last executing test programs:

2.691158283s ago: executing program 1 (id=1724):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r1, 0x2000000, 0x2, 0x0, &(0x7f00000001c0)="1343", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
socket$xdp(0x2c, 0x3, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r1, 0x2000000, 0x2, 0x0, &(0x7f00000001c0)="1343", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4) (async)

1.808080548s ago: executing program 3 (id=1731):
socket$kcm(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_RT_KEY={0x8}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}}, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000200)=0xfffffdd9)
unshare(0x60480)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000300)={r4, 0x25}, 0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000240)={r4, 0x4, 0x3ff, 0x3}, &(0x7f0000000280)=0x10)
r5 = socket(0x23, 0x80805, 0x0)
listen(r5, 0x0)
poll(&(0x7f0000000000)=[{r5, 0x9081}], 0x1, 0x2)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000340)={r4}, &(0x7f00000000c0)=0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0xc)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x0)
socket(0x15, 0x5, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.440120973s ago: executing program 4 (id=1737):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="c3aa00fe01000000711003000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100)) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x50) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r3, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r4, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) (async)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x8000}, 0x0) (async)
ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f00000003c0)={r1, 0x8000, 0x4, "50f0a2ce219460e9fc0f2d04256b563622ebeb6270e35da0db82467a767fc03f02c37c20830ffd9e1c368baae9eec0c9d0b6c879577bb99381b1474e930943ccfb9bf24707863564dce8b6e161492c6869fd3adfeff0123a3f8ce7b6e1077bab4c341dda856092f3d0f2742299c51bc0d4"}) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002200000085000000050000009500000000000000c3492895246348bf79855db116f785cc6b65"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x46)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f4305", 0x0, 0x6f12, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000006, 0x4000010, r0, 0xb8053000) (async)
ioctl$SIOCSIFHWADDR(r5, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) (async)
ioctl$SIOCSIFHWADDR(r5, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})

1.375697977s ago: executing program 0 (id=1738):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="b60a00000000000071113300000000001800000000000000000000003400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.280238265s ago: executing program 1 (id=1740):
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x28008040)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0x4040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x14)
socket$netlink(0x10, 0x3, 0x7)
sendmsg$nl_generic(r1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x2000c8d0)
r2 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000004c0)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x12, 0xf9}]}, 0x10)
syz_emit_ethernet(0x52, &(0x7f0000000480)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004d03004400670000012190787f00000100000000441cac0000002a96800000000000000500000cf9000000400000005e8903"], 0x0)

1.279373775s ago: executing program 4 (id=1742):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x34, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0xa9, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x8000, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f00000002c0), r0)
write$cgroup_int(r0, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x4010, r0, 0x5cea8000)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d5, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f6", 0x5a}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
socket$inet6(0xa, 0x805, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001080)="020000000a55fbc3d774090c4665299c3c1dc8b87fbfe6aa8162fd897f263828a2", 0x21}], 0x1}], 0x1, 0x0)
unshare(0x6a000600)
socket$rxrpc(0x21, 0x2, 0xa)

1.234782079s ago: executing program 0 (id=1743):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x3}}}, 0x24}}, 0x0)

1.112527583s ago: executing program 2 (id=1744):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, 0x0, 0x0)
bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r1, 0x3, {0x2, 0x1, 0x5}, 0xff}, 0x18)

1.063761575s ago: executing program 1 (id=1745):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008113b0ffbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103600000000001d300500000000004704000001ed00000f030000000000001d44020000000000620a00fe040400007203000000000000e500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a8641aa05a1336b3b4c4becea710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343cccc953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002040)=ANY=[@ANYBLOB="a40000000001050500000000000000000a0000003c0002802c00018014000300fc00000000000000000000000000000014000400000000000000000000000088ffffff010c00028005000100000000003c0001800c00028005000100000000002c000180140003002001000000000000000000000000000114000400fc0100000000000000000000000000000800074000000000080015400000000008000840"], 0xa4}}, 0x0)

1.062865854s ago: executing program 0 (id=1746):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f0000000040)}, 0x10)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

946.725301ms ago: executing program 1 (id=1747):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00', <r1=>0x0})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, 0x1, 0x4, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_QTHRESH={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'erspan0\x00', 0x3})
socket(0x11, 0x800000003, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000340)=ANY=[@ANYRES64=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', r1, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000001100)=ANY=[@ANYBLOB="1800"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="729804819e25bf1576ffe5c12a5207113f19d58313ab", 0x16}], 0x1)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8b04, &(0x7f0000000000)={'wlan0\x00'})
r8 = accept4(r6, 0x0, 0x0, 0x80800)
sendmmsg$alg(r8, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f7", 0x1}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40084}], 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000001c0)='kmem_cache_free\x00', r9}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x17, 0x13, &(0x7f0000000640)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10001}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x4, 0x0, 0x9, 0x1, 0x4, 0x100, 0x4}], &(0x7f0000000700)='GPL\x00', 0x9, 0xf1, &(0x7f0000000740)=""/241, 0x40f00, 0xb, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000940)={0x4, 0x8, 0x46}, 0x10, 0x0, r9, 0x0, &(0x7f0000000580)=[0xffffffffffffffff], &(0x7f0000000b40), 0x10, 0x2, @void, @value}, 0x94)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="18003800005200010000000018"], 0x18}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x148, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r11, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x11c, 0x2, [@TCA_RED_STAB={0x104, 0x2, "0a1fb0699d46dac48f29d158dbe8cfb1979e12979688dc039b90627d7b60f0d5ca47f33eed46409b7c8722ce020df6b24c2e6ac7b97dc04d01be2092874115214b1ebb764511f69cd1e9f6263346363d2c639c7667ce67af25166c2f0f85f36aa8867406119c2a6f1f892e31dea982c5ab0348d560eae59ea49ef95d73202a6e3b5e1eb38244e694e7410d33bc92794ad27031f2a19698b51424df36e2a876a4fc871207bf12a84f1d4d132f5bb7edcf2d08d677e6a7268e106b6ced3c7f53df24092ddb9e0fac6a1153c3fc88bfd1404fef22cf3e825a6e19c6a48a5444eabb459af0ec9a278df4011773d2f2e6529ed0ad424b47ec67522477f979360b76d1"}, @TCA_RED_PARMS={0x14, 0x1, {0x3f26, 0x7, 0x81, 0x9, 0xb, 0x14, 0x5}}]}}]}, 0x148}}, 0x4000010)

923.233892ms ago: executing program 0 (id=1748):
r0 = socket(0x2, 0x80805, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x1000)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket(0x10, 0x803, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r5)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000000c0)={0x1ff, 0x4, 0x0, 0x2, <r8=>0x0}, &(0x7f0000000180)=0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f00000003c0)=[@sack_perm, @window={0x3, 0x80c, 0x4}, @timestamp, @sack_perm], 0x4)
getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000001c0)={r8, 0x5}, &(0x7f0000000200)=0x8)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x30, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0xf, 0xfff0}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x24040084)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x28, 0x8, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x40800}, 0x8)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x7e832, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
socket$rxrpc(0x21, 0x2, 0xa)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r9=>0x0]}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000001600)={r9, @in6={{0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}}, [0x3ff, 0x5, 0x8, 0x8000000000000001, 0x10001, 0x9d, 0x0, 0x6, 0x200, 0x7, 0xfd1, 0x400000000000, 0x6, 0x6, 0x2]}, &(0x7f0000001700)=0x100)

846.268741ms ago: executing program 2 (id=1749):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES8=0x0, @ANYRES8=r0, @ANYRES16=r0, @ANYRESOCT=r0, @ANYBLOB="0d3b9eda27557cfb589305c789ac60282b0d37ee17f48fc0cdd429c81124d3d30ff156ffb2f387112e8a459da413ce8eeb5e74819b705293268cff1bd1b5b471ec3b6211c86da7a7619c1b99462d698518215a739c2d06d51087d22eaf16c482c2942d39be01c1a9bf7e285bc54b795a1375655d5d86322f18d358cfd25bdc19a6ed1cababd8dcaae561e11811bcebc69116f177da054a4d88", @ANYRES64=r0, @ANYRES64=r0, @ANYRES64, @ANYRES8=r0, @ANYRES32=r0], 0x20)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x200}]}, 0x34}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)

845.084273ms ago: executing program 3 (id=1750):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)=ANY=[@ANYBLOB="020300000e00000028bd7000fdffffff05000600338000000a00000000000000000000000000000000000000000000010000000000000000fbff010000000000fc00020c030000a005000500008000000a"], 0x70}, 0x1, 0x7}, 0x8000)

795.039862ms ago: executing program 2 (id=1751):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$inet(0x2, 0x4000000805, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r1, 0x0, 0x1)
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)}, 0x20)
r2 = socket$kcm(0x2d, 0x2, 0x0)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x40041)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="12000000070000000400000002"], 0x50)
socket(0xa, 0x3, 0x3a)
socket$xdp(0x2c, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009ef0100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

708.488988ms ago: executing program 0 (id=1752):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000540006803c0004"], 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x4008014)
socket$nl_route(0x10, 0x3, 0x0)

676.512575ms ago: executing program 4 (id=1753):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x4}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
r2 = socket(0x200000000000011, 0x4000000000080002, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendto$packet(r2, 0x0, 0x0, 0xc001, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_TX_TS(r4, 0x0, 0x40008c4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

663.260604ms ago: executing program 0 (id=1754):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = bpf$ITER_CREATE(0xb, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x64}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'geneve0\x00'}}, 0x1e)
sendmmsg(r2, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000380)='>', 0x1}], 0x1, &(0x7f00000011c0)=ANY=[], 0x210}}], 0x1, 0x40884)
recvmmsg(r2, &(0x7f0000000900)=[{{0x0, 0xfffffffffffffe1f, 0x0}, 0x1}], 0x3fffffffffffd3c, 0x40018003, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$sock(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000080)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "5e15b1", 0x40, 0x3a, 0x0, @dev, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "f96959", 0x0, 0x88, 0x0, @private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@routing, @dstopts={0x6c}]}}}}}}}, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2, 0x0, 0x48}, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000200)=0x1, 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$int_in(r4, 0x5452, &(0x7f0000000240)=0x9)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x201, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x20}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f0000000780)=ANY=[], 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3d0af9a79bd53705, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x82000, 0x2, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f00000001c0)={0x1, 0x0, 0x4, 0x2, @vifc_lcl_ifindex, @private=0xa010100}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x22, 0x1, 0x0, 0x0, @void, @value}, 0x28)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})

587.964138ms ago: executing program 3 (id=1755):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="20040000", @ANYRES16, @ANYBLOB="000225bd7000fddbdf25640000000c00"], 0x20}, 0x1, 0x0, 0x0, 0x8050}, 0x44044)
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000000506010200000000000000000a0000"], 0x20}, 0x1, 0x0, 0x0, 0x20004000}, 0x800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000003a21428c6c08586dd61bcc1d700006cffd73200002f2bf8000000000000000002000056374f7ef830cbe64fe0ba0000000000000000000000000001f5b5c9ff14cc5c3392895ee071138414f4d694f6aed8110f340f07b8efcc4f341a75360c5a"], 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x25ffffff7}, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x4, 0x0, &(0x7f00000000c0))
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$inet6(0xa, 0x80002, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
bind$inet6(r7, 0x0, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e24}, 0x1c)
listen(r6, 0x0)
syz_emit_ethernet(0x5e, &(0x7f00000009c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00@\x00', 0x28, 0x6, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x4e24, 0x300, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "d4c466fb19f71e96642faa2300"}]}}}}}}}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r10=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r9, &(0x7f0000000340)={0x0, 0x100000, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="80020000", @ANYRES16, @ANYBLOB="05002abd7000fddbdf2501000000080005000100000030020880f400008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c0800030007200000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e060005000200000008000300030000007800008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0600050005000000480009801c000080060001000200000008000200ffffffff050003000100000028000080060001000a00000014000200ff02000000000000000000000000000105000300020000003c00008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e2200000000000000000000000078000080040009800800030002000000200004000a004e2000000005000000000000000000000000000000010400000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r10, @ANYBLOB="240003"], 0x280}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2848820}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)={0x6c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0xb}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x7fffffff}]}, 0x6c}, 0x1, 0x0, 0x0, 0x8c0}, 0x24040051)

435.929595ms ago: executing program 4 (id=1756):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfff0, 0x40000000}, {}, {}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x0, 0xf8}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x1005, &(0x7f00000014c0)=""/4101, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

400.85937ms ago: executing program 1 (id=1757):
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRES64=0x0, @ANYBLOB="ed"], 0x20)

352.346286ms ago: executing program 2 (id=1758):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f0000000040)}, 0x10)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

288.900876ms ago: executing program 3 (id=1759):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="b60a00000000000071113300000000001800000000000000000000003f00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

282.235472ms ago: executing program 1 (id=1760):
r0 = socket$netlink(0x10, 0x3, 0xa)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r2, 0x0, 0x0)
unshare(0x62040200)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xa, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r4], 0x20}}, 0x0)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r6, 0x84, 0x4, 0x0, 0x0)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r5, 0x2)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000000080), 0x72a, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4800000010001fff00"/20, @ANYBLOB="a1800000000053a230151280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB="204c020000000000"], 0x48}}, 0x0)

243.92697ms ago: executing program 2 (id=1761):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES8=0x0, @ANYRES8=r0, @ANYRES16=r0, @ANYRESOCT=r0, @ANYBLOB="0d3b9eda27557cfb589305c789ac60282b0d37ee17f48fc0cdd429c81124d3d30ff156ffb2f387112e8a459da413ce8eeb5e74819b705293268cff1bd1b5b471ec3b6211c86da7a7619c1b99462d698518215a739c2d06d51087d22eaf16c482c2942d39be01c1a9bf7e285bc54b795a1375655d5d86322f18d358cfd25bdc19a6ed1cababd8dcaae561e11811bcebc69116f177da054a4d88", @ANYRES64=r0, @ANYRES64=r0, @ANYRES64, @ANYRES8=r0, @ANYRES32=r0], 0x20)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x200}]}, 0x34}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)

156.347967ms ago: executing program 4 (id=1762):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x17, 0x17, &(0x7f0000000080)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x301}, {}, {0x85, 0x0, 0x0, 0x11}}, {}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {0x7, 0x0, 0x2}, {}, {}, {0x25}}], {{0x6, 0x1, 0xb, 0x1, 0x9, 0x0, 0x4800000}, {0x5}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94)

156.051396ms ago: executing program 3 (id=1763):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0xffffffffffffffde, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[@ANYBLOB="84010000210001000000000000000000fc02000000000000000000000a000000fe80000000000000000000000000003500000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000034011100ac14140c000000000000000000000000fc000000000000000000000000000001fc020000000000000000000000000000fe8000000000000000000000000000aaff0000000200000002000a00ac1414aa000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000ff020000000000000000000000000001ff020000003500000a000800ac1414bb000000000000000000000000fc02000000000000000000000000000064010102000000000000000000000000fe8000000000000000000000000000323c"], 0x184}}, 0x0)

82.048175ms ago: executing program 2 (id=1764):
r0 = socket$inet(0x2, 0x1, 0x100)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x11, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup(r1, &(0x7f0000000a00)='syz0\x00', 0x1ff)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000140)={0x10, {{0x2, 0x4e24, @broadcast}}}, 0x88)
syz_emit_ethernet(0x56, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e000d080000e004020000d01d920c6964076e4dade375df7194f64c1fc8fd85d41ddf15eb78b546d89eabfe44301cded0ca7a5a5b236ef7a14cded1bf7794931ad974ce9ae3bc079651"], 0x0)
socket$inet(0x2, 0x1, 0x100) (async)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r0, 0x0, 0x0, 0x11, 0x0, 0x0) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
mkdirat$cgroup(r1, &(0x7f0000000a00)='syz0\x00', 0x1ff) (async)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000140)={0x10, {{0x2, 0x4e24, @broadcast}}}, 0x88) (async)
syz_emit_ethernet(0x56, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e000d080000e004020000d01d920c6964076e4dade375df7194f64c1fc8fd85d41ddf15eb78b546d89eabfe44301cded0ca7a5a5b236ef7a14cded1bf7794931ad974ce9ae3bc079651"], 0x0) (async)

