netlink_sendmsg+0x642/0xb30
[  283.295476][T14017]  ? skb_put+0x11b/0x210
[  283.295502][T14017]  netlink_sendmsg+0x805/0xb30
[  283.295534][T14017]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.295560][T14017]  ? aa_sock_msg_perm+0xf1/0x1d0
[  283.295587][T14017]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  283.295608][T14017]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.295636][T14017]  __sock_sendmsg+0x21c/0x270
[  283.295659][T14017]  ____sys_sendmsg+0x505/0x830
[  283.295691][T14017]  ? __pfx_____sys_sendmsg+0x10/0x10
[  283.295726][T14017]  ? import_iovec+0x74/0xa0
[  283.295749][T14017]  ___sys_sendmsg+0x21f/0x2a0
[  283.295777][T14017]  ? __pfx____sys_sendmsg+0x10/0x10
[  283.295844][T14017]  ? __fget_files+0x2a/0x420
[  283.295869][T14017]  ? __fget_files+0x3a0/0x420
[  283.295907][T14017]  __x64_sys_sendmsg+0x19b/0x260
[  283.295935][T14017]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  283.295972][T14017]  ? __pfx_ksys_write+0x10/0x10
[  283.295992][T14017]  ? rcu_is_watching+0x15/0xb0
[  283.296017][T14017]  ? do_syscall_64+0xbe/0x3b0
[  283.296043][T14017]  do_syscall_64+0xfa/0x3b0
[  283.296063][T14017]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.296084][T14017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.296103][T14017]  ? clear_bhb_loop+0x60/0xb0
[  283.296125][T14017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.296142][T14017] RIP: 0033:0x7f23db78ebe9
[  283.296158][T14017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.296173][T14017] RSP: 002b:00007f23dc619038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.296192][T14017] RAX: ffffffffffffffda RBX: 00007f23db9b5fa0 RCX: 00007f23db78ebe9
[  283.296205][T14017] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  283.296216][T14017] RBP: 00007f23dc619090 R08: 0000000000000000 R09: 0000000000000000
[  283.296227][T14017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.296239][T14017] R13: 00007f23db9b6038 R14: 00007f23db9b5fa0 R15: 00007ffeea350838
[  283.296267][T14017]  </TASK>
[  283.376795][T14025] Bluetooth: MGMT ver 1.23
[  283.414672][T14014] wg1 speed is unknown, defaulting to 1000
[  283.797544][T14014] wg0 speed is unknown, defaulting to 1000
[  283.910856][T14032] wg1 speed is unknown, defaulting to 1000
[  283.997200][   T30] audit: type=1800 audit(1754676833.932:3): pid=14041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2653" name="blkio.bfq.time_recursive" dev="tmpfs" ino=1689 res=0 errno=0
[  284.124639][T14032] wg0 speed is unknown, defaulting to 1000
[  284.274658][T14055] __nla_validate_parse: 1 callbacks suppressed
[  284.274675][T14055] netlink: 83 bytes leftover after parsing attributes in process `syz.7.2656'.
[  284.394183][T14059] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2658'.
[  284.832008][T14069] netlink: 'syz.5.2661': attribute type 1 has an invalid length.
[  284.847053][T14069] netlink: 232 bytes leftover after parsing attributes in process `syz.5.2661'.
[  284.861743][T14069] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2661'.
[  284.891026][T14067] wg1 speed is unknown, defaulting to 1000
[  284.910370][T14067] wg0 speed is unknown, defaulting to 1000
[  285.982103][T14096] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2667'.
[  286.040871][T14096] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2667'.
[  286.123574][T14096] tipc: Invalid UDP bearer configuration
[  286.123636][T14096] tipc: Enabling of bearer <udp:sy{±> rejected, failed to enable media
[  286.650693][T14114] netlink: 9 bytes leftover after parsing attributes in process `syz.6.2673'.
[  286.686629][T14114] 0ªî{X¹¦: entered promiscuous mode
[  286.691966][T14114] 0ªî{X¹¦: left allmulticast mode
[  286.741448][T14117] netlink: 5 bytes leftover after parsing attributes in process `syz.6.2673'.
[  286.798457][T14120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2678'.
[  286.816265][T14120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2678'.
