last executing test programs:

2.402712586s ago: executing program 3 (id=8430):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000180)="a231", 0x2}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x40)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="d80000001c0081064e81f782db44b9040a1d08040000000000000aa1180002000607002603600e12080b0f0000810401a8001605200001400200000803604e0cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a700f4090000001fb791643a5ee422fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef5d2defd5ccae8d3fb7c27a1059ae31c60e2234d732", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x2c, &(0x7f00000001c0), 0x4)

2.35825139s ago: executing program 3 (id=8431):
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000480)="aa1953d3", 0x4}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0xc800)
r0 = socket$packet(0x11, 0x3, 0x300)
bind(r0, &(0x7f0000000600)=@pppoe={0x18, 0x0, {0x1, @remote, 'macvlan0\x00'}}, 0x80)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x100, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="5000000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="000000000800000900000000000000006d6163766c616e000c0002800800010008000000140035006d6163766c616e300000000000000000"], 0x50}}, 0x8000)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0xfff3}, {}, {0x9, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_HDR={0x4, 0x1, {{0x5, 0x6}, {0x5, 0x40}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000), 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x405, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000740)=[{{&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @initdev}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000100)=""/216, 0xd8}, {&(0x7f0000000200)=""/86, 0x56}, {&(0x7f0000000300)=""/145, 0x91}], 0x3, &(0x7f00000003c0)=""/146, 0x92}, 0x2}, {{&(0x7f00000007c0)=@alg, 0x80, &(0x7f0000000600)=[{&(0x7f0000000540)=""/135, 0x87}], 0x1, &(0x7f0000000640)=""/200, 0xc8}, 0x3}], 0x2, 0x2, 0x0)
r7 = socket(0x5, 0x2, 0xaf)
accept4$phonet_pipe(r7, 0x0, &(0x7f0000000040), 0x80000)

2.078599524s ago: executing program 3 (id=8438):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000400f2000000000009000000850000000f000000850000000700000095"], &(0x7f0000000340)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r4, &(0x7f0000000040)={0x23, 0x14}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3edd584e59d2256b6700000000fedbdf2500007400", @ANYRES32=r2, @ANYBLOB="00080000075005001c0012800b00010062726964676500000c0002800600270001040000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$rose(r5, &(0x7f0000000300)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
unshare(0x6a040000)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r6, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @mcast1, 0x8}, {0xa, 0x0, 0xfffffffd, @private2, 0x6}, 0x0, {[0x6, 0x200, 0x1, 0xfffffefc, 0x2d, 0x1, 0x0, 0x200003]}}, 0x5c)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r7, &(0x7f00000005c0)=ANY=[@ANYBLOB="020086dd0300000000003000000060ec970012302c00fe8000000000000000000000000000aaff0200000000000000000000000000013a"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.031514596s ago: executing program 4 (id=8439):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = socket$kcm(0x11, 0xa, 0x300)
ioctl$SIOCSIFHWADDR(r1, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="c3000e000300"})
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000008d8a3cce4c795046000100851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608ffff0000100018000000000000000000000000000a009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYRESOCT=r3], 0x3261e)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
getsockopt$IP_SET_OP_GET_BYNAME(0xffffffffffffffff, 0x1, 0x53, 0x0, &(0x7f0000000380))
sendto$x25(r3, &(0x7f0000000140)="e2609675b970978b726919123caa7b28496d3abf4020d587434c02efee5abe302f4611ef48ed60acd4eeb2532d85cba913d9eed2fa57ea2c3780578b28e497d9a49a195ed52b1f81d066bcce5e70098e63772fbbc26aa3408e18d51708f6bb42555a38c27faaf55de46dc0bb9a10", 0x6e, 0x8000, &(0x7f0000000200), 0x12)

1.936755138s ago: executing program 4 (id=8442):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x10, 0x1, 0x0, 0x1, [@typed={0x4, 0x1c}, @typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
socket(0x14, 0x2, 0x4)
close(0x4)

1.389862778s ago: executing program 1 (id=8449):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x24004000}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="1c0000001800019587a40500000000000a001400fe04ff06"], 0x1c}, 0x1, 0x0, 0x0, 0x8811}, 0x800)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c000020f9249db5084f918e39001a0002c3390000000008001900ac14"], 0x2c}, 0x1, 0x0, 0x0, 0x40040d3}, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r1, 0x28, 0x6, &(0x7f0000000100)={0x0, 0xea60}, 0x10)
connect$vsock_stream(r1, &(0x7f0000000300)={0x28, 0x0, 0xffffffff}, 0x10)
connect$vsock_stream(r1, 0x0, 0x0)
connect$vsock_stream(r1, &(0x7f00000002c0)={0x28, 0x0, 0x2711, @hyper}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000680)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x14, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

1.330406146s ago: executing program 2 (id=8450):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0xffff, 0x6}, {0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x10, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xb410b16a171c0866}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x10448)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b928, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x240040e0}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="7f2400fd", @ANYRES16=r7, @ANYBLOB="010000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000800000000000800020001000000"], 0x2c}}, 0x0)
sendmsg$GTP_CMD_GETPDP(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r7, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@GTPA_O_TEI={0x8, 0x9, 0x3}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_LINK={0x8, 0x1, r3}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_FLOW={0x6, 0x6, 0x3}]}, 0x3c}}, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x4, 0x8, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x4, &(0x7f0000000380)={{r9}, &(0x7f0000000300), 0x0}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000200000000000000010000840010000000000000020000000300000000000000000000066c0000000000f03a6b2078065a1643008d129db4ac64db4f466526d4a78402c3bda1f92ee691acf2f05e1ca584a16a87a1b7de90a9fd501afebae2ba5201b276487df6b05d238895f5dac0ec7976ccfc1b09fa220660f4916fc9fd91d43994fd277d8c"], 0x0, 0x3e, 0x0, 0x1}, 0x28)
r10 = socket$packet(0x11, 0x3, 0x300)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, 0x0, 0x4040000)
sendto$packet(r10, &(0x7f0000000240)="800000800000210ee7decd7a0000", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r8, 0x1, 0xd8, 0x6, @broadcast}, 0x14)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)

1.323505347s ago: executing program 4 (id=8451):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000640)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELFLOWTABLE={0x20, 0x18, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x8c, 0x3, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_HOOK={0x64, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1c975ab2}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_bridge\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_DEV={0x14, 0x3, 'ip6gretap0\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x266f6ca1}]}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x0, 0x0, 0x0, {0xa, 0x0, 0x5}}, @NFT_MSG_NEWSETELEM={0x2c, 0xc, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWCHAIN={0x60, 0x3, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_CHAIN_COUNTERS={0x4c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffff9}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x81}, @NFTA_COUNTER_BYTES={0xc}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x2}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_NEWTABLE={0x38, 0x0, 0xa, 0x6, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_TABLE_USERDATA={0x22, 0x6, "cdb96d588a11571d4a5363fb1c9760dc16d838c9484a09e9553ff8040ecb"}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x8}, @NFT_OBJECT_CT_HELPER=@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x1f8}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000380)={'wlan1\x00', 0x8000})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)}], 0x1}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r10, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r10, &(0x7f0000000600)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r11, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
r12 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000001000000000000008000200095"], &(0x7f00000001c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$IPSET_CMD_ADD(r10, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000900)=ANY=[@ANYBLOB="74000000090601020000000000000000000000015800078008000b407fffffff1800148014000240fe80000000000000000000000000003a0800ffffffff000a08001c400001000105001500011d354c0d992c730d4d1276c553ade1e100000008000640000000030c00148008000140e00000010500295a411400000800094041190002"], 0x74}, 0x1, 0x0, 0x0, 0x20008090}, 0x20000810)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r12, r11}, 0x14)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c00000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="0000000006100000140012800b00010062726964676500000400028008000a00", @ANYRES32=r11], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)
r13 = socket$pppoe(0x18, 0x1, 0x0)
sendmmsg(r13, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r14, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r15, @ANYBLOB="01002dbd0600ffdbdb", @ANYRES32, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}}, 0x28000)

1.174266724s ago: executing program 3 (id=8452):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r0, &(0x7f00000005c0)="04", 0x1, 0x98, &(0x7f0000000140)={0xa, 0x4e22, 0xff7ffff9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x100000}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000006c0)={0x0, 0x8, 0x3}, 0x8)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r1, 0x5)
accept(r1, 0x0, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000000)={<r3=>0x0, 0x2}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000080)={r3, @in={{0x2, 0x4e20, @loopback}}, 0x2, 0xfd31}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0)
shutdown(r1, 0x0)

1.171461797s ago: executing program 1 (id=8453):
r0 = socket(0x200000000000011, 0x2, 0xd)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, r2, 0x1, 0x0, 0x6, @random="510800db9de1"}, 0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1, 0xf, 0x5, 0x7, 0xc1}, 0x50)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
bind$inet6(r8, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @empty}, 0x1c)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r9, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
bind$inet6(r9, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
close(0x4)
ioctl$HCIINQUIRY(r7, 0x400448df, &(0x7f0000000040)={0x0, 0x0, '\x00\b\x00'})
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r10, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x480, @dev={0xac, 0x14, 0x14, 0x37}}})
ioctl$sock_inet_SIOCSIFADDR(r10, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @broadcast}})
ioctl$sock_inet_SIOCSIFADDR(r10, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e21, @empty}})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000100), 0x3f, r6}, 0x38)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x5c, r5, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x24, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)={0x18c, r5, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x28, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xb}, @TIPC_NLA_NODE_REKEYING={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_LINK={0x38, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}, @TIPC_NLA_MEDIA={0xc4, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x138}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7c1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7aec}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8b6a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}]}]}, 0x18c}, 0x1, 0x0, 0x0, 0x20010}, 0x840)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r3, 0x1, 0x0, 0x6, @multicast}, 0x23)
bind$packet(r1, &(0x7f0000000080)={0x11, 0x6, 0x0, 0x1, 0x0, 0x6, @random="0e6372e3671a"}, 0x14)

1.073918914s ago: executing program 0 (id=8454):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x800)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x5c, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x30, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}, {0x14, 0x1, 'team_slave_1\x00'}]}]}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}}], {0x14}}, 0x98}}, 0x24040884)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8, 0x1, 0x7}}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=<r5=>0xffffffffffffffff, 0x35, 0x0, 0x6, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[0x0, 0x0, 0x0], <r6=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRESDEC=0x0, @ANYRESDEC=r4, @ANYRESDEC=r0, @ANYRES32, @ANYRES32, @ANYRESOCT, @ANYRESDEC=r5], 0x20)
r7 = bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@fallback, 0xffffffffffffffff, 0x37, 0x2000, 0x0, @value=r7, @void, @void, @void, r6}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x15, 0x4, 0xb, 0x6, 0x4, 0xffffffffffffffff, 0x2, '\x00', 0x0, r5, 0x4, 0x1, 0x5}, 0x50)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r8, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB="8e3cb801d96a4797cd610fc50e49956081ac69bcfb02f1e4a8121d9d60f4d265702e84e99c00000000", @ANYRES64=r6], 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)={@map=r9, 0xffffffffffffffff, 0x33, 0x10, 0x0, @void, @value, @void, @void, r6}, 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000002c0)=ANY=[@ANYRES32=r8, @ANYRES32, @ANYBLOB="1600003eed9ae727fa29fd3a524e3c75930000000000", @ANYRES32, @ANYRES64=r6], 0x20)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={<r10=>0xffffffffffffffff, 0x8, 0x4, 0x8})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r10, 0xffffffffffffffff, 0x14, 0x20, 0xffffffffffffffff, @void, @void, @void, @value=0xffffffffffffffff, r6}, 0x20)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000300000000000000000000850000006d00000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000740)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)={@map=r11, 0xffffffffffffffff, 0x34, 0x4, 0x0, @void, @value=r12, @void, @void, r6}, 0x20)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, 0x0)
sendmsg$NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRESHEX=r3, @ANYRES16=r0, @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x2044001}, 0xc0)

1.048877729s ago: executing program 1 (id=8455):
socket$inet_udp(0x2, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/ipc\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c000000180001002bbd7000fddbdf2502148004fe03fe0300260000080005006401010008000b00ad"], 0x2c}, 0x1, 0x0, 0x0, 0x24040090}, 0x8040)
unshare(0x6a040000)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@delchain={0x24, 0x5f, 0x333, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xb, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
socket$nl_audit(0x10, 0x3, 0x9)

1.011787105s ago: executing program 3 (id=8456):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0)

935.601013ms ago: executing program 2 (id=8457):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r1, 0x1)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0xfffffffe, @empty, 0x3}, 0x1c)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @empty, 0x8}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x1200}, [@IFLA_ADDRESS={0xa, 0x1, @broadcast}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macsec0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000801}, 0x40008)
sendmmsg$inet6(r1, &(0x7f0000001280)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x8, @empty, 0xfffffffe}, 0x1c, 0x0}}, {{&(0x7f0000000300)={0xa, 0x4e23, 0x10, @loopback, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000940)}}], 0x3, 0x240c089d)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r3, 0x1)
bind$inet6(r3, &(0x7f0000000240)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x2, @empty, 0xfffffffe}, 0x1c, 0x0}}], 0x1, 0x20080058)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x8002)

924.847226ms ago: executing program 0 (id=8458):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x3, 0x0, 0xffff, 0x5027, 0x3, 0x2}, {0x7, 0x2, 0x5, 0x5, 0xc, 0x7}, 0x9, 0x770, 0x94}}, @TCA_TBF_RTAB={0x404, 0x2, [0xd, 0x81, 0x101, 0x6, 0x7, 0x8, 0xa, 0x3, 0x6a49, 0x101, 0x200, 0x8, 0x3, 0x2, 0xfffffffd, 0x9, 0xe, 0x5, 0x3, 0x2, 0x6, 0x80000000, 0x3e4a, 0x80, 0x100, 0x7, 0x79d, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x10, 0x100, 0x10000, 0x1, 0xa, 0x8, 0xffffffff, 0x8, 0x10, 0x1, 0x4, 0x400, 0x2, 0x4, 0x7ff, 0x5, 0x96, 0x100, 0xe, 0x0, 0x9, 0x5ab0, 0xc, 0x3, 0xffffffff, 0x2, 0xc, 0x2, 0x9, 0x40, 0xc, 0x6, 0xfffffff8, 0x4, 0x1, 0x40, 0x2, 0x4, 0x101, 0x8, 0x6, 0x2, 0x0, 0xc0, 0x2, 0x311, 0x9, 0x9, 0x3, 0xd70, 0x8, 0x3, 0x3ff, 0x2, 0x3, 0xfffffffa, 0x3, 0x7, 0x2, 0x0, 0x2, 0x3, 0x71, 0x6, 0x200, 0x4, 0xc, 0xe0e, 0x0, 0xa, 0x3, 0xacb7, 0xe, 0x3, 0x800, 0x80, 0x6, 0xffffffff, 0x323, 0x8, 0x8, 0xfffffff8, 0x8a52c200, 0x101, 0xc5, 0x1, 0x9, 0x0, 0xd92, 0x0, 0x8, 0x5, 0x200, 0x7, 0x6, 0xae4d, 0x40, 0x9, 0x9b, 0x5, 0xf, 0xcd0, 0x8, 0x1, 0x5, 0x400, 0xb3, 0xfffffffc, 0x2, 0xff, 0x3, 0x4, 0x7, 0x4c63e723, 0x2, 0x80, 0x6, 0xffff8000, 0x0, 0x0, 0x8, 0x6, 0x71fe, 0x4b3f, 0xfffffffc, 0x6, 0x1e, 0x3, 0x9, 0x2, 0x8, 0x8, 0x6, 0x9, 0x80, 0x2, 0x32f9, 0xad8, 0xfffffffe, 0x7fffffff, 0x10000, 0x69f9, 0xba4594a8, 0x1000, 0x4, 0x2, 0x14a1, 0x7e0, 0x74, 0x2, 0x100, 0x4, 0x5, 0x9237, 0x40, 0x9, 0x4, 0x0, 0x7, 0x0, 0xf93d, 0x80000000, 0x0, 0x10, 0x5, 0x7, 0x6, 0xfffffffb, 0x1, 0x3, 0x2, 0x1, 0x7, 0x88, 0x5, 0x9, 0x7, 0x0, 0x1, 0x2, 0x7fff, 0x7, 0xfffff000, 0x33a, 0x7, 0x9, 0x0, 0x2, 0x7, 0x4, 0x8c3, 0x1, 0xb76, 0x7, 0x6, 0x1, 0x2, 0x8, 0x6, 0x800, 0x49, 0x3, 0x6, 0xe8, 0x8, 0xfffffff9, 0x7993, 0x0, 0x6a, 0x1583, 0x2, 0x1e08fcac, 0xe4, 0x5, 0x6, 0x1, 0x1000, 0x16e, 0x0, 0x6, 0x2, 0x7, 0x8, 0x9]}]}}]}, 0x45c}}, 0x40) (fail_nth: 3)

