last executing test programs:

4.295823027s ago: executing program 3 (id=1264):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x6}]}, @NFT_MSG_NEWSETELEM={0x44, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x10, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xa, 0x1, "fefe807eb37b"}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc8}, 0x1, 0x0, 0x0, 0x1000000}, 0x0)

4.057056141s ago: executing program 3 (id=1269):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$sock(r0, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0020000}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@txtime={{0x18, 0x1, 0x24, 0x7}}], 0x18}}], 0x2, 0x10048000)

3.069128176s ago: executing program 3 (id=1275):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x1c0, 0x12, 0x60d, 0x0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [0x0, 0x0, 0x0, 0x1c0], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000000000000617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x3, 0x2}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)

2.890540109s ago: executing program 3 (id=1277):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r1=>0x0})
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r2, &(0x7f0000000140)="96", 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000180)=0x2, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x1, {0x0, 0x0, 0x0, r1, {0x0, 0x10}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x42051}, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="ac2814127e0e00000000010000000000"], 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$nl_crypto(r4, &(0x7f0000000380)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[], 0x100}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
recvfrom$inet6(r4, &(0x7f0000000200)=""/93, 0x5d, 0x100, &(0x7f0000000100)={0xa, 0x4e22, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1000}, 0x1c)
socket$inet6_sctp(0xa, 0x801, 0x84)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001a140100000000000000000008000300000000000800", @ANYRES64=r5], 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)

1.982703139s ago: executing program 4 (id=1280):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0x10, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0080bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade249b6ae8ffa86f142121add70b759440b533c2fe05b7b7b982afe0f7ddb322f1d06ccefe47aa8f6fc60bd91e167f80c978bcc54585b7cf1396399bc47b0d32c9903c8ea837561392bfffe92bbec4e48df82da6c919c3ce6a0a7105a3b5954677cf201a3fe1342ce8dcbaf7ebe77f067816ec56cda02faea680531fb03fd1ab58a460c24ac6e41e64af394c0118e3ff39670d92b3164d800d7c5c276163430c41c2287f96580b009359f339f730c6cdb5244846f660f39ce722b20e8a03e85b4c1ba05e9538cc71748c40c5370d8411556155cdcb75b095e44d", 0x12e}], 0x1}, 0x0)
write(r1, &(0x7f0000000040)="1c00000021002551071c0165ff00fc020200000003100f000ee1000c", 0x1c)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x1000001, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000880)={@ipv4={'\x00', '\xff\xff', @local}, 0x8000000, 0x1, 0x2, 0x8, 0xfffe, 0x2}, 0x20)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x19, 0x0, 0x0)
bind$inet(r5, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4e24, @empty}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x4040004, 0x0, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x19, &(0x7f0000000080)=0x7fe00, 0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r7, r6, 0x7, 0x0, 0x0, @void, @value}, 0x10)
close(r7)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="2100000079000000000000000000004000040200fd12bf091e724a5e3a1e5c71e6b7f72579170200639487d26012bd5e666df4f00544d3e77d0f861376210aad85347946357447d5923fa5a1905c93b78777b7604367ab9289694f8aab2348202601afcedba67f96146ad19d2f663c", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000001800"/28], 0x48)
sendmsg$NFC_CMD_GET_TARGET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r8, 0x1}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r4)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r4)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="104b8328332529cd0000000000000000000000400800010001000000"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x14, 0x1, 0x3, 0x101}, 0x14}}, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000002000000080001"], 0x28}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="5800000010000104000000000000000000000000fe81e39c4d72dec752b23f6e2ce9693d241723dc1344258ac970ce08ae63a6d460a3fc16c143ff1f4ba1aa5b442735a5e3e70f31e8cbdf898b316d9905b8949545986db53b5fd7e924edd6c353b8c77dd9cf03f12a0491117e0592c9bf6afe00cb3a1089f1b9bb9b45466830c0d2449f903f766875b282edf08b2bb468a6d327638f", @ANYRES32=0x0, @ANYBLOB="0000000000000000380012800e00010069703665727370616e000000240002801400050000000000000000000000000000000001040012000500160002000000"], 0x58}}, 0x0)

1.888075806s ago: executing program 3 (id=1281):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'gre0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="12040500d3fc03fc01004788031c09100628", 0xfd35, 0x4, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e23, @private=0xa010100}]}, &(0x7f00000002c0)=0x10)
socket$packet(0x11, 0x3, 0x300)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000000)={r5, 0x6c3, 0x9}, 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f0000000000)={r5, 0x40}, 0x8)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000300)="c99b57381893308a609c6cc5340dbd121e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r7 = accept4(r6, 0x0, 0x0, 0x0)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$sock_buf(r8, 0x1, 0x19, 0x0, &(0x7f0000003080))
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000440), r7)

1.797702044s ago: executing program 1 (id=1283):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a02fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407030000000000001d440000000000006b0a04fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffebd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=ANY=[@ANYBLOB="380000001800dd8d000000000000000002000000000000060000000006001500040000001400168010000880"], 0x38}}, 0x0)

1.513178273s ago: executing program 2 (id=1285):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYRES32=r0], 0x14}, 0x1, 0x0, 0x0, 0x20}, 0x40040c0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000040), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010004000000fbdbdf250100000008000100030000002c000480050003000200000105000300050000000500030001000000050003000000000005000300050000000800020002"], 0x50}}, 0x3000c000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000000180), 0x4000190, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0xfffb, @none, 0x0, 0x3868b2d32409af77}, 0xe)

1.512567226s ago: executing program 4 (id=1286):
socket$unix(0x1, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000002740)=[{&(0x7f0000002980)=""/4096, 0x1000}], 0x1}, 0x9}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x8001}], 0x3, 0x2000, 0x0)
recvmmsg(r0, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000000)=""/133, 0x85}, {&(0x7f00000000c0)=""/78, 0x4e}, {&(0x7f00000013c0)=""/96, 0x60}], 0x4}, 0x5}], 0x1, 0x100, 0x0)