[  286.992951][T14135] netlink: 'syz.5.2682': attribute type 1 has an invalid length.
[  287.287073][T14154] batadv_slave_1: Device is already in use.
[  287.337829][T14147] netlink: 'syz.3.2686': attribute type 1 has an invalid length.
[  287.832294][T14185] netlink: 'syz.3.2703': attribute type 1 has an invalid length.
[  287.923983][T14185] 8021q: adding VLAN 0 to HW filter on device bond12
[  287.934585][T14185] bond11: (slave bond12): Enslaving as an active interface with an up link
[  287.960257][T14188] ieee802154 phy0 wpan0: encryption failed: -22
[  287.981770][T14193] ieee802154 phy0 wpan0: encryption failed: -22
[  288.011027][T14188] 0ªî{X¹¦: left promiscuous mode
[  288.922437][T14236] netlink: 'syz.2.2720': attribute type 1 has an invalid length.
[  288.932249][T14236] netlink: 'syz.2.2720': attribute type 39 has an invalid length.
[  289.285423][ T5874] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  289.299165][ T5874] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  289.309179][ T5874] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  289.340712][ T5874] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  289.353105][ T5874] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  289.410226][T14256] tipc: Invalid UDP bearer configuration
[  289.410282][T14256] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  289.495367][T14252] wg1 speed is unknown, defaulting to 1000
[  289.526394][T14252] wg0 speed is unknown, defaulting to 1000
[  289.704240][T14273] syzkaller1: entered promiscuous mode
[  289.715062][T14273] syzkaller1: entered allmulticast mode
[  289.791331][T14279] ieee802154 phy0 wpan0: encryption failed: -22
[  290.006303][T14252] chnl_net:caif_netlink_parms(): no params data found
[  290.091251][T14252] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.099117][T14252] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.107179][T14252] bridge_slave_0: entered allmulticast mode
[  290.114477][T14252] bridge_slave_0: entered promiscuous mode
[  290.122808][T14252] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.130268][T14252] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.138854][T14252] bridge_slave_1: entered allmulticast mode
[  290.146423][T14252] bridge_slave_1: entered promiscuous mode
[  290.183183][T14252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  290.197523][T14252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  290.233851][T14252] team0: Port device team_slave_0 added
[  290.243534][T14252] team0: Port device team_slave_1 added
[  290.277267][T14252] batman_adv: batadv0: Adding interface: batadv_slave_0
[  290.284400][T14252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  290.317930][T14252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  290.332378][T14252] batman_adv: batadv0: Adding interface: batadv_slave_1
[  290.340056][T14252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  290.392335][T14252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  290.459107][T14291] __nla_validate_parse: 12 callbacks suppressed
[  290.459126][T14291] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2735'.
[  290.475062][T14291] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2735'.
[  290.507304][T14293] netlink: 9 bytes leftover after parsing attributes in process `syz.5.2736'.
[  290.546511][T14293] gretap0: entered promiscuous mode
[  290.551756][T14293] gretap0: left allmulticast mode
[  290.557958][T14294] netlink: 5 bytes leftover after parsing attributes in process `syz.5.2736'.
[  290.614000][T14252] hsr_slave_0: entered promiscuous mode
[  290.628890][T14252] hsr_slave_1: entered promiscuous mode
[  290.642012][T14294] gretap0: left promiscuous mode
[  290.652677][T14294] gretap0: entered allmulticast mode
[  290.652957][T14296] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2737'.
[  290.805054][T14303] netlink: 312 bytes leftover after parsing attributes in process `syz.5.2740'.
[  290.895105][T14307] bridge_slave_0: left allmulticast mode
[  290.902057][T14307] bridge_slave_0: left promiscuous mode
[  290.908524][T14307] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.950476][T14307] bridge_slave_1: left allmulticast mode
[  290.976250][T14307] bridge_slave_1: left promiscuous mode
[  290.992209][T14307] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.018443][T14307] bond0: (slave bond_slave_0): Releasing backup interface
[  291.035029][T14307] bond0: (slave bond_slave_1): Releasing backup interface
[  291.044183][T14307] batman_adv: batadv0: Removing interface: batadv_slave_0
[  291.057227][T14307] batman_adv: batadv0: Removing interface: batadv_slave_1
[  291.064631][T14320] netlink: 'syz.6.2741': attribute type 10 has an invalid length.