923.870193ms ago: executing program 4 (id=8459):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
unshare(0x6a040000)
r0 = socket(0x8, 0x3, 0x3)
ioctl$sock_netrom_SIOCADDRT(r0, 0x6180, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8000000edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db76cf059f40fa2640b6bfb74dd35391b8fa18479da9f4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847db97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ccfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000000000000000000003ba34b611569a451564d3a5400f9097ffe7a37e765be352be71ee24250d6828562c7e24cb763062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89a0000bde05c114e7a020fc1a5fd3eeeb822008b2d7d1cc062b51b0aca4956b557e51a1385cc572b0074b0950fb1437de2590bf99ec7ceb69e1fe2465fce099c992d57b804a22e148ae3411523814aee03ee2df877edfabf4aa94f07c6fdd127e57a8bf7975f2e606c25a299980a6e52fcf7849d45bb38573fbba8afef1aa7a24c805f7aee3e39a3000000000000000000000000000000000000878f88c4742ac490951c36c610a0d266588ec6a0bd300cf160b5a5d9e9fafa49ecc8430832d795e727b7fc2b76e7fc4141fdbb82f45d3cdd3fb8d4b443ab4954fdf5c1b9a6ab3e457f098329307ccb0a1989b6c37509692e952e7244f48bc12569ff8eb30d0f887b85b5ef44fb9a7571319190be0c226ed72f346cc4aa071ae0c72fa8bd00d5590c4f4ba65d0c8e1f4870fe3c414681e41b40163eb1aa2a7429a2208cd6e69c7d959e87da3fd0101159a03ab7fe78881ee7a1ee7a2edff75fb18a181e0c54352be2b7a5b5273198291c28d9141deeb3cdba5d414ae4b0000000000000000000000000009eacd83458d8a606be71970497a4fd4ca3b48ca482ab3804e2fac216b3ba613608b1a465456a33fd08491d337d7344c01cfc9e73"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="77d2bcbdedb6eddc072584bc4ed3", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$xdp(0x2c, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0xe, &(0x7f0000000800)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000050000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c061c6238975d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d076feafa22f0610a70f2bdf4000200000000b0c2c1254f0963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b5887437a172ebc02a740694298b79dc194e533583412dff048fc21f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be033c9d2f972cc93c1c13caec04a367c24a9fb6a6991ddb737d527d6acb15426415b6e8b14f822e86067a5e991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54f45b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9bb57da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb7830a246c3b2f60000fc4deb8eda1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7033be648b12bb1fee58958d6a6f31bfe568215dfbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc3a4763948a1cbc10348ef2ac3781b847611fcb0a26acafdd6d9ab05865fcf7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb81c53f16d80f51006cbc71570a5e272b223425e09dc6b6cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d944763a4bf5e138d810e29a31f08f7dea7762d28484e15dc4320e4f85c16a8fbffadf8214d6d24cabe17ad4135d8872935ce0e6a468fd20fa4461d1d67b234feac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c1044ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f4815237c3aa356217738898a16ba603439f6eaad8e70b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, r4, 0x9c3fa077fa966179, 0xfffffffd, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4000054)
sendmsg$NL80211_CMD_RELOAD_REGDB(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x14, r4, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008004)
ioctl$AUTOFS_IOC_CATATONIC(r3, 0x9362, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000640)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f0000001900)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="38120000", @ANYRES16=r4, @ANYBLOB="000229bd3db6968045000300000000000000", @ANYRES32=r5, @ANYBLOB="c8002a001001930301ae010481036cc80105bc8301ecc82d1a00031300000000000000010700f900120000000800050000000882414206eb04000000ffffffffffff0d0000000802110000007f00000006000000030508021100000108000000040802110000000100000005ffffffffffff080000008c10be091a2eb22562b0d1e337f2e008673b04060402070002002d1a0100020600000000000000010005000c000000010012000000202d1a00081600000000000001000e0005000a000000080409000000fa0600f900b46000000600fb00ff0100007200fa00a124d8b635942e46386b1b9a8af7ae9d4eb6c86cf7879f655274fcbac702541e6710b0bf1b64e33b249377c42f2cacea636797af87baa281fc5be729c35fddab2a3b9e5bc851dde6290f6f67ba5b605918e2936b2b37d34ec99a6e9fea188bbb70d3f95aeeb8f3505be5ee8b3ebe00000600fb000f0000003300fa007e10cf471875082443becbfb9d3a1a2f7255f33a68c83d54b64e9e26cb5cb7cc14995f9be86b13e706009b50fbe59c000410fa004b37330c9a17589db604b727d5272db8cd11c8efc859f894108286f5678cb405b429e3d44cc050e4e7fd247faab487ba01fbf76aa7fe0ddfdb1db3dba5a53ea13718d10604374295ac2f254feac0917247805acc381696eec9c8b266fb52c1aefe3cf4b3b7ebe17daf6c3951ca18e1b04a9d8d3246fbb40e7f183ea40d4484b95573ccacb82f484744cbe6c404ecabab814ce2ac79faea4b2b2ac196f38518c636a77ed1017de63a9ea7911d30f1e15e8012309f5a503bbf9f86545e8384d1f3868213bdfa823bc1c3c6e573498661a48bcb054a5c866d9e4da3ba8d829c825b6f93ca8fe0d8f9aec39ccae61fb9860b4bff3035beb5d9cd415179bfb35c946f909ce17776ac5a63d9059bae84f83b0336f889d46700243252721e68c7ae46df89316b6e5808d98d4547d1e3321e17d5dbab52b8d0408c7149a79bda26597c11553acfcfaffb237ad65c89ac5b5036a942223acf85a53ff867843422407e00109af40615f377d33330983703d7624b1de409db7038d40c2dbf49beb0ebe457d821a57374392398b055d748aa93de2efcd4817ca3b4f1e4d1f8a38047f6bbfd62eaba56885b85fd56081c0f2f37185ecefccad5c5096c9880c495562f6be6b94e5508b296f2cf4cf686a2da72c59434900fea664ee28dfafff1f073cfd6b11e112b466e8646b86d9661ad8165b7be3add23c071b1b8f04760681ffd24fe024cf23683d27efe582379b75adc352f8655ef5e498f32d35b9be5a297222888332320ceacc809433e44621182f02e380ec7bce7ad75293953a614a875ba26d76d87df122f61a057f60ce92915bb3439c141e7243c40d06a00f60916b2b14612166182e0752fd5e6de43f6fc1eab0a496e37ce2162e4cf6eeb0be4b6b78e9e908b680047c7de273088b9f32be4c96965729e58d319101b72460274cd08b3ed50d1806514a58881daf78690001ef36b07872d44e244868f9ff274c71ebb830b82f8c65c0bf07e8cb0ebea47edfde721474d9704ebe33af892a6ddcc0ec446e7b74a4d8a03db971f7e2bd53fcbd7b478bc825c9f5d0df3e881310498c1234374eacf857084a291722e9f2ae507fa3c2d15df61cd0567222dcf3a18c3000cb85fb9007adc7271068ab50e1d5eac870b6caeead8afecd3f6258fb1dc9106cb0f73caba69364fb23d5601320269b0735bdadf5e78d3df42641f5630c34d3aa2d46e90ce31d18405b4b77cc463d00eb160363e4d19977a6a4a96d60b1095681a8772b98f4dc1008cd03cd74879512b879bc1bca76043ab9980af68bdfa029ac6beefc3e284f493a2e8c01696c0d9d156b50e3d867bc3884f740e261aefee14354033ea0898c839e95a79067225a55f55be5a6dcd16aa66e661b661bd18aa91acaed3059f25b9a95f57731c2b5632a3576fdac6e547220b807e4c1062fccde24c1fab33b9e44759b4964f6e7f880cb5d1537b8c489e813b5a689bdfc620ee7b5d29a814cf2eb7d5b7fd15fc1c309e66da7f7ef4ee9189c6d9c0e918af0d0e4f1f57e11ecdfc04f55b5a3dddfc483e3f8730c63205988df7c163f64648936a88ae975adc2c50ae56b1c163787aaa7ba716d804f5e6bd8f1b1338871318aa066730d9e96a626ee84343738ed51a6d22175948bf81804b346f75b509907d5c21c6e6ae722e438673720c3ad7a575a6231755fbf8b104c9a830d47353c00d9fd78b839cc8259e095b39b8255bec6910ec0dc0408aa121d7b92a1eb9c8651256db5ceef34ee6d6ce5d72450e923e1ab0438e5a161345a3f7f9d2ba7bcaba1f9f243b5744bfac464b5cc79401584497f3fdecd6b7263361fec78ce0433541e347a6c738dcd57453a5a971b9e71886c90e0dec627e71f6abd31a9a10b08fbbdae83f63acc237c9427895645df83e14edefd9e6039714637b6d5912e844dc6fe195096183fc1b96b7761d3089349295712e9a65c5dcad3a3efa551579df919e903daa87607692056fc23001219eed963076568e729d88d443115bbb3a680240b1ac74ed26cd137aebb79be7acccb73b92e70d9422c08dd0a61665b6d72c900869c2e0c6ecc48cc7e3d64daee58cf01824ddad88ecbadb163f3584c6834ffb66fdfe78069433fa1aeee3d746fa5b9111de638263f7afb0f5461979f7f2f4774f381c4b094d4ad9f5ca988b9cbb7b91607bf8707bf16682462709d4ab3ca22772338608332d09a12fcb2938b1e65949a76688a7fc86924aa38afe0b90d37048d69e73a0b99a3584101c647d79f284ccba120d8c96d287891d10648415e3aa09a110bbd22505afcace48c2c70ea837b25bf7ed4bdbb4fe89643438b17798241359b560aaf88f6ef07d68f5cf0c138edcadce2fa38506de6a8096f98909c10ab69da33fc676e554bb56d04706b6157745ff88f0ebfc1eedff191378af5c4aa21300cefd6fbb2c7c9dba20546d17773ba50ab2e56af79ef0b9728472f161e76c9f08c22a45de62d5243d842779c739122415d32016d24f54b47b6523524dfc04ec0f6d002a681169ddf47cba8b8631c999ecf65c34a00445fbdebf73c95f0f0e3b9f005283f418b98b214f83428cd1978f91832093c873b7abc3078554566aafbf5cfe42e595efd5792071e870519f65ae6286e101facfae7b2808153738f5bc3eeb5a3749e3db9133cf686c2c18173beea1950ea7a8dc2ce32ccd0f4ea751dd7895a39eb583b78972dc09deaa6b5fb1abdd67c24d0d7700649c51828fe0bda349b6960d9250483da7acf82b5ee701001fa48c7d25c90dfab836c32a59eefaf1e7279592516ff93a83b68f30a93991dc37842f69633498dab7dbb4756ae6f708d936485d6cca6d31f62935b4741300d402d07f19b8b87bebaa674ee0e2b4303c52d6c1480d3d9f63ce9f33010bfe19b3407ef67a944c299f3a830ae27063b3c1d103afd7222065900cdeb40d21aeebff275f7daddb70aef3cfca57d349c6dbcdfd8d90fc2727fb6ed19aa6dfcc4eb1fbc09dbf80a6dc44a0cac039ebe0634516b4e77fd2eb4e45a8a346c093b1f2b3871dbae3cbb23a4a5ed85ad93c1869bb3fae22279d41d4b17d5cae5605c035019b84df1e4a9a3c16022dfdda156f7ddba7874950077be843fc108001cffc8264895e5cc323a465d8d15ab8117c4141910ba2305f5ea22b79d8c800f98a380125ad4dde15e06d056d829eb8ef41a8425ea435ece5d962f2a289571fd084827e74d3b6a765ece373a9d7b18c22bebe361eb672a60f458f9e0c37417aae5496f82b763bdbc6ad442c2a9e7ce218e25e55a12cb40f7c6536c1c9c6595ad878fae79e58cc84e819cec1111e039151a66e081b8b07ea8ac38c3e45d23054f2d19b83d900e2d1ada6ce767bb0e937bdf82cc8539d0b2e9ee9e9b7462194477ac572112ddf03ab43b373f094418662b989f3c001ef261d0d67bfcaf4d57f28de1cc9e9004bd03142ba66b58b5d416334aa5c2be4c0f7822203df8a118f239ee64b660fe28a0a0e2b52024b96bf2419963807f13ea374b8930c077ff70ba1c3243d95587d7fac373e07067f575c04951048318ade9e42f07cca63258fe05fa79799ac07f309819daf32e6daf20725a9a160643f21be894cb5f83d2bb15184a9b881a5bf363d5bfe24350f9d98c56d04a4074391ea139dd16d171c3e66ae550b12c11cef32d8b1e379df9acf9b80a10dd0435ef1f0778e14e255e43bf207473846c6ba6edd1e5b8603427b0829ef3a7f34d585cbbf2cd6a41abbe46dda4a4f1c39c8f7467c931c01a83235125680a49f2aea2925d3ffe2b28266d4d880a11f3b6fda37debf284fa4cbe8d76dbec4a0d7fb27e3a4b7fed8602e69e262245df7e74200f90d26a55eb703c8df232adc4f5d8ac6afab2597718ae017a148f43905e4ac472aba785c5d5884464751ddcf667a003da751972ca1d3d480dbb8fdb30b5b9bd07d3226637d613a17067a28bcde3abd061787af7b53d2a52b1a2ad6038827789ee2c9c8801a4d70595d15fd0c099526fac236cbd86dba5dc661887561c6668fdd09683e37f1b2b1db1d8ac00466444cbb037a9468c596bcdcd13d58f29f719152c1d2c4a61ff401c5c88d13a3946af704fcd8254fc56bcb93e1883f6b6ae9d3cbcdb141fb079c515fe70e0c572c67ff971e987330a29966dff4ffd8afdb7d1724d2c77e9f84cbcc5027e5f6843371e2dee35369c712d96757271d40ef1892a896aabca599d08607fce05e120d94b5e06ec84cab31d3fca0ed7f2644be23c922fcd8dd8a2942b53d530736897b9cbe6da0082caa9f796abf43103c275df74497c927a79c685ee38e3b3567163e173f05f7fb62f31ee69f6419a117094b5bc5852315fa12b9897f25a876b0e9fa1c1e5f7f8f206c3d39ae5a77d954209ecf2ed3bc5240b67710acc26345b9e57af7d6afc067e80781286e7d1501ac6a20acfddef9c3f784150674c9a3b6c4447e9b41d1f692e3904ef3d4ec3ef17ade974d4dec9dc43216814ee9a0db30794dad700ff1165db7c4dfcc75b46e9d4ebd61633f291b87517125131b7801af8f7f79bdabc07515c23f0cb46620b08b19ed3ebc79379c4dc171c54d161ce25f510d7b6e4d672e626ae87b3eea41eb6abba8612ace7ed8b545dfc8337c2fd6ffd5a7e95d4db44c21abdc6ddcc41b122c88d7a9b60c99a57ec855f943455397b1cf00c735f36b7a6edea674c88c4d709d59c50d265940fe05220751d5ea67443dcbf359a8e58c35cf3b9183436a96c6f06aeaeedfc9658a3a087dca95bdf4a2c8b7248719cf6b7a0dea6c574be52c9d1c426cf1d592a62cf38e4b84e26385848f2969495a6904f6817372d7e8aca0e3cd8dc7cca514dfb3bf5b63ab9c632e4953ee86e82c7447afd38f0b843cabaf0263a5db1314ffecfa7f9cefb5917d50d2f85e5323a6b0fb2d951bba37bbd0f74a3e07821feb4efe8148da695e00b52ce93d9ebc81a9b47e34757311363019aafd6b9ebc7764421935dfa465f018904929fa7612d5c929659c70287681619a5c23d5d8858266747186149f4b6138a81542f7230c0b1b99eb7df8e88f67d2aa9c7ab5f2be195ade8a1636137876fad0892eceb0675ac206c8084ab154da4e76d7e76a81891723cbe164125a64d43981be9dfd7ae587ac4c696eb6e4a7f635550104deef141ccbb0999222a952cb3bd920620532808430db8aa28ee7ac3224477d269c9874c40ee08d19f0932cfc560d541694b788e4ea05936fd42b999c59f6db079e748d551600309aef89071c30fe0ff5bb4920d2eac3c054e2871e17240e92527f627eff2184a9be241a31c0ac8474ae0f82861e60bd449065d8285c33edf31d631c360ace955143678cf45f1fd1f5da77b94c2d87555976eda3833265cdfee777b7d87514f344edeee24d8a9dda9b0bb35552432d26ea874853acffc85958a05be561c8845236393e69aedd7eef8dfcccc26d2c66c20ced811f8eb6613cbbf3e97711912840de7d4e2a7987567d4cd7bd116be665d7170310efc740995493ea25d5239c9345f1e8360bdeea3c89edb2d3deb74a0f372b0770c81e1b57884abebbca40a6dd70d990c59538821c8c8bbaf18ff21caa9b155c5582177066ecd445817ea567ad508fce7751f62e594d99a4bec2fba725827a3d845ce152015c9c2c37283af56590efb4e22e0c017ba992227be8acd968257a2a3197f11a6d4c68423cd74e2c32407104ecc883c5c06136470cea05637e154425d27210310bcfd3598052cd602c7350d913dc5914b0b69ff645cbdb7e250f20da09a819095a9425d91335743d912ca832628e002a0083254006b108021100000039ffffff08021100000084000000fbffffffffffffffffff070000007606050418000200bd06080211000000824602a303ff030000ffffffffffff0e0b000001800000030000000405ffffffffffff09000000010802110000000500000005080211000000086c163a05080211000000380000000301b904060702bb1906000000"], 0x1238}, 0x1, 0x0, 0x0, 0x40050}, 0x40c0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000009b80)=@newchain={0x24, 0x64, 0x300, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x7, 0xfff2}, {0xf}, {0xa, 0x1ffe4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010300000000000000000500"], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x20048040)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x600, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008001b000000000004001a80180002"], 0x44}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
recvmsg(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000200)=""/152, 0x98}, {&(0x7f0000000380)=""/28, 0x1c}, {&(0x7f00000004c0)=""/142, 0x8e}], 0x3, &(0x7f00000019c0)=""/201, 0xc9}, 0x40)

798.904162ms ago: executing program 0 (id=8460):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="6000000002060500000000000000000000000000140007800800114000000000050015000c0000000500010006000000050005000200000005000400000000000900020073797a310000000013000300686173"], 0x60}}, 0x0)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14)
r2 = socket$inet6(0xa, 0x3, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@private0, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, 0x3, 0x4e1f, 0x0, 0x2}, {0xfffffffffffffffd, 0xb, 0x4, 0x400, 0xb2, 0x3, 0x0, 0xd3d}, {0x0, 0x1200000000000000, 0x7fff, 0x3}, 0xbfd1, 0x1, 0x1}, {{@in6=@mcast2, 0x4d6, 0x3c}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2c19}}, 0xe8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'ip6_vti0\x00', r1, 0x2f, 0x1, 0x4, 0x4, 0x45, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x20, 0x40, 0xe73b, 0x82}})

797.539318ms ago: executing program 2 (id=8461):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15aba33a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f722fc58055b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775aafb8c5509086fdba99dba8fbbc7557df3769126732212b33004a42396dc614c501eddeec8a88861f6de3c01bcdf31dfbd3e1165bbb954434723aa31dfedf3d91791aed6773b6ba1b221c46e5f2c9d6e55a659b29b7865b0a4a66d7ae364022"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141644089ffe4d2f87e5446a6aab845013f2325f1a39010703038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x800)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}}], {0x14}}, 0x6c}}, 0x24040884)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x83, &(0x7f0000000140)={r5}, 0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000000)={r5, 0x4}, &(0x7f0000000040)=0x8)

635.401613ms ago: executing program 2 (id=8462):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f00000002c0)=ANY=[], 0x88)
getsockopt$inet6_opts(r0, 0x29, 0x36, 0xfffffffffffffffe, &(0x7f00000001c0)=0x31)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x1d, 0x4, 0x4, 0x10001}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x648101, 0x0)
unshare(0x400)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000007f00000000000000da41000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000fcff00008500000086000000bf09000000000000550901008004000095000000000000004e00000000000000b70200000000000085000000ae000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1837000000000000000000000800000085550c00000000009500000000000000e95a7f0fda1bc47138b7c53358451a9fa55742722f2d891fcf50e9d9ba8c18740091e294f5e3f6919d2e8a39d6119fbbbca9d0a4fe148f638347e08636ba40af31364908adfd64cafc4f7275fce536a74435dced0929185cb17ff57535ea870a2c0b60fcbf5c929988527d6c39b38e250e3af4a548f228bb66cd2ef0b591cf5da93825149d1a981f2bab3882c5b390aa251aa5c81ea7e1ab578306ec55ed304fb348d866586e62ad91d210f5c3df337b0ad85f7505ece06e1317d2d70bd3f24cf881d1a7f08249f3575d8e2729e72fc73c3c6a9107557d4d73c6a16098fad638dd05006ac2496ff16198b05b4eb885824518b5ebe1c5279595486b387fca4d682a8ae38bed86da508891ffb168899ace398b787f37b3a0390059d733be5fd0"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x24, 0xfffffffffffffffc, 0x0, 0x0, '\x00', 0x0, 0x38}, 0x80)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x70bd2b, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}]}, 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000020000103feffffff0000000002000000000000000400010008000a000008000005001e"], 0x50}}, 0x4000850)
sendmmsg$alg(r3, &(0x7f0000000140), 0x4924b68, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)

632.369529ms ago: executing program 0 (id=8463):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x7, @dev={0xfe, 0x80, '\x00', 0x23}, 0x3}, 0x1c)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0xd0000000000000, 0x0, 0x0)

529.958625ms ago: executing program 1 (id=8464):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x60, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x0, @private0, 0x5}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'ib', 0x3a, 'vlan1\x00'}}]}]}, 0x60}}, 0x0)

462.221748ms ago: executing program 0 (id=8465):
unshare(0x28000600) (async)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x4d, &(0x7f0000caaffb), &(0x7f00000002c0)=0xc) (async)
r2 = socket(0x400000000010, 0x3, 0x0) (async)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x8001, 0xfffffff9, 0x57, 0x1bc4, 0x1, 0x5, 0x5, 0x400, 0x36}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x8, 0x6, 0x2, 0x101}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x24008010}, 0x20000000) (async)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_NODE_GET(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)={0x248, r5, 0x4, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x8c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa00}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40c}]}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xe}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xd71b}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7ff}]}, @TIPC_NLA_MEDIA={0x84, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa0000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x807}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}, @TIPC_NLA_MON={0x4c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4b}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xf}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_NODE={0x68, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "03ece079811947411333445ef85c61197fa704017d"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xfff}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x40080}, 0xc000)
sendfile(0xffffffffffffffff, r0, &(0x7f00000003c0)=0x7fffffff, 0x5) (async)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001114013f2bbd7000fddbdf2508000300010000fe08004b001300000008004a000000000008"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)

455.207716ms ago: executing program 2 (id=8466):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f0000000340)={0xa, 0x1, 0x0, @empty, 0x40000005}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[], 0x40}, 0x24000800)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000580)={@private2={0xfc, 0x2, '\x00', 0x1}, @loopback={0xb00000000000000}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2000000, 0x0, 0x7d, 0x200, 0xfffffffffffffffd, 0x9b0318})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000200)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback={0x3f}, @loopback, 0x10000006, 0x0, 0x6, 0x0, 0x4000000000000009, 0x10200})
ioctl$INCFS_IOC_PERMIT_FILL(r0, 0x40046721, &(0x7f0000000180)={r1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r5, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)

351.095391ms ago: executing program 0 (id=8467):
socket$unix(0x1, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
recvfrom(r1, 0x0, 0x0, 0x2243, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001140)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000540)='O', 0x1}], 0x8}}], 0x1, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xc9, 0x18, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
writev(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)="c7c570e3d2854348ed2183cdbd669c084d1eee74a71ec31023", 0x19}], 0x1)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
close(0x3)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'syzkaller0\x00'})
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000140)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, &(0x7f00000000c0)=0x3, 0x4)

286.570626ms ago: executing program 4 (id=8468):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000300)=@gcm_128={{0x304}, "793ba630b2de12f8", "c638280e9b39583cc7fd269640bc0334", "36ebbafd", "cf5506fd54cac505"}, 0x28)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x64, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0xfffd}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x18}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x5}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x64}}, 0x80)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x304}, '\t\x00', "1fd33c81cf7995313c09de00fd6ded74", '\x00', "1e00040000000100"}, 0xffe9)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000004c0)='westwood', 0x8)
r2 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10)
write(r2, &(0x7f0000000080)="08008edf773c8000", 0xfd)
recvmmsg(r2, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)

238.318389ms ago: executing program 1 (id=8469):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x800)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x5c, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x30, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}, {0x14, 0x1, 'team_slave_1\x00'}]}]}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}}], {0x14}}, 0x98}}, 0x24040884)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8, 0x1, 0x7}}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@fallback=<r5=>0xffffffffffffffff, 0x35, 0x0, 0x6, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[0x0, 0x0, 0x0], <r6=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRESDEC=0x0, @ANYRESDEC=r4, @ANYRESDEC=r0, @ANYRES32, @ANYRES32, @ANYRESOCT, @ANYRESDEC=r5], 0x20)
r7 = bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@fallback, 0xffffffffffffffff, 0x37, 0x2000, 0x0, @value=r7, @void, @void, @void, r6}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x15, 0x4, 0xb, 0x6, 0x4, 0xffffffffffffffff, 0x2, '\x00', 0x0, r5, 0x4, 0x1, 0x5}, 0x50)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r8, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRES32, @ANYBLOB="8e3cb801d96a4797cd610fc50e49956081ac69bcfb02f1e4a8121d9d60f4d265702e84e99c00000000", @ANYRES64=r6], 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)={@map=r9, 0xffffffffffffffff, 0x33, 0x10, 0x0, @void, @value, @void, @void, r6}, 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000002c0)=ANY=[@ANYRES32=r8, @ANYRES32, @ANYBLOB="1600003eed9ae727fa29fd3a524e3c75930000000000", @ANYRES32, @ANYRES64=r6], 0x20)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={<r10=>0xffffffffffffffff, 0x8, 0x4, 0x8})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r10, 0xffffffffffffffff, 0x14, 0x20, 0xffffffffffffffff, @void, @void, @void, @value=0xffffffffffffffff, r6}, 0x20)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000300000000000000000000850000006d00000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000740)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)={@map=r11, 0xffffffffffffffff, 0x34, 0x4, 0x0, @void, @value=r12, @void, @void, r6}, 0x20)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, 0x0)
sendmsg$NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRESHEX=r3, @ANYRESOCT=0x0, @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x2044001}, 0xc0)

125.900156ms ago: executing program 4 (id=8470):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=@base={0x19, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000440)={r1, 0x0, 0x0}, 0x20)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r3, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
clock_gettime(0x0, &(0x7f0000000140)={<r5=>0x0, <r6=>0x0})
sendmsg$can_bcm(r4, &(0x7f0000000240)={&(0x7f0000000100), 0x10, &(0x7f0000000200)={&(0x7f0000000180)={0x4, 0x2c, 0x0, {r5, r6/1000+10000}, {0x0, 0x2710}, {0x4}, 0x1, @canfd={{0x1, 0x1, 0x0, 0x1}, 0x27, 0x2, 0x0, 0x0, "bfe0d401d5572c06c998b56bb88a625be5795867ecda7859815b2ff18d058faffc3f6053532aecec404b14609bb2f26aa56f7b8b0e5dd5330db193f71037de57"}}, 0x80}, 0x1, 0x0, 0x0, 0x8}, 0x84000)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="3c0000001000030500000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r3], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

25.110195ms ago: executing program 2 (id=8471):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r1, 0x1)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0xfffffffe, @empty, 0x3}, 0x1c)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @empty, 0x8}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x1200}, [@IFLA_ADDRESS={0xa, 0x1, @broadcast}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macsec0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000801}, 0x40008)
sendmmsg$inet6(r1, &(0x7f0000001280)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x8, @empty, 0xfffffffe}, 0x1c, 0x0}}, {{&(0x7f0000000300)={0xa, 0x4e23, 0x10, @loopback, 0x2}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000940)}}], 0x3, 0x240c089d)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r3, 0x1)
bind$inet6(r3, &(0x7f0000000240)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x2, @empty, 0xfffffffe}, 0x1c, 0x0}}], 0x1, 0x20080058)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x8002)

22.066299ms ago: executing program 1 (id=8472):
unshare(0x2a020400)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)