51.375726ms ago: executing program 3 (id=1765):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x1280, 0x32, 0xffff, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x1300}, [{0x4}, {0x1178, 0x1, [@m_sample={0x1060, 0x6, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0xd, 0x4, 0x20000000, 0x6, 0x80}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x7, 0x5, 0xffffffffffffffff, 0x78}}]}, {0x1002, 0x6, "6dbe0c32057f945e664072936e0cdb0ec9ddf25ea1faf51755a637bdcb2a050f82f014b4cb89c0ded14571a4017eaa1eb65de69b380d370de8152ade547a1bfe72b4d1088eedd6d71c83e1d046271bb1212648d78469eeca96d7310f2c797328db6a422dd492fd66466cd9da87c527f7349a9db03aacbd74c0762257a3b28ab4e26b262f2e56e3a579d3f98a7c3451726fc52741f0a195bf2e6ebda99b2d017b610c5cc723e7146bb22a0fdc5e356f6c79dd219f8e81d3ab6f080f88b7ce169cb3faccf7545ac452879d13a3613e43660c2d43634cd55ab382e7660b06346042e51622ecdd8a8317d7baaf9b4abaf4371f0972eb2a78219c77f747878da8ad0a54c58ad57a1ef075deaef90dd53355083aa7cc08006821aef9ef35ff351acc218d0fbab1eeaf6baae7f3bcce9994b2f4c3a89203feb8e9ed820961250bb4986d4271c20fb6d0aa16d5ffb5ad740eb57dfcd67b5a59bd628c0d6d47c5351b7280568a3ca545c8a169bd428d177ff71240269fe9b7a3202ee22980456c6873d60efec0bb3d8ebdd5924b33e12f88c4a6265e246a9000bee2a49d3a0bf2be369d5dbf8b09c54449ae5f68e8274749b486f05d553022b4cd16049ad3c6292dc45121d47ac4704496db4f43ffc08a12316e31c1028ba04e070bd60d758431cf22e0ea40bffcc6fbe0bb353e234f9b1b900e5875e6e8840b3ae3c27d59a514e0a28b5b761453d0cb96cfa6bf25db3b8a94c06f947169cc999801fb0bbe43b200830328c687b1f849fc2e4c43883e2b292b23330849b94b84fda382b88492dcea01d18d790c87e686a4a4a9d7b83de998c09cfbe2e66d5d54ea7edb9176d18fc6ba1f223b090981daee1bc9cc7f01b6d2112a3b5d48e8dda03be0f710f5005842850695313b53b54164ffff279b2547ea12918d6be45cf44ac6cbbea8751235aaa3c218db302df97dd795ff287f0a511ad9e8be8308628e2e3313443799f854c1bddd615ba08204b4b2335d7074ae4dee55bb85bb712bff1d020a9bc66656643c9de5509de731baf631ac84aa07ff0166209450af6701ed6891a0eaa4fccdebc91c0c6f65d1ae0b6b20a695ed8c35034a500e053998b3e1529f413eaeceae9209a030736a6069be265deb88981f61a4f043e9105509ebfdcea3afb034a99444608a6e084a2b3597d607157b3c6720dc96de38f196ebf7b25ea7411ba11e40ca9146cbf1c06cbce87c45605c8a8b83a7c31bc359ca081109eafb9d15b8027f37d19f32b74b18f9d68d0be5c7eaccc399ecf47ac93dc43e526d2a51810989c030fc8280d3fe2ef412c4f5dca1be5d2387445f21bfef578b86b6e063a26c6f45406d8c593e49bfaea857d09dd187c4b1784cd4fe040044582624e3945ddeb6e117c0c564b94677afb9bdf39456cfa795de28e3c4447507783278d9d54abeb5f9be37037e54dbb82c463616f108d2cc44169f4f0c69c595f462d982244169b3b563c79b71e27ffd09f8782eee853e6f58c1c377d2f275f500b7c53134f8fe1d5030c6d12d29d051d0e7de89d9eed38445afd56ee3e3ef32af41d2b9ca92d5e27b017e223aaf05e9bcc2482d4e00407c59ca5f51b560632a3955807d406b1bcd3d842ac74389e17b015a051848e09df72ea862f5d23b0105637ed4318d9e4c7da9ad9bbe82f4d5c5aac5f611d4283a467259f1987e62ba6b8c48fd43d16e178fede94163825cc8f8d86575d1aa2f226e26175197c8b786319d4ee437c8adc6871df3fd52692f3f54f9998b23e3bcf903fecb295252d09ea26bf97f88b13dcce2dd4082ebfb9f74a301f5090dd8fdc9c907139720c2015c3e465b79495b28a2cb2005d47db068094899a9140ddf94b51701a3b983202d54aafd26fa83cab5eb95d4955ea9c86fdaa7aff7e971b5dffffd1fb6515b22dd90d13e39787e737deaa16f0fcbe1de49b59d3e1a61784eb71e0be6c5518d287347b9ca0f61896cfdceef0f636b8fc520c1cce85fb36c06d98a7c722ec714d79993cd78cffeb5c97c8a323c8e33d0fd1d66369c3a85e9acca056c5a408cd3af18dfcd77086d372c75467a11049fbc8a3ecf7753088e5da05cf99a36b00505bd4c65da02c36012e66332a1a5f8b6844f14cf80082a59c9feb37a8a210ae7771ca7f47ea667c4dca5ec45ba33fa4eaa2650fe92b530ef5c296f9aef6921a0a3abebf6ff2ab7d66db0456d0e0974a0f15e0bc10be79d2c161be3ed53436cd9d281b1ac626ebe8ca96bbd4b972ec1681d3c67a50463ba198fd9995c8174fd7823ed3e7752da28d1bebc7495f9bc57bacfaffd95bd18744f6986464a2fb70f5ed84ba3dea900179c85b9b76ad36fad61c370a77151b2433d500fab6c27b0d2da3e823b16c284ad91e86504f6dbad39fff53da7ea63b45759d7a39d00d0e111fc17b4ec4f15786ff34f7b82ac816dd963c683b5029c8fbf36bb386df2a0457055551dee6908ccd486cfc9bb29371e6178488e9fc8663507dba8f2845a604a07ed89bf501933fedc5be7684a302338bcc86a6bf26c9e439d799805df32b8132493cc0de1bc8adbb273c0ca40ff87d8ab85220073e3cf659f89809dd2b394265a0c69a9e43d5e59cbd4f4c4e26a0a4641bf4302c006a6fbf9e26f6564c149625814bbeddb0911fde243cbcca57b3ac1f6e874c262e27848e336a9bc853d9c0c54777dd10c3cdc1991beab9228126a358c8c0f4155eb785215247c1a6fcf6c77283182f0c4526e77adc60705fa4041bc0f7ba3ad5ce2c6ba6d1f47c764021692ff9421d2ce79299d2dd5cd558e3e70dfadf3da606a8a8d30dae74107998d9247bf668b3acb6ecdabf149a3b8065d0103b0001b75deba516880418da854389c65e6754fe2226c413633bda5257db696ee7dd8eaa62587b66d84c608b16db78a64c49078824bbfe4a7b0d5a60d4c5943bcb2e11d0bdc5810936a10131cc4db3638ddb0436f654ee592c5b170e3cf73588cdddf5c7d78644588b295d3a73f6c8c152eb9dbeaf63eac0dbfd6875bab1ef444b1023a0beb6ebe41ed3f6c3a6795e55b619a935fb9620c301f50e6ee2a944610ad46d5899217237a46a8d98e7f7b56d70e5e0ec1edb75a36dfbe8f3a6506fe2de0466ee995c8b629913c9fa1627bb53e343269e225afbcee8b2cdbbb5d5ebf6d4ccf441f688c919dec965b149fbdf67f3d853e7e3f148aa5cc60a1f9726dfc40a882d633ab1c2010e942584f252d0ed4deee82568ba03efffa68a6929f2fe6d565dcb3f7cc852198900b6042264d98a7eb958dd7f63b002560d4418a5eef2463c78b142d85e74fa4de6b0d14ffec9eb41207fe0c74e525e51939dacf46fbfa97b0263ee237cc83ed6e6ea4f53d2fbe6079679ead96ab6322e49afd1ed862a449de9824ce569482498758db668e633219d77d0f1bc7764a71b5ae09ad3aee6d90e1849a074389c7acba9fedb8a2bebba11d16efbac6f171ef4f3b6dbbf98ac297975260cec794b254194e24f4fbaf6956429b3349f2a6c6996c5c09451d9c3dab27a8f5cbc49ef7a02434e861f9f96b13e4caa1515c44a6235c982884270af2820c4dc7936ab767a0ca497a11c8dee425712b729b851a93cdd6f047539066ea1d50829cdf39515aac1e41300b95b5c1e56a87ae8171f5224e6d5e61ee80962c459ac6f5f762846bda0da2dbdb18f037e3c952c6df9c529340ed8223137101f04fb42d7ddcc6c64ea526a7e12e07e361e00c0008604f7803b6aa139421acd41d3c38640ec4344d19e7e8ec4c6bd562c669da561b708d3b3c321f2d6527c0d220e4faf589ec73d809b482c8cacd8870274b4024f30055281b8d5e2a83bd2cfa4b99807993671f0c7a238423e3ac28869ff051723c560d73a2722ba0aacf12f0f31a597ca71fb8b1e8b4d8d99770da02f89f46ba08ae2dd0cf16f10a2313f6400a1859ba53346980bfeccc3526a8007de201e01a0eb44ac4ee465e5a83e017c60cc46bdf1408643b44250a7692aacf45a41e50b964c18ef63fe5d8f9fd8d6954230eb5afa7170e03930fe4c97201ab76166acbd944340bed29383aaf9c4d481531e065a08571fbbc637c8246d148417fd5ce3d3784087d05c5480ecc39815dedb9c6bcc0f8d5e6701094c20b56bb6f447b09d1c63c04ff35727abb2976aa5afac68ef5ee83a058dcdf1a9e2c4265145e8632ecf801fdd298bd23ed5c9811c98207d7727f062bcdd9168afc0220c1ecea5ac4001f262a13822e5ebe8241bb0fcdcf7d88754193eb8fbd29ca060638324509ca9869986f9603229d62e186d15e4892d923e1c24b37f47c89b6dfc3c5d1b1e1272f49741a25da6f0e2739f12032c315795341e9d549fd190794824e7f8f811d4e609f2907af2bd4b08113bbaf460cf1cbc7468528608596641ac15bf687d46708d85601035cb426efa80d4e990b9ef923b7926caeec728df481b5c0652c2c3aa30bd83b0b8c8f8a396dca9961af2b9d2550da16bd5ad7b2e48a3fd8ce361fd3244e6b4169cb09be7ef223fad6529c8916cfc6bd9f896b0f801d96048f9b92de8fe0bbce1ff3eb1dcc9cc240b36604ae3a6069d4c8c4203ee3cbcf8a9ff52b6314d87bdf55a3d18fc19e9024cc950a2693290fe45b772d69174a0aee171dd636aad4a3e6cece27c2dc57302ec60a522903c021560c47a0b7a5662daf0f418693d3fe16e218735382dab4399cf0c01c4a62a1c3b193279ffef4310ae51aa6d2b366ec8f97f649eb7044a83f52616f829b77cb07bee2b898dfac89188496b23fab3786cff4b2f82f9c876f3ed4513692edc1c22c8a6b831ba0f225ceb64e17ee9fda3dc547b773dbb9ec4e0595d82c38f1a6821fe19f46d0b495afff7468a6534aeddfb49ca4b39abd8ade87cd42225a2d89d3f582506c5e19a3476524a64d680655ef14fbc98cb2a34a2fb9e44da4cc72442f662dcadc5668a0136e0b82333cd3ec71e47251ce89694db00450e88daef21fd4d150c6c6b46552cdf44b94111113f75a6614e391eaa72541c1b44911e3642c9857443eabad42600999964325918516fbc11f28a504c4a501fe3e7991495e06520542aff18ade7eddd4fb88db1be14b82c8edc41656fdbd7773c6f4e776503cdc2d22828607153b4bae7785a6784d33e0647655e5db35418e10eae3de4519ce18491a2ca775b852673203a60218b91c0a3646b046f32ac82c17efe8112d67f21b269b90b58ce34d6f9d84245949875145ac2690ca1b8136a96bafbb75971f113364ddfc294afed84c397e54168a6205dfd5f9de04934ec1b195fe3044478cbee75cc2e83c19a725ffef1e1179df6f7d1c6b71b9596790d56aaccfbaaed06124c688a1cc29806ef38c89d3870760d2408b163b1bd084325775c7cb9e309b27e3be18059d4fa06ac5bc46504fdbf07344e76777372ac97adf23494cfc47d3cce580d08ae349e4e88f748c9e34a4f55e3681325ae581814b7c0f02a1919302ae0b5b662465f2806d48c7658ae3ca1e2024dfc2fcf1aa48e36c6c797582d7d07b0d553671bdf59c809c6e3e1f2b69721817e5fa618e8029506d8c0323c3c34d7b5bdfbbca6d4f45e75bd3123195bbc5935482b21de47c26d18b8dc1fff3a7f5c05358048ede29a9c80a4e2d0261fa20cfa6e12817d52cc6d26d16218ab5e6044c24326a407cfaa586739067e4161ee421c9842e1335c4f506f62b94c84b496b85f29cfe0ab88a0efc40d5df15760ef8be41d9632c5566e70b4c7a59cbf6e134e9a6360d67a87ae9287abc9a6d190636f017f7bae19150f3eb997ea193f41c4d34a3ab1431"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x114, 0x1a, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0xfff, 0x3, 0x10000000, 0x6, 0x10001}, 0x2}}]}, {0xcb, 0x6, "786a1c27aa53185ea82e41878cfedea599fd24cd80e0c34d025fcf9907180b0b017081a535a3eb91611c3a0546a66cf429a1b7cf5973ba5eea561a3810e0a613efe7effb55be4be51839a019c78dcea020565b781b8670246db28b7f50f64386d73cf01fbfc9c2a7437593afb92194d1bcca9ec38fd5d40b44a5ab849b8a0d2d0af2a5b65f569f65bf5785f9aee180443ac97b2fec6b3bc8abda10bbcab26093f5d873b9a21eabf718ea899db20cd38cca510e1dce8bbb1d68d3391de979509a3f86c66bbf4cd9"}, {0xc}, {0xc, 0x8, {0x4, 0x3}}}}]}, {0xf0, 0x1, [@m_connmark={0xec, 0x12, 0x0, 0x0, {{0xd}, {0x4}, {0xba, 0x6, "0e38e15ca6d3fef99c770d2bd464dbb730e3181f008db0f464483272613196c9c4597cd2372c2fe1327d96dfeccffecd96af871e77e7027ed8288c4f103afa59943a647953be2bd4e2518ad6e89c52a53cc3dd8bdb49fc001226e66bcc588040c4bc150bbcd7da59ef0e043bef9333d03793a36017552415cf2da2b87f9c1693d2ade696aadcd3eb1abc8c8c1c72d2d67810ae95e6cc686c34bcabe611c23c3b41f4d2e996a25c790754e36614b1ed437f51e8fc7859"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x1280}}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000380)=ANY=[@ANYBLOB='%\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000c00000004000380"], 0x18}}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x4, 0x5, 0x5, 0x7, 0x7, 0x3, 0x4, 0x3}}}}]}, 0x58}}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xe, 0xa}, {0x2, 0x10}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x9}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000000020103000000000000000002000008240002800c000280050001002f000000060003090000000000000001000008000840000000ee"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x8000)

0s ago: executing program 4 (id=1766):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x127c, 0x32, 0xffff, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x1300}, [{0x4}, {0x1174, 0x1, [@m_sample={0x105c, 0x6, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0xd, 0x4, 0x20000000, 0x6, 0x80}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x7, 0x5, 0xffffffffffffffff, 0x78}}]}, {0x1000, 0x6, "6dbe0c32057f945e664072936e0cdb0ec9ddf25ea1faf51755a637bdcb2a050f82f014b4cb89c0ded14571a4017eaa1eb65de69b380d370de8152ade547a1bfe72b4d1088eedd6d71c83e1d046271bb1212648d78469eeca96d7310f2c797328db6a422dd492fd66466cd9da87c527f7349a9db03aacbd74c0762257a3b28ab4e26b262f2e56e3a579d3f98a7c3451726fc52741f0a195bf2e6ebda99b2d017b610c5cc723e7146bb22a0fdc5e356f6c79dd219f8e81d3ab6f080f88b7ce169cb3faccf7545ac452879d13a3613e43660c2d43634cd55ab382e7660b06346042e51622ecdd8a8317d7baaf9b4abaf4371f0972eb2a78219c77f747878da8ad0a54c58ad57a1ef075deaef90dd53355083aa7cc08006821aef9ef35ff351acc218d0fbab1eeaf6baae7f3bcce9994b2f4c3a89203feb8e9ed820961250bb4986d4271c20fb6d0aa16d5ffb5ad740eb57dfcd67b5a59bd628c0d6d47c5351b7280568a3ca545c8a169bd428d177ff71240269fe9b7a3202ee22980456c6873d60efec0bb3d8ebdd5924b33e12f88c4a6265e246a9000bee2a49d3a0bf2be369d5dbf8b09c54449ae5f68e8274749b486f05d553022b4cd16049ad3c6292dc45121d47ac4704496db4f43ffc08a12316e31c1028ba04e070bd60d758431cf22e0ea40bffcc6fbe0bb353e234f9b1b900e5875e6e8840b3ae3c27d59a514e0a28b5b761453d0cb96cfa6bf25db3b8a94c06f947169cc999801fb0bbe43b200830328c687b1f849fc2e4c43883e2b292b23330849b94b84fda382b88492dcea01d18d790c87e686a4a4a9d7b83de998c09cfbe2e66d5d54ea7edb9176d18fc6ba1f223b090981daee1bc9cc7f01b6d2112a3b5d48e8dda03be0f710f5005842850695313b53b54164ffff279b2547ea12918d6be45cf44ac6cbbea8751235aaa3c218db302df97dd795ff287f0a511ad9e8be8308628e2e3313443799f854c1bddd615ba08204b4b2335d7074ae4dee55bb85bb712bff1d020a9bc66656643c9de5509de731baf631ac84aa07ff0166209450af6701ed6891a0eaa4fccdebc91c0c6f65d1ae0b6b20a695ed8c35034a500e053998b3e1529f413eaeceae9209a030736a6069be265deb88981f61a4f043e9105509ebfdcea3afb034a99444608a6e084a2b3597d607157b3c6720dc96de38f196ebf7b25ea7411ba11e40ca9146cbf1c06cbce87c45605c8a8b83a7c31bc359ca081109eafb9d15b8027f37d19f32b74b18f9d68d0be5c7eaccc399ecf47ac93dc43e526d2a51810989c030fc8280d3fe2ef412c4f5dca1be5d2387445f21bfef578b86b6e063a26c6f45406d8c593e49bfaea857d09dd187c4b1784cd4fe040044582624e3945ddeb6e117c0c564b94677afb9bdf39456cfa795de28e3c4447507783278d9d54abeb5f9be37037e54dbb82c463616f108d2cc44169f4f0c69c595f462d982244169b3b563c79b71e27ffd09f8782eee853e6f58c1c377d2f275f500b7c53134f8fe1d5030c6d12d29d051d0e7de89d9eed38445afd56ee3e3ef32af41d2b9ca92d5e27b017e223aaf05e9bcc2482d4e00407c59ca5f51b560632a3955807d406b1bcd3d842ac74389e17b015a051848e09df72ea862f5d23b0105637ed4318d9e4c7da9ad9bbe82f4d5c5aac5f611d4283a467259f1987e62ba6b8c48fd43d16e178fede94163825cc8f8d86575d1aa2f226e26175197c8b786319d4ee437c8adc6871df3fd52692f3f54f9998b23e3bcf903fecb295252d09ea26bf97f88b13dcce2dd4082ebfb9f74a301f5090dd8fdc9c907139720c2015c3e465b79495b28a2cb2005d47db068094899a9140ddf94b51701a3b983202d54aafd26fa83cab5eb95d4955ea9c86fdaa7aff7e971b5dffffd1fb6515b22dd90d13e39787e737deaa16f0fcbe1de49b59d3e1a61784eb71e0be6c5518d287347b9ca0f61896cfdceef0f636b8fc520c1cce85fb36c06d98a7c722ec714d79993cd78cffeb5c97c8a323c8e33d0fd1d66369c3a85e9acca056c5a408cd3af18dfcd77086d372c75467a11049fbc8a3ecf7753088e5da05cf99a36b00505bd4c65da02c36012e66332a1a5f8b6844f14cf80082a59c9feb37a8a210ae7771ca7f47ea667c4dca5ec45ba33fa4eaa2650fe92b530ef5c296f9aef6921a0a3abebf6ff2ab7d66db0456d0e0974a0f15e0bc10be79d2c161be3ed53436cd9d281b1ac626ebe8ca96bbd4b972ec1681d3c67a50463ba198fd9995c8174fd7823ed3e7752da28d1bebc7495f9bc57bacfaffd95bd18744f6986464a2fb70f5ed84ba3dea900179c85b9b76ad36fad61c370a77151b2433d500fab6c27b0d2da3e823b16c284ad91e86504f6dbad39fff53da7ea63b45759d7a39d00d0e111fc17b4ec4f15786ff34f7b82ac816dd963c683b5029c8fbf36bb386df2a0457055551dee6908ccd486cfc9bb29371e6178488e9fc8663507dba8f2845a604a07ed89bf501933fedc5be7684a302338bcc86a6bf26c9e439d799805df32b8132493cc0de1bc8adbb273c0ca40ff87d8ab85220073e3cf659f89809dd2b394265a0c69a9e43d5e59cbd4f4c4e26a0a4641bf4302c006a6fbf9e26f6564c149625814bbeddb0911fde243cbcca57b3ac1f6e874c262e27848e336a9bc853d9c0c54777dd10c3cdc1991beab9228126a358c8c0f4155eb785215247c1a6fcf6c77283182f0c4526e77adc60705fa4041bc0f7ba3ad5ce2c6ba6d1f47c764021692ff9421d2ce79299d2dd5cd558e3e70dfadf3da606a8a8d30dae74107998d9247bf668b3acb6ecdabf149a3b8065d0103b0001b75deba516880418da854389c65e6754fe2226c413633bda5257db696ee7dd8eaa62587b66d84c608b16db78a64c49078824bbfe4a7b0d5a60d4c5943bcb2e11d0bdc5810936a10131cc4db3638ddb0436f654ee592c5b170e3cf73588cdddf5c7d78644588b295d3a73f6c8c152eb9dbeaf63eac0dbfd6875bab1ef444b1023a0beb6ebe41ed3f6c3a6795e55b619a935fb9620c301f50e6ee2a944610ad46d5899217237a46a8d98e7f7b56d70e5e0ec1edb75a36dfbe8f3a6506fe2de0466ee995c8b629913c9fa1627bb53e343269e225afbcee8b2cdbbb5d5ebf6d4ccf441f688c919dec965b149fbdf67f3d853e7e3f148aa5cc60a1f9726dfc40a882d633ab1c2010e942584f252d0ed4deee82568ba03efffa68a6929f2fe6d565dcb3f7cc852198900b6042264d98a7eb958dd7f63b002560d4418a5eef2463c78b142d85e74fa4de6b0d14ffec9eb41207fe0c74e525e51939dacf46fbfa97b0263ee237cc83ed6e6ea4f53d2fbe6079679ead96ab6322e49afd1ed862a449de9824ce569482498758db668e633219d77d0f1bc7764a71b5ae09ad3aee6d90e1849a074389c7acba9fedb8a2bebba11d16efbac6f171ef4f3b6dbbf98ac297975260cec794b254194e24f4fbaf6956429b3349f2a6c6996c5c09451d9c3dab27a8f5cbc49ef7a02434e861f9f96b13e4caa1515c44a6235c982884270af2820c4dc7936ab767a0ca497a11c8dee425712b729b851a93cdd6f047539066ea1d50829cdf39515aac1e41300b95b5c1e56a87ae8171f5224e6d5e61ee80962c459ac6f5f762846bda0da2dbdb18f037e3c952c6df9c529340ed8223137101f04fb42d7ddcc6c64ea526a7e12e07e361e00c0008604f7803b6aa139421acd41d3c38640ec4344d19e7e8ec4c6bd562c669da561b708d3b3c321f2d6527c0d220e4faf589ec73d809b482c8cacd8870274b4024f30055281b8d5e2a83bd2cfa4b99807993671f0c7a238423e3ac28869ff051723c560d73a2722ba0aacf12f0f31a597ca71fb8b1e8b4d8d99770da02f89f46ba08ae2dd0cf16f10a2313f6400a1859ba53346980bfeccc3526a8007de201e01a0eb44ac4ee465e5a83e017c60cc46bdf1408643b44250a7692aacf45a41e50b964c18ef63fe5d8f9fd8d6954230eb5afa7170e03930fe4c97201ab76166acbd944340bed29383aaf9c4d481531e065a08571fbbc637c8246d148417fd5ce3d3784087d05c5480ecc39815dedb9c6bcc0f8d5e6701094c20b56bb6f447b09d1c63c04ff35727abb2976aa5afac68ef5ee83a058dcdf1a9e2c4265145e8632ecf801fdd298bd23ed5c9811c98207d7727f062bcdd9168afc0220c1ecea5ac4001f262a13822e5ebe8241bb0fcdcf7d88754193eb8fbd29ca060638324509ca9869986f9603229d62e186d15e4892d923e1c24b37f47c89b6dfc3c5d1b1e1272f49741a25da6f0e2739f12032c315795341e9d549fd190794824e7f8f811d4e609f2907af2bd4b08113bbaf460cf1cbc7468528608596641ac15bf687d46708d85601035cb426efa80d4e990b9ef923b7926caeec728df481b5c0652c2c3aa30bd83b0b8c8f8a396dca9961af2b9d2550da16bd5ad7b2e48a3fd8ce361fd3244e6b4169cb09be7ef223fad6529c8916cfc6bd9f896b0f801d96048f9b92de8fe0bbce1ff3eb1dcc9cc240b36604ae3a6069d4c8c4203ee3cbcf8a9ff52b6314d87bdf55a3d18fc19e9024cc950a2693290fe45b772d69174a0aee171dd636aad4a3e6cece27c2dc57302ec60a522903c021560c47a0b7a5662daf0f418693d3fe16e218735382dab4399cf0c01c4a62a1c3b193279ffef4310ae51aa6d2b366ec8f97f649eb7044a83f52616f829b77cb07bee2b898dfac89188496b23fab3786cff4b2f82f9c876f3ed4513692edc1c22c8a6b831ba0f225ceb64e17ee9fda3dc547b773dbb9ec4e0595d82c38f1a6821fe19f46d0b495afff7468a6534aeddfb49ca4b39abd8ade87cd42225a2d89d3f582506c5e19a3476524a64d680655ef14fbc98cb2a34a2fb9e44da4cc72442f662dcadc5668a0136e0b82333cd3ec71e47251ce89694db00450e88daef21fd4d150c6c6b46552cdf44b94111113f75a6614e391eaa72541c1b44911e3642c9857443eabad42600999964325918516fbc11f28a504c4a501fe3e7991495e06520542aff18ade7eddd4fb88db1be14b82c8edc41656fdbd7773c6f4e776503cdc2d22828607153b4bae7785a6784d33e0647655e5db35418e10eae3de4519ce18491a2ca775b852673203a60218b91c0a3646b046f32ac82c17efe8112d67f21b269b90b58ce34d6f9d84245949875145ac2690ca1b8136a96bafbb75971f113364ddfc294afed84c397e54168a6205dfd5f9de04934ec1b195fe3044478cbee75cc2e83c19a725ffef1e1179df6f7d1c6b71b9596790d56aaccfbaaed06124c688a1cc29806ef38c89d3870760d2408b163b1bd084325775c7cb9e309b27e3be18059d4fa06ac5bc46504fdbf07344e76777372ac97adf23494cfc47d3cce580d08ae349e4e88f748c9e34a4f55e3681325ae581814b7c0f02a1919302ae0b5b662465f2806d48c7658ae3ca1e2024dfc2fcf1aa48e36c6c797582d7d07b0d553671bdf59c809c6e3e1f2b69721817e5fa618e8029506d8c0323c3c34d7b5bdfbbca6d4f45e75bd3123195bbc5935482b21de47c26d18b8dc1fff3a7f5c05358048ede29a9c80a4e2d0261fa20cfa6e12817d52cc6d26d16218ab5e6044c24326a407cfaa586739067e4161ee421c9842e1335c4f506f62b94c84b496b85f29cfe0ab88a0efc40d5df15760ef8be41d9632c5566e70b4c7a59cbf6e134e9a6360d67a87ae9287abc9a6d190636f017f7bae19150f3eb997ea193f41c4d34a3ab"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x114, 0x1a, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0xfff, 0x3, 0x10000000, 0x6, 0x10001}, 0x2}}]}, {0xcb, 0x6, "786a1c27aa53185ea82e41878cfedea599fd24cd80e0c34d025fcf9907180b0b017081a535a3eb91611c3a0546a66cf429a1b7cf5973ba5eea561a3810e0a613efe7effb55be4be51839a019c78dcea020565b781b8670246db28b7f50f64386d73cf01fbfc9c2a7437593afb92194d1bcca9ec38fd5d40b44a5ab849b8a0d2d0af2a5b65f569f65bf5785f9aee180443ac97b2fec6b3bc8abda10bbcab26093f5d873b9a21eabf718ea899db20cd38cca510e1dce8bbb1d68d3391de979509a3f86c66bbf4cd9"}, {0xc}, {0xc, 0x8, {0x4, 0x3}}}}]}, {0xf0, 0x1, [@m_connmark={0xec, 0x12, 0x0, 0x0, {{0xd}, {0x4}, {0xba, 0x6, "0e38e15ca6d3fef99c770d2bd464dbb730e3181f008db0f464483272613196c9c4597cd2372c2fe1327d96dfeccffecd96af871e77e7027ed8288c4f103afa59943a647953be2bd4e2518ad6e89c52a53cc3dd8bdb49fc001226e66bcc588040c4bc150bbcd7da59ef0e043bef9333d03793a36017552415cf2da2b87f9c1693d2ade696aadcd3eb1abc8c8c1c72d2d67810ae95e6cc686c34bcabe611c23c3b41f4d2e996a25c790754e36614b1ed437f51e8fc7859"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x127c}}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000380)=ANY=[@ANYBLOB='%\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000c00000004000380"], 0x18}}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x4, 0x5, 0x5, 0x7, 0x7, 0x3, 0x4, 0x3}}}}]}, 0x58}}, 0x44080)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xe, 0xa}, {0x2, 0x10}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x9}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000000020103000000000000000002000008240002800c000280050001002f000000060003090000000000000001000008000840000000ee"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x8000)