1.512142492s ago: executing program 1 (id=1287):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRES16=r0, @ANYBLOB], 0x50}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000003e80)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000009c0)="18acf8b1ed479de320cdbff21bc648a4423880b9fb95564f48c38e3fdaea755288c2a91a1ef344702de01af77d599320e22a0ea41b13aa09f1b359b0e2d2e8b6074bb4119ea219d2055df8bab18280f3c3ea8e45510d60a28f7af2a9c471dbe0a88f57ae4580b0b420f5f90b70efb6805d81812d5d64c87c99f9c75e9f656dfd6e0cb005b1abd4d879a097dd9d3e6e12f85505cd45c840f9503b2fff6c33e6a675512ab99729da82acc41b65a398d515700ba76224267cdabfb9576027eb82a82c337e379c488d47691d7fe2c55bbe29a7a37633648559a31b90f145d0f5a2d8d9499f100ba95da30ce9df964d2af22e6551f8a35878071d2b5477c0f1c0ab067a8bd9368c04ed9b6e1547f04d022d726bb32daf66bded05624baa409848f50d96df5d0a86c6ce2b9b0767e85c5233c1e30aaad953301d7294b375db43804290971c857070e9d2c8b6397ab8d56358476fc0359ee79b7956f0ef1ce2edefc6bd340037706a57aa98105019c21be58ce8c868c90db57bfe8304416b3e7e02837ea3ce01ce463321f2ea429ee0c42b27d28c2b6063eb5cd746e26ade0c9ae3049ebb8c5038b01281f26c9777fb1263a5ba1262fa783e07ef5ded966eb85a4a811f5aab0d9575551239e9b0f76e5217744b0a8edcb1504774e36818033e3ab03ca6164df64fdf4352b9c88bfa91add131e13bee44e7eb4e38e613f3bab3c6c8a5038e446d57c9058b975f05f36e0e49171b426b99aa82a0656d7ffc46169ee20456aab06ee429bff9408fb1961e3976e288bee69e9ec6dc72862e1cfcc6c4804457285efcb056b0d834666748129994a3fc172c4c9c622a0c4ddd84bce972d56c70f3687222e5857f9a24b0e138a8359409f5b4ba3206c1a7f35c9e90f3ad903715ab7283e700f9ec2c641f38e998122266a8b1731ce1f03d12a643f281b3ace22f1e403dfe05052fdca3da258f8f1bd7c88949d2a14510b4116c5e403b6cee434d4969113ff8eebc1052e6a1dfa710cadfa0dbd96afa3dd1ab32b10e97d4c015e357bb938d5c2420ed83fff6a17ca9c334fc1b1a3b171f3ca2f4f88a66c59477a73265a8dc10c6d0e5ab2f595e4b9bdd160f35a7917d46df4a50b7651a5991f2444fc0a235f210e8ce8afede0b725d0cabfa20e4d36a836314d180f66614db4fbbd15ef7a947247f7f6f0eb34af0b7aeaaa9210154285dcd0389de273ad3459a1d87f062d9a050c57b6325750aeb9f47d7242117d8e0d38ae1e6cef179809d422ae852bf41f8d5ec42fac487ed46e0511a1f554cd6181e6c81dfdafa7c69daa2ba822e22e305b4b8f34c20fcc8e50cf451f053df249a7f5b20cbc0bc127f55d80bc9c0ba3cf9f0a9c56286215c20f9d60cb61276c6bbf772c151be2520e22b8f6daea2aa1f9e1b30bbeed092d3c2fb92a10fb71e7fea336a0258620c918581487ec04c54ca4e9811a83a6bf39dca6a4e89092cdee6e40024bd7c1ae7b3a8cdbb38c21ccb1de68f7fc9fa4726b832cedcfdd22b71f37d66f350e78e3c19bcae0322f8f070c316bc3c2ba0cb12a43746bd8aaa1645e3f8800b93722ac1791396bb3def1678cb5ab3f42c097c4c3684ea61dc89209ae57906bd4577a93b14eceff6f18893064198d9141a927ced2af06226011187f1851d6a5c1b5ff78a4c6d8b387a781c06a286f052d2e828ed94110cd7b9e6cfcb840e12019678080a6e9e517ce8ba6276c5a919197fd0adf86547135fcec083f2c1fea0e40564f279ceec580e827e39fa77bfa823d6e08aa7bd320491381f21be8b10dc2ed7fee1524680a52bb1e14cb6248519100edd7df29bac5c4ad1c893ee99db03aa7e077ba6608b0db797f31a6cd6d5a01077a41df98fc373ac5c149b87c55bb73bb17b09dffa7847b134b866b9ce179d547750dd2fb9c280e2003d132c87e2535f31232a32d738aeedeff052f256a9c866b6c2cb880d15f1acca7396a8f6113afe45e46e96a6c7762eb09d2c568df561d5484356b4ae71f89bf0126c6670c4fbeee59a89e20206401ef85f083039aa9ceacc2912427b031c35e29c7a702e0054f4dbb01062c0daab2a5faa49a86cd5d48d64bbee12f60ee529a00ad13a579934faff4ec12778038a3e48217fc4eb97ebe3dec9ecdfc0af3e722ed7ca0f12952c2902b0db061098d4bf14664104c440c9d07af7fbaa375274f61b04c17050a3e139dcce999071f18468139182cfe78a84c90c0428d7c75a621a6eaa69e028ce47626235ca3edbbb53e15afebebb25e18c732a820edca2f60be8c0ecd7e5a30282a0add95c6eb43b0afea34d91de7b20f4fb999d17c7fc418738f61cce38d656ce86e2d0a97f31dad0296ee63fb48e859003f88d0a27c874a47301dc0f1fd4f4e9b1bcd7806f715c751b", 0x69f}], 0x1}}], 0x1, 0x0)
sendmsg$AUDIT_DEL_RULE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000840)
recvmsg$can_j1939(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x10100)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x128}, 0x24008804)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb01c5d854f89ceea35300240000002400000003000000000000000200001302000000010000000000000000000000fdffffff0000000000000000002e0087400a53b8a70500a9c3a275725db855ab0eb5c1732c80037659b76f7015464d1460cb78a523eecefe7d9c8810325cd2d29137a26f72e5b536fa0f646c8ec7c632a8bc796aee56dac4aa3bb31e80b490"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280)=0x10)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r7, 0x400448cb, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="400100001000330600000000fcfffffffe8000000000000000000000000000aaffffffff00000000000000000000000000004000000080040000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac14143f0000000030f36531707bd57a3c609f5d000000000000000000000000320000000a0101020000000000000000000000002703000000000000050000000000000000000000000000000400000000000000ff0f00000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000008f000000000000800800000028bd7000000000000a0001000000000000000000080016000600000048000200656362286369706865725f6e756c6c2900"/260], 0x140}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
r9 = socket$inet(0x2, 0x2, 0x0)
r10 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r10, 0x1, 0x22, &(0x7f0000000300)=0x80000004, 0x4)
bind$inet6(r10, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
bind$inet(r9, &(0x7f0000000200)={0x2, 0x4e20, @broadcast}, 0x10)
write(r8, &(0x7f0000000040)="05000000010000", 0x7)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x8)

1.399041186s ago: executing program 4 (id=1289):
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
close(r1)
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x20000004})
syz_emit_ethernet(0x2ee, &(0x7f0000000040)={@remote, @remote, @void, {@ipv6={0x86dd, @tipc_packet={0x8, 0x6, "397f1f", 0x2b8, 0x6, 0xff, @dev={0xfe, 0x80, '\x00', 0x29}, @dev={0xfe, 0x80, '\x00', 0x21}, {[@routing={0x0, 0x2, 0x0, 0x3, 0x0, [@mcast1]}, @srh={0x0, 0xc, 0x4, 0x6, 0x7, 0x20, 0x200, [@ipv4={'\x00', '\xff\xff', @loopback}, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @remote}, @private0]}, @routing={0x50, 0x8, 0x0, 0x7, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @loopback, @mcast2]}, @routing={0x1d, 0x8, 0x2, 0xbd, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0, @empty, @private1={0xfc, 0x1, '\x00', 0x1}]}, @srh={0x32, 0x6, 0x4, 0x3, 0xf8, 0x70, 0x3, [@mcast1, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}]}, @dstopts={0x73, 0x20, '\x00', [@calipso={0x7, 0xffffffffffffffe5, {0x0, 0xa, 0xf, 0x1, [0x5, 0x6, 0x5, 0x8, 0x81]}}, @enc_lim={0x4, 0x1, 0x7}, @generic={0xa, 0x8e, "8736b1f1168200661ed1f6adaf1a6d5015eb7ff7f48822b0e1c50e63cc6dab583d07b6b732449bceef8692f84c0339d0f711d5f058519a2a64bd29e944ea0138291a84fd79370b121b1dd1bf5f58ea108bb65023e5203d53e7cb280a5bdbb0d66d8f250a27f05ac16a45a635f578666d25e51e056304b34536b62e914f66f4afa67054298daa0b2aeb9836a2f9f3"}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @generic={0x2}, @calipso={0x7, 0x10, {0x3, 0x2, 0x0, 0x100, [0x1]}}, @pad1, @calipso={0x7, 0x18, {0x2, 0x4, 0x4, 0xea35, [0xfffffffffffffffd, 0x6]}}]}], @name_distributor={{0x60, 0x0, 0x0, 0x0, 0x1, 0xa, 0xb, 0x2, 0xd436, 0x0, 0x1, 0x6, 0xa, 0x1, 0x4e22, 0x4e22, 0x3, 0x1, 0x0, 0x0, 0x1}, [{0x2, 0x597, 0x288, 0xc74, 0xe, 0x9b, 0x1, 0x10001}, {0x8001, 0x3, 0x2, 0x9, 0x7, 0x88, 0x2, 0x1}]}}}}}}, 0x0)