0s ago: executing program 3 (id=8473):
syz_emit_ethernet(0x4e, &(0x7f0000000340)=ANY=[@ANYBLOB="cdc9ea000000000000080049000040000400000001907864010102ffffffff019404010094040000940400000000000308907800067f4345170fff0065b9f9f5290008ac1e0001ac141404"], 0x0)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={<r1=>r0})
getsockopt$MRT6(r1, 0x29, 0xd0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
r3 = socket(0x10, 0x80002, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r6, 0x800448d4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x13, 0x23, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3ff}, {}, {}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0xd}, @map_fd={0x18, 0xa}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x5}, @ringbuf_output, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}}, &(0x7f0000000680)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, &(0x7f0000000a80)=[r4, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000b40)=[{0x4, 0x2, 0x1, 0x1}, {0x3, 0x1, 0x9, 0x6}], 0x10, 0x4}, 0x94)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x0, &(0x7f0000000180)}, 0x10)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r10], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)
sendmmsg$alg(r3, &(0x7f00000000c0), 0x492492492492627, 0x0)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r12, 0x84, 0x2, &(0x7f00000000c0)={0xfffc, 0xc}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r12, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffffb}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r12, 0x84, 0x6c, 0x0, &(0x7f0000008f80))
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a6c000000060a010400000000000000000a8a0e010900010073797a3100000000400004803c0001800e000100696d6d6564696174650000002800028008000140000000031c000280d6efa5d157815a1c8815000100c637b4a78e77a989bc7db5510505156a830000000900020073797a32000000001400000011000100000000"], 0x94}, 0x1, 0x0, 0x0, 0x40}, 0x24000840)

kernel console output (not intermixed with test programs):