kernel console output (not intermixed with test programs):

15][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.226509][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.245301][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.253124][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.279478][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.293059][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.300041][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.326359][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.345357][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.352613][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.378844][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.516490][ T5847] hsr_slave_0: entered promiscuous mode
[   92.524311][ T5847] hsr_slave_1: entered promiscuous mode
[   92.530836][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.538592][ T5847] Cannot create hsr debugfs directory
[   92.581410][ T5843] hsr_slave_0: entered promiscuous mode
[   92.588053][ T5843] hsr_slave_1: entered promiscuous mode
[   92.594530][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.602196][ T5843] Cannot create hsr debugfs directory
[   92.693155][ T5846] hsr_slave_0: entered promiscuous mode
[   92.699611][ T5846] hsr_slave_1: entered promiscuous mode
[   92.706532][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.714775][ T5846] Cannot create hsr debugfs directory
[   92.727320][ T5848] hsr_slave_0: entered promiscuous mode
[   92.734128][ T5848] hsr_slave_1: entered promiscuous mode
[   92.740436][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.748033][ T5848] Cannot create hsr debugfs directory
[   93.113422][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.196369][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.207941][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.225800][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.350286][ T5841] Bluetooth: hci0: command tx timeout
[   93.384791][ T5847] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   93.402322][ T5847] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   93.437677][ T5847] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   93.451149][ T5847] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   93.500783][ T5841] Bluetooth: hci1: command tx timeout
[   93.513972][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   93.537709][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   93.549714][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   93.583097][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   93.661449][ T5841] Bluetooth: hci4: command tx timeout
[   93.665605][   T55] Bluetooth: hci3: command tx timeout
[   93.707324][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   93.740406][   T55] Bluetooth: hci2: command tx timeout
[   93.748254][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   93.759358][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   93.771948][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   93.814293][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.891945][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.899047][ T5846] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   93.929822][ T5846] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   93.945990][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   93.965026][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.972369][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.992202][ T5846] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   94.028109][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.035349][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.048382][ T5846] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   94.068673][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   94.093055][ T1319] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.100283][ T1319] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.111797][ T1319] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.119000][ T1319] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.283082][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.373360][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   94.416319][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.423532][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.478444][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.489457][ T1319] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.496725][ T1319] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.616200][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   94.659334][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.677216][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.684470][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.706531][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.713740][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.779062][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.813438][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   94.887968][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.895688][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.916536][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.923796][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.945599][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.209697][ T5837] veth0_vlan: entered promiscuous mode
[   95.248771][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.293959][ T5847] veth0_vlan: entered promiscuous mode
[   95.316334][ T5837] veth1_vlan: entered promiscuous mode
[   95.379461][ T5847] veth1_vlan: entered promiscuous mode
[   95.429301][   T55] Bluetooth: hci0: command tx timeout
[   95.469995][ T5843] veth0_vlan: entered promiscuous mode
[   95.496428][ T5837] veth0_macvtap: entered promiscuous mode
[   95.504368][ T5843] veth1_vlan: entered promiscuous mode
[   95.519330][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.534363][ T5837] veth1_macvtap: entered promiscuous mode
[   95.581431][   T55] Bluetooth: hci1: command tx timeout
[   95.583567][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.599596][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.625387][ T5847] veth0_macvtap: entered promiscuous mode
[   95.638281][ T5847] veth1_macvtap: entered promiscuous mode
[   95.676213][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.708200][ T5837] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.721230][ T5837] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.730028][ T5837] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.739018][ T5837] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.747090][   T55] Bluetooth: hci4: command tx timeout
[   95.755521][ T5841] Bluetooth: hci3: command tx timeout
[   95.761556][ T5843] veth0_macvtap: entered promiscuous mode
[   95.773987][ T5843] veth1_macvtap: entered promiscuous mode
[   95.822142][ T5841] Bluetooth: hci2: command tx timeout
[   95.845424][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.857134][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.869394][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.916465][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.927757][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.942922][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.960634][ T5848] veth0_vlan: entered promiscuous mode
[   95.966916][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.978308][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.991534][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.002135][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.013817][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.055489][ T5848] veth1_vlan: entered promiscuous mode
[   96.073888][ T5847] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.082829][ T5847] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.092508][ T5847] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.101701][ T5847] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.137478][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.148829][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.159113][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.171731][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.183592][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.194848][ T5843] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.204069][ T5843] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.215763][ T5843] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.225300][ T5843] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.268343][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.286865][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.413521][ T5848] veth0_macvtap: entered promiscuous mode
[   96.422636][ T5846] veth0_vlan: entered promiscuous mode
[   96.429335][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.447314][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.459910][ T5848] veth1_macvtap: entered promiscuous mode
[   96.498859][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.515269][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.526946][ T5846] veth1_vlan: entered promiscuous mode
[   96.573049][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.591972][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.607142][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.618155][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.632289][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.642871][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.654989][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.685486][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   96.697817][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.705400][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.718772][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.727559][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.738937][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.749484][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.759417][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.771195][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.782826][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.845531][ T1319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.858546][ T1319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.868846][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.881544][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.890774][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.899538][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.996767][ T5846] veth0_macvtap: entered promiscuous mode
[   97.019142][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.033633][ T5846] veth1_macvtap: entered promiscuous mode
[   97.043638][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.173373][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.216312][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.227118][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.238554][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.250152][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.269185][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.282181][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.292850][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.305204][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.318583][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   97.329540][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.341476][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   97.358182][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.368739][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   97.383372][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.394988][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   97.406430][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.418710][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.469751][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.480518][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.503710][ T5841] Bluetooth: hci0: command tx timeout
[   97.548521][ T5846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.593697][ T5846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.629264][ T5846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.649514][ T5846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.671643][ T5841] Bluetooth: hci1: command tx timeout
[   97.821621][ T5841] Bluetooth: hci3: command tx timeout
[   97.827123][ T5841] Bluetooth: hci4: command tx timeout
[   97.900673][ T5841] Bluetooth: hci2: command tx timeout
[   97.912642][   T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.971018][   T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.018072][ T5953] netlink: 'syz.1.7': attribute type 33 has an invalid length.
[   98.178415][ T5953] sctp: [Deprecated]: syz.1.7 (pid 5953) Use of struct sctp_assoc_value in delayed_ack socket option.
[   98.178415][ T5953] Use struct sctp_sack_info instead
[   98.238945][ T5953] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.7'.
[   98.274046][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.275575][ T5951] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.7'.
[   98.287177][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.486085][ T5969] Bluetooth: MGMT ver 1.23
[   98.519267][ T1319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.561344][ T1319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.582676][ T5967] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.170044][ T6010] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.197320][ T6010] dummy0: entered promiscuous mode
[  100.203623][ T6010] vlan2: entered promiscuous mode
[  100.531343][ T6020] netlink: 36 bytes leftover after parsing attributes in process `syz.3.23'.
[  100.616353][ T6020] netlink: 36 bytes leftover after parsing attributes in process `syz.3.23'.
[  100.712480][ T6030] netlink: 4 bytes leftover after parsing attributes in process `syz.1.24'.
[  100.726237][ T6028] netlink: 12 bytes leftover after parsing attributes in process `syz.4.26'.
[  100.808940][ T6028] netlink: 8 bytes leftover after parsing attributes in process `syz.4.26'.
[  100.845159][ T6030] 8021q: adding VLAN 0 to HW filter on device bond1
[  100.886924][ T6030] team0: Port device bond1 added
[  101.018062][ T6039] netlink: 'syz.0.28': attribute type 1 has an invalid length.
[  101.034086][ T6039] netlink: 224 bytes leftover after parsing attributes in process `syz.0.28'.
[  101.087290][ T6040] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  101.612837][ T6047] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.621224][ T6047] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.933918][ T6047] bridge_slave_0: left allmulticast mode
[  101.940025][ T6047] bridge_slave_0: left promiscuous mode
[  101.947182][ T6047] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.967276][ T6047] bridge_slave_1: left allmulticast mode
[  101.973658][ T6047] bridge_slave_1: left promiscuous mode
[  101.979669][ T6047] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.008533][ T6047] bond0: (slave bond_slave_0): Releasing backup interface
[  102.024952][ T6047] bond0: (slave bond_slave_1): Releasing backup interface
[  102.046925][ T6047] team0: Port device team_slave_0 removed
[  102.067701][ T6047] team0: Port device team_slave_1 removed
[  102.083580][ T6047] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.097320][ T6047] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.123297][ T6087] netlink: 'syz.4.41': attribute type 5 has an invalid length.
[  102.123475][ T6047] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.143717][ T6047] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.226806][ T6047] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.237008][ T6047] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.247333][ T6047] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.256329][ T6047] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.082490][ T6111] vlan2: entered promiscuous mode
[  103.106954][ T6111] vlan2: entered allmulticast mode
[  103.121668][ T6111] hsr_slave_1: entered allmulticast mode
[  103.182745][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  103.251168][ T6111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.52'.
[  103.274921][ T6120] netlink: 'syz.4.53': attribute type 10 has an invalid length.
[  103.283150][ T6120] netlink: 40 bytes leftover after parsing attributes in process `syz.4.53'.
[  103.312110][ T6121] netlink: 180 bytes leftover after parsing attributes in process `syz.3.54'.
[  103.373882][ T6091] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  103.422784][ T6120] batman_adv: batadv0: Adding interface: virt_wifi0
[  103.429584][ T6120] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.461825][ T6120] batman_adv: batadv0: Interface activated: virt_wifi0
[  103.809735][ T6130] Zero length message leads to an empty skb
[  103.854880][ T6130] vlan2: entered allmulticast mode
[  103.874113][ T6130] bond0: entered allmulticast mode
[  103.879320][ T6130] bond_slave_0: entered allmulticast mode
[  103.926629][ T6130] bond_slave_1: entered allmulticast mode
[  103.957275][ T6130] bridge0: port 3(vlan2) entered blocking state
[  103.987885][ T6130] bridge0: port 3(vlan2) entered disabled state
[  104.015566][ T6130] vlan2: entered promiscuous mode
[  104.027685][ T6130] bond0: entered promiscuous mode
[  104.037174][ T6130] bond_slave_0: entered promiscuous mode
[  104.063972][ T6130] bond_slave_1: entered promiscuous mode
[  104.099851][ T6130] bridge0: port 3(vlan2) entered blocking state
[  104.106757][ T6130] bridge0: port 3(vlan2) entered forwarding state
[  104.199209][ T6144] syz.0.60 uses obsolete (PF_INET,SOCK_PACKET)
[  104.496662][ T6150] hsr0: entered promiscuous mode
[  104.530496][ T6150] hsr0: entered allmulticast mode
[  104.540878][ T6150] hsr_slave_0: entered allmulticast mode
[  104.542260][ T6157] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  104.561790][ T6150] hsr_slave_1: entered allmulticast mode
[  104.907670][ T6168] netlink: 212 bytes leftover after parsing attributes in process `syz.3.68'.
[  104.986002][ T6172] netlink: 36 bytes leftover after parsing attributes in process `syz.2.70'.
[  105.040382][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.70'.
[  105.049136][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.70'.
[  105.110951][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.70'.
[  105.196488][ T6172] netlink: 'syz.2.70': attribute type 4 has an invalid length.
[  105.398488][ T6190] FAULT_INJECTION: forcing a failure.
[  105.398488][ T6190] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  105.452547][ T6190] CPU: 1 UID: 0 PID: 6190 Comm: syz.4.76 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  105.452578][ T6190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  105.452595][ T6190] Call Trace:
[  105.452604][ T6190]  <TASK>
[  105.452613][ T6190]  dump_stack_lvl+0x241/0x360
[  105.452658][ T6190]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.452687][ T6190]  ? __pfx__printk+0x10/0x10
[  105.452727][ T6190]  should_fail_ex+0x424/0x570
[  105.452758][ T6190]  _copy_to_user+0x31/0xb0
[  105.452783][ T6190]  simple_read_from_buffer+0xc4/0x170
[  105.452817][ T6190]  proc_fail_nth_read+0x1ef/0x260
[  105.452841][ T6190]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  105.452865][ T6190]  ? rw_verify_area+0x246/0x630
[  105.452885][ T6190]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  105.452907][ T6190]  vfs_read+0x21f/0xb90
[  105.452936][ T6190]  ? __pfx___mutex_lock+0x10/0x10
[  105.452960][ T6190]  ? __pfx_vfs_read+0x10/0x10
[  105.452985][ T6190]  ? __fget_files+0x2a/0x420
[  105.453017][ T6190]  ? __fget_files+0x39d/0x420
[  105.453045][ T6190]  ? __fget_files+0x2a/0x420
[  105.453086][ T6190]  ksys_read+0x19d/0x2d0
[  105.453111][ T6190]  ? __pfx_ksys_read+0x10/0x10
[  105.453141][ T6190]  ? do_syscall_64+0xb6/0x230
[  105.453167][ T6190]  do_syscall_64+0xf3/0x230
[  105.453190][ T6190]  ? clear_bhb_loop+0x45/0xa0
[  105.453227][ T6190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.453251][ T6190] RIP: 0033:0x7f0d15f8cb7c
[  105.453274][ T6190] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  105.453290][ T6190] RSP: 002b:00007f0d16dc7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  105.453312][ T6190] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8cb7c