1.329001462s ago: executing program 2 (id=1290):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c0000000200000000000000020000040800000000000000030000000000000000000000020000000000000000000000000000020000"], 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000600)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRESDEC=0x0, @ANYRESDEC=0x0], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, &(0x7f00000003c0), &(0x7f0000000400)=0x18)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @mcast2, 0x4}, 0x1c)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3e, &(0x7f0000000040)=0x8, 0x4)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffec, 0x0, 0x0, 0x17)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0xd, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a000000180100002025642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000089cdc832850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r4, 0x10e, 0xc, &(0x7f0000000040)=0x8, 0x4)
sendmsg$nl_route(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000012000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', @ANYRES32=r4], 0x28}}, 0x802)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
gettid()
r5 = getpid()
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYRES64=r3, @ANYRES32=0x0, @ANYBLOB="400d00000000000008001300b4f6553c409cc98f594b0471d0cffb1f5883c50917a245d9edc63f4d7a6d94fc782e246bfa6c366289ecde4e4dbc561161f149e56dbf98014cd864a2679f4ed72b83b3982bdae3f4e597fb2af395a97fad8cdd096a4f5e5a759b01e5", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x2000a001)

1.255886924s ago: executing program 1 (id=1291):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xf, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x6, 0x0, 0x0, 0x2}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xaa}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @void, @value}, 0x94)

1.242132752s ago: executing program 0 (id=1292):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x3, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, 0x0, 0xfffffffe}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private2}]}]}]}, 0x3c}, 0x1, 0x2}, 0x0)

1.197448842s ago: executing program 2 (id=1293):
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x31, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
accept4(r2, 0x0, 0x0, 0x800)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000011fff00280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000840)

1.065012888s ago: executing program 4 (id=1294):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYRES32=r0], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) (async)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) (async)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x1000) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f00000003c0), 0x4) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a44, 0x1700) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f0000000280)=0x1, 0x4) (async)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={0x0, r3}, 0x18) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) (async)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001640)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f42fc3199f000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af735ed41793bdf9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbc68223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f00001000000000eeff7c5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729eec082830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d424c14283a94395b64645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d620100000000000000494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd779a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9b0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000002684c2d8eb8cac98930fa6a893ca44c0f64c07a87eb7b05f56ca6c70cb3a0eb328a15fe96a88235155e6d64bd434f641ddf9db2245e47e5904453577895dd81d"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) (async)
r9 = accept$alg(r8, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0) (async)
recvmmsg(r9, &(0x7f0000006100), 0x49f, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000540)='rcu_utilization\x00', r7}, 0x10) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x8001000000000000, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x298, 0x0, 0x5, 0x148, 0x100, 0x0, 0x200, 0x2a8, 0x2a8, 0x200, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'wg0\x00', 'nr0\x00', {}, {}, 0x0, 0x3}, 0x0, 0xa0, 0x100, 0x0, {}, [@common=@addrtype={{0x30}, {0xe71, 0x5, 0x0, 0x1}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x0, 0x1, 0x4, 0x2, 0x3, 0x1], 0x1}, {0x2, [0x0, 0x0, 0x1, 0x0, 0x0, 0x6], 0x5}}}}, {{@ip={@local, @multicast2, 0xffffffff, 0x0, 'xfrm0\x00', 'rose0\x00'}, 0x0, 0xa0, 0x100, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="6f79fb339557", 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x4]}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f8) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x100}, 0x8, 0x10, &(0x7f00000000c0)={0x0, 0xb}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x5) (async)
sendmsg$IPSET_CMD_TEST(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYRESOCT=r8, @ANYRESDEC=r5, @ANYRESDEC=r9], 0xfffffff3}, 0x1, 0x0, 0x0, 0xc000}, 0x48880)

1.033975243s ago: executing program 0 (id=1295):
r0 = accept4$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, &(0x7f0000000140)=0x6e, 0x800)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000000180)={0x1, 'ip_vti0\x00', {}, 0x7ff})
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0xd3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r3, 0x34}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(0xffffffffffffffff, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x4be}}}}}}}, 0x3e)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r5, 0x5452, &(0x7f0000000100)=0xb)
setsockopt$inet_tcp_int(r5, 0x6, 0x1e, &(0x7f0000000380)=0x1, 0x4)
close(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@polexpire={0x188, 0x1b, 0x1, 0x70bd27, 0x25dfdbfc, {{{@in=@loopback, @in6=@mcast2, 0x4e24, 0x9, 0x4e22, 0x6, 0x2, 0x80, 0x20, 0x2b}, {0x9, 0x4, 0x1, 0x0, 0x7fffffff, 0x6, 0x9, 0x5}, {0x8, 0x8001, 0xffff, 0xffffffffffffffff}, 0x81, 0x6e6bb2, 0x0, 0x1, 0x0, 0x2}, 0x40}, [@coaddr={0x14, 0xe, @in6=@loopback}, @XFRMA_SET_MARK={0x8, 0x1d, 0xffff}, @policy={0xac, 0x7, {{@in=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x4e21, 0x1000, 0x4e22, 0x8001, 0x2, 0x80, 0x0, 0x73}, {0x7, 0x0, 0x9, 0x7, 0x4, 0xfffffffffffffff7, 0x8, 0x427}, {0x7, 0x72f, 0x0, 0x9}, 0x325de6c4, 0x6e6bbf, 0x2, 0x0, 0x2}}]}, 0x188}}, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x6535f20f43ca3a6d, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed30000000000000000000000000000000000000000000002"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}, 0x1, 0x20}, 0x0)

1.005779546s ago: executing program 1 (id=1296):
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000340)=@security={'security\x00', 0x64, 0x4, 0x278, 0x100000c, 0xc0, 0xc0, 0xc0, 0xffffffff, 0xffffffff, 0x460, 0x460, 0x460, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty=0x11, @rand_addr=0x64010100, 0xff000000, 0x0, 'veth0_vlan\x00', 'syzkaller1\x00', {}, {}, 0xff, 0x3}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x1000000000000}}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'syz_tun\x00', 'lo\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x7f, 0x9, 0x4, 0x6, 0x1, 0x7f, 0x1, 0x40]}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)