fecd5b78e
[  910.902786][T31946] RDX: 000000000000000f RSI: 00007f3fedd220a0 RDI: 0000000000000005
[  910.902798][T31946] RBP: 00007f3fedd22090 R08: 0000000000000000 R09: 0000000000000000
[  910.902810][T31946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.902821][T31946] R13: 00007f3fed016038 R14: 00007f3fed015fa0 R15: 00007ffdf09ea8a8
[  910.902853][T31946]  </TASK>
[  911.714650][T31984] __nla_validate_parse: 10 callbacks suppressed
[  911.714671][T31984] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7634'.
[  911.810022][T31985] netlink: 9275 bytes leftover after parsing attributes in process `syz.1.7637'.
[  912.285888][T32018] netlink: 'syz.2.7643': attribute type 1 has an invalid length.
[  912.625446][T32025] 8021q: adding VLAN 0 to HW filter on device batadv4
[  912.706922][T32025] bond5: (slave batadv4): making interface the new active one
[  912.791473][T32025] bond5: (slave batadv4): Enslaving as an active interface with an up link
[  912.930493][T32043] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7651'.
[  912.984447][T32047] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7651'.
[  913.109307][T32051] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7653'.
[  913.204529][T32049] 8021q: adding VLAN 0 to HW filter on device bond8
[  913.229681][T32053] netlink: 'syz.2.7654': attribute type 1 has an invalid length.
[  913.238633][T32053] netlink: 'syz.2.7654': attribute type 2 has an invalid length.
[  913.289440][T32047] bond8: (slave bridge3): Enslaving as an active interface with an up link
[  913.304046][T32056] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7653'.
[  913.325090][T32051] batadv_slave_0: entered promiscuous mode
[  913.335784][T32055] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7652'.
[  913.370227][T32053] lo speed is unknown, defaulting to 1000
[  913.386711][T32050] batadv_slave_0: left promiscuous mode
[  913.824141][T32079] netlink: 'syz.0.7658': attribute type 1 has an invalid length.
[  913.876319][T32079] netlink: 240 bytes leftover after parsing attributes in process `syz.0.7658'.
[  914.204185][T32098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7666'.
[  914.375753][T32109] netlink: 212192 bytes leftover after parsing attributes in process `syz.1.7669'.
[  914.596561][T32122] netlink: 'syz.3.7670': attribute type 1 has an invalid length.
[  914.751775][T32131] sctp: [Deprecated]: syz.0.7677 (pid 32131) Use of int in maxseg socket option.
[  914.751775][T32131] Use struct sctp_assoc_value instead
[  915.037093][T32127] 8021q: adding VLAN 0 to HW filter on device batadv3
[  915.048080][T32127] bond7: (slave batadv3): making interface the new active one
[  915.059409][T32127] bond7: (slave batadv3): Enslaving as an active interface with an up link
[  915.131122][T32126] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  915.219079][ T5910] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  915.229006][ T5910] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  915.384530][T32147] netlink: 'syz.1.7681': attribute type 6 has an invalid length.
[  915.392287][T32147] netlink: 'syz.1.7681': attribute type 7 has an invalid length.
[  915.444764][T32147] netlink: 'syz.1.7681': attribute type 8 has an invalid length.
[  915.452782][T32147] netlink: 'syz.1.7681': attribute type 13 has an invalid length.
[  915.845694][T32176] FAULT_INJECTION: forcing a failure.
[  915.845694][T32176] name failslab, interval 1, probability 0, space 0, times 0
[  915.866263][T32176] CPU: 0 UID: 0 PID: 32176 Comm: syz.3.7691 Not tainted syzkaller #0 PREEMPT(full) 
[  915.866287][T32176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  915.866298][T32176] Call Trace:
[  915.866306][T32176]  <TASK>
[  915.866314][T32176]  dump_stack_lvl+0xe8/0x150
[  915.866340][T32176]  should_fail_ex+0x412/0x560
[  915.866364][T32176]  should_failslab+0xa8/0x100
[  915.866385][T32176]  __kmalloc_cache_noprof+0x83/0x6e0
[  915.866402][T32176]  ? lockdep_hardirqs_on+0x7a/0x110
[  915.866422][T32176]  ? __request_module+0x2d0/0x610
[  915.866440][T32176]  __request_module+0x2d0/0x610
[  915.866461][T32176]  ? __pfx___request_module+0x10/0x10
[  915.866491][T32176]  ? security_capable+0x7e/0x2c0
[  915.866522][T32176]  ? dev_load+0x21/0x1f0
[  915.866541][T32176]  dev_load+0x190/0x1f0
[  915.866560][T32176]  dev_ioctl+0x384/0x1150
[  915.866585][T32176]  sock_do_ioctl+0x23e/0x320
[  915.866606][T32176]  ? __pfx_sock_do_ioctl+0x10/0x10
[  915.866621][T32176]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  915.866657][T32176]  sock_ioctl+0x5c6/0x7f0
[  915.866675][T32176]  ? __pfx_sock_ioctl+0x10/0x10
[  915.866692][T32176]  ? __fget_files+0x2a/0x420
[  915.866709][T32176]  ? __fget_files+0x3a0/0x420
[  915.866724][T32176]  ? __fget_files+0x2a/0x420
[  915.866743][T32176]  ? bpf_lsm_file_ioctl+0x9/0x20
[  915.866763][T32176]  ? __pfx_sock_ioctl+0x10/0x10
[  915.866778][T32176]  __se_sys_ioctl+0xfc/0x170
[  915.866800][T32176]  do_syscall_64+0xe2/0xf80
[  915.866820][T32176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.866836][T32176]  ? trace_irq_disable+0x37/0x100
[  915.866852][T32176]  ? clear_bhb_loop+0x60/0xb0
[  915.866870][T32176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  915.866885][T32176] RIP: 0033:0x7f53cdd9aeb9
[  915.866906][T32176] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  915.866919][T32176] RSP: 002b:00007f53cec12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  915.866938][T32176] RAX: ffffffffffffffda RBX: 00007f53ce015fa0 RCX: 00007f53cdd9aeb9
[  915.866949][T32176] RDX: 0000200000000040 RSI: 0000000000008946 RDI: 0000000000000003
[  915.866961][T32176] RBP: 00007f53cec12090 R08: 0000000000000000 R09: 0000000000000000
[  915.866972][T32176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  915.866982][T32176] R13: 00007f53ce016038 R14: 00007f53ce015fa0 R15: 00007ffcbabced08
[  915.867012][T32176]  </TASK>
[  916.263494][T32189] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  916.597644][T32207] lo speed is unknown, defaulting to 1000
[  916.877117][T32193] __nla_validate_parse: 7 callbacks suppressed
[  916.877137][T32193] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7701'.
[  917.081207][T32229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7709'.
[  917.106354][T32229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7709'.
[  917.122945][ T5949] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  917.144919][T32233] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  917.164109][ T5949] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  917.172532][ T5949] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  917.175725][T32233] siw: device registration error -23
[  917.204519][ T5949] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  917.419192][T32250] FAULT_INJECTION: forcing a failure.
[  917.419192][T32250] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  917.433283][T32250] CPU: 0 UID: 0 PID: 32250 Comm: syz.4.7718 Not tainted syzkaller #0 PREEMPT(full) 
[  917.433308][T32250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  917.433320][T32250] Call Trace:
[  917.433327][T32250]  <TASK>
[  917.433335][T32250]  dump_stack_lvl+0xe8/0x150
[  917.433371][T32250]  should_fail_ex+0x412/0x560
[  917.433399][T32250]  _copy_to_user+0x31/0xb0
[  917.433423][T32250]  bpf_test_finish+0x1db/0x6b0
[  917.433456][T32250]  ? __pfx_bpf_test_finish+0x10/0x10
[  917.433488][T32250]  bpf_prog_test_run_xdp+0x8fa/0x1160
[  917.433523][T32250]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  917.433546][T32250]  ? __fget_files+0x2a/0x420
[  917.433571][T32250]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  917.433591][T32250]  bpf_prog_test_run+0x2c7/0x340
[  917.433613][T32250]  __sys_bpf+0x5cb/0x920
[  917.433633][T32250]  ? __pfx___sys_bpf+0x10/0x10
[  917.433665][T32250]  ? ksys_write+0x242/0x270
[  917.433691][T32250]  ? __pfx_ksys_write+0x10/0x10
[  917.433718][T32250]  __x64_sys_bpf+0x7c/0x90
[  917.433745][T32250]  do_syscall_64+0xe2/0xf80
[  917.433768][T32250]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.433784][T32250]  ? trace_irq_disable+0x37/0x100
[  917.433801][T32250]  ? clear_bhb_loop+0x60/0xb0
[  917.433822][T32250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.433838][T32250] RIP: 0033:0x7f3fecd9aeb9
[  917.433855][T32250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  917.433869][T32250] RSP: 002b:00007f3fedd22028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  917.433889][T32250] RAX: ffffffffffffffda RBX: 00007f3fed015fa0 RCX: 00007f3fecd9aeb9
[  917.433902][T32250] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  917.433914][T32250] RBP: 00007f3fedd22090 R08: 0000000000000000 R09: 0000000000000000
[  917.433925][T32250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  917.433937][T32250] R13: 00007f3fed016038 R14: 00007f3fed015fa0 R15: 00007ffdf09ea8a8
[  917.433963][T32250]  </TASK>
[  917.649498][T32253] netlink: 'syz.1.7720': attribute type 1 has an invalid length.
[  917.659012][T32253] netlink: 240 bytes leftover after parsing attributes in process `syz.1.7720'.
[  917.728931][T32259] netlink: 56 bytes leftover after parsing attributes in process `syz.4.7722'.
[  917.786096][T10716] wlan1: Trigger new scan to find an IBSS to join
[  917.821410][T32265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7724'.
[  917.899092][T32262] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  917.963312][T32268] netlink: 'syz.0.7719': attribute type 9 has an invalid length.
[  918.008315][T32272] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7726'.
[  918.181782][T32283] xt_CT: You must specify a L4 protocol and not use inversions on it
[  918.182642][T32284] xt_CT: You must specify a L4 protocol and not use inversions on it
[  918.215007][T32283] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7728'.
[  918.232305][T32284] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7728'.
[  918.351402][T32292] netlink: 'syz.3.7731': attribute type 7 has an invalid length.
[  918.706778][T32287] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7729'.
[  918.818167][T32316] netlink: 'syz.3.7734': attribute type 2 has an invalid length.
[  918.927808][T32318] netlink: 'syz.0.7737': attribute type 1 has an invalid length.
[  919.151917][T32337] openvswitch: netlink: Flow key attr not present in new flow.
[  919.164850][T32333] IPVS: set_ctl: invalid protocol: 0 10.1.1.1:20001
[  919.251804][T32345] netlink: 'syz.3.7739': attribute type 1 has an invalid length.
[  919.400768][T32347] 8021q: adding VLAN 0 to HW filter on device batadv4
[  919.409996][T32347] bond8: (slave batadv4): making interface the new active one
[  919.419073][T32347] bond8: (slave batadv4): Enslaving as an active interface with an up link
[  919.806196][T32353] FAULT_INJECTION: forcing a failure.
[  919.806196][T32353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  919.856333][T32353] CPU: 0 UID: 0 PID: 32353 Comm: syz.0.7748 Not tainted syzkaller #0 PREEMPT(full) 
[  919.856359][T32353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  919.856371][T32353] Call Trace:
[  919.856378][T32353]  <TASK>
[  919.856387][T32353]  dump_stack_lvl+0xe8/0x150
[  919.856414][T32353]  should_fail_ex+0x412/0x560
[  919.856440][T32353]  _copy_from_user+0x2d/0xb0
[  919.856466][T32353]  __sys_connect+0x156/0x450
[  919.856490][T32353]  ? __pfx___sys_connect+0x10/0x10
[  919.856519][T32353]  ? __pfx_ksys_write+0x10/0x10
[  919.856547][T32353]  __x64_sys_connect+0x7a/0x90
[  919.856567][T32353]  do_syscall_64+0xe2/0xf80
[  919.856587][T32353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.856604][T32353]  ? trace_irq_disable+0x37/0x100
[  919.856619][T32353]  ? clear_bhb_loop+0x60/0xb0
[  919.856639][T32353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.856656][T32353] RIP: 0033:0x7f0d0a99aeb9
[  919.856672][T32353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  919.856686][T32353] RSP: 002b:00007f0d0b7d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  919.856704][T32353] RAX: ffffffffffffffda RBX: 00007f0d0ac15fa0 RCX: 00007f0d0a99aeb9
[  919.856715][T32353] RDX: 000000000000000e RSI: 0000200000000080 RDI: 0000000000000009
[  919.856726][T32353] RBP: 00007f0d0b7d6090 R08: 0000000000000000 R09: 0000000000000000
[  919.856736][T32353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  919.856745][T32353] R13: 00007f0d0ac16038 R14: 00007f0d0ac15fa0 R15: 00007ffcdd66bda8
[  919.856770][T32353]  </TASK>
[  920.169092][T32362] bond9: option fail_over_mac: invalid value (127)
[  920.180499][T32362] bond9 (unregistering): Released all slaves
[  920.188554][T32371] xt_TCPMSS: Only works on TCP SYN packets
[  920.216568][T32364] netlink: 'syz.2.7752': attribute type 1 has an invalid length.
[  920.260591][T32370] syzkaller0: entered promiscuous mode
[  920.287098][T32370] syzkaller0: entered allmulticast mode
[  920.322543][T32376] gre0: entered promiscuous mode
[  920.748867][ T5910] wlan1: Trigger new scan to find an IBSS to join
[  921.026315][T32409] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not filter
[  921.042512][T32405] batadv0: entered promiscuous mode
[  921.048114][T32405] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  921.170599][T32415] openvswitch: netlink: EtherType 50a is less than min 600
[  921.181298][T32417] netlink: 'syz.0.7772': attribute type 7 has an invalid length.
[  921.215929][T32416] lo speed is unknown, defaulting to 1000
[  921.276987][ T5894] IPVS: starting estimator thread 0...
[  921.364657][T32422] IPVS: using max 33 ests per chain, 79200 per kthread
[  921.806091][T32452] syzkaller0: entered promiscuous mode
[  921.821380][T32452] syzkaller0: entered allmulticast mode
[  922.248898][T32481] __nla_validate_parse: 11 callbacks suppressed
[  922.248918][T32481] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7790'.
[  922.333015][T32486] FAULT_INJECTION: forcing a failure.
[  922.333015][T32486] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  922.359023][T32481] dvmrp0: left allmulticast mode
[  922.370655][T32486] CPU: 0 UID: 0 PID: 32486 Comm: syz.1.7791 Not tainted syzkaller #0 PREEMPT(full) 
[  922.370680][T32486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  922.370692][T32486] Call Trace:
[  922.370700][T32486]  <TASK>
[  922.370708][T32486]  dump_stack_lvl+0xe8/0x150
[  922.370735][T32486]  should_fail_ex+0x412/0x560
[  922.370760][T32486]  _copy_from_user+0x2d/0xb0
[  922.370784][T32486]  kstrtouint_from_user+0xd6/0x180
[  922.370808][T32486]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  922.370830][T32486]  ? btrfs_dev_replace_by_ioctl+0x20/0x2490
[  922.370864][T32486]  proc_fail_nth_write+0x8e/0x210
[  922.370895][T32486]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  922.370922][T32486]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  922.370944][T32486]  vfs_write+0x29a/0xb90
[  922.370973][T32486]  ? __pfx_vfs_write+0x10/0x10
[  922.371000][T32486]  ? ppp_ioctl+0x169a/0x1b10
[  922.371032][T32486]  ksys_write+0x150/0x270
[  922.371057][T32486]  ? __pfx_ksys_write+0x10/0x10
[  922.371091][T32486]  do_syscall_64+0xe2/0xf80
[  922.371113][T32486]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  922.371130][T32486]  ? trace_irq_disable+0x37/0x100
[  922.371147][T32486]  ? clear_bhb_loop+0x60/0xb0
[  922.371167][T32486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  922.371185][T32486] RIP: 0033:0x7fef1895b78e
[  922.371202][T32486] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  922.371216][T32486] RSP: 002b:00007fef1985bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  922.371236][T32486] RAX: ffffffffffffffda RBX: 00007fef1985c6c0 RCX: 00007fef1895b78e
[  922.371249][T32486] RDX: 0000000000000001 RSI: 00007fef1985c0a0 RDI: 0000000000000006
[  922.371261][T32486] RBP: 00007fef1985c090 R08: 0000000000000000 R09: 0000000000000000
[  922.371272][T32486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  922.371283][T32486] R13: 00007fef18c16038 R14: 00007fef18c15fa0 R15: 00007ffd5509aab8
[  922.371312][T32486]  </TASK>
[  922.651976][T32496] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  922.981394][T32521] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7799'.
[  923.076043][T32513] syz_tun: entered allmulticast mode
[  923.083567][T32513] siw: device registration error -23
[  923.090767][T32510] syz_tun: left allmulticast mode
[  923.196992][T32530] syzkaller0: entered promiscuous mode
[  923.202558][T32530] syzkaller0: entered allmulticast mode
[  923.784074][   T36] wlan0: Trigger new scan to find an IBSS to join
[  925.288129][T32573] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7821'.
[  925.312322][T32576] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7823'.
[  925.312473][T32579] netlink: 104 bytes leftover after parsing attributes in process `syz.2.7824'.
[  925.360517][T32580] netlink: 'syz.4.7822': attribute type 4 has an invalid length.
[  925.536010][T32596] netlink: 156 bytes leftover after parsing attributes in process `syz.1.7830'.
[  925.600565][T32600] netlink: 43 bytes leftover after parsing attributes in process `syz.1.7832'.
[  925.619298][T32600] IPv6: sit1: Disabled Multicast RS
[  925.626280][T32600] sit1: entered allmulticast mode
[  925.734784][T32605] netlink: 'syz.4.7828': attribute type 1 has an invalid length.
[  925.788539][T32605] 8021q: adding VLAN 0 to HW filter on device batadv6
[  925.802567][T32605] bond9: (slave batadv6): making interface the new active one
[  925.813238][T32605] bond9: (slave batadv6): Enslaving as an active interface with an up link
[  926.302929][T32624] netlink: 'syz.2.7841': attribute type 13 has an invalid length.
[  926.336552][T32625] batadv0: left promiscuous mode
[  926.374205][T32625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7838'.
[  926.521262][T32624] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  926.538387][T32624] syzkaller0: entered promiscuous mode
[  926.545101][T32624] syzkaller0: entered allmulticast mode
[  926.552337][T32637] syzkaller1: entered promiscuous mode
[  926.564705][T32643] netlink: 'syz.3.7846': attribute type 4 has an invalid length.
[  926.565196][T32637] syzkaller1: entered allmulticast mode
[  926.581930][T32643] netlink: 'syz.3.7846': attribute type 1 has an invalid length.
[  926.592013][T32643] netlink: 228 bytes leftover after parsing attributes in process `syz.3.7846'.
[  926.605167][T32624] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  926.618825][T32623] tipc: Resetting bearer <eth:syzkaller0>
[  926.652262][T32623] tipc: Disabling bearer <eth:syzkaller0>
[  926.731079][T32646] lo speed is unknown, defaulting to 1000
[  926.751414][T32643] syzkaller1: entered promiscuous mode
[  926.758993][T32643] syzkaller1: entered allmulticast mode
[  926.824264][   T36] wlan0: Trigger new scan to find an IBSS to join
[  927.404257][T32687] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input53
[  927.552453][T32696] netlink: 'syz.4.7861': attribute type 1 has an invalid length.
[  927.567548][T32693] bond7: option updelay: invalid value (18446744072924056005)
[  927.575191][T32699] netlink: 'syz.3.7862': attribute type 1 has an invalid length.
[  927.585136][T32693] bond7: option updelay: allowed values 0 - 2147483647
[  927.595254][T32693] bond7 (unregistering): Released all slaves
[  927.688734][T32705] FAULT_INJECTION: forcing a failure.
[  927.688734][T32705] name failslab, interval 1, probability 0, space 0, times 0
[  927.691615][T32696] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7861'.
[  927.710588][T32705] CPU: 1 UID: 0 PID: 32705 Comm: syz.2.7863 Not tainted syzkaller #0 PREEMPT(full) 
[  927.710614][T32705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  927.710624][T32705] Call Trace:
[  927.710632][T32705]  <TASK>
[  927.710639][T32705]  dump_stack_lvl+0xe8/0x150
[  927.710665][T32705]  should_fail_ex+0x412/0x560
[  927.710690][T32705]  should_failslab+0xa8/0x100
[  927.710710][T32705]  __kmalloc_cache_noprof+0x83/0x6e0
[  927.710729][T32705]  ? tcf_block_get_ext+0x140/0x17d0
[  927.710755][T32705]  tcf_block_get_ext+0x140/0x17d0
[  927.710789][T32705]  clsact_init+0x223/0x530
[  927.710809][T32705]  ? __pfx_clsact_init+0x10/0x10
[  927.710829][T32705]  qdisc_create+0x7c4/0xf20
[  927.710854][T32705]  tc_modify_qdisc+0x1818/0x2290
[  927.710871][T32705]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  927.710906][T32705]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  927.710958][T32705]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  927.710980][T32705]  rtnetlink_rcv_msg+0x77e/0xbe0
[  927.711006][T32705]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  927.711024][T32705]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  927.711044][T32705]  ? __lock_acquire+0x6b5/0x2cf0
[  927.711079][T32705]  netlink_rcv_skb+0x232/0x4b0
[  927.711100][T32705]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  927.711121][T32705]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  927.711152][T32705]  ? netlink_deliver_tap+0x2e/0x1b0
[  927.711178][T32705]  netlink_unicast+0x80f/0x9b0
[  927.711205][T32705]  ? __pfx_netlink_unicast+0x10/0x10
[  927.711224][T32705]  ? netlink_sendmsg+0x650/0xb40
[  927.711241][T32705]  ? skb_put+0x11b/0x210
[  927.711273][T32705]  netlink_sendmsg+0x813/0xb40
[  927.711301][T32705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  927.711325][T32705]  ? aa_sock_msg_perm+0xf1/0x1b0
[  927.711347][T32705]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  927.711366][T32705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  927.711384][T32705]  ____sys_sendmsg+0xa68/0xad0
[  927.711407][T32705]  ? __might_fault+0xaf/0x130
[  927.711435][T32705]  ? __pfx_____sys_sendmsg+0x10/0x10
[  927.711466][T32705]  ? import_iovec+0x73/0xa0
[  927.711493][T32705]  ___sys_sendmsg+0x2a5/0x360
[  927.711514][T32705]  ? __lock_acquire+0x6b5/0x2cf0
[  927.711539][T32705]  ? __pfx____sys_sendmsg+0x10/0x10
[  927.711596][T32705]  ? __fget_files+0x2a/0x420
[  927.711618][T32705]  ? __fget_files+0x3a0/0x420
[  927.711647][T32705]  __x64_sys_sendmsg+0x1bd/0x2a0
[  927.711672][T32705]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  927.711709][T32705]  ? __pfx_ksys_write+0x10/0x10
[  927.711744][T32705]  do_syscall_64+0xe2/0xf80
[  927.711766][T32705]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.711781][T32705]  ? trace_irq_disable+0x37/0x100
[  927.711798][T32705]  ? clear_bhb_loop+0x60/0xb0
[  927.711819][T32705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.711835][T32705] RIP: 0033:0x7f6f1e39aeb9
[  927.711851][T32705] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  927.711865][T32705] RSP: 002b:00007f6f1f190028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  927.711884][T32705] RAX: ffffffffffffffda RBX: 00007f6f1e615fa0 RCX: 00007f6f1e39aeb9
[  927.711897][T32705] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000003
[  927.711908][T32705] RBP: 00007f6f1f190090 R08: 0000000000000000 R09: 0000000000000000
[  927.711919][T32705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  927.711930][T32705] R13: 00007f6f1e616038 R14: 00007f6f1e615fa0 R15: 00007fff3797dd78
[  927.711959][T32705]  </TASK>
[  928.067357][T32712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7865'.
[  928.082030][T32719] netlink: 'syz.2.7866': attribute type 10 has an invalid length.
[  928.094543][T32719] team0: Failed to send options change via netlink (err -105)
[  928.102040][T32719] team0: Port device dummy0 added
[  928.112156][T32719] netlink: 'syz.2.7866': attribute type 10 has an invalid length.
[  928.121614][T32719] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  928.130793][T32712] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7865'.
[  928.147900][T32719] team0: Failed to send options change via netlink (err -105)
[  928.161039][T32719] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  928.171783][T32719] team0: Port device dummy0 removed
[  928.184147][T32719] dummy0: entered promiscuous mode
[  928.190304][T32719] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  928.217166][T32723] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7867'.
[  928.297506][T32726] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7868'.
[  928.318753][T32727] lo speed is unknown, defaulting to 1000
[  928.501256][T32741] netlink: 'syz.3.7872': attribute type 21 has an invalid length.
[  928.509091][T32744] netlink: 52 bytes leftover after parsing attributes in process `syz.4.7873'.
[  928.509127][T32744] bridge0: entered allmulticast mode
[  928.524165][T32741] IPv6: NLM_F_CREATE should be specified when creating new route
[  930.824094][   T50] wlan0: Trigger new scan to find an IBSS to join
[  931.334840][T32730] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  931.363980][T32766] validate_nla: 1 callbacks suppressed
[  931.363999][T32766] netlink: 'syz.0.7881': attribute type 10 has an invalid length.
[  931.592952][  T313] dummy0: Caught tx_queue_len zero misconfig
[  931.632663][  T303] lo speed is unknown, defaulting to 1000
[  931.682801][  T318] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7889'.
[  931.710034][  T318] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  931.722621][  T318] batman_adv: batadv0: Adding interface: ip6gretap1
[  931.773335][  T318] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  931.815627][  T325] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  931.826174][  T318] batman_adv: batadv0: Interface activated: ip6gretap1
[  931.840759][  T311] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7883'.
[  931.850370][  T311] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7883'.
[  932.126583][T10716] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  932.269691][  T323] netlink: 36 bytes leftover after parsing attributes in process `syz.3.7890'.