[  291.079106][T14307] bond1: (slave bond2): Releasing backup interface
[  291.093716][T14307] bond3: (slave bond4): Releasing backup interface
[  291.106210][T14307] bond7: (slave gretap0): Releasing active interface
[  291.447735][ T5878] Bluetooth: hci4: command tx timeout
[  291.692921][T14333] wg1 speed is unknown, defaulting to 1000
[  291.704376][T14333] wg0 speed is unknown, defaulting to 1000
[  292.269167][T14252] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  292.371059][T14252] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  292.431134][T14252] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  292.485194][T14334] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2748'.
[  292.502246][T14252] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  292.793020][T14252] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.910672][T14252] 8021q: adding VLAN 0 to HW filter on device team0
[  293.059638][  T193] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.067204][  T193] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.151479][  T193] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.158938][  T193] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.372178][T14252] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  293.491624][T14380] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2759'.
[  293.527603][ T5878] Bluetooth: hci4: command tx timeout
[  293.768992][T14389] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2761'.
[  293.803828][T14389] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2761'.
[  293.926886][T14396] FAULT_INJECTION: forcing a failure.
[  293.926886][T14396] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  293.954687][T14396] CPU: 0 UID: 0 PID: 14396 Comm: syz.6.2763 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  293.954713][T14396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  293.954722][T14396] Call Trace:
[  293.954728][T14396]  <TASK>
[  293.954735][T14396]  dump_stack_lvl+0x189/0x250
[  293.954760][T14396]  ? __pfx____ratelimit+0x10/0x10
[  293.954783][T14396]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.954805][T14396]  ? __pfx__printk+0x10/0x10
[  293.954830][T14396]  ? fs_reclaim_acquire+0x7d/0x100
[  293.954864][T14396]  should_fail_ex+0x414/0x560
[  293.954888][T14396]  prepare_alloc_pages+0x213/0x610
[  293.954914][T14396]  __alloc_frozen_pages_noprof+0x123/0x370
[  293.954937][T14396]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  293.954963][T14396]  ? policy_nodemask+0x27c/0x720
[  293.954983][T14396]  ? __lock_acquire+0xab9/0xd20
[  293.955011][T14396]  alloc_pages_mpol+0x232/0x4a0
[  293.955039][T14396]  vma_alloc_folio_noprof+0xe4/0x200
[  293.955067][T14396]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  293.955101][T14396]  folio_prealloc+0x30/0x180
[  293.955127][T14396]  __handle_mm_fault+0x2ab9/0x5440
[  293.955167][T14396]  ? __pfx___handle_mm_fault+0x10/0x10
[  293.955212][T14396]  ? find_vma+0xe7/0x160
[  293.955240][T14396]  ? __pfx_find_vma+0x10/0x10
[  293.955264][T14396]  handle_mm_fault+0x40a/0x8e0
[  293.955294][T14396]  do_user_addr_fault+0x764/0x1390
[  293.955341][T14396]  exc_page_fault+0x76/0xf0
[  293.955365][T14396]  asm_exc_page_fault+0x26/0x30
[  293.955382][T14396] RIP: 0010:rep_movs_alternative+0x11/0x90
[  293.955400][T14396] Code: e9 84 0a 04 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 0a 04 00 66 2e 0f 1f
[  293.955415][T14396] RSP: 0018:ffffc9000e0a7a58 EFLAGS: 00050206
[  293.955431][T14396] RAX: ffffffff84c4d730 RBX: ffff88807f79e001 RCX: 0000000000000003
[  293.955442][T14396] RDX: 0000000000000000 RSI: ffff88807f79e001 RDI: 0000200000001840
[  293.955454][T14396] RBP: ffffc9000e0a7bb0 R08: ffff88807f79e003 R09: 1ffff1100fef3c00
[  293.955467][T14396] R10: dffffc0000000000 R11: ffffed100fef3c01 R12: 1ffff92001c14faf
[  293.955478][T14396] R13: 0000200000001840 R14: ffffc9000e0a7d88 R15: 0000000000000003
[  293.955498][T14396]  ? _copy_to_iter+0x160/0x16f0
[  293.955530][T14396]  _copy_to_iter+0x24c/0x16f0