825.186046ms ago: executing program 4 (id=1297):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x10}}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x9c, 0x0, 0x101}})

792.947549ms ago: executing program 3 (id=1298):
r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
recvmsg(r0, &(0x7f0000000400)={0x0, 0x89, 0x0}, 0x40000060)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000040)=@security={'security\x00', 0xe, 0x4, 0x348, 0xffffffff, 0x218, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x2b0, 0x2b0, 0x2b0, 0xffffffff, 0x4, &(0x7f0000000000), {[{{@ip={@private=0xa010102, @multicast2, 0xffffff00, 0xffffffff, 'ipvlan0\x00', 'gretap0\x00', {}, {}, 0x2f, 0x1, 0x42}, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1, 0xfe}}}, {{@ip={@rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x32}, 0x0, 0xff000000, 'hsr0\x00', 'netdevsim0\x00', {0xff}, {}, 0x6, 0x2, 0x1}, 0x0, 0x110, 0x180, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00', 0x0, 0xc}}, @common=@osf={{0x50}, {'syz1\x00', 0x0, 0x1, 0x2}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x66cd, 0x5, 0x3, 0x0, 0x0, "cc1ab16e24c82f2c07426cada90b881dc651dd2f1e15bce5aea2cd719561a99c459cf9cf5ea3364e71b94bee63b4737d013228720cbf1433c5e0c882d4f52e55"}}}, {{@ip={@multicast2, @broadcast, 0xffffffff, 0xffffffff, 'syz_tun\x00', 'xfrm0\x00', {0xff}, {0xff}, 0x2, 0x3, 0x1b}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x4, 0x0, 0x6}, {0x1, 0x6, 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8)

699.332054ms ago: executing program 1 (id=1299):
socket$unix(0x1, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000000)=""/133, 0x85}, {&(0x7f00000000c0)=""/78, 0x4e}, {&(0x7f00000013c0)=""/96, 0x60}], 0x4}, 0x5}], 0x1, 0x100, 0x0)

608.977996ms ago: executing program 4 (id=1300):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1900000004000000080000000b00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000e6b0582cfc7410eed38d877b9623d7"], 0x50)
close(0x3)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
listen(r0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000120000f1850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000340)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x401, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r3}, 0x10)
epoll_wait(0xffffffffffffffff, &(0x7f0000000100)=[{}], 0x1, 0x3)
getsockopt$inet_int(r1, 0x10d, 0xe, &(0x7f00000004c0), &(0x7f0000000480)=0x4)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'veth0_to_bond\x00', 0x8000})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r2}, 0x18)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0xfffffd5a)
pipe(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
tee(r6, r4, 0x80000001, 0x0)
vmsplice(r7, 0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES64=r5], 0x50)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r9, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x496}, 0x8)
connect$bt_l2cap(r8, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$sock(r8, &(0x7f00000003c0), 0x0, 0x30048010)

581.343955ms ago: executing program 1 (id=1301):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRES16=r0, @ANYBLOB], 0x50}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000003e80)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000009c0)="18acf8b1ed479de320cdbff21bc648a4423880b9fb95564f48c38e3fdaea755288c2a91a1ef344702de01af77d599320e22a0ea41b13aa09f1b359b0e2d2e8b6074bb4119ea219d2055df8bab18280f3c3ea8e45510d60a28f7af2a9c471dbe0a88f57ae4580b0b420f5f90b70efb6805d81812d5d64c87c99f9c75e9f656dfd6e0cb005b1abd4d879a097dd9d3e6e12f85505cd45c840f9503b2fff6c33e6a675512ab99729da82acc41b65a398d515700ba76224267cdabfb9576027eb82a82c337e379c488d47691d7fe2c55bbe29a7a37633648559a31b90f145d0f5a2d8d9499f100ba95da30ce9df964d2af22e6551f8a35878071d2b5477c0f1c0ab067a8bd9368c04ed9b6e1547f04d022d726bb32daf66bded05624baa409848f50d96df5d0a86c6ce2b9b0767e85c5233c1e30aaad953301d7294b375db43804290971c857070e9d2c8b6397ab8d56358476fc0359ee79b7956f0ef1ce2edefc6bd340037706a57aa98105019c21be58ce8c868c90db57bfe8304416b3e7e02837ea3ce01ce463321f2ea429ee0c42b27d28c2b6063eb5cd746e26ade0c9ae3049ebb8c5038b01281f26c9777fb1263a5ba1262fa783e07ef5ded966eb85a4a811f5aab0d9575551239e9b0f76e5217744b0a8edcb1504774e36818033e3ab03ca6164df64fdf4352b9c88bfa91add131e13bee44e7eb4e38e613f3bab3c6c8a5038e446d57c9058b975f05f36e0e49171b426b99aa82a0656d7ffc46169ee20456aab06ee429bff9408fb1961e3976e288bee69e9ec6dc72862e1cfcc6c4804457285efcb056b0d834666748129994a3fc172c4c9c622a0c4ddd84bce972d56c70f3687222e5857f9a24b0e138a8359409f5b4ba3206c1a7f35c9e90f3ad903715ab7283e700f9ec2c641f38e998122266a8b1731ce1f03d12a643f281b3ace22f1e403dfe05052fdca3da258f8f1bd7c88949d2a14510b4116c5e403b6cee434d4969113ff8eebc1052e6a1dfa710cadfa0dbd96afa3dd1ab32b10e97d4c015e357bb938d5c2420ed83fff6a17ca9c334fc1b1a3b171f3ca2f4f88a66c59477a73265a8dc10c6d0e5ab2f595e4b9bdd160f35a7917d46df4a50b7651a5991f2444fc0a235f210e8ce8afede0b725d0cabfa20e4d36a836314d180f66614db4fbbd15ef7a947247f7f6f0eb34af0b7aeaaa9210154285dcd0389de273ad3459a1d87f062d9a050c57b6325750aeb9f47d7242117d8e0d38ae1e6cef179809d422ae852bf41f8d5ec42fac487ed46e0511a1f554cd6181e6c81dfdafa7c69daa2ba822e22e305b4b8f34c20fcc8e50cf451f053df249a7f5b20cbc0bc127f55d80bc9c0ba3cf9f0a9c56286215c20f9d60cb61276c6bbf772c151be2520e22b8f6daea2aa1f9e1b30bbeed092d3c2fb92a10fb71e7fea336a0258620c918581487ec04c54ca4e9811a83a6bf39dca6a4e89092cdee6e40024bd7c1ae7b3a8cdbb38c21ccb1de68f7fc9fa4726b832cedcfdd22b71f37d66f350e78e3c19bcae0322f8f070c316bc3c2ba0cb12a43746bd8aaa1645e3f8800b93722ac1791396bb3def1678cb5ab3f42c097c4c3684ea61dc89209ae57906bd4577a93b14eceff6f18893064198d9141a927ced2af06226011187f1851d6a5c1b5ff78a4c6d8b387a781c06a286f052d2e828ed94110cd7b9e6cfcb840e12019678080a6e9e517ce8ba6276c5a919197fd0adf86547135fcec083f2c1fea0e40564f279ceec580e827e39fa77bfa823d6e08aa7bd320491381f21be8b10dc2ed7fee1524680a52bb1e14cb6248519100edd7df29bac5c4ad1c893ee99db03aa7e077ba6608b0db797f31a6cd6d5a01077a41df98fc373ac5c149b87c55bb73bb17b09dffa7847b134b866b9ce179d547750dd2fb9c280e2003d132c87e2535f31232a32d738aeedeff052f256a9c866b6c2cb880d15f1acca7396a8f6113afe45e46e96a6c7762eb09d2c568df561d5484356b4ae71f89bf0126c6670c4fbeee59a89e20206401ef85f083039aa9ceacc2912427b031c35e29c7a702e0054f4dbb01062c0daab2a5faa49a86cd5d48d64bbee12f60ee529a00ad13a579934faff4ec12778038a3e48217fc4eb97ebe3dec9ecdfc0af3e722ed7ca0f12952c2902b0db061098d4bf14664104c440c9d07af7fbaa375274f61b04c17050a3e139dcce999071f18468139182cfe78a84c90c0428d7c75a621a6eaa69e028ce47626235ca3edbbb53e15afebebb25e18c732a820edca2f60be8c0ecd7e5a30282a0add95c6eb43b0afea34d91de7b20f4fb999d17c7fc418738f61cce38d656ce86e2d0a97f31dad0296ee63fb48e859003f88d0a27c874a47301dc0f1fd4f4e9b1bcd7806f715c751b", 0x69f}], 0x1}}], 0x1, 0x0)
sendmsg$AUDIT_DEL_RULE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000840)
recvmsg$can_j1939(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x10100)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x128}, 0x24008804)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb01c5d854f89ceea35300240000002400000003000000000000000200001302000000010000000000000000000000fdffffff0000000000000000002e0087400a53b8a70500a9c3a275725db855ab0eb5c1732c80037659b76f7015464d1460cb78a523eecefe7d9c8810325cd2d29137a26f72e5b536fa0f646c8ec7c632a8bc796aee56dac4aa3bb31e80b490"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280)=0x10)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r7, 0x400448cb, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="400100001000330600000000fcfffffffe8000000000000000000000000000aaffffffff00000000000000000000000000004000000080040000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac14143f0000000030f36531707bd57a3c609f5d000000000000000000000000320000000a0101020000000000000000000000002703000000000000050000000000000000000000000000000400000000000000ff0f00000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000008f000000000000800800000028bd7000000000000a0001000000000000000000080016000600000048000200656362286369706865725f6e756c6c2900"/260], 0x140}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
r9 = socket$inet(0x2, 0x2, 0x0)
r10 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r10, 0x1, 0x22, &(0x7f0000000300)=0x80000004, 0x4)
bind$inet6(r10, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
bind$inet(r9, &(0x7f0000000200)={0x2, 0x4e20, @broadcast}, 0x10)
write(r8, &(0x7f0000000040)="05000000010000", 0x7)
sendfile(r5, 0xffffffffffffffff, 0x0, 0x8)