[  932.298611][  T345] netlink: 'syz.2.7895': attribute type 1 has an invalid length.
[  932.520730][  T350] netlink: 'syz.2.7898': attribute type 5 has an invalid length.
[  932.528651][  T350] netlink: 'syz.2.7898': attribute type 5 has an invalid length.
[  933.010511][  T383] __nla_validate_parse: 2 callbacks suppressed
[  933.010531][  T383] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7909'.
[  933.035212][  T385] netlink: 32 bytes leftover after parsing attributes in process `syz.2.7911'.
[  933.342570][  T400] syzkaller0: entered promiscuous mode
[  933.349200][  T400] syzkaller0: entered allmulticast mode
[  933.473341][  T408] netlink: 'syz.1.7916': attribute type 1 has an invalid length.
[  933.799755][  T413] 8021q: adding VLAN 0 to HW filter on device batadv6
[  933.810878][  T413] bond7: (slave batadv6): making interface the new active one
[  933.820558][  T413] bond7: (slave batadv6): Enslaving as an active interface with an up link
[  933.887279][  T420] netlink: 'syz.1.7921': attribute type 2 has an invalid length.
[  933.895273][  T420] netlink: 'syz.1.7921': attribute type 1 has an invalid length.
[  933.903132][  T420] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7921'.
[  934.095614][  T423] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7921'.
[  934.736245][  T421] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  934.771894][  T433] netlink: 348 bytes leftover after parsing attributes in process `syz.4.7925'.
[  934.784766][  T433] netlink: 172 bytes leftover after parsing attributes in process `syz.4.7925'.
[  934.795248][  T433] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  934.830862][  T421] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  934.947434][  T421] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  934.986615][  T448] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7928'.
[  935.011429][  T448] netlink: 'syz.4.7928': attribute type 1 has an invalid length.
[  935.021866][  T447] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7930'.
[  935.032965][  T448] erspan0: left promiscuous mode
[  935.047519][  T448] bond7: left promiscuous mode
[  935.186231][  T457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7932'.
[  935.219373][  T458] netlink: 'syz.2.7931': attribute type 1 has an invalid length.
[  935.257146][  T460] netlink: 'syz.0.7926': attribute type 9 has an invalid length.
[  935.475285][  T421] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  935.541313][  T440] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  935.663115][  T475] FAULT_INJECTION: forcing a failure.
[  935.663115][  T475] name failslab, interval 1, probability 0, space 0, times 0
[  935.744055][  T475] CPU: 1 UID: 0 PID: 475 Comm: syz.3.7938 Not tainted syzkaller #0 PREEMPT(full) 
[  935.744081][  T475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  935.744092][  T475] Call Trace:
[  935.744100][  T475]  <TASK>
[  935.744109][  T475]  dump_stack_lvl+0xe8/0x150
[  935.744137][  T475]  should_fail_ex+0x412/0x560
[  935.744163][  T475]  should_failslab+0xa8/0x100
[  935.744185][  T475]  __kmalloc_noprof+0xde/0x7e0
[  935.744203][  T475]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  935.744233][  T475]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  935.744264][  T475]  genl_family_rcv_msg_doit+0xd9/0x330
[  935.744288][  T475]  ? __asan_memcpy+0x40/0x70
[  935.744314][  T475]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  935.744344][  T475]  ? apparmor_capable+0x137/0x1a0
[  935.744370][  T475]  ? bpf_lsm_capable+0x9/0x20
[  935.744390][  T475]  ? security_capable+0x7e/0x2c0
[  935.744417][  T475]  genl_rcv_msg+0x61c/0x7a0
[  935.744446][  T475]  ? __pfx_genl_rcv_msg+0x10/0x10
[  935.744468][  T475]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  935.744503][  T475]  netlink_rcv_skb+0x232/0x4b0
[  935.744522][  T475]  ? __pfx_genl_rcv_msg+0x10/0x10
[  935.744544][  T475]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  935.744559][  T475]  ? genl_rcv+0x19/0x40
[  935.744593][  T475]  ? down_read+0x272/0x2e0
[  935.744608][  T475]  ? genl_rcv+0xd/0x40
[  935.744631][  T475]  genl_rcv+0x28/0x40
[  935.744651][  T475]  netlink_unicast+0x80f/0x9b0
[  935.744679][  T475]  ? __pfx_netlink_unicast+0x10/0x10
[  935.744699][  T475]  ? netlink_sendmsg+0x650/0xb40
[  935.744717][  T475]  ? skb_put+0x11b/0x210
[  935.744743][  T475]  netlink_sendmsg+0x813/0xb40
[  935.744778][  T475]  ? __pfx_netlink_sendmsg+0x10/0x10
[  935.744802][  T475]  ? aa_sock_msg_perm+0xf1/0x1b0
[  935.744824][  T475]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  935.744845][  T475]  ? __pfx_netlink_sendmsg+0x10/0x10
[  935.744863][  T475]  ____sys_sendmsg+0xa68/0xad0
[  935.744886][  T475]  ? __might_fault+0xaf/0x130
[  935.744916][  T475]  ? __pfx_____sys_sendmsg+0x10/0x10
[  935.744948][  T475]  ? import_iovec+0x73/0xa0
[  935.744976][  T475]  ___sys_sendmsg+0x2a5/0x360
[  935.744996][  T475]  ? __lock_acquire+0x6b5/0x2cf0
[  935.745023][  T475]  ? __pfx____sys_sendmsg+0x10/0x10
[  935.745081][  T475]  ? __fget_files+0x2a/0x420
[  935.745099][  T475]  ? __fget_files+0x3a0/0x420
[  935.745129][  T475]  __x64_sys_sendmsg+0x1bd/0x2a0
[  935.745154][  T475]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  935.745187][  T475]  ? __pfx_ksys_write+0x10/0x10
[  935.745222][  T475]  do_syscall_64+0xe2/0xf80
[  935.745245][  T475]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.745262][  T475]  ? trace_irq_disable+0x37/0x100
[  935.745279][  T475]  ? clear_bhb_loop+0x60/0xb0
[  935.745300][  T475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.745317][  T475] RIP: 0033:0x7f53cdd9aeb9
[  935.745333][  T475] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  935.745348][  T475] RSP: 002b:00007f53cec12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  935.745367][  T475] RAX: ffffffffffffffda RBX: 00007f53ce015fa0 RCX: 00007f53cdd9aeb9
[  935.745380][  T475] RDX: 00000000040040c0 RSI: 0000200000000200 RDI: 0000000000000003
[  935.745392][  T475] RBP: 00007f53cec12090 R08: 0000000000000000 R09: 0000000000000000
[  935.745403][  T475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  935.745414][  T475] R13: 00007f53ce016038 R14: 00007f53ce015fa0 R15: 00007ffcbabced08
[  935.745444][  T475]  </TASK>
[  936.094992][T10716] wlan1: Trigger new scan to find an IBSS to join
[  936.336141][  T484] netlink: 240 bytes leftover after parsing attributes in process `syz.3.7940'.
[  936.390881][  T463] 8021q: adding VLAN 0 to HW filter on device batadv5
[  936.400321][  T463] bond6: (slave batadv5): making interface the new active one
[  936.408786][  T463] bond6: (slave batadv5): Enslaving as an active interface with an up link
[  936.437350][  T477] workqueue: Failed to create a rescuer kthread for wq "bond10": -EINTR
[  936.543196][   T50] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  936.649008][ T5910] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  936.684765][ T5910] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  936.724491][   T50] `: left allmulticast mode
[  936.729116][   T50] bridge4: left allmulticast mode
[  936.745881][   T50] bridge5: left allmulticast mode
[  936.750945][   T50] bridge6: left allmulticast mode
[  936.765937][   T50] bridge7: left allmulticast mode
[  936.782073][   T50] bridge9: left allmulticast mode
[  936.796403][   T50] bridge11: left allmulticast mode
[  936.811877][   T50] `: left promiscuous mode
[  936.821956][   T50] bridge4: left promiscuous mode
[  936.838405][   T50] bridge5: left promiscuous mode
[  936.854554][   T50] bridge6: left promiscuous mode
[  936.864537][   T50] bridge7: left promiscuous mode
[  936.873967][   T50] bridge9: left promiscuous mode
[  936.912405][   T50] bridge11: left promiscuous mode
[  936.933902][   T50] bridge0: port 1(`) entered disabled state
[  937.030473][   T50] batman_adv: batadv0: Interface deactivated: gretap1
[  937.496732][   T50] batman_adv: batadv0: Removing interface: gretap1
[  937.635564][   T50] bond0 (unregistering): Released all slaves
[  937.653244][   T50] bond1 (unregistering): Released all slaves
[  937.677517][   T50] bond2 (unregistering): Released all slaves
[  937.700682][   T50] bond3 (unregistering): Released all slaves
[  937.737094][   T50] bond4 (unregistering): Released all slaves
[  937.759015][   T50] bond5 (unregistering): Released all slaves
[  937.790034][   T50] bond6 (unregistering): Released all slaves
[  937.835393][   T50] bond7 (unregistering): Released all slaves
[  938.347888][   T50] `: Port device bridge4 removed
[  938.407902][   T50] `: Port device bridge5 removed
[  938.460845][   T50] `: Port device bridge6 removed
[  938.508253][   T50] `: Port device bridge7 removed
[  938.607622][   T50] `: Port device bridge9 removed
[  938.687214][   T50] `: Port device bridge11 removed
[  938.770007][   T50] bond0 (unregistering): Released all slaves
[  938.779815][   T50] bond1 (unregistering): Released all slaves
[  938.792560][   T50] bond2 (unregistering): (slave batadv0): Releasing active interface
[  938.801541][   T50] bond2 (unregistering): Released all slaves
[  938.822647][   T50] bond3 (unregistering): (slave batadv1): Releasing active interface
[  938.837143][   T50] bond3 (unregistering): Released all slaves
[  938.849662][   T50] bond4 (unregistering): (slave batadv2): Releasing active interface
[  938.858725][   T50] bond4 (unregistering): Released all slaves
[  938.871046][   T50] bond5 (unregistering): (slave batadv3): Releasing active interface
[  938.881026][   T50] bond5 (unregistering): Released all slaves
[  938.893059][   T50] bond6 (unregistering): Released all slaves
[  938.906586][   T50] bond7 (unregistering): Released all slaves
[  938.919335][   T50] bond8 (unregistering): (slave batadv4): Releasing active interface
[  938.930557][   T50] bond8 (unregistering): Released all slaves
[  938.944337][ T5949] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  938.952808][  T496] ip6_vti0: Caught tx_queue_len zero misconfig
[  938.959138][  T496] __nla_validate_parse: 1 callbacks suppressed
[  938.959156][  T496] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7944'.
[  938.985053][  T506] bridge_slave_1: left allmulticast mode
[  938.990733][  T506] bridge_slave_1: left promiscuous mode
[  939.000613][  T506] bridge0: port 2(bridge_slave_1) entered disabled state
[  939.029179][  T506] bond0: (slave bridge_slave_1): Enslaving as an active interface with a down link
[  939.078419][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.086411][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.094375][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.102215][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.110142][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.118108][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.126063][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.134021][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.141916][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.150044][  T542] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  939.287545][  T548] FAULT_INJECTION: forcing a failure.
[  939.287545][  T548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  939.318248][  T548] CPU: 0 UID: 0 PID: 548 Comm: syz.3.7949 Not tainted syzkaller #0 PREEMPT(full) 
[  939.318272][  T548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  939.318279][  T548] Call Trace:
[  939.318284][  T548]  <TASK>
[  939.318289][  T548]  dump_stack_lvl+0xe8/0x150
[  939.318308][  T548]  should_fail_ex+0x412/0x560
[  939.318323][  T548]  _copy_from_iter+0x1d3/0x1670
[  939.318348][  T548]  ? rcu_is_watching+0x15/0xb0
[  939.318360][  T548]  ? __pfx__copy_from_iter+0x10/0x10
[  939.318371][  T548]  ? kmem_cache_alloc_node_noprof+0x473/0x6f0
[  939.318391][  T548]  ? netlink_sendmsg+0x650/0xb40
[  939.318403][  T548]  ? skb_put+0x11b/0x210
[  939.318418][  T548]  netlink_sendmsg+0x6c0/0xb40
[  939.318434][  T548]  ? __pfx_netlink_sendmsg+0x10/0x10
[  939.318447][  T548]  ? aa_sock_msg_perm+0xf1/0x1b0
[  939.318460][  T548]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  939.318473][  T548]  ? __pfx_netlink_sendmsg+0x10/0x10
[  939.318483][  T548]  ____sys_sendmsg+0xa68/0xad0
[  939.318497][  T548]  ? __might_fault+0xaf/0x130
[  939.318515][  T548]  ? __pfx_____sys_sendmsg+0x10/0x10
[  939.318533][  T548]  ? import_iovec+0x73/0xa0
[  939.318550][  T548]  ___sys_sendmsg+0x2a5/0x360
[  939.318563][  T548]  ? __lock_acquire+0x6b5/0x2cf0
[  939.318579][  T548]  ? __pfx____sys_sendmsg+0x10/0x10
[  939.318596][  T548]  ? kstrtouint+0x6e/0xe0
[  939.318620][  T548]  ? __fget_files+0x2a/0x420
[  939.318631][  T548]  ? __fget_files+0x3a0/0x420
[  939.318657][  T548]  __sys_sendmmsg+0x27c/0x4e0
[  939.318684][  T548]  ? __pfx___sys_sendmmsg+0x10/0x10
[  939.318703][  T548]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  939.318735][  T548]  ? ksys_write+0x242/0x270
[  939.318752][  T548]  ? __pfx_ksys_write+0x10/0x10
[  939.318769][  T548]  __x64_sys_sendmmsg+0xa0/0xc0
[  939.318784][  T548]  do_syscall_64+0xe2/0xf80
[  939.318798][  T548]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.318807][  T548]  ? trace_irq_disable+0x37/0x100
[  939.318818][  T548]  ? clear_bhb_loop+0x60/0xb0
[  939.318830][  T548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  939.318840][  T548] RIP: 0033:0x7f53cdd9aeb9
[  939.318850][  T548] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  939.318860][  T548] RSP: 002b:00007f53cec12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  939.318871][  T548] RAX: ffffffffffffffda RBX: 00007f53ce015fa0 RCX: 00007f53cdd9aeb9
[  939.318879][  T548] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000003
[  939.318886][  T548] RBP: 00007f53cec12090 R08: 0000000000000000 R09: 0000000000000000
[  939.318892][  T548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  939.318898][  T548] R13: 00007f53ce016038 R14: 00007f53ce015fa0 R15: 00007ffcbabced08
[  939.318913][  T548]  </TASK>
[  939.912683][T10712] wlan1: Trigger new scan to find an IBSS to join
[  940.118038][  T504] lo speed is unknown, defaulting to 1000
[  940.218004][  T557] syzkaller0: entered promiscuous mode
[  940.223593][  T557] syzkaller0: entered allmulticast mode
[  940.412493][  T570] batadv_slave_0: entered promiscuous mode
[  940.463170][  T570] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7956'.
[  940.534574][  T569] batadv_slave_0: left promiscuous mode
[  940.596592][  T577] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  940.624292][   T50] tipc: Disabling bearer <udp:syz2>
[  940.639629][   T50] tipc: Left network mode
[  940.684061][  T577] syz_tun: entered promiscuous mode
[  940.690481][  T577] syz_tun: refused to change device tx_queue_len
[  940.708455][  T584] netlink: 64 bytes leftover after parsing attributes in process `syz.1.7960'.
[  940.722706][   T50] tipc: Left network mode
[  940.771246][  T588] syzkaller0: entered promiscuous mode
[  940.802964][  T588] syzkaller0: entered allmulticast mode
[  940.898322][T10712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  941.054651][  T600] sctp: [Deprecated]: syz.4.7968 (pid 600) Use of int in max_burst socket option.
[  941.054651][  T600] Use struct sctp_assoc_value instead
[  941.067043][  T602] validate_nla: 2 callbacks suppressed
[  941.067064][  T602] netlink: 'syz.3.7967': attribute type 1 has an invalid length.
[  941.090490][  T602] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7967'.
[  941.118826][  T605] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7969'.
[  941.126532][  T602] netlink: 68 bytes leftover after parsing attributes in process `syz.3.7967'.
[  941.138548][  T605] netlink: 'syz.0.7969': attribute type 12 has an invalid length.
[  941.174669][  T605] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7969'.
[  941.206360][  T605] netlink: 'syz.0.7969': attribute type 12 has an invalid length.
[  941.222365][  T606] batadv_slave_0: entered promiscuous mode
[  941.230040][  T606] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7970'.
[  941.252610][  T604] batadv_slave_0: left promiscuous mode
[  941.361447][  T615] netlink: 'syz.2.7975': attribute type 11 has an invalid length.
[  941.411556][  T615] netlink: 224 bytes leftover after parsing attributes in process `syz.2.7975'.
[  941.538795][  T629] bond4: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  941.576571][  T633] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7980'.
[  941.586947][  T629] bond4 (unregistering): Released all slaves
[  941.625586][ T5894] hid-generic 0005:15C2:5508.0013: item fetching failed at offset 0/1
[  941.648509][ T5894] hid-generic 0005:15C2:5508.0013: probe with driver hid-generic failed with error -22
[  941.697280][   T50] pim6reg (unregistering): left allmulticast mode
[  941.904844][  T653] FAULT_INJECTION: forcing a failure.
[  941.904844][  T653] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  941.933725][  T653] CPU: 0 UID: 0 PID: 653 Comm: syz.4.7983 Not tainted syzkaller #0 PREEMPT(full) 
[  941.933755][  T653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  941.933767][  T653] Call Trace:
[  941.933774][  T653]  <TASK>
[  941.933784][  T653]  dump_stack_lvl+0xe8/0x150
[  941.933810][  T653]  should_fail_ex+0x412/0x560
[  941.933836][  T653]  _copy_from_iter+0x1d3/0x1670
[  941.933867][  T653]  ? rcu_is_watching+0x15/0xb0
[  941.933886][  T653]  ? __pfx__copy_from_iter+0x10/0x10
[  941.933904][  T653]  ? kmem_cache_alloc_node_noprof+0x473/0x6f0
[  941.933937][  T653]  ? netlink_sendmsg+0x650/0xb40
[  941.933956][  T653]  ? skb_put+0x11b/0x210
[  941.933980][  T653]  netlink_sendmsg+0x6c0/0xb40
[  941.934008][  T653]  ? __pfx_netlink_sendmsg+0x10/0x10
[  941.934031][  T653]  ? aa_sock_msg_perm+0xf1/0x1b0
[  941.934054][  T653]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  941.934074][  T653]  ? __pfx_netlink_sendmsg+0x10/0x10
[  941.934093][  T653]  ____sys_sendmsg+0xa68/0xad0
[  941.934115][  T653]  ? __might_fault+0xaf/0x130
[  941.934143][  T653]  ? __pfx_____sys_sendmsg+0x10/0x10
[  941.934181][  T653]  ? import_iovec+0x73/0xa0
[  941.934207][  T653]  ___sys_sendmsg+0x2a5/0x360
[  941.934227][  T653]  ? __lock_acquire+0x6b5/0x2cf0
[  941.934252][  T653]  ? __pfx____sys_sendmsg+0x10/0x10
[  941.934307][  T653]  ? __fget_files+0x2a/0x420
[  941.934324][  T653]  ? __fget_files+0x3a0/0x420
[  941.934351][  T653]  __x64_sys_sendmsg+0x1bd/0x2a0
[  941.934377][  T653]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  941.934409][  T653]  ? __pfx_ksys_write+0x10/0x10
[  941.934444][  T653]  do_syscall_64+0xe2/0xf80
[  941.934464][  T653]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  941.934480][  T653]  ? trace_irq_disable+0x37/0x100
[  941.934496][  T653]  ? clear_bhb_loop+0x60/0xb0
[  941.934514][  T653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  941.934532][  T653] RIP: 0033:0x7f3fecd9aeb9
[  941.934548][  T653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  941.934563][  T653] RSP: 002b:00007f3fedd01028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  941.934582][  T653] RAX: ffffffffffffffda RBX: 00007f3fed016090 RCX: 00007f3fecd9aeb9
[  941.934595][  T653] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000007
[  941.934607][  T653] RBP: 00007f3fedd01090 R08: 0000000000000000 R09: 0000000000000000
[  941.934618][  T653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  941.934629][  T653] R13: 00007f3fed016128 R14: 00007f3fed016090 R15: 00007ffdf09ea8a8
[  941.934657][  T653]  </TASK>
[  942.721601][  T654] wg1: left promiscuous mode
[  942.727538][  T654] wg1: left allmulticast mode
[  942.762857][  T654] sit1: left allmulticast mode
[  942.772988][  T655] hsr_slave_0: left promiscuous mode
[  942.779220][  T655] hsr_slave_1: left promiscuous mode
[  942.796314][ T5910] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  942.804848][ T5910] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  942.813838][ T5910] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  942.822211][ T5910] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  943.681941][   T50] IPVS: stop unused estimator thread 0...
[  943.689853][   T50] IPVS: stop unused estimator thread 0...
[  944.323062][  T617] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  944.614178][  T682] FAULT_INJECTION: forcing a failure.
[  944.614178][  T682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  944.634299][  T682] CPU: 1 UID: 0 PID: 682 Comm: syz.4.7993 Not tainted syzkaller #0 PREEMPT(full) 
[  944.634325][  T682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  944.634337][  T682] Call Trace:
[  944.634345][  T682]  <TASK>
[  944.634353][  T682]  dump_stack_lvl+0xe8/0x150
[  944.634380][  T682]  should_fail_ex+0x412/0x560
[  944.634405][  T682]  _copy_from_user+0x2d/0xb0
[  944.634430][  T682]  do_sock_getsockopt+0x165/0x3f0
[  944.634457][  T682]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  944.634482][  T682]  ? ksys_write+0x1fc/0x270
[  944.634511][  T682]  __x64_sys_getsockopt+0x1a4/0x240
[  944.634541][  T682]  do_syscall_64+0xe2/0xf80
[  944.634572][  T682]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.634589][  T682]  ? trace_irq_disable+0x37/0x100
[  944.634606][  T682]  ? clear_bhb_loop+0x60/0xb0
[  944.634627][  T682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.634644][  T682] RIP: 0033:0x7f3fecd9aeb9
[  944.634661][  T682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  944.634676][  T682] RSP: 002b:00007f3fedd22028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  944.634696][  T682] RAX: ffffffffffffffda RBX: 00007f3fed015fa0 RCX: 00007f3fecd9aeb9
[  944.634709][  T682] RDX: 000000000000003b RSI: 0000000000000001 RDI: 0000000000000004
[  944.634720][  T682] RBP: 00007f3fedd22090 R08: 0000200000000000 R09: 0000000000000000
[  944.634733][  T682] R10: 00002000000014c0 R11: 0000000000000246 R12: 0000000000000001
[  944.634744][  T682] R13: 00007f3fed016038 R14: 00007f3fed015fa0 R15: 00007ffdf09ea8a8
[  944.634773][  T682]  </TASK>
[  944.966351][  T694] netlink: 'syz.3.8001': attribute type 13 has an invalid length.
[  945.045096][  T698] __nla_validate_parse: 2 callbacks suppressed
[  945.045117][  T698] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7998'.
[  945.065717][  T698] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7998'.
[  945.111451][  T692] batadv_slave_0: entered promiscuous mode
[  945.116569][  T710] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8000'.
[  945.133144][  T696] syzkaller0: entered promiscuous mode
[  945.163479][  T696] syzkaller0: entered allmulticast mode
[  945.217747][  T691] batadv_slave_0: left promiscuous mode
[  945.455917][  T727] netlink: 'syz.2.8009': attribute type 1 has an invalid length.
[  945.457223][  T729] FAULT_INJECTION: forcing a failure.
[  945.457223][  T729] name failslab, interval 1, probability 0, space 0, times 0
[  945.468382][  T727] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8009'.
[  945.478875][  T729] CPU: 1 UID: 0 PID: 729 Comm: syz.4.8010 Not tainted syzkaller #0 PREEMPT(full) 
[  945.478901][  T729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  945.478912][  T729] Call Trace:
[  945.478921][  T729]  <TASK>
[  945.478929][  T729]  dump_stack_lvl+0xe8/0x150
[  945.478955][  T729]  should_fail_ex+0x412/0x560
[  945.478982][  T729]  should_failslab+0xa8/0x100
[  945.479003][  T729]  __kmalloc_node_track_caller_noprof+0xe1/0x7f0
[  945.479024][  T729]  ? rxrpc_setsockopt+0x595/0x9f0
[  945.479050][  T729]  rxrpc_request_key+0xba/0x250
[  945.479075][  T729]  rxrpc_setsockopt+0x595/0x9f0
[  945.479097][  T729]  ? __pfx_rxrpc_setsockopt+0x10/0x10
[  945.479118][  T729]  ? aa_sock_opt_perm+0xff/0x1a0
[  945.479141][  T729]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  945.479159][  T729]  ? __pfx_rxrpc_setsockopt+0x10/0x10
[  945.479180][  T729]  do_sock_setsockopt+0x17c/0x1b0
[  945.479207][  T729]  __x64_sys_setsockopt+0x13d/0x1b0
[  945.479234][  T729]  do_syscall_64+0xe2/0xf80
[  945.479255][  T729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.479272][  T729]  ? trace_irq_disable+0x37/0x100
[  945.479288][  T729]  ? clear_bhb_loop+0x60/0xb0
[  945.479308][  T729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.479325][  T729] RIP: 0033:0x7f3fecd9aeb9
[  945.479340][  T729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  945.479355][  T729] RSP: 002b:00007f3fedd22028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  945.479373][  T729] RAX: ffffffffffffffda RBX: 00007f3fed015fa0 RCX: 00007f3fecd9aeb9
[  945.479386][  T729] RDX: 0000000000000001 RSI: 0000000000000110 RDI: 0000000000000003
[  945.479397][  T729] RBP: 00007f3fedd22090 R08: 0000000000000007 R09: 0000000000000000
[  945.479407][  T729] R10: 0000200000009840 R11: 0000000000000246 R12: 0000000000000001
[  945.479418][  T729] R13: 00007f3fed016038 R14: 00007f3fed015fa0 R15: 00007ffdf09ea8a8
[  945.479447][  T729]  </TASK>
[  945.479946][  T729] netlink: 'syz.4.8010': attribute type 10 has an invalid length.
[  945.515408][  T731] netlink: 'syz.3.8011': attribute type 10 has an invalid length.
[  945.523950][  T729] veth0_vlan: left promiscuous mode
[  945.706710][  T729] veth0_vlan: entered promiscuous mode
[  945.714415][  T729] team0: Device veth0_vlan failed to register rx_handler
[  945.725318][  T731] veth0_vlan: left promiscuous mode
[  945.732635][  T731] veth0_vlan: entered promiscuous mode
[  945.741133][  T731] `: Device veth0_vlan failed to register rx_handler
[  945.780192][  T737] FAULT_INJECTION: forcing a failure.
[  945.780192][  T737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  945.819713][  T737] CPU: 1 UID: 0 PID: 737 Comm: syz.4.8012 Not tainted syzkaller #0 PREEMPT(full) 
[  945.819739][  T737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  945.819750][  T737] Call Trace:
[  945.819757][  T737]  <TASK>