[  293.955563][T14396]  ? kernfs_seq_stop+0x17e/0x200
[  293.955587][T14396]  ? __pfx__copy_to_iter+0x10/0x10
[  293.955614][T14396]  ? traverse+0x53a/0x570
[  293.955647][T14396]  seq_read_iter+0x2e4/0xe10
[  293.955688][T14396]  vfs_read+0x4cd/0x980
[  293.955717][T14396]  ? __pfx_vfs_read+0x10/0x10
[  293.955750][T14396]  ? __fget_files+0x2a/0x420
[  293.955785][T14396]  __x64_sys_pread64+0x193/0x220
[  293.955811][T14396]  ? __pfx___x64_sys_pread64+0x10/0x10
[  293.955833][T14396]  ? rcu_is_watching+0x15/0xb0
[  293.955857][T14396]  ? do_syscall_64+0xbe/0x3b0
[  293.955883][T14396]  do_syscall_64+0xfa/0x3b0
[  293.955903][T14396]  ? lockdep_hardirqs_on+0x9c/0x150
[  293.955923][T14396]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.955942][T14396]  ? clear_bhb_loop+0x60/0xb0
[  293.955964][T14396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.955981][T14396] RIP: 0033:0x7fc930b8ebe9
[  293.955997][T14396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.956012][T14396] RSP: 002b:00007fc931adc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  293.956029][T14396] RAX: ffffffffffffffda RBX: 00007fc930db5fa0 RCX: 00007fc930b8ebe9
[  293.956041][T14396] RDX: 0000000000001000 RSI: 0000200000001840 RDI: 0000000000000009
[  293.956052][T14396] RBP: 00007fc931adc090 R08: 0000000000000000 R09: 0000000000000000
[  293.956064][T14396] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  293.956074][T14396] R13: 00007fc930db6038 R14: 00007fc930db5fa0 R15: 00007fff7af44f98
[  293.956105][T14396]  </TASK>
[  294.379417][T14252] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.599486][T14252] veth0_vlan: entered promiscuous mode
[  294.616429][T14252] veth1_vlan: entered promiscuous mode
[  294.678558][T14252] veth0_macvtap: entered promiscuous mode
[  294.721948][T14252] veth1_macvtap: entered promiscuous mode
[  294.745919][T14252] batman_adv: batadv0: Interface activated: batadv_slave_0
[  294.766563][T14252] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.807929][   T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.880008][   T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.912381][   T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.942904][T14418] pim6reg1: entered promiscuous mode
[  294.972920][T14418] pim6reg1: entered allmulticast mode
[  294.995277][   T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.041188][T14418] IPVS: set_ctl: invalid protocol: 4 172.20.20.68:20003
[  295.184387][T14428] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  295.219717][T14428] syzkaller0: entered promiscuous mode
[  295.225213][T14428] syzkaller0: entered allmulticast mode
[  295.244177][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.264467][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.424090][T14432] wg1 speed is unknown, defaulting to 1000
[  295.426921][T14428] tipc: Resetting bearer <eth:syzkaller0>
[  295.458925][ T2996] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.472219][T14426] tipc: Resetting bearer <eth:syzkaller0>
[  295.479852][ T2996] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.562289][T14426] tipc: Disabling bearer <eth:syzkaller0>
[  295.606308][ T5878] Bluetooth: hci4: command tx timeout
[  295.632418][T14434] wg1 speed is unknown, defaulting to 1000
[  295.670986][T14432] wg0 speed is unknown, defaulting to 1000
[  296.028993][T14460] netlink: 'syz.2.2783': attribute type 1 has an invalid length.
[  296.340817][T14434] wg0 speed is unknown, defaulting to 1000
[  296.364181][T14469] netlink: 'syz.5.2788': attribute type 10 has an invalid length.
[  296.483417][T14473] __nla_validate_parse: 4 callbacks suppressed
[  296.483438][T14473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2789'.
[  296.511756][T14475] netlink: 'syz.7.2790': attribute type 31 has an invalid length.
[  296.658265][T14479] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2791'.
[  296.670400][T14478] bond1 (unregistering): Released all slaves
[  296.695066][T14482] netlink: 84 bytes leftover after parsing attributes in process `syz.7.2792'.