361.056681ms ago: executing program 0 (id=1302):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r0 = socket$inet(0x10, 0x3, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000000000000100000008000100", @ANYRES32, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c6564000000000000000000000000000500030006"], 0x5c}, 0x1, 0xf000, 0x0, 0x3000000}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100))
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x4, 0x9, 0x80, 0xb, 0x10, @local, @private1, 0x10, 0x10, 0x3, 0x10000}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000002c0)={'tunl0\x00', 0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000300)={'gretap0\x00', 0x0, 0x40, 0x8000, 0x0, 0x3, {{0x34, 0x4, 0x2, 0x18, 0xd0, 0x68, 0x0, 0x7, 0x2f, 0x0, @private=0xa010102, @empty, {[@timestamp={0x44, 0x10, 0x7b, 0x0, 0x2, [0xd, 0x9, 0x3]}, @lsrr={0x83, 0x7, 0xd1, [@dev={0xac, 0x14, 0x14, 0x2e}]}, @lsrr={0x83, 0x7, 0x50, [@remote]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x41, 0x3, [{0x0, 0x12, "60fd827ecefe4c449e45cccec67cbee8"}, {0x2, 0xf, "f6fc2c6351f4afc8ab93cdfd24"}, {0x1, 0x10, "176d28f1038c726ab74009d50e14"}, {0x1, 0x3, 'M'}, {0x1, 0x7, "2cb96b341e"}]}, @lsrr={0x83, 0xf, 0xe2, [@private=0xa010101, @multicast1, @rand_addr=0x64010100]}, @cipso={0x86, 0x48, 0x3, [{0x5, 0x4, "6de2"}, {0x2, 0xa, "930381a262fb82c8"}, {0x1, 0x2}, {0x6, 0x6, '-Cn\b'}, {0x5, 0xf, "7e5c3e13675257795988828551"}, {0x0, 0xb, "993a27464c68873760"}, {0x7, 0x12, "e83b35555311f78b07c1493be86b0512"}]}]}}}}})
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@loopback}, 0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'veth1\x00', <r3=>0x0})
setsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r3}, 0x14)
socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'lo\x00'})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000006c0)={'syztnl1\x00', &(0x7f0000000580)={'gretap0\x00', 0x0, 0x20, 0xd7bc8aab98a67e32, 0x88, 0x8, {{0x36, 0x4, 0x0, 0x29, 0xd8, 0x64, 0x0, 0xe, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x37}, @loopback, {[@rr={0x7, 0x17, 0x3d, [@rand_addr=0x64010102, @rand_addr=0x64010102, @private=0xa010102, @multicast2, @empty]}, @rr={0x7, 0xb, 0xdc, [@rand_addr=0x64010100, @multicast2]}, @timestamp_addr={0x44, 0x1c, 0x72, 0x1, 0x0, [{@loopback, 0x3}, {@remote}, {@multicast2, 0x5}]}, @timestamp={0x44, 0xc, 0x8, 0x0, 0x0, [0xfffffffc, 0x4]}, @timestamp_prespec={0x44, 0xc, 0xfa, 0x3, 0xb, [{@private=0xa010100, 0xe}]}, @end, @rr={0x7, 0xf, 0xf1, [@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote]}, @lsrr={0x83, 0x27, 0xab, [@local, @dev={0xac, 0x14, 0x14, 0x2a}, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, @remote, @dev={0xac, 0x14, 0x14, 0x3f}, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x42}]}, @lsrr={0x83, 0x1b, 0x16, [@dev={0xac, 0x14, 0x14, 0x36}, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @loopback, @empty, @local]}, @rr={0x7, 0x1b, 0x79, [@local, @private=0xa010100, @broadcast, @multicast2, @broadcast, @multicast1]}]}}}}})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000780)={0x1, 0x58, &(0x7f0000000700)}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000007c0))
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="380000001800090300000000000000000a0000000000000b0000010008000400", @ANYRES32=r6, @ANYBLOB="06001500070000000c00168008000100040000"], 0x38}, 0x1, 0x0, 0x400300}, 0x1000c840)