[  945.819765][  T737]  dump_stack_lvl+0xe8/0x150
[  945.819792][  T737]  should_fail_ex+0x412/0x560
[  945.819816][  T737]  _copy_from_user+0x2d/0xb0
[  945.819840][  T737]  ___sys_recvmsg+0x175/0x590
[  945.819863][  T737]  ? ktime_get_ts64+0xa9/0x3f0
[  945.819885][  T737]  ? __pfx____sys_recvmsg+0x10/0x10
[  945.819910][  T737]  ? __fget_files+0x2a/0x420
[  945.819943][  T737]  ? __fget_files+0x3a0/0x420
[  945.819971][  T737]  do_recvmmsg+0x334/0x800
[  945.820001][  T737]  ? __pfx_do_recvmmsg+0x10/0x10
[  945.820036][  T737]  ? _copy_from_user+0x94/0xb0
[  945.820071][  T737]  __x64_sys_recvmmsg+0x1b7/0x250
[  945.820093][  T737]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  945.820125][  T737]  do_syscall_64+0xe2/0xf80
[  945.820148][  T737]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.820164][  T737]  ? trace_irq_disable+0x37/0x100
[  945.820181][  T737]  ? clear_bhb_loop+0x60/0xb0
[  945.820202][  T737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  945.820219][  T737] RIP: 0033:0x7f3fecd9aeb9
[  945.820236][  T737] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  945.820251][  T737] RSP: 002b:00007f3fedd22028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  945.820270][  T737] RAX: ffffffffffffffda RBX: 00007f3fed015fa0 RCX: 00007f3fecd9aeb9
[  945.820283][  T737] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  945.820296][  T737] RBP: 00007f3fedd22090 R08: 0000200000003700 R09: 0000000000000000
[  945.820308][  T737] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  945.820319][  T737] R13: 00007f3fed016038 R14: 00007f3fed015fa0 R15: 00007ffdf09ea8a8
[  945.820349][  T737]  </TASK>
[  946.099010][  T748] FAULT_INJECTION: forcing a failure.
[  946.099010][  T748] name failslab, interval 1, probability 0, space 0, times 0
[  946.133550][  T748] CPU: 0 UID: 0 PID: 748 Comm: syz.4.8016 Not tainted syzkaller #0 PREEMPT(full) 
[  946.133576][  T748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  946.133588][  T748] Call Trace:
[  946.133596][  T748]  <TASK>
[  946.133604][  T748]  dump_stack_lvl+0xe8/0x150
[  946.133633][  T748]  should_fail_ex+0x412/0x560
[  946.133658][  T748]  should_failslab+0xa8/0x100
[  946.133680][  T748]  __kmalloc_cache_noprof+0x83/0x6e0
[  946.133700][  T748]  ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[  946.133719][  T748]  ? __genradix_ptr+0x1e1/0x220
[  946.133740][  T748]  sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[  946.133770][  T748]  sctp_association_new+0x15d3/0x25e0
[  946.133808][  T748]  sctp_connect_new_asoc+0x2e4/0x6b0
[  946.133836][  T748]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  946.133864][  T748]  ? __local_bh_enable_ip+0xd0/0x130
[  946.133881][  T748]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  946.133900][  T748]  ? security_sctp_bind_connect+0x7e/0x2c0
[  946.133922][  T748]  sctp_sendmsg+0x1528/0x2c10
[  946.133941][  T748]  ? unwind_next_frame+0xa5/0x23c0
[  946.133970][  T748]  ? __pfx_sctp_sendmsg+0x10/0x10
[  946.133989][  T748]  ? aa_sk_perm+0x15a/0x960
[  946.134008][  T748]  ? aa_sk_perm+0x82d/0x960
[  946.134031][  T748]  ? __pfx_aa_sk_perm+0x10/0x10
[  946.134049][  T748]  ? sock_rps_record_flow+0x19/0x400
[  946.134074][  T748]  ? inet_sendmsg+0x2f4/0x370
[  946.134096][  T748]  ____sys_sendmsg+0x894/0xad0
[  946.134125][  T748]  ? __pfx_____sys_sendmsg+0x10/0x10
[  946.134152][  T748]  ? import_iovec+0x73/0xa0
[  946.134177][  T748]  ___sys_sendmsg+0x2a5/0x360
[  946.134197][  T748]  ? __lock_acquire+0x6b5/0x2cf0
[  946.134223][  T748]  ? __pfx____sys_sendmsg+0x10/0x10
[  946.134276][  T748]  ? __fget_files+0x2a/0x420
[  946.134293][  T748]  ? __fget_files+0x3a0/0x420
[  946.134321][  T748]  __x64_sys_sendmsg+0x1bd/0x2a0
[  946.134346][  T748]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  946.134375][  T748]  ? __pfx_ksys_write+0x10/0x10
[  946.134416][  T748]  do_syscall_64+0xe2/0xf80
[  946.134435][  T748]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.134451][  T748]  ? trace_irq_disable+0x37/0x100
[  946.134466][  T748]  ? clear_bhb_loop+0x60/0xb0
[  946.134485][  T748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  946.134500][  T748] RIP: 0033:0x7f3fecd9aeb9
[  946.134516][  T748] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  946.134530][  T748] RSP: 002b:00007f3fedd22028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  946.134550][  T748] RAX: ffffffffffffffda RBX: 00007f3fed015fa0 RCX: 00007f3fecd9aeb9
[  946.134563][  T748] RDX: 0000000000000041 RSI: 0000200000002dc0 RDI: 0000000000000003
[  946.134575][  T748] RBP: 00007f3fedd22090 R08: 0000000000000000 R09: 0000000000000000
[  946.134586][  T748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  946.134598][  T748] R13: 00007f3fed016038 R14: 00007f3fed015fa0 R15: 00007ffdf09ea8a8
[  946.134628][  T748]  </TASK>
[  946.478830][  T747] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  946.570873][  T751] netlink: 'syz.3.8014': attribute type 9 has an invalid length.
[  946.616260][  T759] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  946.670088][  T753] lo speed is unknown, defaulting to 1000
[  946.690793][  T758] syzkaller0: entered promiscuous mode
[  946.701799][  T758] syzkaller0: entered allmulticast mode
[  946.722859][  T759] vlan2: entered allmulticast mode
[  946.728141][  T759] team0: entered allmulticast mode
[  946.733298][  T759] team_slave_0: entered allmulticast mode
[  946.739286][  T759] team_slave_1: entered allmulticast mode
[  946.740529][  T768] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8022'.
[  946.745239][  T759] macvlan2: entered allmulticast mode
[  946.764110][  T768] net_ratelimit: 3386 callbacks suppressed
[  946.764126][  T768] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  946.789794][  T757] syzkaller0: entered promiscuous mode
[  946.795592][  T757] syzkaller0: entered allmulticast mode
[  946.803965][  T768] netlink: 'syz.0.8022': attribute type 11 has an invalid length.
[  946.822866][  T768] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  946.950792][  T772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8023'.
[  947.005397][  T777] siw: device registration error -23
[  947.148675][  T780] netlink: 'syz.2.8026': attribute type 1 has an invalid length.
[  947.167907][  T782] FAULT_INJECTION: forcing a failure.
[  947.167907][  T782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  947.182703][  T782] CPU: 1 UID: 0 PID: 782 Comm: syz.3.8027 Not tainted syzkaller #0 PREEMPT(full) 
[  947.182736][  T782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  947.182749][  T782] Call Trace:
[  947.182756][  T782]  <TASK>
[  947.182764][  T782]  dump_stack_lvl+0xe8/0x150
[  947.182803][  T782]  should_fail_ex+0x412/0x560
[  947.182829][  T782]  _copy_from_iter+0x1d3/0x1670
[  947.182860][  T782]  ? rcu_is_watching+0x15/0xb0
[  947.182879][  T782]  ? __pfx__copy_from_iter+0x10/0x10
[  947.182898][  T782]  ? kmem_cache_alloc_node_noprof+0x473/0x6f0
[  947.182931][  T782]  ? netlink_sendmsg+0x650/0xb40
[  947.182950][  T782]  ? skb_put+0x11b/0x210
[  947.182975][  T782]  netlink_sendmsg+0x6c0/0xb40
[  947.183003][  T782]  ? __pfx_netlink_sendmsg+0x10/0x10
[  947.183026][  T782]  ? aa_sock_msg_perm+0xf1/0x1b0
[  947.183054][  T782]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  947.183075][  T782]  ? __pfx_netlink_sendmsg+0x10/0x10
[  947.183094][  T782]  ____sys_sendmsg+0xa68/0xad0
[  947.183116][  T782]  ? __might_fault+0xaf/0x130
[  947.183145][  T782]  ? __pfx_____sys_sendmsg+0x10/0x10
[  947.183177][  T782]  ? import_iovec+0x73/0xa0
[  947.183203][  T782]  ___sys_sendmsg+0x2a5/0x360
[  947.183225][  T782]  ? __lock_acquire+0x6b5/0x2cf0
[  947.183252][  T782]  ? __pfx____sys_sendmsg+0x10/0x10
[  947.183308][  T782]  ? __fget_files+0x2a/0x420
[  947.183327][  T782]  ? __fget_files+0x3a0/0x420
[  947.183355][  T782]  __x64_sys_sendmsg+0x1bd/0x2a0
[  947.183383][  T782]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  947.183408][  T782]  ? __pfx_ksys_write+0x10/0x10
[  947.183440][  T782]  do_syscall_64+0xe2/0xf80
[  947.183463][  T782]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.183480][  T782]  ? trace_irq_disable+0x37/0x100
[  947.183498][  T782]  ? clear_bhb_loop+0x60/0xb0
[  947.183519][  T782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.183536][  T782] RIP: 0033:0x7f53cdd9aeb9
[  947.183553][  T782] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  947.183566][  T782] RSP: 002b:00007f53cec12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  947.183583][  T782] RAX: ffffffffffffffda RBX: 00007f53ce015fa0 RCX: 00007f53cdd9aeb9
[  947.183611][  T782] RDX: 0000000000000014 RSI: 0000200000000d80 RDI: 0000000000000003
[  947.183623][  T782] RBP: 00007f53cec12090 R08: 0000000000000000 R09: 0000000000000000
[  947.183634][  T782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  947.183644][  T782] R13: 00007f53ce016038 R14: 00007f53ce015fa0 R15: 00007ffcbabced08
[  947.183671][  T782]  </TASK>
[  947.490706][  T780] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  947.498028][  T780] IPv6: NLM_F_CREATE should be set when creating new route
[  947.506008][  T780] IPv6: NLM_F_CREATE should be set when creating new route
[  947.518414][  T780] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  947.791132][T10716] wlan0: Trigger new scan to find an IBSS to join
[  947.791168][   T36] wlan1: Trigger new scan to find an IBSS to join
[  949.506742][  T780] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  949.705290][  T806] syzkaller0: entered promiscuous mode
[  949.722541][  T806] syzkaller0: entered allmulticast mode
[  949.722609][  T805] netlink: 'syz.1.8033': attribute type 4 has an invalid length.
[  949.814470][  T811] syzkaller1: entered promiscuous mode
[  949.822456][  T811] syzkaller1: entered allmulticast mode
[  949.953175][  T818] FAULT_INJECTION: forcing a failure.
[  949.953175][  T818] name failslab, interval 1, probability 0, space 0, times 0
[  950.016774][  T818] CPU: 1 UID: 0 PID: 818 Comm: syz.0.8038 Not tainted syzkaller #0 PREEMPT(full) 
[  950.016801][  T818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  950.016813][  T818] Call Trace:
[  950.016820][  T818]  <TASK>
[  950.016829][  T818]  dump_stack_lvl+0xe8/0x150
[  950.016857][  T818]  should_fail_ex+0x412/0x560
[  950.016884][  T818]  should_failslab+0xa8/0x100
[  950.016905][  T818]  __kmalloc_node_track_caller_noprof+0xe1/0x7f0
[  950.016924][  T818]  ? __kasan_kmalloc+0x93/0xb0
[  950.016942][  T818]  ? __request_module+0x2ec/0x610
[  950.016958][  T818]  ? __kmalloc_cache_noprof+0x3d1/0x6e0
[  950.016980][  T818]  kstrdup+0x42/0x100
[  950.017000][  T818]  __request_module+0x2ec/0x610
[  950.017023][  T818]  ? __pfx___request_module+0x10/0x10
[  950.017052][  T818]  ? security_capable+0x7e/0x2c0
[  950.017076][  T818]  ? dev_load+0x21/0x1f0
[  950.017096][  T818]  dev_load+0x190/0x1f0
[  950.017116][  T818]  dev_ioctl+0x384/0x1150
[  950.017139][  T818]  sock_do_ioctl+0x23e/0x320
[  950.017161][  T818]  ? __pfx_sock_do_ioctl+0x10/0x10
[  950.017182][  T818]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  950.017220][  T818]  sock_ioctl+0x5c6/0x7f0
[  950.017237][  T818]  ? __pfx_sock_ioctl+0x10/0x10
[  950.017253][  T818]  ? __fget_files+0x2a/0x420
[  950.017271][  T818]  ? __fget_files+0x3a0/0x420
[  950.017285][  T818]  ? __fget_files+0x2a/0x420
[  950.017310][  T818]  ? bpf_lsm_file_ioctl+0x9/0x20
[  950.017327][  T818]  ? __pfx_sock_ioctl+0x10/0x10
[  950.017342][  T818]  __se_sys_ioctl+0xfc/0x170
[  950.017365][  T818]  do_syscall_64+0xe2/0xf80
[  950.017385][  T818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  950.017400][  T818]  ? trace_irq_disable+0x37/0x100
[  950.017417][  T818]  ? clear_bhb_loop+0x60/0xb0
[  950.017438][  T818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  950.017455][  T818] RIP: 0033:0x7f0d0a99aeb9
[  950.017472][  T818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  950.017489][  T818] RSP: 002b:00007f0d0b7d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  950.017509][  T818] RAX: ffffffffffffffda RBX: 00007f0d0ac15fa0 RCX: 00007f0d0a99aeb9
[  950.017522][  T818] RDX: 0000200000000040 RSI: 0000000000008946 RDI: 0000000000000003
[  950.017533][  T818] RBP: 00007f0d0b7d6090 R08: 0000000000000000 R09: 0000000000000000
[  950.017545][  T818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  950.017556][  T818] R13: 00007f0d0ac16038 R14: 00007f0d0ac15fa0 R15: 00007ffcdd66bda8
[  950.017586][  T818]  </TASK>
[  950.067139][  T826] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8040'.
[  950.187700][  T828] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8040'.
[  950.227433][  T815] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  950.358374][  T831] netdevsim netdevsim2 netdevsim2: left allmulticast mode
[  950.376160][  T829] netlink: 'syz.3.8037': attribute type 9 has an invalid length.
[  950.578992][  T846] lo: Caught tx_queue_len zero misconfig
[  950.823564][   T50] wlan0: Trigger new scan to find an IBSS to join
[  950.823570][ T5910] wlan1: Trigger new scan to find an IBSS to join
[  950.861135][  T842] netlink: 40 bytes leftover after parsing attributes in process `syz.0.8045'.
[  950.960171][  T864] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8050'.
[  951.011864][  T858] syzkaller1: entered promiscuous mode
[  951.017466][  T868] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8053'.
[  951.017557][  T858] syzkaller1: entered allmulticast mode
[  951.042056][  T864] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8050'.
[  951.054171][  T859] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8050'.
[  951.273544][  T881] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8059'.
[  951.310179][  T881] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8059'.
[  951.391156][  T887] bridge_slave_0: left allmulticast mode
[  951.406431][  T887] bridge_slave_0: left promiscuous mode
[  951.422837][  T887] bridge0: port 1(bridge_slave_0) entered disabled state
[  951.446892][  T887] bond0: (slave bridge_slave_1): Releasing backup interface
[  951.475202][  T887] bond0: (slave bond_slave_0): Releasing backup interface
[  951.488025][  T887] bond0: (slave bond_slave_1): Releasing backup interface
[  951.499928][  T887] team0: Port device team_slave_0 removed
[  951.508843][  T887] team0: Port device team_slave_1 removed
[  951.516051][  T887] batman_adv: batadv0: Removing interface: batadv_slave_0
[  951.547560][  T887] batman_adv: batadv0: Removing interface: batadv_slave_1
[  951.557649][  T887] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  951.635488][  T908] syzkaller0: entered promiscuous mode
[  951.662614][  T908] syzkaller0: entered allmulticast mode
[  951.721037][  T919] bridge3: entered promiscuous mode
[  951.734510][  T919] bridge3: entered allmulticast mode
[  952.216971][  T952] netlink: 'syz.4.8079': attribute type 11 has an invalid length.
[  952.225032][  T952] netlink: 224 bytes leftover after parsing attributes in process `syz.4.8079'.
[  952.472994][  T973] netlink: 'syz.1.8088': attribute type 1 has an invalid length.
[  952.481284][  T973] netlink: 240 bytes leftover after parsing attributes in process `syz.1.8088'.
[  952.580689][  T980] bridge0: left allmulticast mode
[  952.605154][  T980] vlan2: left allmulticast mode
[  952.610052][  T980] veth0_to_bond: left allmulticast mode
[  952.616260][  T980] bond7: left allmulticast mode
[  952.636831][T10715] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  952.687538][T10715] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  952.696134][T10715] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  952.705457][T10715] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  952.719169][  T984] netlink: 'syz.4.8093': attribute type 11 has an invalid length.
[  952.722345][  T982] netlink: 'syz.1.8092': attribute type 1 has an invalid length.
[  953.139239][  T993] netlink: 'syz.0.8097': attribute type 7 has an invalid length.
[  953.466026][ T1009] Cannot find set identified by id 65534 to match
[  954.612072][  T996] syzkaller0: entered promiscuous mode
[  954.623591][  T996] syzkaller0: entered allmulticast mode
[  954.866662][ T1026] netlink: 'syz.4.8102': attribute type 1 has an invalid length.
[  954.977157][ T1032] netlink: 'syz.2.8104': attribute type 11 has an invalid length.
[  955.199922][ T1043] openvswitch: netlink: EtherType 50a is less than min 600
[  955.238876][ T1042] __nla_validate_parse: 5 callbacks suppressed
[  955.238896][ T1042] netlink: 76 bytes leftover after parsing attributes in process `syz.2.8107'.
[  955.558578][ T1066] syzkaller0: entered promiscuous mode
[  955.564653][ T1066] syzkaller0: entered allmulticast mode
[  955.910264][ T1084] netlink: 'syz.2.8116': attribute type 1 has an invalid length.
[  955.921334][ T1084] netlink: 240 bytes leftover after parsing attributes in process `syz.2.8116'.
[  956.169564][ T1094] veth0_macvtap: left promiscuous mode
[  956.304374][ T1094] lo speed is unknown, defaulting to 1000
[  956.361693][ T1102] tipc: New replicast peer: 255.255.255.255
[  956.371302][ T1102] tipc: Enabled bearer <udp:syz2>, priority 28
[  956.791704][ T1119] netlink: 156 bytes leftover after parsing attributes in process `syz.4.8127'.
[  956.805913][ T1122] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input54
[  956.845943][ T1120] syzkaller0: entered promiscuous mode
[  956.863618][ T1120] syzkaller0: entered allmulticast mode
[  956.955532][ T1130] netlink: 'syz.1.8131': attribute type 4 has an invalid length.
[  957.032272][ T1136] xt_hashlimit: size too large, truncated to 1048576
[  957.085183][ T1141] netlink: 9 bytes leftover after parsing attributes in process `syz.2.8132'.
[  957.101608][ T1142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8133'.
[  957.650783][T28938] tipc: Node number set to 1293037257
[  957.765834][ T1158] netlink: 48 bytes leftover after parsing attributes in process `syz.1.8137'.
[  957.790082][ T1158] batadv_slave_0: entered promiscuous mode
[  957.797373][ T1158] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8137'.
[  957.840295][ T1157] batadv_slave_0: left promiscuous mode
[  957.899867][ T1162] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  957.921334][ T1164] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8140'.
[  957.940006][ T1164] batadv_slave_0: entered promiscuous mode
[  957.948408][ T1164] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8140'.
[  958.020051][ T1163] batadv_slave_0: left promiscuous mode
[  958.183032][ T1180] syzkaller0: entered promiscuous mode
[  958.191831][ T1180] syzkaller0: entered allmulticast mode
[  958.198986][ T1181] netlink: 'syz.0.8146': attribute type 1 has an invalid length.
[  958.365455][ T1193] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8150'.
[  958.509963][ T1200] macsec1: entered promiscuous mode
[  958.565968][ T1202] FAULT_INJECTION: forcing a failure.
[  958.565968][ T1202] name failslab, interval 1, probability 0, space 0, times 0
[  958.579744][ T1202] CPU: 0 UID: 0 PID: 1202 Comm: syz.0.8153 Not tainted syzkaller #0 PREEMPT(full) 
[  958.579769][ T1202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  958.579780][ T1202] Call Trace:
[  958.579787][ T1202]  <TASK>
[  958.579795][ T1202]  dump_stack_lvl+0xe8/0x150
[  958.579822][ T1202]  should_fail_ex+0x412/0x560
[  958.579847][ T1202]  should_failslab+0xa8/0x100
[  958.579869][ T1202]  __kmalloc_cache_node_noprof+0x87/0x6d0
[  958.579889][ T1202]  ? __get_vm_area_node+0x13f/0x300
[  958.579917][ T1202]  __get_vm_area_node+0x13f/0x300
[  958.579941][ T1202]  __vmalloc_node_range_noprof+0x372/0x1730
[  958.579958][ T1202]  ? ethtool_get_strings+0x3f3/0x8d0
[  958.579982][ T1202]  ? do_raw_spin_lock+0x12b/0x2f0
[  958.580020][ T1202]  ? __might_fault+0xaf/0x130
[  958.580045][ T1202]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  958.580072][ T1202]  ? ethtool_get_strings+0x3f3/0x8d0
[  958.580095][ T1202]  vzalloc_noprof+0xb2/0xe0
[  958.580111][ T1202]  ? ethtool_get_strings+0x3f3/0x8d0
[  958.580136][ T1202]  ethtool_get_strings+0x3f3/0x8d0
[  958.580165][ T1202]  ? __pfx_ethtool_get_strings+0x10/0x10
[  958.580206][ T1202]  dev_ethtool+0x132e/0x1ae0
[  958.580239][ T1202]  ? __pfx_dev_ethtool+0x10/0x10
[  958.580258][ T1202]  ? dev_load+0x21/0x1f0
[  958.580291][ T1202]  ? dev_load+0x21/0x1f0
[  958.580311][ T1202]  dev_ioctl+0x392/0x1150
[  958.580333][ T1202]  sock_do_ioctl+0x23e/0x320
[  958.580352][ T1202]  ? __pfx_sock_do_ioctl+0x10/0x10
[  958.580366][ T1202]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  958.580403][ T1202]  sock_ioctl+0x5c6/0x7f0
[  958.580421][ T1202]  ? __pfx_sock_ioctl+0x10/0x10
[  958.580439][ T1202]  ? __fget_files+0x2a/0x420
[  958.580455][ T1202]  ? __fget_files+0x3a0/0x420
[  958.580471][ T1202]  ? __fget_files+0x2a/0x420
[  958.580493][ T1202]  ? bpf_lsm_file_ioctl+0x9/0x20
[  958.580511][ T1202]  ? __pfx_sock_ioctl+0x10/0x10
[  958.580527][ T1202]  __se_sys_ioctl+0xfc/0x170
[  958.580551][ T1202]  do_syscall_64+0xe2/0xf80
[  958.580572][ T1202]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.580588][ T1202]  ? trace_irq_disable+0x37/0x100
[  958.580605][ T1202]  ? clear_bhb_loop+0x60/0xb0
[  958.580626][ T1202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.580647][ T1202] RIP: 0033:0x7f0d0a99aeb9
[  958.580664][ T1202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  958.580678][ T1202] RSP: 002b:00007f0d0b7d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  958.580697][ T1202] RAX: ffffffffffffffda RBX: 00007f0d0ac15fa0 RCX: 00007f0d0a99aeb9
[  958.580710][ T1202] RDX: 0000200000000040 RSI: 0000000000008946 RDI: 0000000000000003
[  958.580722][ T1202] RBP: 00007f0d0b7d6090 R08: 0000000000000000 R09: 0000000000000000
[  958.580733][ T1202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  958.580744][ T1202] R13: 00007f0d0ac16038 R14: 00007f0d0ac15fa0 R15: 00007ffcdd66bda8
[  958.580773][ T1202]  </TASK>
[  958.581078][ T1202] syz.0.8153: vmalloc error: size 4000, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  958.587189][ T1208] netlink: 'syz.3.8155': attribute type 1 has an invalid length.
[  958.597644][ T1202] ,cpuset=/,mems_allowed=0-1
[  958.898102][ T1202] CPU: 1 UID: 0 PID: 1202 Comm: syz.0.8153 Not tainted syzkaller #0 PREEMPT(full) 
[  958.898124][ T1202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  958.898133][ T1202] Call Trace:
[  958.898139][ T1202]  <TASK>
[  958.898145][ T1202]  dump_stack_lvl+0xe8/0x150
[  958.898169][ T1202]  warn_alloc+0x249/0x340
[  958.898188][ T1202]  ? __pfx_warn_alloc+0x10/0x10
[  958.898204][ T1202]  ? __get_vm_area_node+0x13f/0x300
[  958.898226][ T1202]  ? __get_vm_area_node+0x2b5/0x300
[  958.898250][ T1202]  __vmalloc_node_range_noprof+0x397/0x1730
[  958.898267][ T1202]  ? do_raw_spin_lock+0x12b/0x2f0
[  958.898296][ T1202]  ? __might_fault+0xaf/0x130
[  958.898317][ T1202]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  958.898337][ T1202]  ? ethtool_get_strings+0x3f3/0x8d0
[  958.898361][ T1202]  vzalloc_noprof+0xb2/0xe0
[  958.898375][ T1202]  ? ethtool_get_strings+0x3f3/0x8d0
[  958.898394][ T1202]  ethtool_get_strings+0x3f3/0x8d0
[  958.898423][ T1202]  ? __pfx_ethtool_get_strings+0x10/0x10
[  958.898448][ T1202]  dev_ethtool+0x132e/0x1ae0
[  958.898475][ T1202]  ? __pfx_dev_ethtool+0x10/0x10
[  958.898490][ T1202]  ? dev_load+0x21/0x1f0
[  958.898516][ T1202]  ? dev_load+0x21/0x1f0
[  958.898532][ T1202]  dev_ioctl+0x392/0x1150
[  958.898551][ T1202]  sock_do_ioctl+0x23e/0x320
[  958.898567][ T1202]  ? __pfx_sock_do_ioctl+0x10/0x10
[  958.898579][ T1202]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  958.898609][ T1202]  sock_ioctl+0x5c6/0x7f0
[  958.898624][ T1202]  ? __pfx_sock_ioctl+0x10/0x10
[  958.898638][ T1202]  ? __fget_files+0x2a/0x420
[  958.898652][ T1202]  ? __fget_files+0x3a0/0x420
[  958.898666][ T1202]  ? __fget_files+0x2a/0x420
[  958.898682][ T1202]  ? bpf_lsm_file_ioctl+0x9/0x20
[  958.898698][ T1202]  ? __pfx_sock_ioctl+0x10/0x10
[  958.898711][ T1202]  __se_sys_ioctl+0xfc/0x170
[  958.898732][ T1202]  do_syscall_64+0xe2/0xf80
[  958.898750][ T1202]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.898763][ T1202]  ? trace_irq_disable+0x37/0x100
[  958.898775][ T1202]  ? clear_bhb_loop+0x60/0xb0
[  958.898792][ T1202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.898805][ T1202] RIP: 0033:0x7f0d0a99aeb9
[  958.898818][ T1202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  958.898829][ T1202] RSP: 002b:00007f0d0b7d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  958.898844][ T1202] RAX: ffffffffffffffda RBX: 00007f0d0ac15fa0 RCX: 00007f0d0a99aeb9
[  958.898854][ T1202] RDX: 0000200000000040 RSI: 0000000000008946 RDI: 0000000000000003
[  958.898863][ T1202] RBP: 00007f0d0b7d6090 R08: 0000000000000000 R09: 0000000000000000
[  958.898872][ T1202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  958.898881][ T1202] R13: 00007f0d0ac16038 R14: 00007f0d0ac15fa0 R15: 00007ffcdd66bda8
[  958.898903][ T1202]  </TASK>
[  958.898999][ T1202] Mem-Info:
[  959.182478][ T1202] active_anon:6190 inactive_anon:0 isolated_anon:0
[  959.182478][ T1202]  active_file:3582 inactive_file:40925 isolated_file:0
[  959.182478][ T1202]  unevictable:768 dirty:267 writeback:0
[  959.182478][ T1202]  slab_reclaimable:13101 slab_unreclaimable:164801
[  959.182478][ T1202]  mapped:31382 shmem:1406 pagetables:1470
[  959.182478][ T1202]  sec_pagetables:0 bounce:0
[  959.182478][ T1202]  kernel_misc_reclaimable:0
[  959.182478][ T1202]  free:1221747 free_pcp:26548 free_cma:0