[  105.453327][ T6190] RDX: 000000000000000f RSI: 00007f0d16dc70a0 RDI: 0000000000000003
[  105.453339][ T6190] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000
[  105.453352][ T6190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.453364][ T6190] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8
[  105.453397][ T6190]  </TASK>
[  106.280634][ T6212] netlink: 'syz.1.84': attribute type 1 has an invalid length.
[  106.316369][ T6209] dummy0: entered promiscuous mode
[  106.323979][ T6212] netlink: 'syz.1.84': attribute type 4 has an invalid length.
[  106.346651][ T6209] vlan2: entered promiscuous mode
[  106.352533][ T6212] netlink: 188 bytes leftover after parsing attributes in process `syz.1.84'.
[  106.362658][ T6212] NCSI netlink: No device for ifindex 458760
[  106.472253][ T6210] warning: `syz.4.82' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  106.568700][ T6218] netlink: 'syz.0.86': attribute type 16 has an invalid length.
[  106.578988][ T6218] netlink: 'syz.0.86': attribute type 17 has an invalid length.
[  106.628447][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  106.725148][ T6218] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  106.799463][ T6222] IPv6: sit1: Disabled Multicast RS
[  106.819339][ T6221] netlink: 76 bytes leftover after parsing attributes in process `syz.2.88'.
[  106.844393][ T6222] sit1: entered allmulticast mode
[  107.121191][ T6238] sctp: [Deprecated]: syz.1.95 (pid 6238) Use of struct sctp_assoc_value in delayed_ack socket option.
[  107.121191][ T6238] Use struct sctp_sack_info instead
[  107.814948][ T6275] netlink: 'syz.4.105': attribute type 1 has an invalid length.
[  107.869001][ T6268] 8021q: adding VLAN 0 to HW filter on device bond1
[  107.916945][ T6268] bridge0: port 3(bond1) entered blocking state
[  107.931501][ T6268] bridge0: port 3(bond1) entered disabled state
[  107.942755][ T6268] bond1: entered allmulticast mode
[  107.951746][ T6268] bond1: entered promiscuous mode
[  107.957878][ T6268] bridge0: port 3(bond1) entered blocking state
[  107.964860][ T6268] bridge0: port 3(bond1) entered forwarding state
[  108.006309][   T12] bridge0: port 3(bond1) entered disabled state
[  108.214534][ T6287] ip6erspan0: entered promiscuous mode
[  108.755796][ T6309] __nla_validate_parse: 1 callbacks suppressed
[  108.755816][ T6309] netlink: 212 bytes leftover after parsing attributes in process `syz.4.113'.
[  108.911075][ T6318] netlink: 'syz.1.116': attribute type 1 has an invalid length.
[  108.921838][ T6311] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  108.946435][ T6318] netlink: 224 bytes leftover after parsing attributes in process `syz.1.116'.
[  109.029123][ T6326] netlink: 'syz.4.118': attribute type 1 has an invalid length.
[  109.038447][ T6326] netlink: 'syz.4.118': attribute type 2 has an invalid length.
[  109.046926][ T6326] netlink: 212 bytes leftover after parsing attributes in process `syz.4.118'.
[  109.153750][ T6330] netlink: 256 bytes leftover after parsing attributes in process `syz.0.119'.
[  109.312590][ T6335] FAULT_INJECTION: forcing a failure.
[  109.312590][ T6335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.370518][ T6335] CPU: 1 UID: 0 PID: 6335 Comm: syz.3.121 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  109.370549][ T6335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  109.370562][ T6335] Call Trace:
[  109.370570][ T6335]  <TASK>
[  109.370579][ T6335]  dump_stack_lvl+0x241/0x360
[  109.370616][ T6335]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.370646][ T6335]  ? __pfx__printk+0x10/0x10
[  109.370687][ T6335]  should_fail_ex+0x424/0x570
[  109.370718][ T6335]  _copy_from_user+0x2d/0xb0
[  109.370741][ T6335]  __sys_bpf+0x1c5/0x8b0
[  109.370765][ T6335]  ? __pfx___sys_bpf+0x10/0x10
[  109.370799][ T6335]  ? ksys_write+0x275/0x2d0
[  109.370846][ T6335]  __x64_sys_bpf+0x7c/0x90
[  109.370877][ T6335]  do_syscall_64+0xf3/0x230
[  109.370905][ T6335]  ? clear_bhb_loop+0x45/0xa0
[  109.370930][ T6335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.370950][ T6335] RIP: 0033:0x7f578538e169
[  109.370968][ T6335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.370985][ T6335] RSP: 002b:00007f57862b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  109.371007][ T6335] RAX: ffffffffffffffda RBX: 00007f57855b5fa0 RCX: 00007f578538e169
[  109.371022][ T6335] RDX: 0000000000000090 RSI: 0000200000000440 RDI: 0000000000000005
[  109.371035][ T6335] RBP: 00007f57862b2090 R08: 0000000000000000 R09: 0000000000000000
[  109.371048][ T6335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.371059][ T6335] R13: 0000000000000000 R14: 00007f57855b5fa0 R15: 00007ffd695c10d8
[  109.371091][ T6335]  </TASK>
[  109.591733][ T6343] FAULT_INJECTION: forcing a failure.
[  109.591733][ T6343] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.636367][ T6343] CPU: 1 UID: 0 PID: 6343 Comm: syz.1.123 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  109.636398][ T6343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  109.636410][ T6343] Call Trace:
[  109.636418][ T6343]  <TASK>
[  109.636428][ T6343]  dump_stack_lvl+0x241/0x360
[  109.636465][ T6343]  ? __pfx_dump_stack_lvl+0x10/0x10
[  109.636494][ T6343]  ? __pfx__printk+0x10/0x10
[  109.636536][ T6343]  should_fail_ex+0x424/0x570
[  109.636568][ T6343]  _copy_from_user+0x2d/0xb0
[  109.636591][ T6343]  copy_msghdr_from_user+0xb3/0x580
[  109.636631][ T6343]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  109.636659][ T6343]  ? __fget_files+0x2a/0x420
[  109.636694][ T6343]  ? __fget_files+0x2a/0x420
[  109.636732][ T6343]  __sys_sendmsg+0x20a/0x360
[  109.636762][ T6343]  ? __pfx___sys_sendmsg+0x10/0x10
[  109.636842][ T6343]  ? do_syscall_64+0xb6/0x230
[  109.636869][ T6343]  do_syscall_64+0xf3/0x230
[  109.636892][ T6343]  ? clear_bhb_loop+0x45/0xa0
[  109.636915][ T6343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.636934][ T6343] RIP: 0033:0x7f219af8e169
[  109.636952][ T6343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.636968][ T6343] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.636990][ T6343] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169
[  109.637005][ T6343] RDX: 00000000040080ca RSI: 0000200000000380 RDI: 0000000000000003
[  109.637018][ T6343] RBP: 00007f219bd93090 R08: 0000000000000000 R09: 0000000000000000
[  109.637030][ T6343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.637042][ T6343] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8
[  109.637080][ T6343]  </TASK>
[  110.197726][ T6362] netlink: 8 bytes leftover after parsing attributes in process `syz.0.128'.
[  110.262543][ T6363] tc_dump_action: action bad kind
[  110.516805][ T6374] netlink: 216 bytes leftover after parsing attributes in process `syz.0.132'.
[  110.543400][ T6374] netlink: 24 bytes leftover after parsing attributes in process `syz.0.132'.
[  110.591027][ T6374] netlink: 16 bytes leftover after parsing attributes in process `syz.0.132'.
[  110.868806][ T6386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.136'.
[  110.941850][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  111.337872][ T6399] netlink: 212 bytes leftover after parsing attributes in process `syz.1.139'.
[  112.098053][ T6428] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  112.967546][ T6470] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  113.635978][ T6499] tipc: Started in network mode
[  113.648813][ T6499] tipc: Node identity , cluster identity 4711
[  113.656990][ T6499] tipc: Failed to obtain node identity
[  113.664191][ T6499] tipc: Enabling of bearer <eth:gre0> rejected, failed to enable media
[  114.140235][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  114.147244][ T6479] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  114.317142][ T6530] netlink: 'syz.4.173': attribute type 1 has an invalid length.
[  114.327885][ T6530] netlink: 'syz.4.173': attribute type 2 has an invalid length.
[  114.427030][ T6514] team0 (unregistering): Port device team_slave_0 removed
[  114.472686][ T6514] team0 (unregistering): Port device team_slave_1 removed
[  114.537618][ T6538] __nla_validate_parse: 5 callbacks suppressed
[  114.537639][ T6538] netlink: 24 bytes leftover after parsing attributes in process `syz.4.175'.
[  114.981115][ T6554] netlink: 'syz.2.181': attribute type 1 has an invalid length.
[  114.988836][ T6554] netlink: 224 bytes leftover after parsing attributes in process `syz.2.181'.
[  115.178256][ T6557] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  115.244812][ T6559] wg1: entered promiscuous mode
[  115.249762][ T6559] wg1: entered allmulticast mode
[  115.602588][ T6568] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.610479][ T6568] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.010709][ T6568] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.099067][ T6568] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.255331][ T6568] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.281850][ T6568] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.291898][ T6568] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.301610][ T6568] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.671740][ T6606] netlink: 212 bytes leftover after parsing attributes in process `syz.3.195'.
[  116.707423][ T6608] netlink: 16 bytes leftover after parsing attributes in process `syz.4.196'.
[  116.742386][ T6609] netlink: 596 bytes leftover after parsing attributes in process `syz.1.192'.
[  116.984860][ T6619] netlink: 12 bytes leftover after parsing attributes in process `syz.4.198'.
[  117.260710][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  117.286003][ T6611] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  118.589067][ T6672] netlink: 212 bytes leftover after parsing attributes in process `syz.4.210'.
[  118.836478][ T6678] netlink: 16 bytes leftover after parsing attributes in process `syz.2.214'.
[  118.849848][ T6676] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  118.911389][ T6683] netlink: 16 bytes leftover after parsing attributes in process `syz.0.211'.
[  118.937495][ T6683] netlink: 32 bytes leftover after parsing attributes in process `syz.0.211'.
[  118.984148][ T6683] veth1_macvtap: left promiscuous mode
[  119.008875][ T6683] macsec0: entered promiscuous mode
[  119.268590][ T6696] xt_cluster: you have exceeded the maximum number of cluster nodes (261 > 32)
[  119.668510][ T6713] __nla_validate_parse: 3 callbacks suppressed
[  119.668532][ T6713] netlink: 24 bytes leftover after parsing attributes in process `syz.2.228'.
[  119.845689][ T6716] vlan3: entered promiscuous mode
[  119.893645][ T6713] xt_socket: unknown flags 0x4
[  119.916982][ T5844] IPVS: starting estimator thread 0...
[  119.958070][ T6719] vlan2: entered promiscuous mode
[  119.977666][ T6719] dummy0: entered promiscuous mode
[  120.031414][ T6726] IPVS: using max 27 ests per chain, 64800 per kthread
[  120.623884][ T6754] netlink: 16 bytes leftover after parsing attributes in process `syz.1.243'.
[  120.705010][ T6756] netlink: 212 bytes leftover after parsing attributes in process `syz.0.244'.
[  120.861505][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  121.300024][ T6768] dummy0: entered promiscuous mode
[  121.318714][ T6768] vlan2: entered promiscuous mode
[  121.375052][ T6772] netlink: 16 bytes leftover after parsing attributes in process `syz.3.251'.
[  121.754640][ T6780] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  122.600005][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.265'.
[  123.064970][ T6829] netlink: 87 bytes leftover after parsing attributes in process `syz.1.270'.
[  123.076758][ T6830] IPVS: set_ctl: invalid protocol: 113 224.0.0.1:20004
[  123.825465][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  123.996542][ T6862] openvswitch: netlink: Key 0 has unexpected len 4 expected 0
[  124.017046][ T6862] netlink: 60 bytes leftover after parsing attributes in process `syz.2.281'.
[  124.053794][ T6833] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  125.541409][ T6894] netlink: 'syz.3.290': attribute type 10 has an invalid length.
[  126.255174][ T6911] gre1: entered allmulticast mode
[  126.619133][ T6913] can: request_module (can-proto-0) failed.
[  126.629998][ T6913] netlink: 'syz.1.298': attribute type 1 has an invalid length.
[  126.643734][ T6913] netlink: 3 bytes leftover after parsing attributes in process `syz.1.298'.
[  126.685209][ T6913] batadv1: entered promiscuous mode
[  126.699683][ T6913] batadv1: entered allmulticast mode
[  126.828225][ T6913] netlink: 48 bytes leftover after parsing attributes in process `syz.1.298'.
[  127.314111][ T6929] netlink: 256 bytes leftover after parsing attributes in process `syz.0.302'.
[  127.522809][ T6935] netlink: 212 bytes leftover after parsing attributes in process `syz.2.305'.
[  127.889865][ T6944] netlink: 12 bytes leftover after parsing attributes in process `syz.0.308'.
[  128.047274][ T6943] netlink: 8 bytes leftover after parsing attributes in process `syz.2.309'.
[  129.222086][ T6958] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.344628][ T6970] netlink: 212 bytes leftover after parsing attributes in process `syz.0.316'.
[  129.666212][ T6977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.318'.
[  129.881134][ T6979] netlink: 8 bytes leftover after parsing attributes in process `syz.2.319'.
[  130.736747][ T6994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'.
[  132.309962][ T7026] netlink: 'syz.1.334': attribute type 3 has an invalid length.
[  132.641041][ T7033] netlink: 'syz.4.336': attribute type 1 has an invalid length.
[  132.690590][ T7033] netlink: 228 bytes leftover after parsing attributes in process `syz.4.336'.
[  133.470744][ T7047] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.479108][ T7047] team0: Port device bond0 added
[  133.687515][ T7047] syz.2.337 (7047) used greatest stack depth: 17608 bytes left
[  134.371371][ T7068] team_slave_0: entered promiscuous mode
[  134.430685][ T7071] team_slave_0: left promiscuous mode
[  134.547428][ T7077] netlink: 12 bytes leftover after parsing attributes in process `syz.0.349'.
[  135.082970][ T7096] ieee802154 phy0 wpan0: encryption failed: -22
[  135.625448][ T7114] netlink: 212 bytes leftover after parsing attributes in process `syz.0.361'.
[  135.953629][ T7124] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  136.161374][ T7132] netlink: 44 bytes leftover after parsing attributes in process `syz.2.367'.
[  136.370679][ T7137] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  136.399219][ T7137] netlink: 'syz.4.369': attribute type 1 has an invalid length.
[  136.497158][ T7139] netlink: 3 bytes leftover after parsing attributes in process `syz.4.369'.
[  136.582867][ T7137] netlink: 3 bytes leftover after parsing attributes in process `syz.4.369'.
[  136.736750][ T7139] batadv1: entered promiscuous mode
[  136.743429][ T7139] batadv1: entered allmulticast mode
[  136.846366][ T7137] batadv1: entered promiscuous mode
[  136.853337][ T7137] batadv1: entered allmulticast mode
[  137.110970][ T7160] netlink: 8 bytes leftover after parsing attributes in process `syz.2.377'.
[  137.261002][ T7166] netlink: 48 bytes leftover after parsing attributes in process `syz.4.380'.
[  137.305743][ T7166] vti0: entered promiscuous mode
[  137.345102][ T7166] netlink: 32 bytes leftover after parsing attributes in process `syz.4.380'.
[  137.797503][ T7180] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.907620][ T7180] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.918185][ T7184] netlink: 212 bytes leftover after parsing attributes in process `syz.4.385'.
[  138.016028][ T7180] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.085358][ T7180] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.148278][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  138.298383][ T7180] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.379140][ T7180] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.438434][ T7180] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.448574][ T7200] netlink: 'syz.1.391': attribute type 1 has an invalid length.
[  138.459085][ T7200] netlink: 224 bytes leftover after parsing attributes in process `syz.1.391'.
[  138.482081][ T7180] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.666681][ T7210] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  139.077107][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.400'.
[  139.086545][ T7226] netlink: 4 bytes leftover after parsing attributes in process `syz.1.400'.
[  139.355887][ T7234] vlan2: entered promiscuous mode
[  139.858694][ T7244] netlink: 'syz.3.405': attribute type 1 has an invalid length.
[  139.883965][ T7244] netlink: 224 bytes leftover after parsing attributes in process `syz.3.405'.
[  140.584263][ T7261] netlink: 'syz.0.408': attribute type 16 has an invalid length.
[  140.593133][ T7261] netlink: 'syz.0.408': attribute type 17 has an invalid length.
[  142.071588][ T7284] netdevsim netdevsim4: Direct firmware load for /
[  142.071588][ T7284]  failed with error -2
[  142.076545][ T7283] vlan2: entered promiscuous mode
[  142.094715][ T7283] dummy0: entered promiscuous mode
[  142.106535][ T7284] netdevsim netdevsim4: Falling back to sysfs fallback for: /
[  142.106535][ T7284] 
[  142.255870][ T7286] netlink: 16 bytes leftover after parsing attributes in process `syz.3.415'.
[  142.272877][ T7286] netlink: 64 bytes leftover after parsing attributes in process `syz.3.415'.
[  142.285083][ T7296] netlink: 12 bytes leftover after parsing attributes in process `syz.3.415'.
[  142.299660][ T7286] tipc: Invalid UDP bearer configuration
[  142.299737][ T7286] tipc: Enabling of bearer <udp:sy{±> rejected, failed to enable media
[  142.531461][ T7306] netlink: 32 bytes leftover after parsing attributes in process `syz.2.421'.
[  142.542205][   T24] IPVS: starting estimator thread 0...
[  142.640478][ T7307] IPVS: using max 26 ests per chain, 62400 per kthread
[  142.677330][ T7309] netlink: 'syz.0.422': attribute type 3 has an invalid length.
[  142.706644][ T7309] netlink: 132 bytes leftover after parsing attributes in process `syz.0.422'.
[  142.963546][ T7311] netlink: 48 bytes leftover after parsing attributes in process `syz.0.422'.
[  143.214408][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.4.427'.
[  143.250604][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.4.427'.
[  143.379133][ T7335] vlan2: entered promiscuous mode
[  144.135924][ T7353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.433'.
[  144.294834][ T7353] netlink: 20 bytes leftover after parsing attributes in process `syz.3.433'.
[  145.246097][ T7392] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'.
[  145.270740][ T7390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'.
[  145.281162][ T7391] netlink: 212 bytes leftover after parsing attributes in process `syz.0.451'.
[  145.290541][ T7390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.453'.
[  145.316996][ T7392] netlink: 4 bytes leftover after parsing attributes in process `syz.1.453'.
[  145.907418][ T7413] vlan2: entered promiscuous mode
[  146.637940][ T7440] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:20002
[  146.974349][ T7454] vlan2: entered promiscuous mode
[  147.675210][ T7482] netlink: 'syz.0.486': attribute type 1 has an invalid length.
[  147.679129][ T7479] geneve0: entered promiscuous mode
[  147.771608][ T7482] 8021q: adding VLAN 0 to HW filter on device bond1
[  147.857814][ T7488] 8021q: adding VLAN 0 to HW filter on device bond1
[  147.886789][ T7488] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  147.908947][ T7488] bond1: (slave vcan1): Error -95 calling set_mac_address
[  147.947872][ T7478] geneve0: left promiscuous mode
[  147.985209][ T7492] vti0: entered promiscuous mode
[  148.482827][ T7515] netlink: 'syz.0.497': attribute type 1 has an invalid length.
[  148.517174][ T7515] __nla_validate_parse: 9 callbacks suppressed
[  148.517194][ T7515] netlink: 224 bytes leftover after parsing attributes in process `syz.0.497'.
[  148.618919][ T7509] vlan2: entered promiscuous mode
[  149.004817][ T7529] netlink: 32 bytes leftover after parsing attributes in process `syz.1.503'.
[  149.067124][ T7529] x_tables: duplicate underflow at hook 2
[  149.330893][ T7540] netlink: 48 bytes leftover after parsing attributes in process `syz.4.507'.
[  149.416474][ T7543] netlink: 12 bytes leftover after parsing attributes in process `syz.2.509'.
[  149.458990][ T7543] netlink: 8 bytes leftover after parsing attributes in process `syz.2.509'.