185.118358ms ago: executing program 0 (id=1303):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000005f00)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2, 0x9}, 0x1c, &(0x7f0000001540)=[{&(0x7f0000000140)="cd38ca627902acd28fff9716c934847b59293a2701c2cd59f7f13602ba9f55ad300fd5f38de8c04f4793c9a3453a61f34e7605af080b5bd7dfad46a780c1349b45836b3204c71c491219334d5c8bb14a10eebff71eda5cf6b45ea01d26e9447519219307a79ce54620aeab21ffb59eb7766b6dc13606c764a4dca31fca55fbd481d897375b552409ba6bcafbc244e31782d4b5861ab22c9fea9c54c745922db5433fe52e53c82568c509dd24386c098409ead1ad755b6bede2c6c96bf4538d968b4144ebe6a162476eedfc", 0xcb}, {&(0x7f0000000240)="33a83be6c9ec89880249cf10d9bd880a89e61835e5c1a46e2ed0515cd1b098ef4a9c8a2cab3fd575822a00269a50d3571f7cea7ef37d2dc7aa2d47d56d13bdf188e9311fd79b387056d3e938a950941146f5a20f00bbcf76fb7ad2d6b1259307ee6397770f59821307ce1d066e54c3b1987f92eba41f24c263af9012bc6a88ae8ab5edcb06e3c472ff10c090b93c313d54214c3ee83f022af54f04afefe7cc60f1", 0xa1}, {&(0x7f0000000300)="fbc98210d5957e2321237a2b88f9813377f95721ca113dfded7697da11cd4bbbc9b133beb00cfb9285f9fab7d81e86b197045c9eb2ca467c0fe49f2c7778d4ac2b87023802", 0x45}, {&(0x7f0000000400)="1856bb353d3a1f446df9bf876e22ee80bdd188a0fed4489d8b1a0311149dbc99def54b7648b1a7b72115a1d1d24b013584f45ce81f5dc3d26ebec6b9cf3079385045f2394e233a43b543a1ff862b3b84b81aaefa98d65ca091b6d13f87ac25a69a117ba48fedc942cd813cf1c25d344cb952231050fee148721f614692dedf961ffe4b0645cfe2c1a60d1164998993439971f8997c8150ccf6b4300863c2327e0e", 0xa1}, {&(0x7f0000000040)="7a58eeb72e80e570458f1057a68271b5b9ae4a8765e902cf83ed403ab1aa87220d215db83988b2435f1d2948c7665ddb1ed66f87e27f04b2f9", 0x39}, {&(0x7f00000004c0)="a46e37cc765751b7edcd784f07c2262ee0e185ab01e80c45a8b6deb9946628e79936cde3a2919a68b3d324e77f232706c2170b5aedb3a68c06a30086eb13ff91a0872684757facdfd5e66f271ace098695a0392e8dca855d283cc8cd71bce856fcc986899e629ca800c286ec22953a565c88b1fbbd580e0bf12b9f0ded69f205efac6d3b912418a18b77573386f599217dc1b2ae4ccbd4922e56093e3b916e0e09425dacf76934c70a178e8f17e43ab046b8ed96a3cffb8e017b82938e9aaf2e936dc8181567004349247cdb35ab989f91cb63c923ab77c65366f03b442fc8b9a73a93b8aa5bbe4b433560fd4956c3f25f44b17586a4996c11bc9bb9117c23979c8a18f55bb0c213a6074268628abc7aed2d1cc2826323579ab2407860c852df6b111fdacd4e27f585aae0d408991518cf6696bf3185d7953236e3f97dfd46482a3d4393546fe71d865ec5cb972811ec0838623851c03a769008a5203316618e808f57114d147c1d619adb7a98b839f73a9cf5fe02720ec73002fa88657e3653ac18beef36dc9c7b05b1b30d2fdbe9afd6784c6c10d9c2a3bb8f886bd1438f7717c837fa60f482f5a8cf28db8a3cc7f202652b7c09ba3ba285d0d15dc0901c8af639f13cb9dd13b1d1a37b09beca1e6748426761ef720791f91b6303875b5133b00c70f3b7ecee44488f58b399797b820ccb4be4b68ca4316ba47bf3db29ede3f0ab4bf6456866407923203542a5bfbd0995239577ac7db8c8d710a52b9408caed2f66961a701a51d780228507701ff962dcc6d88917d58ddf877964c149d3c7c25688a3e18e3e111ee47a4216a6460dae8718616ac3f6ca9d8b11be7556acb55a4004d88fa27828430958ade25a444170063b59f95a5a24d3405370e1c19fd32d0880978f9cdac29a54ea79ac8c84f96bb773aba2dc69a31f05389e212e6c8937fdfcc1ecbcb8988a2bb6a33adaca241850f7c5c5e651c032709d9a987293c4bb89efc9dea6633c640cbcf4f3fbe67913a735af94c7e804dd70b06972b1cf0e13b67ef88607139308514eeaf9207dcff463", 0x2f2}], 0x6}}], 0x1, 0x20000000)

184.33001ms ago: executing program 2 (id=1304):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000006c0)={'syztnl1\x00', &(0x7f0000000580)={'gretap0\x00', 0x0, 0x20, 0xd7bc8aab98a67e32, 0x88, 0x8, {{0x26, 0x4, 0x0, 0x29, 0x98, 0x64, 0x0, 0xe, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x37}, @loopback, {[@rr={0x7, 0x17, 0x3d, [@rand_addr=0x64010102, @rand_addr=0x64010102, @private=0xa010102, @multicast2, @empty]}, @rr={0x7, 0xb, 0xdc, [@rand_addr=0x64010100, @multicast2]}, @timestamp_addr={0x44, 0x24, 0x72, 0x1, 0x0, [{@loopback, 0x3}, {@remote}, {@multicast1, 0x1}, {@multicast2, 0x5}]}, @timestamp={0x44, 0xc, 0x8, 0x0, 0x0, [0xfffffffc, 0x4]}, @timestamp_prespec={0x44, 0xc, 0xfa, 0x3, 0xb, [{@private=0xa010100, 0xe}]}, @rr={0x7, 0x13, 0xf1, [@private=0xa010102, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote]}, @lsrr={0x83, 0x13, 0xab, [@local, @dev={0xac, 0x14, 0x14, 0x2a}, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="380000001800090300000000000000000a0000fc0000000b0000010008000400", @ANYRES32=r2, @ANYBLOB="06001500070000000c00168008000100"], 0x38}}, 0x1000c840)

150.294005ms ago: executing program 2 (id=1305):
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}, &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0)