[  296.856986][T14485] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  296.866826][T14486] syzkaller0: entered promiscuous mode
[  296.872319][T14486] syzkaller0: entered allmulticast mode
[  296.943648][T14485] tipc: Resetting bearer <eth:syzkaller0>
[  296.954224][T14485] syzkaller0: left promiscuous mode
[  296.963011][T14485] syzkaller0: left allmulticast mode
[  296.978784][T14490] tipc: Resetting bearer <eth:syzkaller0>
[  297.086639][T14484] tipc: Disabling bearer <eth:syzkaller0>
[  297.333365][T14499] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2799'.
[  297.547540][T14510] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2804'.
[  297.686382][ T5874] Bluetooth: hci4: command tx timeout
[  297.906207][T14528] FAULT_INJECTION: forcing a failure.
[  297.906207][T14528] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.936338][T14528] CPU: 0 UID: 0 PID: 14528 Comm: syz.3.2811 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  297.936365][T14528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  297.936375][T14528] Call Trace:
[  297.936383][T14528]  <TASK>
[  297.936391][T14528]  dump_stack_lvl+0x189/0x250
[  297.936417][T14528]  ? __pfx____ratelimit+0x10/0x10
[  297.936439][T14528]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.936460][T14528]  ? __pfx__printk+0x10/0x10
[  297.936494][T14528]  should_fail_ex+0x414/0x560
[  297.936521][T14528]  _copy_to_user+0x31/0xb0
[  297.936542][T14528]  simple_read_from_buffer+0xe1/0x170
[  297.936573][T14528]  proc_fail_nth_read+0x1b3/0x220
[  297.936598][T14528]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  297.936622][T14528]  ? rw_verify_area+0x2a6/0x4d0
[  297.936643][T14528]  ? __lock_acquire+0xab9/0xd20
[  297.936666][T14528]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  297.936688][T14528]  vfs_read+0x200/0x980
[  297.936709][T14528]  ? fdget_pos+0x247/0x320
[  297.936729][T14528]  ? __pfx___mutex_lock+0x10/0x10
[  297.936752][T14528]  ? __pfx_vfs_read+0x10/0x10
[  297.936775][T14528]  ? __fget_files+0x2a/0x420
[  297.936802][T14528]  ? __fget_files+0x3a0/0x420
[  297.936824][T14528]  ? __fget_files+0x2a/0x420
[  297.936857][T14528]  ksys_read+0x145/0x250
[  297.936879][T14528]  ? __pfx_ksys_read+0x10/0x10
[  297.936900][T14528]  ? rcu_is_watching+0x15/0xb0
[  297.936918][T14528]  ? trace_sys_enter+0x25/0x100
[  297.936945][T14528]  do_syscall_64+0xfa/0x3b0
[  297.936964][T14528]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.936983][T14528]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.937001][T14528]  ? clear_bhb_loop+0x60/0xb0
[  297.937022][T14528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.937039][T14528] RIP: 0033:0x7f790f78d5fc
[  297.937056][T14528] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  297.937072][T14528] RSP: 002b:00007f791060d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  297.937090][T14528] RAX: ffffffffffffffda RBX: 00007f790f9b5fa0 RCX: 00007f790f78d5fc
[  297.937102][T14528] RDX: 000000000000000f RSI: 00007f791060d0a0 RDI: 000000000000000a
[  297.937113][T14528] RBP: 00007f791060d090 R08: 0000000000000000 R09: 0000000000000000
[  297.937123][T14528] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  297.937134][T14528] R13: 00007f790f9b6038 R14: 00007f790f9b5fa0 R15: 00007ffd95572478
[  297.937162][T14528]  </TASK>
[  298.247659][T14527] ieee802154 phy0 wpan0: encryption failed: -22
[  298.284714][T14524] netlink: 196 bytes leftover after parsing attributes in process `syz.2.2808'.
[  298.365001][T14536] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2814'.
[  298.380217][T14536] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2814'.
[  298.588702][T14540] pim6reg1: entered promiscuous mode
[  298.594135][T14540] pim6reg1: entered allmulticast mode
[  298.742585][T14554] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2818'.