[  149.461512][ T7545] netlink: 32 bytes leftover after parsing attributes in process `syz.4.507'.
[  150.007701][ T7561] vlan2: entered promiscuous mode
[  150.097471][ T7566] netlink: 16 bytes leftover after parsing attributes in process `syz.4.518'.
[  150.327907][ T5919] IPVS: starting estimator thread 0...
[  150.445531][ T7576] IPVS: using max 29 ests per chain, 69600 per kthread
[  150.556545][ T7584] netlink: 24 bytes leftover after parsing attributes in process `syz.4.524'.
[  150.851760][ T7595] netlink: 16 bytes leftover after parsing attributes in process `syz.4.526'.
[  150.971003][ T7602] netlink: 48 bytes leftover after parsing attributes in process `syz.1.528'.
[  151.501317][ T7609] netlink: 'syz.1.531': attribute type 1 has an invalid length.
[  151.980627][ T5841] Bluetooth: hci4: command tx timeout
[  152.589484][ T7656] vlan2: entered promiscuous mode
[  152.616257][ T7656] bridge0: entered promiscuous mode
[  152.657142][ T7656] vlan2: entered allmulticast mode
[  152.674326][ T7656] bridge0: entered allmulticast mode
[  152.862477][ T7667] bridge_slave_0: left allmulticast mode
[  152.871424][ T7667] bridge_slave_0: left promiscuous mode
[  152.910689][ T7667] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.958087][ T7667] bridge_slave_1: left allmulticast mode
[  152.978011][ T7667] bridge_slave_1: left promiscuous mode
[  152.988991][ T7667] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.046646][ T7667] bond0: (slave bond_slave_0): Releasing backup interface
[  153.062692][ T7675] netlink: 'syz.3.558': attribute type 10 has an invalid length.
[  153.072101][ T7667] bond0: (slave bond_slave_1): Releasing backup interface
[  153.087036][ T7667] team0: Port device team_slave_0 removed
[  153.097901][ T7667] team0: Port device team_slave_1 removed
[  153.105202][ T7667] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.115776][ T7667] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.128862][ T7667] team0: Port device bond1 removed
[  153.135339][ T7672] tc_dump_action: action bad kind
[  153.188222][ T7675] syz_tun: entered promiscuous mode
[  153.218364][ T7675] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  153.389010][ T7688] sock: sock_set_timeout: `syz.1.561' (pid 7688) tries to set negative timeout
[  153.603628][ T7699] FAULT_INJECTION: forcing a failure.
[  153.603628][ T7699] name failslab, interval 1, probability 0, space 0, times 1
[  153.616646][ T7699] CPU: 1 UID: 0 PID: 7699 Comm: syz.0.564 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  153.616676][ T7699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  153.616689][ T7699] Call Trace:
[  153.616697][ T7699]  <TASK>
[  153.616707][ T7699]  dump_stack_lvl+0x241/0x360
[  153.616750][ T7699]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.616780][ T7699]  ? __pfx__printk+0x10/0x10
[  153.616813][ T7699]  ? __pfx___might_resched+0x10/0x10
[  153.616843][ T7699]  should_fail_ex+0x424/0x570
[  153.616875][ T7699]  should_failslab+0xac/0x100
[  153.616905][ T7699]  __kmalloc_noprof+0xdf/0x4d0
[  153.616932][ T7699]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  153.616963][ T7699]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  153.617007][ T7699]  tomoyo_realpath_from_path+0xcf/0x5e0
[  153.617053][ T7699]  tomoyo_path_number_perm+0x245/0x790
[  153.617084][ T7699]  ? tomoyo_path_number_perm+0x215/0x790
[  153.617113][ T7699]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  153.617148][ T7699]  ? ksys_write+0x24e/0x2d0
[  153.617180][ T7699]  ? __lock_acquire+0xad5/0xd80
[  153.617222][ T7699]  ? __fget_files+0x2a/0x420
[  153.617252][ T7699]  ? __fget_files+0x2a/0x420
[  153.617304][ T7699]  ? __fget_files+0x2a/0x420
[  153.617341][ T7699]  security_file_ioctl+0xc6/0x2a0
[  153.617368][ T7699]  __se_sys_ioctl+0x46/0x160
[  153.617394][ T7699]  do_syscall_64+0xf3/0x230
[  153.617420][ T7699]  ? clear_bhb_loop+0x45/0xa0
[  153.617445][ T7699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.617466][ T7699] RIP: 0033:0x7f84aed8e169
[  153.617484][ T7699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.617500][ T7699] RSP: 002b:00007f84afb74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.617523][ T7699] RAX: ffffffffffffffda RBX: 00007f84aefb5fa0 RCX: 00007f84aed8e169
[  153.617538][ T7699] RDX: 0000200000000480 RSI: 00000000000089e0 RDI: 0000000000000003
[  153.617551][ T7699] RBP: 00007f84afb74090 R08: 0000000000000000 R09: 0000000000000000
[  153.617563][ T7699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.617575][ T7699] R13: 0000000000000000 R14: 00007f84aefb5fa0 R15: 00007ffc87d985a8
[  153.617608][ T7699]  </TASK>
[  153.617618][ T7699] ERROR: Out of memory at tomoyo_realpath_from_path.
[  154.086667][ T7717] __nla_validate_parse: 7 callbacks suppressed
[  154.086688][ T7717] netlink: 596 bytes leftover after parsing attributes in process `syz.4.569'.
[  154.858677][ T7728] netlink: 'syz.2.574': attribute type 1 has an invalid length.
[  154.901831][ T7728] bond1: entered promiscuous mode
[  154.907558][ T7728] 8021q: adding VLAN 0 to HW filter on device bond1
[  155.056856][ T7734] netlink: 24 bytes leftover after parsing attributes in process `syz.0.576'.
[  155.722496][ T7748] vlan2: entered promiscuous mode
[  156.164735][ T7756] FAULT_INJECTION: forcing a failure.
[  156.164735][ T7756] name failslab, interval 1, probability 0, space 0, times 0
[  156.181457][ T7756] CPU: 0 UID: 0 PID: 7756 Comm: syz.1.583 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  156.181488][ T7756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  156.181501][ T7756] Call Trace:
[  156.181509][ T7756]  <TASK>
[  156.181519][ T7756]  dump_stack_lvl+0x241/0x360
[  156.181557][ T7756]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.181586][ T7756]  ? __pfx__printk+0x10/0x10
[  156.181620][ T7756]  ? __pfx___might_resched+0x10/0x10
[  156.181650][ T7756]  should_fail_ex+0x424/0x570
[  156.181683][ T7756]  should_failslab+0xac/0x100
[  156.181714][ T7756]  __kmalloc_noprof+0xdf/0x4d0
[  156.181741][ T7756]  ? tomoyo_encode+0x26f/0x540
[  156.181776][ T7756]  tomoyo_encode+0x26f/0x540
[  156.181817][ T7756]  ? __pfx_sockfs_dname+0x10/0x10
[  156.181852][ T7756]  tomoyo_realpath_from_path+0x59e/0x5e0
[  156.181899][ T7756]  tomoyo_path_number_perm+0x245/0x790
[  156.181930][ T7756]  ? tomoyo_path_number_perm+0x215/0x790
[  156.181960][ T7756]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.181995][ T7756]  ? ksys_write+0x24e/0x2d0
[  156.182027][ T7756]  ? __lock_acquire+0xad5/0xd80
[  156.182070][ T7756]  ? __fget_files+0x2a/0x420
[  156.182102][ T7756]  ? __fget_files+0x2a/0x420
[  156.182137][ T7756]  ? __fget_files+0x2a/0x420
[  156.182174][ T7756]  security_file_ioctl+0xc6/0x2a0
[  156.182200][ T7756]  __se_sys_ioctl+0x46/0x160
[  156.182227][ T7756]  do_syscall_64+0xf3/0x230
[  156.182253][ T7756]  ? clear_bhb_loop+0x45/0xa0
[  156.182278][ T7756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.182298][ T7756] RIP: 0033:0x7f219af8e169
[  156.182317][ T7756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.182334][ T7756] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.182356][ T7756] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169
[  156.182371][ T7756] RDX: 0000200000000480 RSI: 00000000000089e0 RDI: 0000000000000003
[  156.182389][ T7756] RBP: 00007f219bd93090 R08: 0000000000000000 R09: 0000000000000000
[  156.182401][ T7756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.182412][ T7756] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8
[  156.182445][ T7756]  </TASK>
[  156.182569][ T7756] ERROR: Out of memory at tomoyo_realpath_from_path.
[  156.599209][ T7760] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  156.604368][ T7761] netlink: 12 bytes leftover after parsing attributes in process `syz.1.584'.
[  156.619573][    T9] IPVS: starting estimator thread 0...
[  156.730611][ T7762] IPVS: using max 27 ests per chain, 64800 per kthread
[  156.993351][ T7771] tc_dump_action: action bad kind
[  157.354493][ T7803] vlan3: entered promiscuous mode
[  157.700936][ T7809] wg1: entered promiscuous mode
[  157.720446][ T7809] wg1: entered allmulticast mode
[  157.777954][ T7819] netlink: 132 bytes leftover after parsing attributes in process `syz.4.602'.
[  158.162280][ T7831] IPv6: syztnl1: Disabled Multicast RS
[  158.178001][ T7826] netlink: 596 bytes leftover after parsing attributes in process `syz.3.603'.
[  158.422562][ T7847] netlink: 48 bytes leftover after parsing attributes in process `syz.4.612'.
[  158.428214][ T7849] netlink: 'syz.0.613': attribute type 2 has an invalid length.
[  158.446076][ T7847] netlink: 32 bytes leftover after parsing attributes in process `syz.4.612'.
[  158.463013][ T7849] lave_0: entered promiscuous mode
[  158.797220][ T7864] netlink: 4 bytes leftover after parsing attributes in process `syz.0.619'.
[  159.200744][ T7878] vlan2: entered promiscuous mode
[  159.355923][ T7885] ieee802154 phy0 wpan0: encryption failed: -22
[  159.375403][ T7888] netlink: 48 bytes leftover after parsing attributes in process `syz.2.628'.
[  159.396805][ T7888] vti0: entered promiscuous mode
[  159.416840][ T7888] netlink: 32 bytes leftover after parsing attributes in process `syz.2.628'.
[  159.737466][ T7904] netlink: 'syz.0.635': attribute type 10 has an invalid length.
[  159.779636][ T7904] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  160.226088][ T7916] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  160.291183][ T7921] netlink: 20 bytes leftover after parsing attributes in process `syz.0.641'.
[  160.482350][ T7927] netlink: 'syz.2.643': attribute type 29 has an invalid length.
[  162.795271][ T7969] netlink: 'syz.0.658': attribute type 1 has an invalid length.
[  162.827724][ T7969] netlink: 224 bytes leftover after parsing attributes in process `syz.0.658'.
[  163.013929][ T7978] netlink: 212 bytes leftover after parsing attributes in process `syz.1.662'.
[  163.498883][ T7999] syzkaller0: entered allmulticast mode
[  163.526717][ T8004] netlink: 48 bytes leftover after parsing attributes in process `syz.1.673'.
[  163.547522][ T7999] syzkaller0 (unregistering): left allmulticast mode
[  163.608671][ T8006] netlink: 32 bytes leftover after parsing attributes in process `syz.1.673'.
[  164.239360][ T8037] dvmrp1: entered allmulticast mode
[  164.428967][ T8050] netlink: 48 bytes leftover after parsing attributes in process `syz.4.689'.
[  164.480338][ T8050] netlink: 32 bytes leftover after parsing attributes in process `syz.4.689'.
[  165.139052][ T8065] netlink: 'syz.4.694': attribute type 11 has an invalid length.
[  165.168342][ T8065] netlink: 140 bytes leftover after parsing attributes in process `syz.4.694'.
[  165.365016][ T8068] netlink: 'syz.0.695': attribute type 1 has an invalid length.
[  165.394017][ T8068] netlink: 224 bytes leftover after parsing attributes in process `syz.0.695'.
[  165.706707][ T8081] netlink: 212 bytes leftover after parsing attributes in process `syz.1.700'.
[  165.840860][ T8086] tc_dump_action: action bad kind
[  165.948502][ T8089] netlink: 48 bytes leftover after parsing attributes in process `syz.1.704'.
[  165.977678][ T8089] netlink: 32 bytes leftover after parsing attributes in process `syz.1.704'.
[  166.817531][ T8123] tc_dump_action: action bad kind
[  167.476139][ T8138] netlink: 48 bytes leftover after parsing attributes in process `syz.2.722'.
[  167.508924][ T8138] netlink: 32 bytes leftover after parsing attributes in process `syz.2.722'.
[  167.882212][ T8153] tc_dump_action: action bad kind
[  168.458119][ T8176] tc_dump_action: action bad kind
[  168.684741][ T8183] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'nat'
[  168.797536][ T8191] veth0: entered promiscuous mode
[  168.893044][ T8199] netlink: 4 bytes leftover after parsing attributes in process `syz.0.741'.
[  169.289552][ T8208] tc_dump_action: action bad kind
[  169.296054][ T8208] netlink: 'syz.1.749': attribute type 10 has an invalid length.
[  169.444904][ T8219] tc_dump_action: action bad kind
[  169.899226][ T8236] vlan2: entered promiscuous mode
[  169.918333][ T8238] netlink: 'syz.3.759': attribute type 3 has an invalid length.
[  169.926616][ T8238] __nla_validate_parse: 2 callbacks suppressed
[  169.926634][ T8238] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.759'.
[  170.113191][ T8245] tc_dump_action: action bad kind
[  170.348128][ T8259] netlink: 'syz.2.770': attribute type 1 has an invalid length.
[  170.356715][ T8259] netlink: 224 bytes leftover after parsing attributes in process `syz.2.770'.
[  170.520382][ T8271] netlink: 16 bytes leftover after parsing attributes in process `syz.2.774'.
[  170.652276][ T8280] tc_dump_action: action bad kind
[  170.819336][ T8291] netlink: 8 bytes leftover after parsing attributes in process `syz.2.782'.
[  170.851697][ T8291] netlink: 4 bytes leftover after parsing attributes in process `syz.2.782'.
[  170.879476][ T8292] netlink: 'syz.2.782': attribute type 1 has an invalid length.
[  170.896294][ T8291] netlink: 'syz.2.782': attribute type 18 has an invalid length.
[  170.907174][ T8292] netlink: 224 bytes leftover after parsing attributes in process `syz.2.782'.
[  171.301683][ T8317] tc_dump_action: action bad kind
[  171.426997][ T8319] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  172.042930][ T8341] bridge0: port 4(batadv1) entered blocking state
[  172.049834][ T8341] bridge0: port 4(batadv1) entered disabled state
[  172.058521][ T8341] batadv1: entered allmulticast mode
[  172.066425][ T8341] batadv1: entered promiscuous mode
[  172.176350][ T8345] tc_dump_action: action bad kind
[  172.190917][ T8342] netlink: 'syz.3.802': attribute type 1 has an invalid length.
[  172.200440][ T8342] netlink: 224 bytes leftover after parsing attributes in process `syz.3.802'.
[  172.544182][   T66] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  172.554212][   T66] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  172.681410][ T8372] netlink: 48 bytes leftover after parsing attributes in process `syz.0.815'.
[  172.716974][ T8372] vti0: entered promiscuous mode
[  172.762413][ T8372] netlink: 32 bytes leftover after parsing attributes in process `syz.0.815'.
[  172.838684][ T8379] tc_dump_action: action bad kind
[  172.867452][ T8381] vlan2: entered promiscuous mode
[  173.240646][ T8396] netlink: 32 bytes leftover after parsing attributes in process `syz.0.824'.
[  173.501772][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  173.511751][ T8352] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  173.560906][ T8405] openvswitch: netlink: Flow actions attr not present in new flow.
[  173.620772][ T8407] netlink: 'syz.3.828': attribute type 2 has an invalid length.
[  173.648260][ T8409] tc_dump_action: action bad kind
[  173.798563][ T8413] vti0: entered promiscuous mode
[  174.296073][ T8430] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  174.417287][ T8436] netlink: 'syz.1.840': attribute type 1 has an invalid length.
[  175.485679][ T8469] __nla_validate_parse: 5 callbacks suppressed
[  175.485701][ T8469] netlink: 48 bytes leftover after parsing attributes in process `syz.1.852'.
[  176.134376][ T8484] netlink: 8 bytes leftover after parsing attributes in process `syz.2.856'.
[  176.380177][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  176.412004][ T8500] netlink: 212 bytes leftover after parsing attributes in process `syz.1.863'.
[  176.838954][ T8516] netlink: 'syz.4.867': attribute type 2 has an invalid length.
[  176.885563][ T8516] netlink: 28 bytes leftover after parsing attributes in process `syz.4.867'.
[  176.920332][ T8516] netlink: 28 bytes leftover after parsing attributes in process `syz.4.867'.
[  177.130384][ T8527] netlink: 'syz.4.872': attribute type 1 has an invalid length.
[  177.161803][ T8527] netlink: 224 bytes leftover after parsing attributes in process `syz.4.872'.
[  177.356569][ T8535] vlan2: entered promiscuous mode
[  177.404237][   T66] tipc: Subscription rejected, illegal request
[  177.760243][ T8556] netlink: 8 bytes leftover after parsing attributes in process `syz.0.880'.
[  178.467019][ T8591] netlink: 212 bytes leftover after parsing attributes in process `syz.4.892'.
[  178.505516][ T8592] netlink: 'syz.2.891': attribute type 10 has an invalid length.
[  178.534991][ T8592] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  178.782270][ T8603] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  178.813868][ T8608] tc_dump_action: action bad kind
[  179.416020][ T8636] tc_dump_action: action bad kind
[  179.997058][ T8665] netlink: 48 bytes leftover after parsing attributes in process `syz.1.924'.
[  180.032922][ T8665] netlink: 32 bytes leftover after parsing attributes in process `syz.1.924'.
[  180.112658][ T8669] tc_dump_action: action bad kind
[  180.870336][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  180.877801][ T8632] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  180.940648][ T8694] vlan3: entered promiscuous mode
[  180.945917][ T8694] bridge0: entered promiscuous mode
[  180.951638][ T8694] vlan3: entered allmulticast mode
[  180.956885][ T8694] bridge0: entered allmulticast mode
[  181.069949][ T8698] __nla_validate_parse: 1 callbacks suppressed
[  181.069965][ T8698] netlink: 48 bytes leftover after parsing attributes in process `syz.4.937'.
[  181.094917][ T8698] netlink: 32 bytes leftover after parsing attributes in process `syz.4.937'.
[  181.258153][ T8702] netlink: 'syz.4.939': attribute type 1 has an invalid length.
[  181.266231][ T8702] netlink: 224 bytes leftover after parsing attributes in process `syz.4.939'.
[  181.779835][ T8731] netlink: 48 bytes leftover after parsing attributes in process `syz.0.949'.
[  181.818306][ T8731] netlink: 32 bytes leftover after parsing attributes in process `syz.0.949'.
[  181.969345][ T8735] netlink: 20 bytes leftover after parsing attributes in process `syz.2.951'.
[  182.062891][ T8737] netlink: 8 bytes leftover after parsing attributes in process `syz.0.952'.
[  182.165073][ T8742] netlink: 212 bytes leftover after parsing attributes in process `syz.2.955'.
[  182.283082][ T8747] netlink: 'syz.2.957': attribute type 5 has an invalid length.
[  182.316486][ T8747] netlink: 'syz.2.957': attribute type 9 has an invalid length.
[  182.333962][ T8747] netlink: 'syz.2.957': attribute type 9 has an invalid length.
[  182.340800][ T8750] netlink: 'syz.2.957': attribute type 5 has an invalid length.
[  182.571273][ T8758] FAULT_INJECTION: forcing a failure.
[  182.571273][ T8758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.625104][ T8758] CPU: 0 UID: 0 PID: 8758 Comm: syz.0.961 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  182.625138][ T8758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  182.625152][ T8758] Call Trace:
[  182.625160][ T8758]  <TASK>
[  182.625169][ T8758]  dump_stack_lvl+0x241/0x360
[  182.625221][ T8758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.625250][ T8758]  ? __pfx__printk+0x10/0x10
[  182.625293][ T8758]  should_fail_ex+0x424/0x570
[  182.625325][ T8758]  _copy_from_user+0x2d/0xb0
[  182.625348][ T8758]  copy_msghdr_from_user+0xb3/0x580
[  182.625386][ T8758]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  182.625416][ T8758]  ? __fget_files+0x2a/0x420
[  182.625460][ T8758]  ? __fget_files+0x2a/0x420
[  182.625501][ T8758]  __sys_sendmsg+0x20a/0x360
[  182.625534][ T8758]  ? __pfx___sys_sendmsg+0x10/0x10
[  182.625618][ T8758]  ? do_syscall_64+0xb6/0x230
[  182.625646][ T8758]  do_syscall_64+0xf3/0x230
[  182.625670][ T8758]  ? clear_bhb_loop+0x45/0xa0
[  182.625695][ T8758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.625716][ T8758] RIP: 0033:0x7f84aed8e169
[  182.625739][ T8758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.625756][ T8758] RSP: 002b:00007f84afb74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.625786][ T8758] RAX: ffffffffffffffda RBX: 00007f84aefb5fa0 RCX: 00007f84aed8e169
[  182.625801][ T8758] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003
[  182.625815][ T8758] RBP: 00007f84afb74090 R08: 0000000000000000 R09: 0000000000000000
[  182.625827][ T8758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.625838][ T8758] R13: 0000000000000000 R14: 00007f84aefb5fa0 R15: 00007ffc87d985a8
[  182.625870][ T8758]  </TASK>
[  182.707137][ T8767] netlink: 48 bytes leftover after parsing attributes in process `syz.4.964'.
[  183.007997][ T8779] netlink: 8 bytes leftover after parsing attributes in process `syz.3.967'.
[  183.092924][ T8785] FAULT_INJECTION: forcing a failure.