99.687751ms ago: executing program 0 (id=1306):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), <r0=>0x0, 0xd0, &(0x7f00000005c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000001c0), &(0x7f0000000240), 0x8, 0xf6, 0x8, 0x8, &(0x7f0000000280)}}, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000980)=ANY=[@ANYBLOB="54eaffff13f9ff95003dd969df2df39c1c380383ea0bf6021cbab9a011732371cf968e303c823d86107e88a78b44a1833073a9692a329a241e652a00c46669d87c6c5bb9973161012d9cd5a2a6dce7b2dc8d44acca477e989e0e59dba66746e816d3e2781ac019ec4b23c5041fd29130bcc5c03608a2434c92e6dcc080e174caf03bc8f2983ffaa6b39addfba6f4ef0761529bce65bdaa3299d709880a25572d409ed543d7a30564b3f4a09ef1a42c6f3b75993471eaed988109ad3e25dd0e6cb31223575bc7cfeec9f2f143b363e5255723475c0282bf15dc0dbaf59c5b27d1b52bb2833bdd0be3b8a8db970800f27cd73b9cfe4357ef18daa47024b72c83", @ANYRES32=r3, @ANYBLOB="14000200fe8000000000000000000000000000aa140006000000000101f0ffff000000000000000014000100fe8000000000000000000000000000bb"], 0x54}}, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000c00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x50}, [@ldst={0x3, 0x2, 0x3, 0x1c10a1, 0x0, 0x42}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map, r5, 0x36, 0x4, 0x0, @void, @value=r5}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000bf0200000000000085000000cc000000b7000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000bf4826fe2b000000000000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r6}, 0x18)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r7, &(0x7f0000000000)="2e000400010002", 0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r9, 0x29, 0x2a, &(0x7f0000000400)={0x0, {{0xa, 0x4e22, 0x9, @empty, 0x101}}}, 0x88)
socket$inet6_dccp(0xa, 0x6, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x2, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0)
clock_gettime(0x0, &(0x7f0000000600)={<r11=>0x0, <r12=>0x0})
pselect6(0x40, &(0x7f0000000100)={0x5, 0xffffffffffff0001, 0x6, 0x40, 0x588, 0x4, 0x4, 0x8}, &(0x7f0000000140)={0x18, 0x5, 0x7, 0x3c609e3d, 0x2, 0x10001, 0x6, 0xff}, &(0x7f0000000180)={0x3, 0xeb48, 0xcea6, 0x3, 0x0, 0x3fc00000000000, 0x7, 0x7}, &(0x7f0000000640)={r11, r12+10000000}, &(0x7f00000006c0)={&(0x7f0000000680)={[0x200]}, 0x8})
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x89b0, &(0x7f0000000040)={'team_slave_0\x00', 0x1000})

40.704502ms ago: executing program 2 (id=1307):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000cfc500000000000000070c54000000003048943b9f9418f0d9f8843dab7cc400000080000000000082c18f15ec2ba412a5c913ac3d49088d180f4a36900950aa099c53c268d683151e40665ee1c608b6cb023a4c0205261f168520dca7f09b300bfcffeebfbde5d4a50e8d5eac804090fb8cd1528c59755c655bfc95e70f7d207c29e5dce2ada3e5829b628127554bb447598fdc8530c6895c3c94142508376bbd0db9e1ebb79f517ea408a5b4d9bd56fac9e3c1563f6233ebad29f5a6843e09a398c1d618c70845b53b6b18e0ebb4fdb06260e8ab18815e073531a524f420f9f35c6852330437fa41f658029dc552ce519dbc1d0e34536464d18dde1261f30df4a4d9c175fa42c8ff7d00684a0bb659cad5a612756d5f1528ef49aab18c79c3cb3692208c39c7420f1481ce6454ec2f3070565e87073cad92efbf8d27cbbfc9398a3c0a869488640dca303c69d390900eea9874a74830cb5b18f2eae4db320766"], 0x50)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000080)=0x3)
ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f0000002540)=0x1)
ioctl$PPPIOCSMAXCID(r3, 0x40047451, &(0x7f0000000180))
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x80800)
sendmmsg$alg(r5, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40041}], 0x1, 0x0)
recvmmsg(r5, &(0x7f0000001600)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/250, 0xfa}], 0x1}, 0x5}], 0x1, 0x42, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000300)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@map=r2, r7, 0x2f, 0x20, 0x4, @void, @void, @void, @value}, 0x50)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0xd, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000001811000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000006100c0ff00000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x6, 0xfe, &(0x7f0000000580)=""/254, 0x0, 0x2f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
epoll_create(0xffffffff)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c008000108294f9bac61193d400030400000000", @ANYRES32=r1, @ANYBLOB="00080000075005001c0012800b00010062726964676500000c0002800500170000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x900}, 0x0)

0s ago: executing program 0 (id=1308):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1c}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x88}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x74}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6, 0x37, 0x0, 0x9}]}, 0x10)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r4, &(0x7f0000000140), 0x8)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x12, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f088a847e08906", 0x0, 0xfe, 0x60000e1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x50)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x36)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000000)={0x14, r7, 0x201, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x74, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x48, 0x3, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x38, 0xb, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x10}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0xfffffffffffffffb}, @NFTA_LIMIT_BURST={0x8, 0x3, 0x1, 0x0, 0x7}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xf8}}, 0x0)

kernel console output (not intermixed with test programs):