[  959.228417][ T1202] Node 0 active_anon:24760kB inactive_anon:0kB active_file:14328kB inactive_file:163500kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:64088kB dirty:1068kB writeback:0kB shmem:4088kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:15048kB pagetables:5748kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  959.260655][ T1202] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:61440kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  959.292482][ T1202] Node 0 DMA free:11248kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  959.323259][ T1202] lowmem_reserve[]: 0 2494 2495 2495 2495
[  959.333556][ T1202] Node 0 DMA32 free:1324808kB boost:0kB min:34216kB low:42768kB high:51320kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24760kB inactive_anon:0kB active_file:14328kB inactive_file:163500kB unevictable:1536kB writepending:1068kB zspages:0kB present:3129332kB managed:2554028kB mlocked:0kB bounce:0kB free_pcp:46536kB local_pcp:29544kB free_cma:0kB
[  959.367559][ T1202] lowmem_reserve[]: 0 0 1 1 1
[  959.372269][ T1202] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  959.402659][ T1202] lowmem_reserve[]: 0 0 0 0 0
[  959.407486][ T1202] Node 1 Normal free:3550932kB boost:0kB min:55668kB low:69584kB high:83500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:59996kB local_pcp:32520kB free_cma:0kB
[  959.440510][ T1202] lowmem_reserve[]: 0 0 0 0 0
[  959.445440][ T1202] Node 0 DMA: 0*4kB 2*8kB (U) 2*16kB (U) 2*32kB (U) 2*64kB (U) 2*128kB (U) 2*256kB (U) 2*512kB (U) 3*1024kB (U) 3*2048kB (UM) 0*4096kB = 11248kB
[  959.460610][ T1202] Node 0 DMA32: 7974*4kB (UME) 7588*8kB (UM) 4579*16kB (UME) 596*32kB (UME) 545*64kB (UM) 776*128kB (UM) 542*256kB (UM) 459*512kB (UME) 305*1024kB (UME) 156*2048kB (UME) 0*4096kB = 1324712kB
[  959.480028][ T1202] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  959.492141][ T1202] Node 1 Normal: 191*4kB (UE) 57*8kB (UME) 55*16kB (UME) 79*32kB (UME) 31*64kB (UME) 12*128kB (UME) 11*256kB (UM) 12*512kB (UM) 7*1024kB (UM) 8*2048kB (UE) 857*4096kB (UM) = 3550932kB
[  959.510936][ T1202] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  959.520532][ T1202] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  959.529903][ T1202] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  959.539753][ T1202] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  959.549713][ T1202] 45889 total pagecache pages
[  959.554477][ T1202] 0 pages in swap cache
[  959.558629][ T1202] Free swap  = 124996kB
[  959.562776][ T1202] Total swap = 124996kB
[  959.567491][ T1202] 2097051 pages RAM
[  959.571294][ T1202] 0 pages HighMem/MovableOnly
[  959.576006][ T1202] 426646 pages reserved
[  959.580157][ T1202] 0 pages cma reserved
[  959.584804][ T1208] workqueue: Failed to create a rescuer kthread for wq "bond11": -EINTR
[  959.585838][ T1212] workqueue: Failed to create a rescuer kthread for wq "bond11": -EINTR
[  959.777766][ T1227] syzkaller0: entered promiscuous mode
[  959.824572][ T1227] syzkaller0: entered allmulticast mode
[  959.827303][ T1229] netlink: 'syz.4.8162': attribute type 7 has an invalid length.
[  959.851870][ T1231] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  959.924677][ T1227] tipc: Resetting bearer <eth:syzkaller0>
[  959.942568][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  959.951106][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  959.977413][ T1223] tipc: Resetting bearer <eth:syzkaller0>
[  960.011215][ T1223] tipc: Disabling bearer <eth:syzkaller0>
[  960.597825][ T1268] lo speed is unknown, defaulting to 1000
[  961.048044][ T1296] netlink: 76 bytes leftover after parsing attributes in process `syz.2.8182'.
[  961.069608][ T1296] lo: Caught tx_queue_len zero misconfig
[  961.077722][ T1296] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  961.194321][ T1268] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  961.205384][T28914] IPVS: starting estimator thread 0...
[  961.295075][ T1310] bridge_slave_1: left allmulticast mode
[  961.307090][ T1308] IPVS: using max 35 ests per chain, 84000 per kthread
[  961.311076][ T1310] bridge_slave_1: left promiscuous mode
[  961.326922][ T1310] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.363129][ T1310] bridge_slave_1: entered promiscuous mode
[  961.384197][ T1310] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  961.642665][ T1319] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8190'.
[  961.660119][ T1336] netlink: 48 bytes leftover after parsing attributes in process `syz.1.8194'.
[  961.665673][ T1318] syzkaller0: entered promiscuous mode
[  961.675185][ T1318] syzkaller0: entered allmulticast mode
[  961.696400][ T1314] lo speed is unknown, defaulting to 1000
[  961.781278][ T1343] sit0: Caught tx_queue_len zero misconfig
[  961.788742][ T5910] wlan1: Trigger new scan to find an IBSS to join
[  961.793535][T10715] wlan0: Trigger new scan to find an IBSS to join
[  961.795490][   T50] wlan0: Trigger new scan to find an IBSS to join
[  961.808264][   T36] wlan1: Trigger new scan to find an IBSS to join
[  961.844446][ T1343] netlink: 'syz.1.8196': attribute type 1 has an invalid length.
[  961.882672][ T5949] IPVS: stop unused estimator thread 0...
[  962.075943][ T1358] netlink: 'syz.3.8200': attribute type 1 has an invalid length.
[  962.574204][T28936] IPVS: starting estimator thread 0...
[  962.664296][ T1376] IPVS: using max 56 ests per chain, 134400 per kthread
[  962.881984][ T1378] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8204'.
[  962.907960][ T1378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8204'.
[  962.917619][ T1378] netlink: 348 bytes leftover after parsing attributes in process `syz.0.8204'.
[  962.927389][ T1378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8204'.
[  962.936710][ T1378] netlink: 348 bytes leftover after parsing attributes in process `syz.0.8204'.
[  962.945926][ T1378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8204'.
[  963.852645][ T1358] workqueue: Failed to create a rescuer kthread for wq "bond11": -EINTR
[  963.881595][ T1385] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8204'.
[  963.905919][ T1385] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  963.940592][ T1373] lo speed is unknown, defaulting to 1000
[  964.248933][ T1400] erspan0: entered promiscuous mode
[  964.337303][ T1411] netlink: 'syz.3.8215': attribute type 1 has an invalid length.
[  964.380030][ T1411] bond11: (slave geneve3): making interface the new active one
[  964.389064][ T1411] bond11: (slave geneve3): Enslaving as an active interface with an up link
[  964.399111][   T50] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  964.409052][   T50] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  964.544282][ T1419] netlink: 'syz.4.8214': attribute type 1 has an invalid length.
[  964.745296][   T36] wlan1: Trigger new scan to find an IBSS to join
[  964.745574][T10712] wlan0: Trigger new scan to find an IBSS to join
[  964.811644][ T1411] bond11 (unregistering): (slave geneve3): Releasing active interface
[  964.823620][T10712] wlan0: Trigger new scan to find an IBSS to join
[  964.825708][ T5949] wlan1: Trigger new scan to find an IBSS to join
[  964.832437][ T1411] bond11 (unregistering): Released all slaves
[  964.877657][   T50] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 20000 - 0
[  964.887366][   T50] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 20000 - 0
[  965.390660][ T1449] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  965.596291][ T1459] netlink: 'syz.1.8229': attribute type 5 has an invalid length.
[  965.652673][T10712] wlan1: Creating new IBSS network, BSSID 6a:3b:ae:6c:a3:fa
[  965.663301][ T5949] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  965.710747][ T1459] lo speed is unknown, defaulting to 1000
[  965.724011][ T5949] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  965.736078][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  965.991710][ T1468] netlink: 'syz.4.8233': attribute type 1 has an invalid length.
[  966.094782][ T1474] lo speed is unknown, defaulting to 1000
[  966.503786][ T5822] Bluetooth: hci2: command 0x0419 tx timeout
[  967.097967][ T1501] FAULT_INJECTION: forcing a failure.
[  967.097967][ T1501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  967.113943][ T1501] CPU: 1 UID: 0 PID: 1501 Comm: syz.0.8241 Not tainted syzkaller #0 PREEMPT(full) 
[  967.113968][ T1501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  967.113977][ T1501] Call Trace:
[  967.113984][ T1501]  <TASK>
[  967.113992][ T1501]  dump_stack_lvl+0xe8/0x150
[  967.114016][ T1501]  should_fail_ex+0x412/0x560
[  967.114038][ T1501]  _copy_from_user+0x2d/0xb0
[  967.114061][ T1501]  __sys_bpf+0x229/0x920
[  967.114078][ T1501]  ? __pfx___sys_bpf+0x10/0x10
[  967.114107][ T1501]  ? ksys_write+0x242/0x270
[  967.114130][ T1501]  ? __pfx_ksys_write+0x10/0x10
[  967.114156][ T1501]  __x64_sys_bpf+0x7c/0x90
[  967.114177][ T1501]  do_syscall_64+0xe2/0xf80
[  967.114197][ T1501]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  967.114211][ T1501]  ? trace_irq_disable+0x37/0x100
[  967.114226][ T1501]  ? clear_bhb_loop+0x60/0xb0
[  967.114244][ T1501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  967.114300][ T1501] RIP: 0033:0x7f0d0a99aeb9
[  967.114316][ T1501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  967.114330][ T1501] RSP: 002b:00007f0d0b7d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  967.114347][ T1501] RAX: ffffffffffffffda RBX: 00007f0d0ac15fa0 RCX: 00007f0d0a99aeb9
[  967.114359][ T1501] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 000000000000000f
[  967.114369][ T1501] RBP: 00007f0d0b7d6090 R08: 0000000000000000 R09: 0000000000000000
[  967.114379][ T1501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  967.114387][ T1501] R13: 00007f0d0ac16038 R14: 00007f0d0ac15fa0 R15: 00007ffcdd66bda8
[  967.114413][ T1501]  </TASK>
[  968.692820][ T1508] lo speed is unknown, defaulting to 1000
[  968.746066][ T1509] netlink: 'syz.0.8243': attribute type 1 has an invalid length.
[  968.765684][ T1513] __nla_validate_parse: 2 callbacks suppressed
[  968.765704][ T1513] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8244'.
[  968.859200][ T1509] 8021q: adding VLAN 0 to HW filter on device bond4
[  968.888677][ T1520] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8246'.
[  968.913190][ T1514] bond4: (slave gretap1): making interface the new active one
[  968.936483][ T1514] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  968.942583][ T1520] netlink: 'syz.4.8246': attribute type 1 has an invalid length.
[  969.071512][ T1512] tc_dump_action: action bad kind
[  969.081592][ T5949] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  969.152729][ T1536] netlink: 'syz.2.8247': attribute type 1 has an invalid length.
[  969.617177][ T1548] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8251'.
[  969.692900][ T1537] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8249'.
[  969.974247][T28936] hid-generic 0005:15C2:5508.0014: unknown main item tag 0x6
[  969.992235][T28936] hid-generic 0005:15C2:5508.0014: reserved main item tag 0xe
[  970.016149][T28936] hid-generic 0005:15C2:5508.0014: item fetching failed at offset 14/68
[  970.038969][T28936] hid-generic 0005:15C2:5508.0014: probe with driver hid-generic failed with error -22
[  970.280609][ T1583] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8261'.
[  970.326669][ T1582] IPVS: set_ctl: invalid protocol: 31091 116.117.110.0:0
[  970.396812][ T1591] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  970.602811][ T1601] netlink: 'syz.0.8265': attribute type 1 has an invalid length.
[  970.808247][ T1606] FAULT_INJECTION: forcing a failure.
[  970.808247][ T1606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  970.823040][ T1606] CPU: 0 UID: 0 PID: 1606 Comm: syz.1.8270 Not tainted syzkaller #0 PREEMPT(full) 
[  970.823066][ T1606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  970.823077][ T1606] Call Trace:
[  970.823085][ T1606]  <TASK>
[  970.823093][ T1606]  dump_stack_lvl+0xe8/0x150
[  970.823128][ T1606]  should_fail_ex+0x412/0x560
[  970.823154][ T1606]  _copy_to_user+0x31/0xb0
[  970.823180][ T1606]  simple_read_from_buffer+0xe1/0x170
[  970.823204][ T1606]  proc_fail_nth_read+0x1bb/0x230
[  970.823231][ T1606]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  970.823258][ T1606]  ? rw_verify_area+0x2a6/0x4d0
[  970.823280][ T1606]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  970.823304][ T1606]  vfs_read+0x20c/0xa70
[  970.823325][ T1606]  ? fdget_pos+0x246/0x320
[  970.823348][ T1606]  ? __pfx___mutex_lock+0x10/0x10
[  970.823374][ T1606]  ? __pfx_vfs_read+0x10/0x10
[  970.823396][ T1606]  ? __fget_files+0x2a/0x420
[  970.823418][ T1606]  ? __fget_files+0x3a0/0x420
[  970.823436][ T1606]  ? __fget_files+0x2a/0x420
[  970.823462][ T1606]  ksys_read+0x150/0x270
[  970.823487][ T1606]  ? __pfx_ksys_read+0x10/0x10
[  970.823521][ T1606]  do_syscall_64+0xe2/0xf80
[  970.823542][ T1606]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.823558][ T1606]  ? trace_irq_disable+0x37/0x100
[  970.823574][ T1606]  ? clear_bhb_loop+0x60/0xb0
[  970.823594][ T1606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.823611][ T1606] RIP: 0033:0x7fef1895b78e
[  970.823628][ T1606] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  970.823643][ T1606] RSP: 002b:00007fef1985bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  970.823662][ T1606] RAX: ffffffffffffffda RBX: 00007fef1985c6c0 RCX: 00007fef1895b78e
[  970.823675][ T1606] RDX: 000000000000000f RSI: 00007fef1985c0a0 RDI: 0000000000000005
[  970.823686][ T1606] RBP: 00007fef1985c090 R08: 0000000000000000 R09: 0000000000000000
[  970.823698][ T1606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  970.823710][ T1606] R13: 00007fef18c16038 R14: 00007fef18c15fa0 R15: 00007ffd5509aab8
[  970.823754][ T1606]  </TASK>
[  971.290899][ T1618] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8273'.
[  971.413635][ T1622] netlink: 'syz.2.8274': attribute type 30 has an invalid length.
[  971.430304][ T1622] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8274'.
[  971.444508][ T1627] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8277'.
[  971.499540][ T1627] 8021q: adding VLAN 0 to HW filter on device bond5
[  971.554127][ T1622] bond7: option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4)
[  971.583811][ T1622] bond7 (unregistering): Released all slaves
[  971.610683][ T1624] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8276'.
[  971.911027][ T1654] FAULT_INJECTION: forcing a failure.
[  971.911027][ T1654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  971.932032][ T1656] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  971.940368][ T1656] syzkaller0: entered promiscuous mode
[  971.943804][ T1654] CPU: 0 UID: 0 PID: 1654 Comm: syz.3.8282 Not tainted syzkaller #0 PREEMPT(full) 
[  971.943828][ T1654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  971.943838][ T1654] Call Trace:
[  971.943846][ T1654]  <TASK>
[  971.943854][ T1654]  dump_stack_lvl+0xe8/0x150
[  971.943880][ T1654]  should_fail_ex+0x412/0x560
[  971.943904][ T1654]  _copy_from_iter+0x1d3/0x1670
[  971.943934][ T1654]  ? rcu_is_watching+0x15/0xb0
[  971.943952][ T1654]  ? __pfx__copy_from_iter+0x10/0x10
[  971.943971][ T1654]  ? kmem_cache_alloc_node_noprof+0x473/0x6f0
[  971.944003][ T1654]  ? netlink_sendmsg+0x650/0xb40
[  971.944028][ T1654]  ? skb_put+0x11b/0x210
[  971.944052][ T1654]  netlink_sendmsg+0x6c0/0xb40
[  971.944079][ T1654]  ? __pfx_netlink_sendmsg+0x10/0x10
[  971.944100][ T1654]  ? aa_sock_msg_perm+0xf1/0x1b0
[  971.944122][ T1654]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  971.944142][ T1654]  ? __pfx_netlink_sendmsg+0x10/0x10
[  971.944159][ T1654]  ____sys_sendmsg+0xa68/0xad0
[  971.944181][ T1654]  ? __might_fault+0xaf/0x130
[  971.944209][ T1654]  ? __pfx_____sys_sendmsg+0x10/0x10
[  971.944239][ T1654]  ? import_iovec+0x73/0xa0
[  971.944264][ T1654]  ___sys_sendmsg+0x2a5/0x360
[  971.944285][ T1654]  ? __lock_acquire+0x6b5/0x2cf0
[  971.944310][ T1654]  ? __pfx____sys_sendmsg+0x10/0x10
[  971.944362][ T1654]  ? __fget_files+0x2a/0x420
[  971.944380][ T1654]  ? __fget_files+0x3a0/0x420
[  971.944407][ T1654]  __x64_sys_sendmsg+0x1bd/0x2a0
[  971.944431][ T1654]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  971.944461][ T1654]  ? __pfx_ksys_write+0x10/0x10
[  971.944493][ T1654]  do_syscall_64+0xe2/0xf80
[  971.944515][ T1654]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.944531][ T1654]  ? trace_irq_disable+0x37/0x100
[  971.944547][ T1654]  ? clear_bhb_loop+0x60/0xb0
[  971.944567][ T1654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.944583][ T1654] RIP: 0033:0x7f53cdd9aeb9
[  971.944599][ T1654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  971.944614][ T1654] RSP: 002b:00007f53cec12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  971.944632][ T1654] RAX: ffffffffffffffda RBX: 00007f53ce015fa0 RCX: 00007f53cdd9aeb9
[  971.944645][ T1654] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000006
[  971.944657][ T1654] RBP: 00007f53cec12090 R08: 0000000000000000 R09: 0000000000000000
[  971.944668][ T1654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.944679][ T1654] R13: 00007f53ce016038 R14: 00007f53ce015fa0 R15: 00007ffcbabced08
[  971.944706][ T1654]  </TASK>
[  972.014372][ T1661] openvswitch: netlink: IP tunnel dst address not specified
[  972.021843][ T1656] syzkaller0: entered allmulticast mode
[  972.228227][ T1672] tipc: Resetting bearer <eth:syzkaller0>
[  972.286375][ T1655] tipc: Resetting bearer <eth:syzkaller0>
[  972.347340][ T1655] tipc: Disabling bearer <eth:syzkaller0>
[  972.553784][ T1688] netlink: 'syz.2.8291': attribute type 1 has an invalid length.
[  972.561962][ T1688] netlink: 240 bytes leftover after parsing attributes in process `syz.2.8291'.
[  972.729972][ T1697] FAULT_INJECTION: forcing a failure.
[  972.729972][ T1697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  972.744617][ T1697] CPU: 1 UID: 0 PID: 1697 Comm: syz.2.8293 Not tainted syzkaller #0 PREEMPT(full) 
[  972.744641][ T1697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  972.744652][ T1697] Call Trace:
[  972.744660][ T1697]  <TASK>
[  972.744669][ T1697]  dump_stack_lvl+0xe8/0x150
[  972.744704][ T1697]  should_fail_ex+0x412/0x560
[  972.744730][ T1697]  _copy_from_user+0x2d/0xb0
[  972.744755][ T1697]  sk_getsockopt+0x1d4/0x2840
[  972.744775][ T1697]  ? get_pid_task+0x20/0x1f0
[  972.744802][ T1697]  ? __pfx_sk_getsockopt+0x10/0x10
[  972.744823][ T1697]  ? __pfx_aa_unix_opt_perm+0x10/0x10
[  972.744861][ T1697]  ? __might_fault+0xaf/0x130
[  972.744885][ T1697]  ? __might_fault+0xaf/0x130
[  972.744926][ T1697]  do_sock_getsockopt+0x223/0x3f0
[  972.744952][ T1697]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  972.744978][ T1697]  ? ksys_write+0x1fc/0x270
[  972.745006][ T1697]  __x64_sys_getsockopt+0x1a4/0x240
[  972.745036][ T1697]  do_syscall_64+0xe2/0xf80
[  972.745058][ T1697]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  972.745075][ T1697]  ? trace_irq_disable+0x37/0x100
[  972.745092][ T1697]  ? clear_bhb_loop+0x60/0xb0
[  972.745113][ T1697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  972.745130][ T1697] RIP: 0033:0x7f6f1e39aeb9
[  972.745147][ T1697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  972.745162][ T1697] RSP: 002b:00007f6f1f190028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  972.745182][ T1697] RAX: ffffffffffffffda RBX: 00007f6f1e615fa0 RCX: 00007f6f1e39aeb9
[  972.745195][ T1697] RDX: 000000000000003b RSI: 0000000000000001 RDI: 0000000000000004
[  972.745207][ T1697] RBP: 00007f6f1f190090 R08: 0000200000000000 R09: 0000000000000000
[  972.745218][ T1697] R10: 00002000000014c0 R11: 0000000000000246 R12: 0000000000000001
[  972.745230][ T1697] R13: 00007f6f1e616038 R14: 00007f6f1e615fa0 R15: 00007fff3797dd78
[  972.745259][ T1697]  </TASK>
[  972.937312][   T12] wlan0: Trigger new scan to find an IBSS to join
[  972.937409][T10715] wlan1: Trigger new scan to find an IBSS to join
[  973.444919][ T1720] FAULT_INJECTION: forcing a failure.
[  973.444919][ T1720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  973.486793][ T1720] CPU: 0 UID: 0 PID: 1720 Comm: syz.2.8303 Not tainted syzkaller #0 PREEMPT(full) 
[  973.486819][ T1720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  973.486829][ T1720] Call Trace:
[  973.486837][ T1720]  <TASK>
[  973.486845][ T1720]  dump_stack_lvl+0xe8/0x150
[  973.486871][ T1720]  should_fail_ex+0x412/0x560
[  973.486896][ T1720]  _copy_from_user+0x2d/0xb0
[  973.486920][ T1720]  rxrpc_request_key+0x103/0x250
[  973.486947][ T1720]  rxrpc_setsockopt+0x595/0x9f0
[  973.486970][ T1720]  ? __pfx_rxrpc_setsockopt+0x10/0x10
[  973.486991][ T1720]  ? aa_sock_opt_perm+0xff/0x1a0
[  973.487014][ T1720]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  973.487032][ T1720]  ? __pfx_rxrpc_setsockopt+0x10/0x10
[  973.487054][ T1720]  do_sock_setsockopt+0x17c/0x1b0
[  973.487080][ T1720]  __x64_sys_setsockopt+0x13d/0x1b0
[  973.487106][ T1720]  do_syscall_64+0xe2/0xf80
[  973.487128][ T1720]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  973.487144][ T1720]  ? trace_irq_disable+0x37/0x100
[  973.487161][ T1720]  ? clear_bhb_loop+0x60/0xb0
[  973.487181][ T1720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  973.487198][ T1720] RIP: 0033:0x7f6f1e39aeb9
[  973.487214][ T1720] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  973.487229][ T1720] RSP: 002b:00007f6f1f190028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  973.487248][ T1720] RAX: ffffffffffffffda RBX: 00007f6f1e615fa0 RCX: 00007f6f1e39aeb9
[  973.487260][ T1720] RDX: 0000000000000001 RSI: 0000000000000110 RDI: 0000000000000003
[  973.487271][ T1720] RBP: 00007f6f1f190090 R08: 0000000000000007 R09: 0000000000000000
[  973.487282][ T1720] R10: 0000200000009840 R11: 0000000000000246 R12: 0000000000000001
[  973.487294][ T1720] R13: 00007f6f1e616038 R14: 00007f6f1e615fa0 R15: 00007fff3797dd78
[  973.487327][ T1720]  </TASK>
[  973.488134][ T1720] netlink: 'syz.2.8303': attribute type 10 has an invalid length.
[  973.497123][ T1718] lo speed is unknown, defaulting to 1000
[  973.599112][ T1720] veth0_vlan: left promiscuous mode
[  973.702803][ T1720] veth0_vlan: entered promiscuous mode
[  973.724810][ T1720] team0: Device veth0_vlan failed to register rx_handler
[  973.732028][ T1723] netlink: zone id is out of range
[  973.754741][ T1723] netlink: zone id is out of range
[  973.774367][ T1723] netlink: zone id is out of range
[  973.779513][ T1723] netlink: zone id is out of range
[  973.802854][ T1723] netlink: zone id is out of range
[  973.849307][ T1723] netlink: zone id is out of range
[  973.877774][ T1725] xt_hashlimit: max too large, truncated to 1048576
[  973.883459][ T1723] netlink: zone id is out of range
[  973.885338][ T1725] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  973.889503][ T1723] netlink: zone id is out of range
[  973.889516][ T1723] netlink: zone id is out of range
[  973.960179][ T1727] netlink: 'syz.1.8306': attribute type 1 has an invalid length.
[  973.968244][ T1727] __nla_validate_parse: 5 callbacks suppressed
[  973.968262][ T1727] netlink: 244 bytes leftover after parsing attributes in process `syz.1.8306'.
[  974.329342][ T1718] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20001
[  974.336752][T28914] IPVS: starting estimator thread 0...
[  974.459239][ T1750] FAULT_INJECTION: forcing a failure.
[  974.459239][ T1750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  974.473997][ T1741] IPVS: using max 40 ests per chain, 96000 per kthread
[  974.496370][ T1750] CPU: 0 UID: 0 PID: 1750 Comm: syz.1.8311 Not tainted syzkaller #0 PREEMPT(full) 
[  974.496396][ T1750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  974.496408][ T1750] Call Trace:
[  974.496415][ T1750]  <TASK>
[  974.496424][ T1750]  dump_stack_lvl+0xe8/0x150
[  974.496451][ T1750]  should_fail_ex+0x412/0x560
[  974.496478][ T1750]  _copy_from_user+0x2d/0xb0
[  974.496503][ T1750]  kstrtouint_from_user+0xd6/0x180
[  974.496528][ T1750]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  974.496565][ T1750]  proc_fail_nth_write+0x8e/0x210
[  974.496589][ T1750]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  974.496617][ T1750]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  974.496642][ T1750]  vfs_write+0x29a/0xb90
[  974.496675][ T1750]  ? __pfx_vfs_write+0x10/0x10
[  974.496700][ T1750]  ? __fget_files+0x2a/0x420
[  974.496724][ T1750]  ? __fget_files+0x3a0/0x420
[  974.496742][ T1750]  ? __fget_files+0x2a/0x420
[  974.496770][ T1750]  ksys_write+0x150/0x270
[  974.496795][ T1750]  ? __pfx_ksys_write+0x10/0x10
[  974.496837][ T1750]  do_syscall_64+0xe2/0xf80
[  974.496859][ T1750]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.496876][ T1750]  ? trace_irq_disable+0x37/0x100
[  974.496893][ T1750]  ? clear_bhb_loop+0x60/0xb0
[  974.496914][ T1750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  974.496931][ T1750] RIP: 0033:0x7fef1895b78e
[  974.496947][ T1750] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  974.496963][ T1750] RSP: 002b:00007fef1985bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  974.496982][ T1750] RAX: ffffffffffffffda RBX: 00007fef1985c6c0 RCX: 00007fef1895b78e
[  974.496995][ T1750] RDX: 0000000000000001 RSI: 00007fef1985c0a0 RDI: 0000000000000007
[  974.497007][ T1750] RBP: 00007fef1985c090 R08: 0000000000000000 R09: 0000000000000000
[  974.497018][ T1750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  974.497029][ T1750] R13: 00007fef18c16038 R14: 00007fef18c15fa0 R15: 00007ffd5509aab8
[  974.497060][ T1750]  </TASK>
[  975.199157][ T1737] netlink: 36 bytes leftover after parsing attributes in process `syz.2.8309'.
[  975.356929][   T12] IPVS: stop unused estimator thread 0...
[  975.578200][ T5822] Bluetooth: hci2: link tx timeout
[  975.583812][ T5822] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  975.611872][ T5139] Bluetooth: hci2: link tx timeout