[  183.092924][ T8785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.106782][ T8785] CPU: 1 UID: 0 PID: 8785 Comm: syz.4.971 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  183.106812][ T8785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  183.106825][ T8785] Call Trace:
[  183.106833][ T8785]  <TASK>
[  183.106842][ T8785]  dump_stack_lvl+0x241/0x360
[  183.106880][ T8785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.106909][ T8785]  ? __pfx__printk+0x10/0x10
[  183.106953][ T8785]  should_fail_ex+0x424/0x570
[  183.106985][ T8785]  _copy_from_user+0x2d/0xb0
[  183.107007][ T8785]  sctp_getsockopt_assoc_stats+0xec/0xa10
[  183.107044][ T8785]  ? __pfx_sctp_getsockopt_assoc_stats+0x10/0x10
[  183.107103][ T8785]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  183.107137][ T8785]  sctp_getsockopt+0x42f/0xbb0
[  183.107164][ T8785]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  183.107188][ T8785]  do_sock_getsockopt+0x391/0x740
[  183.107221][ T8785]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  183.107244][ T8785]  ? __fget_files+0x2a/0x420
[  183.107277][ T8785]  ? __fget_files+0x39d/0x420
[  183.107306][ T8785]  ? __fget_files+0x2a/0x420
[  183.107345][ T8785]  __x64_sys_getsockopt+0x2a3/0x370
[  183.107380][ T8785]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  183.107413][ T8785]  ? do_syscall_64+0xb6/0x230
[  183.107441][ T8785]  do_syscall_64+0xf3/0x230
[  183.107463][ T8785]  ? clear_bhb_loop+0x45/0xa0
[  183.107490][ T8785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.107510][ T8785] RIP: 0033:0x7f0d15f8e169
[  183.107528][ T8785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.107545][ T8785] RSP: 002b:00007f0d16da6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  183.107567][ T8785] RAX: ffffffffffffffda RBX: 00007f0d161b6080 RCX: 00007f0d15f8e169
[  183.107581][ T8785] RDX: 0000000000000070 RSI: 0000000000000084 RDI: 0000000000000003
[  183.107593][ T8785] RBP: 00007f0d16da6090 R08: 0000200000001700 R09: 0000000000000000
[  183.107606][ T8785] R10: 0000200000001600 R11: 0000000000000246 R12: 0000000000000001
[  183.107619][ T8785] R13: 0000000000000000 R14: 00007f0d161b6080 R15: 00007ffeff4a6fb8
[  183.107656][ T8785]  </TASK>
[  183.654017][ T8797] netlink: 'syz.0.977': attribute type 1 has an invalid length.
[  183.673399][ T8797] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  184.496785][ T8840] netlink: 'syz.0.995': attribute type 1 has an invalid length.
[  185.124650][ T8869] bond1: left allmulticast mode
[  185.129876][ T8869] bond1: left promiscuous mode
[  185.139577][ T8869] bridge0: port 3(bond1) entered disabled state
[  185.180465][ T8869] bridge_slave_1: left allmulticast mode
[  185.187262][ T8869] bridge_slave_1: left promiscuous mode
[  185.200313][ T8869] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.217944][ T8869] bridge_slave_0: left allmulticast mode
[  185.224421][ T8869] bridge_slave_0: left promiscuous mode
[  185.239496][ T8869] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.580780][ T8882] tc_dump_action: action bad kind
[  185.968615][ T8899] netdevsim netdevsim0: Direct firmware load for /
[  185.968615][ T8899]  failed with error -2
[  186.008988][ T8899] netdevsim netdevsim0: Falling back to sysfs fallback for: /
[  186.008988][ T8899] 
[  186.308462][ T8912] netlink: 'syz.3.1024': attribute type 10 has an invalid length.
[  186.318472][ T8915] netlink: 'syz.1.1022': attribute type 3 has an invalid length.
[  186.413878][ T8912] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  186.567573][ T8924] tc_dump_action: action bad kind
[  186.582074][ T8926] netlink: 'syz.2.1026': attribute type 1 has an invalid length.
[  186.595829][ T8926] __nla_validate_parse: 12 callbacks suppressed
[  186.595849][ T8926] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1026'.
[  186.986085][ T8948] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1034'.
[  187.051607][ T8951] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1034'.
[  187.256957][ T8959] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1038'.
[  187.384186][ T8964] tc_dump_action: action bad kind
[  187.731080][ T8980] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  187.971632][ T8983] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1047'.
[  188.057138][ T8995] netlink: 212 bytes leftover after parsing attributes in process `syz.3.1052'.
[  188.289931][ T9002] tc_dump_action: action bad kind
[  188.370897][ T9006] netlink: 'syz.0.1057': attribute type 1 has an invalid length.
[  188.388493][ T9006] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1057'.
[  189.112207][ T9037] tc_dump_action: action bad kind
[  189.820217][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  189.853085][ T9016] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  190.007103][ T9065] tc_dump_action: action bad kind
[  190.292629][ T9077] IPv6: Can't replace route, no match found
[  190.304343][ T9077] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1083'.
[  190.611677][ T9092] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  190.717904][ T9101] FAULT_INJECTION: forcing a failure.
[  190.717904][ T9101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.729935][ T9103] tc_dump_action: action bad kind
[  190.741404][ T9101] CPU: 0 UID: 0 PID: 9101 Comm: syz.2.1094 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  190.741436][ T9101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  190.741449][ T9101] Call Trace:
[  190.741457][ T9101]  <TASK>
[  190.741466][ T9101]  dump_stack_lvl+0x241/0x360
[  190.741504][ T9101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  190.741534][ T9101]  ? __pfx__printk+0x10/0x10
[  190.741577][ T9101]  should_fail_ex+0x424/0x570
[  190.741609][ T9101]  _copy_from_iter+0x211/0x1c70
[  190.741649][ T9101]  ? alloc_pages_mpol+0x4e6/0x690
[  190.741683][ T9101]  ? __pfx__copy_from_iter+0x10/0x10
[  190.741722][ T9101]  ? set_page_refcounted+0xa1/0x1e0
[  190.741751][ T9101]  ? alloc_pages_noprof+0x136/0x190
[  190.741777][ T9101]  ? page_copy_sane+0x46/0x260
[  190.741818][ T9101]  copy_page_from_iter+0x7a/0x100
[  190.741853][ T9101]  tun_get_user+0x1f6c/0x47c0
[  190.741881][ T9101]  ? tun_get_user+0x852/0x47c0
[  190.741923][ T9101]  ? aa_file_perm+0x139/0xf60
[  190.741954][ T9101]  ? aa_file_perm+0x3f1/0xf60
[  190.741983][ T9101]  ? __pfx_tun_get_user+0x10/0x10
[  190.742028][ T9101]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  190.742076][ T9101]  ? tun_get+0x1e/0x2f0
[  190.742100][ T9101]  ? tun_get+0x1e/0x2f0
[  190.742120][ T9101]  ? tun_get+0x27d/0x2f0
[  190.742145][ T9101]  tun_chr_write_iter+0x10d/0x1f0
[  190.742172][ T9101]  vfs_write+0x70f/0xd10
[  190.742203][ T9101]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  190.742228][ T9101]  ? __pfx_vfs_write+0x10/0x10
[  190.742255][ T9101]  ? __fget_files+0x2a/0x420
[  190.742289][ T9101]  ? __fget_files+0x2a/0x420
[  190.742331][ T9101]  ksys_write+0x19d/0x2d0
[  190.742356][ T9101]  ? __pfx_ksys_write+0x10/0x10
[  190.742386][ T9101]  ? do_syscall_64+0xb6/0x230
[  190.742413][ T9101]  do_syscall_64+0xf3/0x230
[  190.742436][ T9101]  ? clear_bhb_loop+0x45/0xa0
[  190.742461][ T9101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.742481][ T9101] RIP: 0033:0x7f996258cc1f
[  190.742499][ T9101] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  190.742515][ T9101] RSP: 002b:00007f996345e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  190.742537][ T9101] RAX: ffffffffffffffda RBX: 00007f99627b5fa0 RCX: 00007f996258cc1f
[  190.742552][ T9101] RDX: 0000000000000052 RSI: 0000200000000480 RDI: 00000000000000c8
[  190.742565][ T9101] RBP: 00007f996345e090 R08: 0000000000000000 R09: 0000000000000000
[  190.742577][ T9101] R10: 0000000000000052 R11: 0000000000000293 R12: 0000000000000001
[  190.742589][ T9101] R13: 0000000000000000 R14: 00007f99627b5fa0 R15: 00007ffea35a8d18
[  190.742622][ T9101]  </TASK>
[  191.089055][ T9110] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1098'.
[  191.311057][ T9118] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1100'.
[  191.653239][ T9136] tc_dump_action: action bad kind
[  191.738279][ T9137] __nla_validate_parse: 1 callbacks suppressed
[  191.738300][ T9137] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1108'.
[  191.762631][ T9141] netlink: 212 bytes leftover after parsing attributes in process `syz.0.1111'.
[  192.185423][ T9160] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1118'.
[  192.257292][ T9165] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1118'.
[  192.619966][ T9181] tc_dump_action: action bad kind
[  192.700592][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  192.708956][ T9186] netlink: 'syz.4.1128': attribute type 1 has an invalid length.
[  192.737447][ T9186] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1128'.
[  192.967354][ T9207] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1133'.
[  192.989456][ T9207] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1133'.
[  193.085507][ T9209] vlan4: entered promiscuous mode
[  193.407202][ T9229] tc_dump_action: action bad kind
[  193.553669][ T9238] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1144'.
[  193.576066][ T9238] tunl0: Master is either lo or non-ether device
[  193.688573][ T9243] netlink: 428 bytes leftover after parsing attributes in process `syz.1.1147'.
[  193.698041][ T9243] netlink: 2528 bytes leftover after parsing attributes in process `syz.1.1147'.
[  194.011768][ T9260] tc_dump_action: action bad kind
[  194.339137][ T9273] xt_CT: No such helper "syz1"
[  194.795482][ T9294] FAULT_INJECTION: forcing a failure.
[  194.795482][ T9294] name failslab, interval 1, probability 0, space 0, times 0
[  194.810242][ T9294] CPU: 1 UID: 0 PID: 9294 Comm: syz.4.1170 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  194.810274][ T9294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  194.810287][ T9294] Call Trace:
[  194.810296][ T9294]  <TASK>
[  194.810305][ T9294]  dump_stack_lvl+0x241/0x360
[  194.810343][ T9294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.810372][ T9294]  ? __pfx__printk+0x10/0x10
[  194.810406][ T9294]  ? __pfx___might_resched+0x10/0x10
[  194.810436][ T9294]  should_fail_ex+0x424/0x570
[  194.810467][ T9294]  should_failslab+0xac/0x100
[  194.810497][ T9294]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  194.810526][ T9294]  ? __alloc_skb+0x1c2/0x480
[  194.810555][ T9294]  __alloc_skb+0x1c2/0x480
[  194.810585][ T9294]  ? __pfx___alloc_skb+0x10/0x10
[  194.810615][ T9294]  ? netlink_ack_tlv_len+0x6e/0x200
[  194.810649][ T9294]  netlink_ack+0x147/0xa70
[  194.810667][ T9294]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  194.810696][ T9294]  ? ref_tracker_free+0x63e/0x7e0
[  194.810731][ T9294]  netlink_rcv_skb+0x296/0x480
[  194.810753][ T9294]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  194.810776][ T9294]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  194.810817][ T9294]  ? netlink_deliver_tap+0x2e/0x1b0
[  194.810840][ T9294]  ? netlink_deliver_tap+0x2e/0x1b0
[  194.810864][ T9294]  netlink_unicast+0x7f8/0x9a0
[  194.810905][ T9294]  ? __pfx_netlink_unicast+0x10/0x10
[  194.810939][ T9294]  ? skb_put+0x114/0x1f0
[  194.810967][ T9294]  netlink_sendmsg+0x8c3/0xcd0
[  194.811002][ T9294]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.811029][ T9294]  ? aa_sock_msg_perm+0x91/0x160
[  194.811065][ T9294]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.811084][ T9294]  __sock_sendmsg+0x221/0x270
[  194.811118][ T9294]  ____sys_sendmsg+0x523/0x860
[  194.811154][ T9294]  ? __pfx_____sys_sendmsg+0x10/0x10
[  194.811178][ T9294]  ? __fget_files+0x2a/0x420
[  194.811212][ T9294]  ? __fget_files+0x2a/0x420
[  194.811253][ T9294]  __sys_sendmsg+0x271/0x360
[  194.811284][ T9294]  ? __pfx___sys_sendmsg+0x10/0x10
[  194.811371][ T9294]  ? do_syscall_64+0xb6/0x230
[  194.811399][ T9294]  do_syscall_64+0xf3/0x230
[  194.811421][ T9294]  ? clear_bhb_loop+0x45/0xa0
[  194.811447][ T9294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.811467][ T9294] RIP: 0033:0x7f0d15f8e169
[  194.811486][ T9294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.811502][ T9294] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.811525][ T9294] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169
[  194.811540][ T9294] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003
[  194.811553][ T9294] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000
[  194.811565][ T9294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.811577][ T9294] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8
[  194.811610][ T9294]  </TASK>
[  195.885946][ T9336] tc_dump_action: action bad kind
[  196.366014][ T9361] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  196.483573][ T9379] tc_dump_action: action bad kind
[  196.705693][ T9388] FAULT_INJECTION: forcing a failure.
[  196.705693][ T9388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.727432][ T9388] CPU: 0 UID: 0 PID: 9388 Comm: syz.3.1206 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  196.727465][ T9388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  196.727486][ T9388] Call Trace:
[  196.727494][ T9388]  <TASK>
[  196.727504][ T9388]  dump_stack_lvl+0x241/0x360
[  196.727543][ T9388]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.727572][ T9388]  ? __pfx__printk+0x10/0x10
[  196.727613][ T9388]  should_fail_ex+0x424/0x570
[  196.727646][ T9388]  _copy_to_user+0x31/0xb0
[  196.727671][ T9388]  simple_read_from_buffer+0xc4/0x170
[  196.727706][ T9388]  proc_fail_nth_read+0x1ef/0x260
[  196.727730][ T9388]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  196.727755][ T9388]  ? rw_verify_area+0x246/0x630
[  196.727774][ T9388]  ? xsk_setsockopt+0x104/0x840
[  196.727803][ T9388]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  196.727826][ T9388]  vfs_read+0x21f/0xb90
[  196.727858][ T9388]  ? __pfx_vfs_read+0x10/0x10
[  196.727881][ T9388]  ? do_sock_setsockopt+0x3ea/0x710
[  196.727911][ T9388]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  196.727941][ T9388]  ksys_read+0x19d/0x2d0
[  196.727965][ T9388]  ? __pfx_ksys_read+0x10/0x10
[  196.727993][ T9388]  ? do_syscall_64+0xb6/0x230
[  196.728020][ T9388]  do_syscall_64+0xf3/0x230
[  196.728043][ T9388]  ? clear_bhb_loop+0x45/0xa0
[  196.728067][ T9388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.728087][ T9388] RIP: 0033:0x7f578538cb7c
[  196.728105][ T9388] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  196.728120][ T9388] RSP: 002b:00007f57862b2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  196.728140][ T9388] RAX: ffffffffffffffda RBX: 00007f57855b5fa0 RCX: 00007f578538cb7c
[  196.728154][ T9388] RDX: 000000000000000f RSI: 00007f57862b20a0 RDI: 0000000000000004
[  196.728166][ T9388] RBP: 00007f57862b2090 R08: 0000000000000000 R09: 0000000000000000
[  196.728179][ T9388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.728190][ T9388] R13: 0000000000000000 R14: 00007f57855b5fa0 R15: 00007ffd695c10d8
[  196.728224][ T9388]  </TASK>
[  197.057708][ T9396] netlink: 'syz.0.1207': attribute type 4 has an invalid length.
[  197.067461][ T9396] __nla_validate_parse: 10 callbacks suppressed
[  197.067491][ T9396] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1207'.
[  197.419523][ T9408] af_packet: tpacket_rcv: packet too big, clamped from 65354 to 3710. macoff=82
[  197.576223][ T9415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1217'.
[  197.594266][ T9415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1217'.
[  197.864206][ T9428] netlink: 212 bytes leftover after parsing attributes in process `syz.3.1223'.
[  197.988748][ T9433] ieee802154 phy0 wpan0: encryption failed: -22
[  197.996621][ T9433] netlink: 'syz.0.1225': attribute type 13 has an invalid length.
[  198.326219][ T9451] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1233'.
[  198.335816][ T9451] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1233'.
[  198.380637][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  198.387648][ T9404] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  198.705657][ T9471] netlink: 'syz.4.1240': attribute type 1 has an invalid length.
[  198.722423][ T9471] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1240'.
[  198.902346][ T9481] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1245'.
[  199.055428][ T9487] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1247'.
[  199.064870][ T9485] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  199.204063][ T9493] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1249'.
[  199.293377][ T9498] tc_dump_action: action bad kind
[  199.432863][ T9503] tc_dump_action: action bad kind
[  199.590802][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  199.782127][ T9518] xt_ecn: cannot match TCP bits for non-tcp packets
[  199.960621][ T9523] xt_CT: No such helper "snmp"
[  200.165843][ T9533] tc_dump_action: action bad kind
[  200.549781][ T9549] netlink: 'syz.1.1272': attribute type 1 has an invalid length.
[  200.905168][ T9564] tc_dump_action: action bad kind
[  201.100718][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  201.108423][ T9514] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  201.436113][ T9593] tc_dump_action: action bad kind
[  201.456671][ T9595] sock: sock_timestamping_bind_phc: sock not bind to device
[  201.875885][ T9611] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  202.204734][ T9631] tc_dump_action: action bad kind
[  202.266160][ T9629] __nla_validate_parse: 14 callbacks suppressed
[  202.266186][ T9629] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1301'.
[  202.582778][ T9635] tc_dump_action: action bad kind
[  203.599858][ T9687] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1323'.
[  203.904903][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  203.911769][ T9659] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  204.055489][ T9707] netlink: 'syz.2.1330': attribute type 13 has an invalid length.
[  204.101747][ T9707] netlink: 'syz.2.1330': attribute type 27 has an invalid length.
[  204.162945][ T9709] netlink: 'syz.1.1331': attribute type 1 has an invalid length.
[  204.186750][ T9709] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1331'.
[  204.712929][ T9731] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  204.858426][ T9743] FAULT_INJECTION: forcing a failure.
[  204.858426][ T9743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.884241][ T9743] CPU: 1 UID: 0 PID: 9743 Comm: syz.4.1346 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  204.884274][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  204.884287][ T9743] Call Trace:
[  204.884296][ T9743]  <TASK>
[  204.884305][ T9743]  dump_stack_lvl+0x241/0x360
[  204.884343][ T9743]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.884373][ T9743]  ? __pfx__printk+0x10/0x10
[  204.884416][ T9743]  should_fail_ex+0x424/0x570
[  204.884449][ T9743]  _copy_from_user+0x2d/0xb0
[  204.884473][ T9743]  copy_msghdr_from_user+0xb3/0x580
[  204.884514][ T9743]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  204.884565][ T9743]  __sys_sendmmsg+0x361/0x7b0
[  204.884607][ T9743]  ? __pfx___sys_sendmmsg+0x10/0x10
[  204.884674][ T9743]  ? rcu_read_lock_any_held+0xbb/0x160
[  204.884702][ T9743]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  204.884742][ T9743]  ? vfs_write+0xb29/0xd10
[  204.884777][ T9743]  ? ksys_write+0x24e/0x2d0
[  204.884804][ T9743]  ? __mutex_unlock_slowpath+0x229/0x800
[  204.884861][ T9743]  ? ksys_write+0x275/0x2d0
[  204.884898][ T9743]  __x64_sys_sendmmsg+0xa0/0xb0
[  204.884928][ T9743]  do_syscall_64+0xf3/0x230
[  204.884952][ T9743]  ? clear_bhb_loop+0x45/0xa0
[  204.884978][ T9743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.884998][ T9743] RIP: 0033:0x7f0d15f8e169
[  204.885016][ T9743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.885033][ T9743] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  204.885055][ T9743] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169
[  204.885070][ T9743] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c
[  204.885083][ T9743] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000
[  204.885096][ T9743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.885108][ T9743] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8
[  204.885141][ T9743]  </TASK>
[  204.921232][ T9745] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1348'.
[  205.506840][ T9763] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1353'.
[  205.637905][ T9771] netlink: 'syz.2.1356': attribute type 1 has an invalid length.