[  298.781094][T14555] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2819'.
[  299.030124][T14566] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  299.046266][T14565] IPVS: stopping backup sync thread 14566 ...
[  299.120302][T14569] bond_slave_0: entered promiscuous mode
[  299.126086][T14569] bond_slave_1: entered promiscuous mode
[  299.162020][T14569] bond_slave_0: left promiscuous mode
[  299.167705][T14569] bond_slave_1: left promiscuous mode
[  299.373705][T14572] wg1 speed is unknown, defaulting to 1000
[  299.425492][T14572] wg0 speed is unknown, defaulting to 1000
[  299.426497][T14571] wg1 speed is unknown, defaulting to 1000
[  299.440796][T14577] wg1 speed is unknown, defaulting to 1000
[  299.766831][ T5874] Bluetooth: hci4: command 0x0405 tx timeout
[  299.931559][T14585] ieee802154 phy0 wpan0: encryption failed: -22
[  300.113165][T14592] openvswitch: netlink: Duplicate or invalid key (type 0).
[  300.121910][T14592] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  300.423951][T14585] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.431755][T14585] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.864533][T14596] netlink: 'syz.5.2832': attribute type 1 has an invalid length.
[  300.987660][T14585] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  301.041932][T14585] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  301.358220][T14577] wg0 speed is unknown, defaulting to 1000
[  301.445234][T14600] batman_adv: batadv0: Adding interface: gretap1
[  301.476439][T14600] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.533509][T14600] batman_adv: batadv0: Interface activated: gretap1
[  301.593736][ T2996] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  301.644904][ T2996] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  301.767614][T14604] vlan2: entered promiscuous mode
[  301.776596][T14604] vlan1: entered promiscuous mode
[  301.853399][T14611] __nla_validate_parse: 8 callbacks suppressed
[  301.853416][T14611] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2836'.
[  301.870163][ T2996] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  301.881305][ T2996] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  301.901665][T14595] wg1 speed is unknown, defaulting to 1000
[  301.932450][T14571] wg0 speed is unknown, defaulting to 1000
[  302.454537][T14595] wg0 speed is unknown, defaulting to 1000
[  302.492917][T14623] netlink: 428 bytes leftover after parsing attributes in process `syz.7.2839'.
[  302.541690][T14623] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2839'.
[  302.551689][T14625] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.2840'.
[  302.597894][T14625] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2840'.
[  302.904985][T14633] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2843'.
[  302.937070][T14633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2843'.
[  302.968070][T14633] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2843'.
[  304.613508][T14676] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2858'.
[  304.977601][T14687] netlink: 'syz.7.2861': attribute type 5 has an invalid length.
[  305.021497][T14687] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2861'.
[  305.181003][T14701] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  305.189506][T14701] syzkaller0: entered promiscuous mode
[  305.195051][T14701] syzkaller0: entered allmulticast mode
[  305.300223][T14706] tipc: Resetting bearer <eth:syzkaller0>
[  305.359580][T14700] tipc: Resetting bearer <eth:syzkaller0>
[  305.420910][T14700] tipc: Disabling bearer <eth:syzkaller0>
[  305.478849][T14718] bond8 (unregistering): Released all slaves
[  305.574491][T14731] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  305.609956][T14731] vlan2: entered promiscuous mode
[  305.615209][T14731] gretap0: entered promiscuous mode
[  305.833655][T14738] wg1 speed is unknown, defaulting to 1000
[  305.841955][T14738] wg0 speed is unknown, defaulting to 1000
[  305.928132][T14743] ieee802154 phy0 wpan0: encryption failed: -22
[  306.109733][T14743] batman_adv: batadv0: Interface deactivated: gretap1
[  306.150388][T14743] vlan2: left promiscuous mode
[  306.156306][T14743] gretap0: left promiscuous mode
[  306.447562][T14765] batman_adv: batadv0: Removing interface: batadv_slave_0
[  306.494118][T14765] batman_adv: batadv0: Removing interface: batadv_slave_1
[  306.698617][T14780] veth0: mtu less than device minimum
[  306.921273][T14786] __nla_validate_parse: 4 callbacks suppressed
[  306.921292][T14786] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2888'.