[  975.617152][ T5139] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  975.834418][ T1763] ip6gre0: Caught tx_queue_len zero misconfig
[  975.844219][ T1763] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1280) !
[  975.875356][ T1763] netlink: 'syz.1.8315': attribute type 9 has an invalid length.
[  976.158106][ T1780] xt_hashlimit: max too large, truncated to 1048576
[  976.184530][ T1780] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  976.417498][ T1787] FAULT_INJECTION: forcing a failure.
[  976.417498][ T1787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  976.431237][ T1787] CPU: 0 UID: 0 PID: 1787 Comm: syz.1.8323 Not tainted syzkaller #0 PREEMPT(full) 
[  976.431262][ T1787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  976.431274][ T1787] Call Trace:
[  976.431282][ T1787]  <TASK>
[  976.431290][ T1787]  dump_stack_lvl+0xe8/0x150
[  976.431318][ T1787]  should_fail_ex+0x412/0x560
[  976.431341][ T1787]  _copy_from_user+0x2d/0xb0
[  976.431366][ T1787]  ___sys_recvmsg+0x175/0x590
[  976.431395][ T1787]  ? __pfx____sys_recvmsg+0x10/0x10
[  976.431422][ T1787]  ? __fget_files+0x2a/0x420
[  976.431469][ T1787]  do_recvmmsg+0x334/0x800
[  976.431499][ T1787]  ? __pfx_do_recvmmsg+0x10/0x10
[  976.431533][ T1787]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  976.431573][ T1787]  __x64_sys_recvmmsg+0x198/0x250
[  976.431607][ T1787]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  976.431640][ T1787]  do_syscall_64+0xe2/0xf80
[  976.431662][ T1787]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  976.431678][ T1787]  ? trace_irq_disable+0x37/0x100
[  976.431696][ T1787]  ? clear_bhb_loop+0x60/0xb0
[  976.431717][ T1787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  976.431735][ T1787] RIP: 0033:0x7fef1899aeb9
[  976.431751][ T1787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  976.431767][ T1787] RSP: 002b:00007fef1983b028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  976.431787][ T1787] RAX: ffffffffffffffda RBX: 00007fef18c16090 RCX: 00007fef1899aeb9
[  976.431801][ T1787] RDX: 03ffffffffffff67 RSI: 0000200000002440 RDI: 0000000000000007
[  976.431813][ T1787] RBP: 00007fef1983b090 R08: 0000000000000000 R09: 0000000000000000
[  976.431825][ T1787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  976.431836][ T1787] R13: 00007fef18c16128 R14: 00007fef18c16090 R15: 00007ffd5509aab8
[  976.431867][ T1787]  </TASK>
[  976.639192][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  976.639687][ T1785] netlink: 36 bytes leftover after parsing attributes in process `syz.2.8324'.
[  976.648037][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  976.668176][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  976.680716][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  976.743589][T10715] wlan1: Trigger new scan to find an IBSS to join
[  976.750191][T10712] wlan0: Trigger new scan to find an IBSS to join
[  976.822679][ T1790] netlink: 52 bytes leftover after parsing attributes in process `syz.2.8325'.
[  977.018970][ T5139] Bluetooth: hci2: link tx timeout
[  977.024297][ T5139] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  977.032030][ T5139] Bluetooth: hci2: link tx timeout
[  977.037365][ T5139] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  977.269247][ T5139] Bluetooth: hci2: link tx timeout
[  977.274539][ T5139] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  977.282201][ T5139] Bluetooth: hci2: link tx timeout
[  977.287871][ T5139] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  977.417717][ T1808] lo speed is unknown, defaulting to 1000
[  977.624119][ T5139] Bluetooth: hci2: command 0x0419 tx timeout
[  977.675670][T10715] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  977.683642][ T5949] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  978.141465][   T12] team0: Port device bridge4 removed
[  978.260515][   T12] bond0 (unregistering): Released all slaves
[  978.275976][   T12] bond1 (unregistering): Released all slaves
[  978.298802][   T12] bond2 (unregistering): (slave bond3): Releasing backup interface
[  978.310638][   T12] bond2 (unregistering): Released all slaves
[  978.332756][   T12] bond3 (unregistering): Released all slaves
[  978.352696][   T12] bond4 (unregistering): Released all slaves
[  978.382597][   T12] bond5 (unregistering): Released all slaves
[  978.397096][   T12] bond6 (unregistering): (slave batadv0): Releasing active interface
[  978.406629][   T12] bond6 (unregistering): Released all slaves
[  978.419339][   T12] bond7 (unregistering): (slave batadv2): Releasing active interface
[  978.429855][   T12] bond7 (unregistering): Released all slaves
[  978.449356][   T12] bond8 (unregistering): Released all slaves
[  978.468212][   T12] bond9 (unregistering): Released all slaves
[  978.607854][ T1840] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8342'.
[  978.653050][ T1840] block nbd0: not configured, cannot reconfigure
[  978.937332][ T1859] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  978.947229][ T1859] syzkaller0: entered promiscuous mode
[  978.958669][ T1859] syzkaller0: entered allmulticast mode
[  978.992933][ T1863] FAULT_INJECTION: forcing a failure.
[  978.992933][ T1863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  979.013793][ T1863] CPU: 1 UID: 0 PID: 1863 Comm: syz.2.8349 Not tainted syzkaller #0 PREEMPT(full) 
[  979.013817][ T1863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  979.013827][ T1863] Call Trace:
[  979.013834][ T1863]  <TASK>
[  979.013842][ T1863]  dump_stack_lvl+0xe8/0x150
[  979.013867][ T1863]  should_fail_ex+0x412/0x560
[  979.013891][ T1863]  _copy_from_iter+0x1d3/0x1670
[  979.013920][ T1863]  ? __pfx__copy_from_iter+0x10/0x10
[  979.013937][ T1863]  ? sock_alloc_send_pskb+0x896/0x990
[  979.013966][ T1863]  ? __pfx__copy_from_iter+0x10/0x10
[  979.013987][ T1863]  ? page_copy_sane+0x16a/0x270
[  979.014008][ T1863]  copy_page_from_iter+0xdd/0x170
[  979.014031][ T1863]  skb_copy_datagram_from_iter+0x306/0x710
[  979.014064][ T1863]  tun_get_user+0xc38/0x3dd0
[  979.014091][ T1863]  ? aa_file_perm+0x12d/0x1630
[  979.014116][ T1863]  ? aa_file_perm+0x440/0x1630
[  979.014134][ T1863]  ? __pfx_tun_get_user+0x10/0x10
[  979.014152][ T1863]  ? __lock_acquire+0x6b5/0x2cf0
[  979.014175][ T1863]  ? kstrtoull+0x12f/0x1d0
[  979.014201][ T1863]  ? ref_tracker_alloc+0x363/0x4d0
[  979.014221][ T1863]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  979.014243][ T1863]  ? tun_get+0x1c/0x2f0
[  979.014259][ T1863]  ? tun_get+0x1c/0x2f0
[  979.014281][ T1863]  ? tun_get+0x1c/0x2f0
[  979.014298][ T1863]  ? tun_get+0x1c/0x2f0
[  979.014316][ T1863]  tun_chr_write_iter+0x113/0x200
[  979.014334][ T1863]  vfs_write+0x61d/0xb90
[  979.014371][ T1863]  ? __pfx_vfs_write+0x10/0x10
[  979.014399][ T1863]  ? __fget_files+0x2a/0x420
[  979.014421][ T1863]  ksys_write+0x150/0x270
[  979.014441][ T1863]  ? __pfx_ksys_write+0x10/0x10
[  979.014466][ T1863]  do_syscall_64+0xe2/0xf80
[  979.014484][ T1863]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  979.014497][ T1863]  ? trace_irq_disable+0x37/0x100
[  979.014510][ T1863]  ? clear_bhb_loop+0x60/0xb0
[  979.014525][ T1863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  979.014538][ T1863] RIP: 0033:0x7f6f1e39aeb9
[  979.014551][ T1863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  979.014562][ T1863] RSP: 002b:00007f6f1f190028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  979.014578][ T1863] RAX: ffffffffffffffda RBX: 00007f6f1e615fa0 RCX: 00007f6f1e39aeb9
[  979.014587][ T1863] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  979.014596][ T1863] RBP: 00007f6f1f190090 R08: 0000000000000000 R09: 0000000000000000
[  979.014605][ T1863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  979.014612][ T1863] R13: 00007f6f1e616038 R14: 00007f6f1e615fa0 R15: 00007fff3797dd78
[  979.014633][ T1863]  </TASK>
[  979.438675][ T1867] netlink: 'syz.3.8351': attribute type 7 has an invalid length.
[  979.535384][ T1874] netlink: 'syz.4.8354': attribute type 1 has an invalid length.
[  979.617257][ T1872] lo speed is unknown, defaulting to 1000
[  979.711399][ T1881] netlink: 112 bytes leftover after parsing attributes in process `syz.0.8355'.
[  979.812213][ T1881] netlink: 56 bytes leftover after parsing attributes in process `syz.0.8355'.
[  979.957381][ T1872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8353'.
[  979.966761][ T1872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8353'.
[  980.320857][ T1916] veth0: entered promiscuous mode
[  980.326411][ T1916] veth0: entered allmulticast mode
[  980.474675][ T1921] netlink: 'syz.2.8367': attribute type 7 has an invalid length.
[  980.682354][ T1930] syzkaller0: entered promiscuous mode
[  980.691271][ T1930] syzkaller0: entered allmulticast mode
[  980.980337][   T12] tipc: Disabling bearer <udp:s>
[  980.990725][   T12] tipc: Left network mode
[  981.059706][ T1939] bond0: (slave sit0): Error: Device type is different from other slaves
[  981.208804][ T1948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8373'.
[  981.249877][ T1948] net_ratelimit: 36 callbacks suppressed
[  981.249899][ T1948] openvswitch: netlink: Flow key attr not present in new flow.
[  981.266346][ T1947] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  981.294260][ T1947] syzkaller0: entered promiscuous mode
[  981.299763][ T1947] syzkaller0: entered allmulticast mode
[  981.649267][ T1967] netlink: 'syz.3.8377': attribute type 13 has an invalid length.
[  981.661448][ T1967] netlink: 'syz.3.8377': attribute type 17 has an invalid length.
[  981.884516][   T12] team0 (unregistering): Port device dummy0 removed
[  981.987426][ T1967] syz_tun: left promiscuous mode
[  982.048436][ T1967] 8021q: adding VLAN 0 to HW filter on device bond0
[  982.061227][ T1967] 8021q: adding VLAN 0 to HW filter on device `
[  982.089371][ T1973] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8380'.
[  982.113619][ T1967] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  982.189605][ T1973] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8380'.
[  982.915766][ T1999] netlink: 'syz.4.8389': attribute type 7 has an invalid length.
[  982.996767][   T12] IPVS: stop unused estimator thread 0...
[  983.241524][ T2015] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8393'.
[  983.355835][ T2021] xt_hashlimit: max too large, truncated to 1048576
[  983.556096][ T2030] openvswitch: netlink: EtherType 50a is less than min 600
[  984.751885][ T2063] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8410'.
[  984.762596][ T2063] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8410'.
[  985.042651][ T2075] FAULT_INJECTION: forcing a failure.
[  985.042651][ T2075] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  985.084964][ T2077] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8417'.
[  985.094894][ T2075] CPU: 0 UID: 0 PID: 2075 Comm: syz.1.8416 Not tainted syzkaller #0 PREEMPT(full) 
[  985.094922][ T2075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  985.094934][ T2075] Call Trace:
[  985.094942][ T2075]  <TASK>
[  985.094950][ T2075]  dump_stack_lvl+0xe8/0x150
[  985.094978][ T2075]  should_fail_ex+0x412/0x560
[  985.095003][ T2075]  _copy_from_iter+0x1d3/0x1670
[  985.095034][ T2075]  ? rcu_is_watching+0x15/0xb0
[  985.095053][ T2075]  ? __pfx__copy_from_iter+0x10/0x10
[  985.095073][ T2075]  ? kmem_cache_alloc_node_noprof+0x473/0x6f0
[  985.095105][ T2075]  ? netlink_sendmsg+0x650/0xb40
[  985.095123][ T2075]  ? skb_put+0x11b/0x210
[  985.095148][ T2075]  netlink_sendmsg+0x6c0/0xb40
[  985.095173][ T2075]  ? __pfx_netlink_sendmsg+0x10/0x10
[  985.095194][ T2075]  ? aa_sock_msg_perm+0xf1/0x1b0
[  985.095217][ T2075]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  985.095238][ T2075]  ? __pfx_netlink_sendmsg+0x10/0x10
[  985.095256][ T2075]  ____sys_sendmsg+0xa68/0xad0
[  985.095279][ T2075]  ? __might_fault+0xaf/0x130
[  985.095308][ T2075]  ? __pfx_____sys_sendmsg+0x10/0x10
[  985.095338][ T2075]  ? import_iovec+0x73/0xa0
[  985.095366][ T2075]  ___sys_sendmsg+0x2a5/0x360
[  985.095386][ T2075]  ? __lock_acquire+0x6b5/0x2cf0
[  985.095412][ T2075]  ? __pfx____sys_sendmsg+0x10/0x10
[  985.095466][ T2075]  ? __fget_files+0x2a/0x420
[  985.095484][ T2075]  ? __fget_files+0x3a0/0x420
[  985.095512][ T2075]  __x64_sys_sendmsg+0x1bd/0x2a0
[  985.095536][ T2075]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  985.095567][ T2075]  ? __pfx_ksys_write+0x10/0x10
[  985.095601][ T2075]  do_syscall_64+0xe2/0xf80
[  985.095622][ T2075]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.095639][ T2075]  ? trace_irq_disable+0x37/0x100
[  985.095656][ T2075]  ? clear_bhb_loop+0x60/0xb0
[  985.095676][ T2075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.095694][ T2075] RIP: 0033:0x7fef1899aeb9
[  985.095710][ T2075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  985.095732][ T2075] RSP: 002b:00007fef1985c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  985.095751][ T2075] RAX: ffffffffffffffda RBX: 00007fef18c15fa0 RCX: 00007fef1899aeb9
[  985.095765][ T2075] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  985.095776][ T2075] RBP: 00007fef1985c090 R08: 0000000000000000 R09: 0000000000000000
[  985.095788][ T2075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  985.095798][ T2075] R13: 00007fef18c16038 R14: 00007fef18c15fa0 R15: 00007ffd5509aab8
[  985.095826][ T2075]  </TASK>
[  985.432542][ T2082] tipc: New replicast peer: 255.255.255.255
[  985.450931][ T2082] tipc: Enabled bearer <udp:syz2>, priority 28
[  985.476027][ T2084] bridge4: entered promiscuous mode
[  985.555021][ T2094] tipc: Enabled bearer <ib:vlan1>, priority 10
[  985.608015][ T2099] FAULT_INJECTION: forcing a failure.
[  985.608015][ T2099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  985.677254][ T2103] netlink: 'syz.2.8427': attribute type 1 has an invalid length.
[  985.689811][ T2099] CPU: 1 UID: 0 PID: 2099 Comm: syz.3.8425 Not tainted syzkaller #0 PREEMPT(full) 
[  985.689837][ T2099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  985.689849][ T2099] Call Trace:
[  985.689856][ T2099]  <TASK>
[  985.689864][ T2099]  dump_stack_lvl+0xe8/0x150
[  985.689892][ T2099]  should_fail_ex+0x412/0x560
[  985.689918][ T2099]  _copy_from_user+0x2d/0xb0
[  985.689942][ T2099]  ___sys_recvmsg+0x175/0x590
[  985.689971][ T2099]  ? __pfx____sys_recvmsg+0x10/0x10
[  985.689998][ T2099]  ? __fget_files+0x2a/0x420
[  985.690046][ T2099]  do_recvmmsg+0x334/0x800
[  985.690077][ T2099]  ? __pfx_do_recvmmsg+0x10/0x10
[  985.690111][ T2099]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  985.690150][ T2099]  __x64_sys_recvmmsg+0x198/0x250
[  985.690176][ T2099]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  985.690211][ T2099]  do_syscall_64+0xe2/0xf80
[  985.690233][ T2099]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.690250][ T2099]  ? trace_irq_disable+0x37/0x100
[  985.690268][ T2099]  ? clear_bhb_loop+0x60/0xb0
[  985.690289][ T2099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.690307][ T2099] RIP: 0033:0x7f53cdd9aeb9
[  985.690323][ T2099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  985.690339][ T2099] RSP: 002b:00007f53cec12028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  985.690358][ T2099] RAX: ffffffffffffffda RBX: 00007f53ce015fa0 RCX: 00007f53cdd9aeb9
[  985.690371][ T2099] RDX: 000000000400023c RSI: 00002000000055c0 RDI: 0000000000000005
[  985.690391][ T2099] RBP: 00007f53cec12090 R08: 0000000000000000 R09: 0000000000000000
[  985.690402][ T2099] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000001
[  985.690414][ T2099] R13: 00007f53ce016038 R14: 00007f53ce015fa0 R15: 00007ffcbabced08
[  985.690444][ T2099]  </TASK>
[  985.692138][ T2103] netlink: 'syz.2.8427': attribute type 1 has an invalid length.
[  985.739148][ T2106] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma?
[  985.750680][ T2103] netlink: 11 bytes leftover after parsing attributes in process `syz.2.8427'.
[  985.756763][ T2106] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  985.978371][ T2118] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8431'.
[  986.333728][ T2144] xt_hashlimit: max too large, truncated to 1048576
[  986.428530][ T2143] lo speed is unknown, defaulting to 1000
[  986.694262][T28936] tipc: Node number set to 3637440075
[  986.945264][ T2168] syzkaller0: entered promiscuous mode
[  986.950842][ T2168] syzkaller0: entered allmulticast mode
[  986.988349][ T2171] netlink: 'syz.4.8451': attribute type 1 has an invalid length.
[  987.011428][ T2171] bond10: entered promiscuous mode
[  987.018476][ T2171] 8021q: adding VLAN 0 to HW filter on device bond10
[  987.051719][ T2171] bond10: (slave bridge4): making interface the new active one
[  987.059690][ T2171] bridge4: entered promiscuous mode
[  987.075612][ T2171] bridge4: left promiscuous mode
[  987.365873][ T2182] netlink: 'syz.1.8455': attribute type 4 has an invalid length.
[  987.378542][ T2185] lo speed is unknown, defaulting to 1000
[  987.631136][ T2195] lo speed is unknown, defaulting to 1000
[  987.698876][ T2205] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8462'.
[  987.845364][ T2211] tipc: Enabled bearer <ib:vlan1>, priority 10
[  988.148337][ T2235] netlink: 'syz.4.8470': attribute type 1 has an invalid length.
[  988.300411][ T2242] 
[  988.302768][ T2242] ======================================================
[  988.309776][ T2242] WARNING: possible circular locking dependency detected
[  988.316800][ T2242] syzkaller #0 Not tainted
[  988.321201][ T2242] ------------------------------------------------------
[  988.328202][ T2242] syz.3.8473/2242 is trying to acquire lock:
[  988.334165][ T2242] ffffffff8fb282d8 (nr_neigh_list_lock){+...}-{3:3}, at: nr_rt_ioctl+0x40c/0xf90
[  988.343299][ T2242] 
[  988.343299][ T2242] but task is already holding lock:
[  988.350649][ T2242] ffff888056e2fd70 (&nr_node->node_lock){+...}-{3:3}, at: nr_rt_ioctl+0x215/0xf90
[  988.359871][ T2242] 
[  988.359871][ T2242] which lock already depends on the new lock.
[  988.359871][ T2242] 
[  988.370260][ T2242] 
[  988.370260][ T2242] the existing dependency chain (in reverse order) is:
[  988.379262][ T2242] 
[  988.379262][ T2242] -> #2 (&nr_node->node_lock){+...}-{3:3}:
[  988.387254][ T2242]        _raw_spin_lock_bh+0x36/0x50
[  988.392546][ T2242]        nr_rt_ioctl+0x215/0xf90
[  988.397489][ T2242]        sock_do_ioctl+0x101/0x320
[  988.402594][ T2242]        sock_ioctl+0x5c6/0x7f0
[  988.407435][ T2242]        __se_sys_ioctl+0xfc/0x170
[  988.412542][ T2242]        do_syscall_64+0xe2/0xf80
[  988.417556][ T2242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.423956][ T2242] 
[  988.423956][ T2242] -> #1 (nr_node_list_lock){+...}-{3:3}:
[  988.431763][ T2242]        _raw_spin_lock_bh+0x36/0x50
[  988.437037][ T2242]        nr_rt_device_down+0xbe/0x860
[  988.442401][ T2242]        nr_device_event+0x137/0x150
[  988.447676][ T2242]        notifier_call_chain+0x19d/0x3a0
[  988.453295][ T2242]        __dev_notify_flags+0x16d/0x310
[  988.458834][ T2242]        netif_change_flags+0xe8/0x1a0
[  988.464371][ T2242]        dev_change_flags+0x130/0x260
[  988.469731][ T2242]        dev_ioctl+0x7b4/0x1150
[  988.474569][ T2242]        sock_do_ioctl+0x23e/0x320
[  988.479661][ T2242]        sock_ioctl+0x5c6/0x7f0
[  988.484496][ T2242]        __se_sys_ioctl+0xfc/0x170
[  988.489595][ T2242]        do_syscall_64+0xe2/0xf80
[  988.494952][ T2242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.501349][ T2242] 
[  988.501349][ T2242] -> #0 (nr_neigh_list_lock){+...}-{3:3}:
[  988.509253][ T2242]        __lock_acquire+0x15a5/0x2cf0
[  988.514623][ T2242]        lock_acquire+0x106/0x330
[  988.519635][ T2242]        _raw_spin_lock_bh+0x36/0x50
[  988.524908][ T2242]        nr_rt_ioctl+0x40c/0xf90
[  988.529838][ T2242]        sock_do_ioctl+0x101/0x320
[  988.534933][ T2242]        sock_ioctl+0x5c6/0x7f0
[  988.539861][ T2242]        __se_sys_ioctl+0xfc/0x170
[  988.544967][ T2242]        do_syscall_64+0xe2/0xf80
[  988.549996][ T2242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.556394][ T2242] 
[  988.556394][ T2242] other info that might help us debug this:
[  988.556394][ T2242] 
[  988.566604][ T2242] Chain exists of:
[  988.566604][ T2242]   nr_neigh_list_lock --> nr_node_list_lock --> &nr_node->node_lock
[  988.566604][ T2242] 
[  988.580414][ T2242]  Possible unsafe locking scenario:
[  988.580414][ T2242] 
[  988.587853][ T2242]        CPU0                    CPU1
[  988.593201][ T2242]        ----                    ----
[  988.598554][ T2242]   lock(&nr_node->node_lock);
[  988.603308][ T2242]                                lock(nr_node_list_lock);
[  988.610413][ T2242]                                lock(&nr_node->node_lock);
[  988.617686][ T2242]   lock(nr_neigh_list_lock);
[  988.622355][ T2242] 
[  988.622355][ T2242]  *** DEADLOCK ***
[  988.622355][ T2242] 
[  988.630480][ T2242] 2 locks held by syz.3.8473/2242:
[  988.635583][ T2242]  #0: ffffffff8fb28338 (nr_node_list_lock){+...}-{3:3}, at: nr_rt_ioctl+0x15f/0xf90
[  988.645080][ T2242]  #1: ffff888056e2fd70 (&nr_node->node_lock){+...}-{3:3}, at: nr_rt_ioctl+0x215/0xf90
[  988.654822][ T2242] 
[  988.654822][ T2242] stack backtrace:
[  988.660693][ T2242] CPU: 0 UID: 0 PID: 2242 Comm: syz.3.8473 Not tainted syzkaller #0 PREEMPT(full) 
[  988.660712][ T2242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  988.660723][ T2242] Call Trace:
[  988.660731][ T2242]  <TASK>
[  988.660739][ T2242]  dump_stack_lvl+0xe8/0x150
[  988.660759][ T2242]  print_circular_bug+0x2e1/0x300
[  988.660777][ T2242]  check_noncircular+0x12e/0x150
[  988.660794][ T2242]  __lock_acquire+0x15a5/0x2cf0
[  988.660822][ T2242]  ? nr_rt_ioctl+0x40c/0xf90
[  988.660842][ T2242]  lock_acquire+0x106/0x330
[  988.660860][ T2242]  ? nr_rt_ioctl+0x40c/0xf90
[  988.660882][ T2242]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  988.660900][ T2242]  ? nr_rt_ioctl+0x40c/0xf90
[  988.660920][ T2242]  _raw_spin_lock_bh+0x36/0x50
[  988.660938][ T2242]  ? nr_rt_ioctl+0x40c/0xf90
[  988.660957][ T2242]  nr_rt_ioctl+0x40c/0xf90
[  988.660981][ T2242]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  988.661005][ T2242]  ? apparmor_capable+0x137/0x1a0
[  988.661029][ T2242]  ? capable+0x88/0xe0
[  988.661043][ T2242]  ? nr_ioctl+0x1b1/0x3b0
[  988.661063][ T2242]  sock_do_ioctl+0x101/0x320
[  988.661079][ T2242]  ? __pfx_sock_do_ioctl+0x10/0x10
[  988.661093][ T2242]  ? do_futex+0x333/0x420
[  988.661118][ T2242]  sock_ioctl+0x5c6/0x7f0
[  988.661133][ T2242]  ? __pfx_sock_ioctl+0x10/0x10
[  988.661147][ T2242]  ? __fget_files+0x2a/0x420
[  988.661164][ T2242]  ? __fget_files+0x3a0/0x420
[  988.661179][ T2242]  ? __fget_files+0x2a/0x420
[  988.661196][ T2242]  ? bpf_lsm_file_ioctl+0x9/0x20
[  988.661214][ T2242]  ? __pfx_sock_ioctl+0x10/0x10
[  988.661228][ T2242]  __se_sys_ioctl+0xfc/0x170
[  988.661248][ T2242]  do_syscall_64+0xe2/0xf80
[  988.661269][ T2242]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.661284][ T2242]  ? trace_irq_disable+0x37/0x100
[  988.661299][ T2242]  ? clear_bhb_loop+0x60/0xb0
[  988.661315][ T2242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  988.661331][ T2242] RIP: 0033:0x7f53cdd9aeb9
[  988.661350][ T2242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  988.661365][ T2242] RSP: 002b:00007f53cec12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  988.661382][ T2242] RAX: ffffffffffffffda RBX: 00007f53ce015fa0 RCX: 00007f53cdd9aeb9
[  988.661394][ T2242] RDX: 0000200000000100 RSI: 00000000000089e2 RDI: 0000000000000004
[  988.661404][ T2242] RBP: 00007f53cde08c1f R08: 0000000000000000 R09: 0000000000000000
[  988.661415][ T2242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  988.661424][ T2242] R13: 00007f53ce016038 R14: 00007f53ce015fa0 R15: 00007ffcbabced08
[  988.661441][ T2242]  </TASK>
[  988.928479][ T2235] 8021q: adding VLAN 0 to HW filter on device bond12
[  988.936874][ T2235] bond11: (slave bond12): making interface the new active one
[  988.945409][ T2235] bond11: (slave bond12): Enslaving as an active interface with an up link
[  988.962767][ T2242] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8473'.
[  988.973995][ T5894] tipc: Node number set to 2696305805
[  989.000088][ T2242] bridge5: port 1(veth3) entered blocking state
[  989.006637][ T2242] bridge5: port 1(veth3) entered disabled state
[  989.014391][ T2242] veth3: entered allmulticast mode
[  989.020494][ T2242] veth3: entered promiscuous mode
[  989.030147][ T2242] bridge5: port 2(veth0_to_bond) entered blocking state
[  989.037489][ T2242] bridge5: port 2(veth0_to_bond) entered disabled state
[  989.045396][ T2242] veth0_to_bond: entered allmulticast mode
[  989.051995][ T2242] veth0_to_bond: entered promiscuous mode
[  989.065745][ T2242] bridge5: port 3(veth5) entered blocking state
[  989.072090][ T2242] bridge5: port 3(veth5) entered disabled state
[  989.078577][ T2242] veth5: entered allmulticast mode
[  989.084823][ T2242] veth5: entered promiscuous mode
[  989.144262][ T2244] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8473'.
[  993.327304][   T36] bond0 (unregistering): Released all slaves
[  993.335074][   T36] bond1 (unregistering): Released all slaves
[  993.345399][   T36] bond2 (unregistering): Released all slaves
[  993.354345][   T36] bond3 (unregistering): Released all slaves
[  993.364362][   T36] bond4 (unregistering): Released all slaves
[  993.431379][   T36] : left promiscuous mode
[  993.474479][   T36] tipc: Disabling bearer <udp:syz2>
[  993.479924][   T36] tipc: Left network mode
[  993.612701][   T36] pim6reg (unregistering): left allmulticast mode
[  993.911033][   T36] IPVS: stop unused estimator thread 0...
[  995.665906][T10715] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  996.587580][   T12] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)