[  205.670201][ T9771] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1356'.
[  206.456643][ T9809] FAULT_INJECTION: forcing a failure.
[  206.456643][ T9809] name failslab, interval 1, probability 0, space 0, times 0
[  206.480210][ T9809] CPU: 1 UID: 0 PID: 9809 Comm: syz.4.1370 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  206.480257][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  206.480277][ T9809] Call Trace:
[  206.480290][ T9809]  <TASK>
[  206.480305][ T9809]  dump_stack_lvl+0x241/0x360
[  206.480364][ T9809]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.480394][ T9809]  ? __pfx__printk+0x10/0x10
[  206.480427][ T9809]  ? __pfx___might_resched+0x10/0x10
[  206.480461][ T9809]  should_fail_ex+0x424/0x570
[  206.480493][ T9809]  should_failslab+0xac/0x100
[  206.480524][ T9809]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  206.480554][ T9809]  ? __alloc_skb+0x1c2/0x480
[  206.480583][ T9809]  __alloc_skb+0x1c2/0x480
[  206.480612][ T9809]  ? __pfx___alloc_skb+0x10/0x10
[  206.480633][ T9809]  ? __local_bh_enable_ip+0x168/0x200
[  206.480654][ T9809]  ? l2tp_ip_sendmsg+0x36/0x1670
[  206.480676][ T9809]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  206.480702][ T9809]  sock_wmalloc+0xab/0x120
[  206.480734][ T9809]  l2tp_ip_sendmsg+0x1b3/0x1670
[  206.480762][ T9809]  ? inet_sendmsg+0x330/0x390
[  206.480796][ T9809]  __sock_sendmsg+0x1a6/0x270
[  206.480832][ T9809]  ____sys_sendmsg+0x523/0x860
[  206.480868][ T9809]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.480913][ T9809]  __sys_sendmmsg+0x3a0/0x7b0
[  206.480952][ T9809]  ? __pfx___sys_sendmmsg+0x10/0x10
[  206.481012][ T9809]  ? rcu_read_lock_any_held+0xbb/0x160
[  206.481032][ T9809]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  206.481053][ T9809]  ? vfs_write+0xb29/0xd10
[  206.481077][ T9809]  ? ksys_write+0x24e/0x2d0
[  206.481095][ T9809]  ? __mutex_unlock_slowpath+0x229/0x800
[  206.481136][ T9809]  ? ksys_write+0x275/0x2d0
[  206.481161][ T9809]  __x64_sys_sendmmsg+0xa0/0xb0
[  206.481181][ T9809]  do_syscall_64+0xf3/0x230
[  206.481198][ T9809]  ? clear_bhb_loop+0x45/0xa0
[  206.481215][ T9809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.481229][ T9809] RIP: 0033:0x7f0d15f8e169
[  206.481242][ T9809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.481254][ T9809] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  206.481269][ T9809] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169
[  206.481280][ T9809] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c
[  206.481290][ T9809] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000
[  206.481298][ T9809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.481307][ T9809] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8
[  206.481329][ T9809]  </TASK>
[  206.791017][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  206.811238][ T9777] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  207.189492][ T9828] netlink: 'syz.1.1379': attribute type 1 has an invalid length.
[  207.207794][ T9828] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1379'.
[  207.365302][ T9837] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1382'.
[  207.811526][ T9853] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1384'.
[  208.177951][ T9873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1390'.
[  208.206241][ T9873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1390'.
[  208.291832][ T9846] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  208.572213][ T9891] netlink: 'syz.2.1397': attribute type 1 has an invalid length.
[  208.589169][ T9891] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1397'.
[  209.031701][ T9903] vlan2: entered promiscuous mode
[  209.076130][ T9913] netlink: 'syz.2.1406': attribute type 1 has an invalid length.
[  209.100670][ T9913] netlink: 'syz.2.1406': attribute type 4 has an invalid length.
[  209.111495][ T9913] netlink: 15363 bytes leftover after parsing attributes in process `syz.2.1406'.
[  209.400859][ T9933] Â: renamed from pim6reg1
[  209.471669][ T9937] netlink: 'syz.2.1413': attribute type 1 has an invalid length.
[  209.548603][ T9937] 8021q: adding VLAN 0 to HW filter on device bond2
[  209.631456][ T9937] bond2: (slave gretap1): making interface the new active one
[  209.654624][ T9937] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  209.688205][ T9947] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1416'.
[  209.775876][ T9951] netlink: 'syz.4.1418': attribute type 1 has an invalid length.
[  209.810805][ T9951] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1418'.
[  209.838150][ T9954] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1419'.
[  210.109741][ T9958] FAULT_INJECTION: forcing a failure.
[  210.109741][ T9958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.192843][ T9958] CPU: 1 UID: 0 PID: 9958 Comm: syz.1.1420 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  210.192875][ T9958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  210.192888][ T9958] Call Trace:
[  210.192896][ T9958]  <TASK>
[  210.192905][ T9958]  dump_stack_lvl+0x241/0x360
[  210.192942][ T9958]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.192967][ T9958]  ? __pfx__printk+0x10/0x10
[  210.193000][ T9958]  should_fail_ex+0x424/0x570
[  210.193025][ T9958]  _copy_from_user+0x2d/0xb0
[  210.193052][ T9958]  copy_msghdr_from_user+0xb3/0x580
[  210.193084][ T9958]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  210.193122][ T9958]  __sys_sendmmsg+0x361/0x7b0
[  210.193153][ T9958]  ? __pfx___sys_sendmmsg+0x10/0x10
[  210.193202][ T9958]  ? rcu_read_lock_any_held+0xbb/0x160
[  210.193224][ T9958]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  210.193248][ T9958]  ? vfs_write+0xb29/0xd10
[  210.193274][ T9958]  ? ksys_write+0x24e/0x2d0
[  210.193297][ T9958]  ? __mutex_unlock_slowpath+0x229/0x800
[  210.193340][ T9958]  ? ksys_write+0x275/0x2d0
[  210.193367][ T9958]  __x64_sys_sendmmsg+0xa0/0xb0
[  210.193389][ T9958]  do_syscall_64+0xf3/0x230
[  210.193408][ T9958]  ? clear_bhb_loop+0x45/0xa0
[  210.193427][ T9958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.193443][ T9958] RIP: 0033:0x7f219af8e169
[  210.193457][ T9958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.193470][ T9958] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  210.193488][ T9958] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169
[  210.193499][ T9958] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c
[  210.193510][ T9958] RBP: 00007f219bd93090 R08: 0000000000000000 R09: 0000000000000000
[  210.193520][ T9958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.193529][ T9958] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8
[  210.193553][ T9958]  </TASK>
[  210.248174][ T9963] netlink: 'syz.4.1422': attribute type 1 has an invalid length.
[  210.400977][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  210.424575][ T9963] netlink: 208 bytes leftover after parsing attributes in process `syz.4.1422'.
[  210.789453][ T9978] raw_sendmsg: syz.2.1427 forgot to set AF_INET. Fix it!
[  211.022631][ T9981] Illegal XDP return value 3684627025 on prog  (id 505) dev N/A, expect packet loss!
[  211.227959][ T9990] gre1: entered allmulticast mode
[  211.310318][ T9991] vlan4: entered promiscuous mode
[  211.900402][ T5841] Bluetooth: hci3: command 0x0406 tx timeout
[  211.901885][ T5852] Bluetooth: hci1: command 0x0406 tx timeout
[  211.908021][ T5841] Bluetooth: hci2: command 0x0406 tx timeout
[  212.123194][T10034] FAULT_INJECTION: forcing a failure.
[  212.123194][T10034] name failslab, interval 1, probability 0, space 0, times 0
[  212.136074][T10034] CPU: 0 UID: 0 PID: 10034 Comm: syz.2.1444 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  212.136102][T10034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.136116][T10034] Call Trace:
[  212.136124][T10034]  <TASK>
[  212.136140][T10034]  dump_stack_lvl+0x241/0x360
[  212.136178][T10034]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.136208][T10034]  ? __pfx__printk+0x10/0x10
[  212.136241][T10034]  ? __pfx___might_resched+0x10/0x10
[  212.136272][T10034]  should_fail_ex+0x424/0x570
[  212.136304][T10034]  should_failslab+0xac/0x100
[  212.136335][T10034]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  212.136365][T10034]  ? __alloc_skb+0x1c2/0x480
[  212.136393][T10034]  __alloc_skb+0x1c2/0x480
[  212.136424][T10034]  ? __pfx___alloc_skb+0x10/0x10
[  212.136445][T10034]  ? __local_bh_enable_ip+0x168/0x200
[  212.136466][T10034]  ? l2tp_ip_sendmsg+0x36/0x1670
[  212.136487][T10034]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  212.136514][T10034]  sock_wmalloc+0xab/0x120
[  212.136544][T10034]  l2tp_ip_sendmsg+0x1b3/0x1670
[  212.136572][T10034]  ? inet_sendmsg+0x330/0x390
[  212.136605][T10034]  __sock_sendmsg+0x1a6/0x270
[  212.136641][T10034]  ____sys_sendmsg+0x523/0x860
[  212.136679][T10034]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.136724][T10034]  __sys_sendmmsg+0x3a0/0x7b0
[  212.136765][T10034]  ? __pfx___sys_sendmmsg+0x10/0x10
[  212.136833][T10034]  ? rcu_read_lock_any_held+0xbb/0x160
[  212.136861][T10034]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  212.136891][T10034]  ? vfs_write+0xb29/0xd10
[  212.136919][T10034]  ? __lock_acquire+0xad5/0xd80
[  212.136940][T10034]  ? from_kuid+0x211/0x740
[  212.136963][T10034]  ? __pfx_from_kuid+0x10/0x10
[  212.137000][T10034]  ? bpf_trace_run2+0x1fe/0x550
[  212.137029][T10034]  ? bpf_trace_run2+0x39f/0x550
[  212.137084][T10034]  ? trace_sys_enter+0x74/0x120
[  212.137107][T10034]  ? rcu_is_watching+0x15/0xb0
[  212.137144][T10034]  __x64_sys_sendmmsg+0xa0/0xb0
[  212.137174][T10034]  do_syscall_64+0xf3/0x230
[  212.137198][T10034]  ? clear_bhb_loop+0x45/0xa0
[  212.137223][T10034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.137243][T10034] RIP: 0033:0x7f996258e169
[  212.137261][T10034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.137278][T10034] RSP: 002b:00007f996345e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  212.137299][T10034] RAX: ffffffffffffffda RBX: 00007f99627b5fa0 RCX: 00007f996258e169
[  212.137314][T10034] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c
[  212.137327][T10034] RBP: 00007f996345e090 R08: 0000000000000000 R09: 0000000000000000
[  212.137340][T10034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.137352][T10034] R13: 0000000000000000 R14: 00007f99627b5fa0 R15: 00007ffea35a8d18
[  212.137386][T10034]  </TASK>
[  212.436098][T10022] tc_dump_action: action bad kind
[  212.840867][T10051] __nla_validate_parse: 3 callbacks suppressed
[  212.840887][T10051] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1449'.
[  213.047510][T10067] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1454'.
[  213.360492][T10075] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  214.055962][T10103] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1468'.
[  214.221760][T10113] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1470'.
[  214.357414][T10118] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1471'.
[  215.020966][T10141] tc_dump_action: action bad kind
[  215.151098][T10146] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1478'.
[  215.335673][T10154] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1485'.
[  215.420730][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  215.787130][T10165] bridge_slave_0: left allmulticast mode
[  215.818816][T10165] bridge_slave_0: left promiscuous mode
[  215.845440][T10170] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1487'.
[  215.854669][T10165] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.895828][T10165] bridge_slave_1: left allmulticast mode
[  215.945425][T10165] bridge_slave_1: left promiscuous mode
[  215.970701][T10165] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.046243][T10177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1487'.
[  216.101525][T10165] bond0: (slave bond_slave_0): Releasing backup interface
[  216.135972][T10180] netlink: 'syz.3.1492': attribute type 5 has an invalid length.
[  216.145557][T10165] bond_slave_0: left promiscuous mode
[  216.154336][T10165] bond_slave_0: left allmulticast mode
[  216.202945][T10165] bond0: (slave bond_slave_1): Releasing backup interface
[  216.256158][T10165] bond_slave_1: left promiscuous mode
[  216.276303][T10165] bond_slave_1: left allmulticast mode
[  216.325206][T10165] team0: Port device team_slave_0 removed
[  216.378942][T10165] team0: Port device team_slave_1 removed
[  216.401483][T10165] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.429260][T10165] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.463029][T10165] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.486757][T10165] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.509058][T10165] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  216.520189][T10165] batman_adv: batadv0: Removing interface: virt_wifi0
[  216.630246][T10165] vlan2: left promiscuous mode
[  216.635252][T10165] bond0: left promiscuous mode
[  216.651101][T10165] bridge0: port 3(vlan2) entered disabled state
[  216.824340][T10165] batadv1: left allmulticast mode
[  216.829487][T10165] batadv1: left promiscuous mode
[  216.850680][T10165] bridge0: port 4(batadv1) entered disabled state
[  218.936301][T10193] tc_dump_action: action bad kind
[  219.016872][T10198] netlink: 'syz.4.1499': attribute type 1 has an invalid length.
[  219.037339][T10198] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1499'.
[  219.088620][T10200] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1498'.
[  219.229454][T10207] tc_dump_action: action bad kind
[  220.124579][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1506'.
[  220.278907][T10240] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1512'.
[  220.280374][T10238] tc_dump_action: action bad kind
[  220.414542][T10242] netlink: 'syz.2.1511': attribute type 3 has an invalid length.
[  220.426372][T10242] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1511'.
[  220.716395][ T1207] IPVS: starting estimator thread 0...
[  220.830337][T10256] IPVS: using max 30 ests per chain, 72000 per kthread
[  220.881403][T10260] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  220.959291][T10264] netlink: 'syz.4.1520': attribute type 10 has an invalid length.
[  221.215072][T10264] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  221.224135][T10264] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  221.348155][T10275] tc_dump_action: action bad kind
[  221.496722][T10289] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1528'.
[  221.540972][T10289] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1528'.
[  221.848253][T10306] netlink: 'syz.0.1535': attribute type 3 has an invalid length.
[  221.856268][T10306] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1535'.
[  222.001173][T10312] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1538'.
[  222.016278][T10312] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1538'.
[  222.039688][T10312] netlink: 'syz.3.1538': attribute type 16 has an invalid length.
[  222.072801][T10312] netlink: 'syz.3.1538': attribute type 3 has an invalid length.
[  222.229109][T10320] tc_dump_action: action bad kind
[  222.940822][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  222.955752][T10292] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  223.129093][T10350] netlink: 'syz.2.1551': attribute type 1 has an invalid length.
[  223.240581][T10354] netlink: 'syz.4.1553': attribute type 5 has an invalid length.
[  223.309521][T10361] tipc: Started in network mode
[  223.337966][T10361] tipc: Node identity 7, cluster identity 4711
[  223.396353][T10361] tipc: Node number set to 7
[  223.628769][T10361] tipc: Cannot configure node identity twice
[  223.650013][T10376] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  224.155631][T10391] __nla_validate_parse: 5 callbacks suppressed
[  224.155654][T10391] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1566'.
[  224.258917][T10396] tc_dump_action: action bad kind
[  224.939368][T10426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1582'.
[  224.968712][T10426] netlink: 'syz.2.1582': attribute type 9 has an invalid length.
[  224.980217][T10426] netlink: 203172 bytes leftover after parsing attributes in process `syz.2.1582'.
[  225.028523][T10432] netlink: 'syz.3.1580': attribute type 11 has an invalid length.
[  225.044066][T10433] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1579'.
[  225.069397][T10432] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1580'.
[  225.550926][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1588'.
[  225.740321][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  225.814124][T10468] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1594'.
[  225.870864][T10468] delete_channel: no stack
[  225.909253][T10466] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  226.079727][T10474] netlink: 'syz.0.1596': attribute type 1 has an invalid length.
[  226.101860][T10474] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1596'.
[  226.655750][T10501] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1608'.
[  226.764435][T10505] sysfs: cannot create duplicate filename '/class/ieee80211/!å¯!$'
[  226.798735][T10505] CPU: 0 UID: 0 PID: 10505 Comm: syz.4.1609 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  226.798770][T10505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.798784][T10505] Call Trace:
[  226.798792][T10505]  <TASK>
[  226.798802][T10505]  dump_stack_lvl+0x241/0x360
[  226.798843][T10505]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.798874][T10505]  ? __pfx__printk+0x10/0x10
[  226.798903][T10505]  ? kernfs_path_from_node+0x2b/0x250
[  226.798939][T10505]  ? kernfs_path_from_node+0x217/0x250
[  226.798965][T10505]  sysfs_warn_dup+0x8e/0xa0
[  226.798998][T10505]  sysfs_do_create_link_sd+0xbe/0x110
[  226.799036][T10505]  device_add_class_symlinks+0x1c5/0x250
[  226.799072][T10505]  device_add+0x553/0xbf0
[  226.799121][T10505]  wiphy_register+0x193c/0x2660
[  226.799165][T10505]  ? __pfx_wiphy_register+0x10/0x10
[  226.799191][T10505]  ? minstrel_ht_alloc+0x85a/0x950
[  226.799229][T10505]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  226.799284][T10505]  ieee80211_register_hw+0x35e9/0x42d0
[  226.799334][T10505]  ? ieee80211_register_hw+0x1661/0x42d0
[  226.799388][T10505]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  226.799436][T10505]  ? __hrtimer_setup+0x17f/0x200
[  226.799459][T10505]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  226.799492][T10505]  mac80211_hwsim_new_radio+0x2adc/0x4a60
[  226.799553][T10505]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  226.799579][T10505]  ? trace_kmalloc+0x1f/0xd0
[  226.799604][T10505]  ? __kmalloc_node_track_caller_noprof+0x2b2/0x4d0
[  226.799633][T10505]  ? kstrndup+0xbb/0x150
[  226.799669][T10505]  hwsim_new_radio_nl+0xed0/0x2290
[  226.799710][T10505]  ? __pfx___nla_validate_parse+0x10/0x10
[  226.799746][T10505]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  226.799816][T10505]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  226.799856][T10505]  genl_rcv_msg+0xb38/0xf00
[  226.799895][T10505]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.799920][T10505]  ? stack_trace_save+0x11a/0x1d0
[  226.799959][T10505]  ? __pfx_stack_trace_save+0x10/0x10
[  226.799991][T10505]  ? stack_depot_save_flags+0x44/0x940
[  226.800033][T10505]  ? stack_trace_snprint+0x71/0xf0
[  226.800077][T10505]  ? __lock_acquire+0xad5/0xd80
[  226.800099][T10505]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  226.800144][T10505]  netlink_rcv_skb+0x208/0x480
[  226.800167][T10505]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.800195][T10505]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  226.800243][T10505]  ? netlink_deliver_tap+0x2e/0x1b0
[  226.800272][T10505]  genl_rcv+0x28/0x40
[  226.800297][T10505]  netlink_unicast+0x7f8/0x9a0
[  226.800341][T10505]  ? __pfx_netlink_unicast+0x10/0x10
[  226.800375][T10505]  ? skb_put+0x114/0x1f0
[  226.800406][T10505]  netlink_sendmsg+0x8c3/0xcd0
[  226.800445][T10505]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.800473][T10505]  ? aa_sock_msg_perm+0x91/0x160
[  226.800510][T10505]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.800529][T10505]  __sock_sendmsg+0x221/0x270
[  226.800566][T10505]  ____sys_sendmsg+0x523/0x860
[  226.800605][T10505]  ? __pfx_____sys_sendmsg+0x10/0x10
[  226.800630][T10505]  ? __fget_files+0x2a/0x420
[  226.800665][T10505]  ? __fget_files+0x2a/0x420
[  226.800707][T10505]  __sys_sendmsg+0x271/0x360