[  307.066341][    C1] BUG: kernel NULL pointer dereference, address: 0000000000000649
[  307.074188][    C1] #PF: supervisor write access in kernel mode
[  307.080439][    C1] #PF: error_code(0x0002) - not-present page
[  307.086447][    C1] PGD 8000000062ef4067 P4D 8000000062ef4067 PUD 0 
[  307.093004][    C1] Oops: Oops: 0002 [#1] SMP KASAN PTI
[  307.098426][    C1] CPU: 1 UID: 0 PID: 14791 Comm: syz.2.2892 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(full) 
[  307.110426][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  307.120501][    C1] RIP: 0010:llc_ui_setsockopt+0x4e1/0x5f0
[  307.126259][    C1] Code: a2 f8 eb 4b e8 70 aa 3e f8 4c 6b f3 64 49 8d 9f a0 06 00 00 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 df 15 a2 f8 <4c> 89 33 eb 23 e8 45 aa 3e f8 4d 8d b7 0d 07 00 00 4c 89 f0 48 c1
[  307.145884][    C1] RSP: 0018:ffffc90000a08b98 EFLAGS: 00010246
[  307.151967][    C1] RAX: 00000000000000c9 RBX: 0000000000000649 RCX: ffff888078f85a00
[  307.159927][    C1] RDX: 0000000000000100 RSI: ffffffff8be32660 RDI: ffff88802f778c10
[  307.167897][    C1] RBP: ffffc90000a08c90 R08: ffffffff8fa34737 R09: 1ffffffff1f468e6
[  307.175859][    C1] R10: dffffc0000000000 R11: ffffffff89810060 R12: 1ffff92000141178
[  307.183827][    C1] R13: ffff88802f778c10 R14: 0000000000000001 R15: 0000000000000001
[  307.191784][    C1] FS:  00007f5394ec26c0(0000) GS:ffff888125d21000(0000) knlGS:0000000000000000
[  307.200705][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  307.207284][    C1] CR2: 0000000000000649 CR3: 000000007deca000 CR4: 00000000003526f0
[  307.215254][    C1] Call Trace:
[  307.218524][    C1]  <IRQ>
[  307.221441][    C1]  ? call_timer_fn+0x17e/0x5f0
[  307.226205][    C1]  ? llc_ui_setsockopt+0x3e0/0x5f0
[  307.231327][    C1]  ? call_timer_fn+0xbe/0x5f0
[  307.236083][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  307.241196][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  307.246380][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.251655][    C1]  ? llc_ui_setsockopt+0x3e0/0x5f0
[  307.256764][    C1]  __run_timer_base+0x61a/0x860
[  307.261609][    C1]  ? ktime_get+0x3e/0x1f0
[  307.265946][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  307.271319][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  307.277557][    C1]  run_timer_softirq+0xb7/0x180
[  307.282404][    C1]  handle_softirqs+0x283/0x870
[  307.287155][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  307.291905][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  307.297180][    C1]  __irq_exit_rcu+0xca/0x1f0
[  307.301757][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  307.306941][    C1]  irq_exit_rcu+0x9/0x30
[  307.311167][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  307.316790][    C1]  </IRQ>
[  307.319705][    C1]  <TASK>
[  307.322619][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  307.328585][    C1] RIP: 0010:lock_release+0x2b5/0x3e0
[  307.333862][    C1] Code: 51 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 75 56 f7 c3 00 02 00 00 74 01 fb 65 48 8b 05 7b 81 02 11 <48> 3b 44 24 28 0f 85 8b 00 00 00 48 83 c4 30 5b 41 5c 41 5d 41 5e
[  307.353544][    C1] RSP: 0018:ffffc9000f0178a8 EFLAGS: 00000206
[  307.359605][    C1] RAX: 8447548b68787400 RBX: 0000000000000202 RCX: 8447548b68787400
[  307.367740][    C1] RDX: 0000000000000001 RSI: ffffffff8dba3961 RDI: ffffffff8be32680
[  307.375703][    C1] RBP: ffff888078f86518 R08: 0000000000000000 R09: ffffffff81b2d573
[  307.383674][    C1] R10: 0000000000000000 R11: 00000000ffffffff R12: 0000000000000001