[  226.800741][T10505]  ? __pfx___sys_sendmsg+0x10/0x10
[  226.800835][T10505]  ? do_syscall_64+0xb6/0x230
[  226.800863][T10505]  do_syscall_64+0xf3/0x230
[  226.800887][T10505]  ? clear_bhb_loop+0x45/0xa0
[  226.800913][T10505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.800944][T10505] RIP: 0033:0x7f0d15f8e169
[  226.800965][T10505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.800982][T10505] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.801016][T10505] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169
[  226.801031][T10505] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000009
[  226.801043][T10505] RBP: 00007f0d16010a68 R08: 0000000000000000 R09: 0000000000000000
[  226.801055][T10505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  226.801067][T10505] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8
[  226.801100][T10505]  </TASK>
[  227.216437][T10511] tc_dump_action: action bad kind
[  227.736868][T10555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1617'.
[  227.980956][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  227.994304][T10500] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  228.150893][T10569] netlink: 'syz.3.1623': attribute type 9 has an invalid length.
[  228.215318][T10573] sysfs: cannot create duplicate filename '/class/ieee80211/!å¯!$'
[  228.230385][T10573] CPU: 0 UID: 0 PID: 10573 Comm: syz.0.1624 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  228.230419][T10573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  228.230433][T10573] Call Trace:
[  228.230441][T10573]  <TASK>
[  228.230450][T10573]  dump_stack_lvl+0x241/0x360
[  228.230500][T10573]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.230530][T10573]  ? __pfx__printk+0x10/0x10
[  228.230557][T10573]  ? kernfs_path_from_node+0x2b/0x250
[  228.230583][T10573]  ? kernfs_path_from_node+0x217/0x250
[  228.230608][T10573]  sysfs_warn_dup+0x8e/0xa0
[  228.230639][T10573]  sysfs_do_create_link_sd+0xbe/0x110
[  228.230674][T10573]  device_add_class_symlinks+0x1c5/0x250
[  228.230708][T10573]  device_add+0x553/0xbf0
[  228.230744][T10573]  wiphy_register+0x193c/0x2660
[  228.230786][T10573]  ? __pfx_wiphy_register+0x10/0x10
[  228.230811][T10573]  ? minstrel_ht_alloc+0x85a/0x950
[  228.230849][T10573]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[  228.230885][T10573]  ieee80211_register_hw+0x35e9/0x42d0
[  228.230933][T10573]  ? ieee80211_register_hw+0x1661/0x42d0
[  228.230975][T10573]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  228.231022][T10573]  ? __hrtimer_setup+0x17f/0x200
[  228.231045][T10573]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  228.231079][T10573]  mac80211_hwsim_new_radio+0x2adc/0x4a60
[  228.231141][T10573]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  228.231166][T10573]  ? trace_kmalloc+0x1f/0xd0
[  228.231191][T10573]  ? __kmalloc_node_track_caller_noprof+0x2b2/0x4d0
[  228.231219][T10573]  ? kstrndup+0xbb/0x150
[  228.231256][T10573]  hwsim_new_radio_nl+0xed0/0x2290
[  228.231298][T10573]  ? __pfx___nla_validate_parse+0x10/0x10
[  228.231337][T10573]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  228.231405][T10573]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  228.231444][T10573]  genl_rcv_msg+0xb38/0xf00
[  228.231488][T10573]  ? __pfx_genl_rcv_msg+0x10/0x10
[  228.231512][T10573]  ? stack_trace_save+0x11a/0x1d0
[  228.231545][T10573]  ? __pfx_stack_trace_save+0x10/0x10
[  228.231576][T10573]  ? stack_depot_save_flags+0x44/0x940
[  228.231600][T10573]  ? stack_trace_snprint+0x71/0xf0
[  228.231645][T10573]  ? __lock_acquire+0xad5/0xd80
[  228.231669][T10573]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  228.231714][T10573]  netlink_rcv_skb+0x208/0x480
[  228.231738][T10573]  ? __pfx_genl_rcv_msg+0x10/0x10
[  228.231767][T10573]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  228.231832][T10573]  ? netlink_deliver_tap+0x2e/0x1b0
[  228.231863][T10573]  genl_rcv+0x28/0x40
[  228.231887][T10573]  netlink_unicast+0x7f8/0x9a0
[  228.231931][T10573]  ? __pfx_netlink_unicast+0x10/0x10
[  228.231967][T10573]  ? skb_put+0x114/0x1f0
[  228.231998][T10573]  netlink_sendmsg+0x8c3/0xcd0
[  228.232037][T10573]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.232065][T10573]  ? aa_sock_msg_perm+0x91/0x160
[  228.232102][T10573]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.232122][T10573]  __sock_sendmsg+0x221/0x270
[  228.232159][T10573]  ____sys_sendmsg+0x523/0x860
[  228.232198][T10573]  ? __pfx_____sys_sendmsg+0x10/0x10
[  228.232222][T10573]  ? __fget_files+0x2a/0x420
[  228.232258][T10573]  ? __fget_files+0x2a/0x420
[  228.232302][T10573]  __sys_sendmsg+0x271/0x360
[  228.232347][T10573]  ? __pfx___sys_sendmsg+0x10/0x10
[  228.232371][T10573]  ? from_kuid+0x211/0x740
[  228.232428][T10573]  ? __pfx_bpf_trace_run2+0x10/0x10
[  228.232477][T10573]  ? trace_sys_enter+0x74/0x120
[  228.232519][T10573]  ? rcu_is_watching+0x15/0xb0
[  228.232547][T10573]  ? trace_sys_enter+0x25/0x120
[  228.232577][T10573]  do_syscall_64+0xf3/0x230
[  228.232601][T10573]  ? clear_bhb_loop+0x45/0xa0
[  228.232627][T10573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.232648][T10573] RIP: 0033:0x7f84aed8e169
[  228.232669][T10573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.232686][T10573] RSP: 002b:00007f84afb74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  228.232710][T10573] RAX: ffffffffffffffda RBX: 00007f84aefb5fa0 RCX: 00007f84aed8e169
[  228.232726][T10573] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000009
[  228.232740][T10573] RBP: 00007f84aee10a68 R08: 0000000000000000 R09: 0000000000000000
[  228.232754][T10573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  228.232767][T10573] R13: 0000000000000000 R14: 00007f84aefb5fa0 R15: 00007ffc87d985a8
[  228.232804][T10573]  </TASK>
[  229.117325][T10595] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  229.207070][T10607] netlink: 'syz.3.1638': attribute type 5 has an invalid length.
[  229.233452][T10607] __nla_validate_parse: 133 callbacks suppressed
[  229.233475][T10607] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1638'.
[  229.255116][T10607] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  229.498344][T10619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1641'.
[  229.587232][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1643'.
[  229.602521][T10622] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1645'.
[  230.675282][T10662] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1656'.
[  231.081526][T10682] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1665'.
[  231.180441][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  231.187311][T10644] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  231.250363][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1669'.
[  231.916941][T10718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1678'.
[  231.919753][T10720] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1680'.
[  232.317750][T10733] x_tables: duplicate underflow at hook 2
[  233.629667][T10787] tc_dump_action: action bad kind
[  233.806694][T10793] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1708'.
[  233.897337][T10798] netlink: 'syz.2.1710': attribute type 1 has an invalid length.
[  234.368176][T10827] tc_dump_action: action bad kind
[  234.768345][T10838] syz.1.1724: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  234.800193][T10838] CPU: 0 UID: 0 PID: 10838 Comm: syz.1.1724 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  234.800227][T10838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.800241][T10838] Call Trace:
[  234.800249][T10838]  <TASK>
[  234.800258][T10838]  dump_stack_lvl+0x241/0x360
[  234.800297][T10838]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.800326][T10838]  ? __pfx__printk+0x10/0x10
[  234.800354][T10838]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  234.800385][T10838]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  234.800414][T10838]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  234.800446][T10838]  warn_alloc+0x27c/0x410
[  234.800465][T10838]  ? is_mmconf_reserved+0x3a1/0x3f0
[  234.800487][T10838]  ? __vmalloc_node_range_noprof+0x108/0x1390
[  234.800519][T10838]  ? __pfx_warn_alloc+0x10/0x10
[  234.800541][T10838]  ? kasan_save_track+0x3f/0x80
[  234.800561][T10838]  ? __kasan_kmalloc+0x9d/0xb0
[  234.800585][T10838]  ? xsk_setsockopt+0x449/0x840
[  234.800614][T10838]  ? do_sock_setsockopt+0x3b1/0x710
[  234.800637][T10838]  ? __x64_sys_setsockopt+0x1ee/0x280
[  234.800660][T10838]  ? do_syscall_64+0xf3/0x230
[  234.800679][T10838]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.800711][T10838]  __vmalloc_node_range_noprof+0x128/0x1390
[  234.800777][T10838]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  234.800815][T10838]  ? __kasan_kmalloc+0x9d/0xb0
[  234.800845][T10838]  vmalloc_user_noprof+0x74/0x80
[  234.800877][T10838]  ? xskq_create+0xb6/0x170
[  234.800894][T10838]  xskq_create+0xb6/0x170
[  234.800917][T10838]  xsk_init_queue+0xa1/0x100
[  234.800953][T10838]  xsk_setsockopt+0x449/0x840
[  234.800987][T10838]  ? __pfx_xsk_setsockopt+0x10/0x10
[  234.801015][T10838]  ? attach_type_to_prog_type+0x395/0x460
[  234.801041][T10838]  ? __pfx_aa_sk_perm+0x10/0x10
[  234.801071][T10838]  ? aa_sock_opt_perm+0x79/0x120
[  234.801105][T10838]  ? __pfx_xsk_setsockopt+0x10/0x10
[  234.801135][T10838]  do_sock_setsockopt+0x3b1/0x710
[  234.801167][T10838]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  234.801196][T10838]  ? __fget_files+0x2a/0x420
[  234.801231][T10838]  ? __fget_files+0x39d/0x420
[  234.801260][T10838]  ? __fget_files+0x2a/0x420
[  234.801299][T10838]  __x64_sys_setsockopt+0x1ee/0x280
[  234.801333][T10838]  do_syscall_64+0xf3/0x230
[  234.801357][T10838]  ? clear_bhb_loop+0x45/0xa0
[  234.801381][T10838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.801402][T10838] RIP: 0033:0x7f219af8e169
[  234.801420][T10838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.801438][T10838] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  234.801461][T10838] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169
[  234.801476][T10838] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  234.801488][T10838] RBP: 00007f219b010a68 R08: 0000000000000004 R09: 0000000000000000
[  234.801501][T10838] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  234.801513][T10838] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8
[  234.801547][T10838]  </TASK>
[  234.801555][T10838] Mem-Info:
[  235.158348][T10838] active_anon:12307 inactive_anon:0 isolated_anon:0
[  235.158348][T10838]  active_file:1908 inactive_file:38369 isolated_file:0
[  235.158348][T10838]  unevictable:768 dirty:281 writeback:0
[  235.158348][T10838]  slab_reclaimable:10555 slab_unreclaimable:98989
[  235.158348][T10838]  mapped:31814 shmem:7162 pagetables:778
[  235.158348][T10838]  sec_pagetables:0 bounce:0
[  235.158348][T10838]  kernel_misc_reclaimable:0
[  235.158348][T10838]  free:1332513 free_pcp:3238 free_cma:0
[  235.300113][T10838] Node 0 active_anon:45128kB inactive_anon:0kB active_file:7632kB inactive_file:153400kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115656kB dirty:1124kB writeback:0kB shmem:23312kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12664kB pagetables:2912kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  235.397846][T10838] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  235.486528][T10838] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  235.553262][T10838] lowmem_reserve[]: 0 2487 2487 2487 2487
[  235.565766][T10838] Node 0 DMA32 free:1435000kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:26020kB inactive_anon:0kB active_file:7632kB inactive_file:153300kB unevictable:1536kB writepending:1124kB present:3129332kB managed:2547412kB mlocked:0kB bounce:0kB free_pcp:5276kB local_pcp:4492kB free_cma:0kB
[  235.619135][T10838] lowmem_reserve[]: 0 0 0 0 0
[  235.624372][T10838] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:100kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  235.651498][T10838] lowmem_reserve[]: 0 0 0 0 0
[  235.656273][T10838] Node 1 Normal free:3912136kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  235.719918][T10838] lowmem_reserve[]: 0 0 0 0 0
[  235.747789][T10862] tc_dump_action: action bad kind
[  235.756916][T10860] __nla_validate_parse: 3 callbacks suppressed
[  235.756936][T10860] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1741'.
[  235.762238][T10838] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  235.834996][T10838] Node 0 DMA32: 828*4kB (UME) 748*8kB (UME) 426*16kB (UME) 369*32kB (UME) 216*64kB (UME) 102*128kB (UME) 51*256kB (UME) 32*512kB (UME) 27*1024kB (UM) 8*2048kB (UM) 320*4096kB (UM) = 1438992kB
[  235.884729][T10838] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  235.906568][T10838] Node 1 Normal: 226*4kB (UE) 54*8kB (UME) 39*16kB (UME) 207*32kB (UME) 91*64kB (UME) 33*128kB (UM) 15*256kB (UM) 7*512kB (UME) 3*1024kB (UME) 4*2048kB (UE) 946*4096kB (M) = 3912136kB
[  235.946170][T10838] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  235.962036][T10838] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  235.971553][T10838] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  235.982436][T10838] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  235.992189][T10838] 41739 total pagecache pages
[  235.997028][T10838] 0 pages in swap cache
[  236.001915][T10838] Free swap  = 124996kB
[  236.006719][T10838] Total swap = 124996kB
[  236.017405][T10838] 2097051 pages RAM
[  236.021375][T10838] 0 pages HighMem/MovableOnly
[  236.026167][T10838] 428540 pages reserved
[  236.031510][T10838] 0 pages cma reserved
[  236.643482][T10897] erspan0: mtu less than device minimum
[  236.658836][T10906] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1752'.
[  236.816988][T10911] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1751'.
[  237.400859][T10942] 
[  237.403249][T10942] ======================================================
[  237.410286][T10942] WARNING: possible circular locking dependency detected
[  237.417318][T10942] 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 Not tainted
[  237.424433][T10942] ------------------------------------------------------
[  237.431459][T10942] syz.2.1764/10942 is trying to acquire lock:
[  237.437528][T10942] ffff88805cf20aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x35/0xda0
[  237.448258][T10942] 
[  237.448258][T10942] but task is already holding lock:
[  237.455624][T10942] ffff88805cf20258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530
[  237.464439][T10942] 
[  237.464439][T10942] which lock already depends on the new lock.
[  237.464439][T10942] 
[  237.474843][T10942] 
[  237.474843][T10942] the existing dependency chain (in reverse order) is:
[  237.483860][T10942] 
[  237.483860][T10942] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}:
[  237.491517][T10942]        lock_acquire+0x116/0x2f0
[  237.496588][T10942]        lock_sock_nested+0x48/0x100
[  237.501888][T10942]        do_ip_setsockopt+0x17e9/0x39c0
[  237.507444][T10942]        ip_setsockopt+0x63/0x100
[  237.512476][T10942]        do_sock_setsockopt+0x3b1/0x710
[  237.518034][T10942]        __x64_sys_setsockopt+0x1ee/0x280
[  237.523759][T10942]        do_syscall_64+0xf3/0x230
[  237.528791][T10942]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.535212][T10942] 
[  237.535212][T10942] -> #1 (rtnl_mutex){+.+.}-{4:4}:
[  237.542452][T10942]        lock_acquire+0x116/0x2f0
[  237.547481][T10942]        __mutex_lock+0x1a5/0x10c0
[  237.552597][T10942]        do_ip_setsockopt+0x10f0/0x39c0
[  237.558153][T10942]        ip_setsockopt+0x63/0x100
[  237.563185][T10942]        smc_setsockopt+0x25c/0xd50
[  237.568386][T10942]        do_sock_setsockopt+0x3b1/0x710
[  237.573952][T10942]        __x64_sys_setsockopt+0x1ee/0x280
[  237.579680][T10942]        do_syscall_64+0xf3/0x230
[  237.584714][T10942]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.591136][T10942] 
[  237.591136][T10942] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  237.599756][T10942]        validate_chain+0xa69/0x24e0
[  237.605051][T10942]        __lock_acquire+0xad5/0xd80
[  237.610252][T10942]        lock_acquire+0x116/0x2f0
[  237.615280][T10942]        __mutex_lock+0x1a5/0x10c0
[  237.620401][T10942]        smc_switch_to_fallback+0x35/0xda0
[  237.626211][T10942]        smc_sendmsg+0x11f/0x530
[  237.631151][T10942]        __sock_sendmsg+0x221/0x270
[  237.636363][T10942]        __sys_sendto+0x365/0x4c0
[  237.641406][T10942]        __x64_sys_sendto+0xde/0x100
[  237.646698][T10942]        do_syscall_64+0xf3/0x230
[  237.651733][T10942]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.658154][T10942] 
[  237.658154][T10942] other info that might help us debug this:
[  237.658154][T10942] 
[  237.668400][T10942] Chain exists of:
[  237.668400][T10942]   &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET
[  237.668400][T10942] 
[  237.681980][T10942]  Possible unsafe locking scenario:
[  237.681980][T10942] 
[  237.689427][T10942]        CPU0                    CPU1
[  237.694790][T10942]        ----                    ----
[  237.700151][T10942]   lock(sk_lock-AF_INET);
[  237.704573][T10942]                                lock(rtnl_mutex);
[  237.711082][T10942]                                lock(sk_lock-AF_INET);
[  237.718038][T10942]   lock(&smc->clcsock_release_lock);
[  237.723419][T10942] 
[  237.723419][T10942]  *** DEADLOCK ***
[  237.723419][T10942] 
[  237.731562][T10942] 1 lock held by syz.2.1764/10942:
[  237.736674][T10942]  #0: ffff88805cf20258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530
[  237.745914][T10942] 
[  237.745914][T10942] stack backtrace:
[  237.751800][T10942] CPU: 1 UID: 0 PID: 10942 Comm: syz.2.1764 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) 
[  237.751823][T10942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  237.751834][T10942] Call Trace:
[  237.751843][T10942]  <TASK>
[  237.751851][T10942]  dump_stack_lvl+0x241/0x360
[  237.751877][T10942]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.751902][T10942]  ? __pfx__printk+0x10/0x10
[  237.751925][T10942]  ? print_lock+0x171/0x1a0
[  237.751945][T10942]  print_circular_bug+0x2e1/0x300
[  237.751969][T10942]  check_noncircular+0x142/0x160
[  237.751993][T10942]  validate_chain+0xa69/0x24e0
[  237.752019][T10942]  ? look_up_lock_class+0x7b/0x170
[  237.752038][T10942]  ? register_lock_class+0x54/0x330
[  237.752055][T10942]  __lock_acquire+0xad5/0xd80
[  237.752075][T10942]  lock_acquire+0x116/0x2f0
[  237.752090][T10942]  ? smc_switch_to_fallback+0x35/0xda0
[  237.752112][T10942]  __mutex_lock+0x1a5/0x10c0
[  237.752130][T10942]  ? smc_switch_to_fallback+0x35/0xda0
[  237.752147][T10942]  ? futex_wait_queue+0x31/0x1f0
[  237.752162][T10942]  ? futex_unqueue+0xcb/0xf0
[  237.752187][T10942]  ? smc_switch_to_fallback+0x35/0xda0
[  237.752203][T10942]  ? __pfx___mutex_lock+0x10/0x10
[  237.752225][T10942]  ? __local_bh_enable_ip+0x168/0x200
[  237.752240][T10942]  ? lockdep_hardirqs_on+0x9d/0x150
[  237.752258][T10942]  ? __local_bh_enable_ip+0x168/0x200
[  237.752274][T10942]  smc_switch_to_fallback+0x35/0xda0
[  237.752290][T10942]  ? do_raw_spin_unlock+0x13c/0x8b0
[  237.752317][T10942]  smc_sendmsg+0x11f/0x530
[  237.752334][T10942]  ? __pfx_smc_sendmsg+0x10/0x10
[  237.752348][T10942]  __sock_sendmsg+0x221/0x270
[  237.752376][T10942]  __sys_sendto+0x365/0x4c0
[  237.752396][T10942]  ? __pfx___sys_sendto+0x10/0x10
[  237.752414][T10942]  ? do_futex+0x37c/0x5a0
[  237.752453][T10942]  __x64_sys_sendto+0xde/0x100
[  237.752472][T10942]  do_syscall_64+0xf3/0x230
[  237.752507][T10942]  ? clear_bhb_loop+0x45/0xa0
[  237.752526][T10942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.752543][T10942] RIP: 0033:0x7f996258e169
[  237.752558][T10942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.752573][T10942] RSP: 002b:00007f996345e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  237.752590][T10942] RAX: ffffffffffffffda RBX: 00007f99627b5fa0 RCX: 00007f996258e169
[  237.752602][T10942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  237.752612][T10942] RBP: 00007f9962610a68 R08: 0000200000e68000 R09: 0000000000000010
[  237.752624][T10942] R10: 00000000200007fd R11: 0000000000000246 R12: 0000000000000000
[  237.752634][T10942] R13: 0000000000000000 R14: 00007f99627b5fa0 R15: 00007ffea35a8d18
[  237.752658][T10942]  </TASK>
[  237.756384][T10940] tc_dump_action: action bad kind
[  238.026803][T10943] tc_dump_action: action bad kind