[  307.391648][    C1] R13: 0000000000000001 R14: ffffffff8e139ee0 R15: ffff888078f85a00
[  307.399697][    C1]  ? futex_private_hash_get+0x43/0x290
[  307.405154][    C1]  ? futex_private_hash_get+0x43/0x290
[  307.410602][    C1]  ? futex_private_hash_get+0x43/0x290
[  307.416053][    C1]  futex_private_hash_get+0x23e/0x290
[  307.421551][    C1]  ? futex_hash+0x40/0x2d0
[  307.425972][    C1]  futex_hash+0x121/0x2d0
[  307.430317][    C1]  futex_wait_setup+0xc9/0x590
[  307.435182][    C1]  __futex_wait+0x148/0x3e0
[  307.439691][    C1]  ? __pfx___futex_wait+0x10/0x10
[  307.444720][    C1]  ? __pfx_futex_wake_mark+0x10/0x10
[  307.450004][    C1]  ? futex_private_hash_put+0x4b/0x280
[  307.455467][    C1]  futex_wait+0x104/0x360
[  307.459815][    C1]  ? __pfx_futex_wait+0x10/0x10
[  307.464662][    C1]  do_futex+0x333/0x420
[  307.468813][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.474086][    C1]  ? __pfx_do_futex+0x10/0x10
[  307.478834][    C1]  ? kmem_cache_free+0x18f/0x400
[  307.483848][    C1]  __se_sys_futex+0x36f/0x400
[  307.488516][    C1]  ? __pfx___se_sys_futex+0x10/0x10
[  307.493714][    C1]  ? rcu_is_watching+0x15/0xb0
[  307.498485][    C1]  ? __x64_sys_futex+0x21/0xf0
[  307.503241][    C1]  do_syscall_64+0xfa/0x3b0
[  307.507750][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.512940][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.519093][    C1]  ? clear_bhb_loop+0x60/0xb0
[  307.523753][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.529635][    C1] RIP: 0033:0x7f5393f8ebe9
[  307.534049][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.553743][    C1] RSP: 002b:00007f5394ec20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  307.562164][    C1] RAX: ffffffffffffffda RBX: 00007f53941b5fa8 RCX: 00007f5393f8ebe9
[  307.570236][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f53941b5fa8
[  307.578198][    C1] RBP: 00007f53941b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  307.586164][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.594123][    C1] R13: 00007f53941b6038 R14: 00007ffe2e4ebcf0 R15: 00007ffe2e4ebdd8
[  307.602091][    C1]  </TASK>
[  307.605095][    C1] Modules linked in:
[  307.608991][    C1] CR2: 0000000000000649
[  307.613135][    C1] ---[ end trace 0000000000000000 ]---
[  307.618577][    C1] RIP: 0010:llc_ui_setsockopt+0x4e1/0x5f0
[  307.624304][    C1] Code: a2 f8 eb 4b e8 70 aa 3e f8 4c 6b f3 64 49 8d 9f a0 06 00 00 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 df 15 a2 f8 <4c> 89 33 eb 23 e8 45 aa 3e f8 4d 8d b7 0d 07 00 00 4c 89 f0 48 c1
[  307.643906][    C1] RSP: 0018:ffffc90000a08b98 EFLAGS: 00010246
[  307.649967][    C1] RAX: 00000000000000c9 RBX: 0000000000000649 RCX: ffff888078f85a00
[  307.657927][    C1] RDX: 0000000000000100 RSI: ffffffff8be32660 RDI: ffff88802f778c10
[  307.665899][    C1] RBP: ffffc90000a08c90 R08: ffffffff8fa34737 R09: 1ffffffff1f468e6
[  307.673886][    C1] R10: dffffc0000000000 R11: ffffffff89810060 R12: 1ffff92000141178
[  307.681859][    C1] R13: ffff88802f778c10 R14: 0000000000000001 R15: 0000000000000001
[  307.689823][    C1] FS:  00007f5394ec26c0(0000) GS:ffff888125d21000(0000) knlGS:0000000000000000
[  307.698791][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  307.705369][    C1] CR2: 0000000000000649 CR3: 000000007deca000 CR4: 00000000003526f0
[  307.713417][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  307.720747][    C1] Kernel Offset: disabled
[  307.725053][    C1] Rebooting in 86400 seconds..