ocess `syz.2.129'.
[   97.080929][ T6437] netlink: 2 bytes leftover after parsing attributes in process `syz.2.129'.
[   97.821474][ T6476] netlink: 4 bytes leftover after parsing attributes in process `syz.4.144'.
[   97.867660][ T6474] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[   97.950394][ T6481] netlink: 24 bytes leftover after parsing attributes in process `syz.3.145'.
[   98.520473][ T6497] xt_CT: No such helper "snmp"
[   98.770643][ T6514] netlink: 8 bytes leftover after parsing attributes in process `syz.2.152'.
[   99.101834][ T6528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.158'.
[   99.551636][ T6543] netlink: 4 bytes leftover after parsing attributes in process `syz.0.164'.
[   99.955809][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   99.963389][ T6525] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   99.982712][ T6531] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  100.089395][ T6562] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.097771][ T6562] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.292104][ T6562] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.351350][ T6562] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.366499][ T6574] netlink: 12 bytes leftover after parsing attributes in process `syz.4.170'.
[  100.481188][ T6579] xt_hashlimit: size too large, truncated to 1048576
[  100.596072][ T6562] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.605018][ T6562] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.648972][ T6562] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.675149][ T6562] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.947959][ T6591] batman_adv: batadv0: Adding interface: dummy0
[  100.954362][ T6591] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.988277][ T6591] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  101.066021][ T6601] netlink: 60 bytes leftover after parsing attributes in process `syz.3.176'.
[  101.220561][ T6604] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  101.319248][ T6618] FAULT_INJECTION: forcing a failure.
[  101.319248][ T6618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.337325][ T6618] CPU: 0 UID: 0 PID: 6618 Comm: syz.4.182 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  101.337356][ T6618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  101.337368][ T6618] Call Trace:
[  101.337376][ T6618]  <TASK>
[  101.337384][ T6618]  dump_stack_lvl+0x241/0x360
[  101.337414][ T6618]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.337435][ T6618]  ? __pfx__printk+0x10/0x10
[  101.337463][ T6618]  should_fail_ex+0x40a/0x550
[  101.337512][ T6618]  _copy_from_user+0x2d/0xb0
[  101.337539][ T6618]  copy_from_sockptr_offset+0x6b/0xb0
[  101.337571][ T6618]  do_ipt_set_ctl+0xbdd/0x1250
[  101.337602][ T6618]  ? nf_setsockopt+0x240/0x2c0
[  101.337620][ T6618]  ? do_ip_setsockopt+0x2824/0x3ae0
[  101.337645][ T6618]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  101.337673][ T6618]  ? rcu_is_watching+0x15/0xb0
[  101.337695][ T6618]  ? trace_contention_end+0x3c/0x120
[  101.337724][ T6618]  ? __mutex_unlock_slowpath+0x227/0x800
[  101.337761][ T6618]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  101.337788][ T6618]  ? aa_sk_perm+0x96d/0xab0
[  101.337821][ T6618]  ? __pfx_aa_sk_perm+0x10/0x10
[  101.337850][ T6618]  nf_setsockopt+0x295/0x2c0
[  101.337875][ T6618]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  101.337895][ T6618]  do_sock_setsockopt+0x3af/0x720
[  101.337922][ T6618]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  101.337949][ T6618]  ? __fget_files+0x395/0x410
[  101.337976][ T6618]  ? __fget_files+0x2a/0x410
[  101.338009][ T6618]  __x64_sys_setsockopt+0x1ee/0x280
[  101.338037][ T6618]  do_syscall_64+0xf3/0x230
[  101.338067][ T6618]  ? clear_bhb_loop+0x35/0x90
[  101.338095][ T6618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.338120][ T6618] RIP: 0033:0x7f72def8d169
[  101.338138][ T6618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.338153][ T6618] RSP: 002b:00007f72dfe8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  101.338174][ T6618] RAX: ffffffffffffffda RBX: 00007f72df1a5fa0 RCX: 00007f72def8d169
[  101.338188][ T6618] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[  101.338199][ T6618] RBP: 00007f72dfe8f090 R08: 00000000000002e8 R09: 0000000000000000
[  101.338210][ T6618] R10: 00002000000005c0 R11: 0000000000000246 R12: 0000000000000001
[  101.338221][ T6618] R13: 0000000000000000 R14: 00007f72df1a5fa0 R15: 00007ffeabae9678
[  101.338248][ T6618]  </TASK>
[  102.550352][ T6647] netlink: 20 bytes leftover after parsing attributes in process `syz.1.192'.
[  102.564572][ T6647] netlink: 16 bytes leftover after parsing attributes in process `syz.1.192'.
[  102.904830][ T6657] nbd: must specify a device to reconfigure
[  102.920373][ T6654] netlink: 36 bytes leftover after parsing attributes in process `syz.4.195'.
[  102.930768][ T6654] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  103.281186][ T6669] sch_tbf: burst 3631 is lower than device lo mtu (65550) !
[  103.315761][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  103.331983][ T6615] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  103.354841][ T6627] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  103.461759][ T6649] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  103.549728][ T6675] bond_slave_1: entered promiscuous mode
[  103.710716][ T6672] bond_slave_1: left promiscuous mode
[  103.974129][ T6697] netlink: 32 bytes leftover after parsing attributes in process `syz.0.210'.
[  104.028040][ T6700] netlink: 12 bytes leftover after parsing attributes in process `syz.1.212'.
[  104.213366][ T6708] vlan2: entered promiscuous mode
[  104.222897][ T6708] bond0: entered promiscuous mode
[  104.229030][ T6711] openvswitch: netlink: IPv4 tunnel dst address is zero
[  104.239339][ T6706] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  104.245921][ T6708] bond_slave_0: entered promiscuous mode
[  104.252761][ T6708] bond_slave_1: entered promiscuous mode
[  104.697185][ T6734] netlink: 'syz.0.224': attribute type 2 has an invalid length.
[  104.727279][ T6734] netlink: 'syz.0.224': attribute type 1 has an invalid length.
[  104.745850][ T6734] netlink: 224 bytes leftover after parsing attributes in process `syz.0.224'.
[  104.777703][ T6736] netlink: 'syz.2.225': attribute type 4 has an invalid length.
[  104.800567][ T6736] netlink: 'syz.2.225': attribute type 4 has an invalid length.
[  104.838508][ T6736] syzkaller1: entered promiscuous mode
[  104.844061][ T6736] syzkaller1: entered allmulticast mode
[  104.863022][ T6741] GUP no longer grows the stack in syz.3.227 (6741): 200000006000-20000000a000 (200000005000)
[  104.875393][ T6741] CPU: 0 UID: 0 PID: 6741 Comm: syz.3.227 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  104.875421][ T6741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  104.875433][ T6741] Call Trace:
[  104.875440][ T6741]  <TASK>
[  104.875448][ T6741]  dump_stack_lvl+0x241/0x360
[  104.875485][ T6741]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.875507][ T6741]  ? __pfx__printk+0x10/0x10
[  104.875524][ T6741]  ? find_vma+0xf9/0x170
[  104.875555][ T6741]  __get_user_pages+0x3b07/0x4140
[  104.875585][ T6741]  ? mark_lock+0x9a/0x360
[  104.875629][ T6741]  ? __pfx___get_user_pages+0x10/0x10
[  104.875646][ T6741]  ? __gup_longterm_locked+0xd2f/0x17f0
[  104.875670][ T6741]  ? __pfx_down_read_killable+0x10/0x10
[  104.875696][ T6741]  ? __pfx_lock_acquire+0x10/0x10
[  104.875728][ T6741]  ? try_get_folio+0xf1/0x6f0
[  104.875751][ T6741]  ? __pfx_lock_release+0x10/0x10
[  104.875789][ T6741]  __gup_longterm_locked+0xe64/0x17f0
[  104.875824][ T6741]  ? mark_lock+0x9a/0x360
[  104.875848][ T6741]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  104.875880][ T6741]  ? __pfx___gup_longterm_locked+0x10/0x10
[  104.875903][ T6741]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  104.875940][ T6741]  ? gup_fast_fallback+0x207e/0x29c0
[  104.875965][ T6741]  gup_fast_fallback+0x2266/0x29c0
[  104.876018][ T6741]  ? __pfx_gup_fast_fallback+0x10/0x10
[  104.876040][ T6741]  ? __lock_acquire+0x1397/0x2100
[  104.876107][ T6741]  ? is_valid_gup_args+0x124/0x200
[  104.876132][ T6741]  get_user_pages_fast+0xcc/0x160
[  104.876156][ T6741]  ? __pfx_get_user_pages_fast+0x10/0x10
[  104.876179][ T6741]  ? rcu_is_watching+0x15/0xb0
[  104.876203][ T6741]  ? trace_contention_end+0x3c/0x120
[  104.876232][ T6741]  __iov_iter_get_pages_alloc+0x39c/0xa90
[  104.876278][ T6741]  ? __se_sys_vmsplice+0x4b7/0x14a0
[  104.876305][ T6741]  ? schedule+0x155/0x320
[  104.876338][ T6741]  iov_iter_get_pages2+0xcf/0x130
[  104.876370][ T6741]  ? __pfx_iov_iter_get_pages2+0x10/0x10
[  104.876411][ T6741]  __se_sys_vmsplice+0x739/0x14a0
[  104.876466][ T6741]  ? __pfx___se_sys_vmsplice+0x10/0x10
[  104.876495][ T6741]  ? __pfx_futex_wait+0x10/0x10
[  104.876580][ T6741]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  104.876634][ T6741]  ? do_syscall_64+0x100/0x230
[  104.876669][ T6741]  ? do_syscall_64+0xb6/0x230
[  104.876703][ T6741]  do_syscall_64+0xf3/0x230
[  104.876734][ T6741]  ? clear_bhb_loop+0x35/0x90
[  104.876763][ T6741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.876788][ T6741] RIP: 0033:0x7f418cd8d169
[  104.876804][ T6741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.876820][ T6741] RSP: 002b:00007f418db5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  104.876841][ T6741] RAX: ffffffffffffffda RBX: 00007f418cfa5fa0 RCX: 00007f418cd8d169
[  104.876855][ T6741] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000e
[  104.876866][ T6741] RBP: 00007f418ce0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  104.876878][ T6741] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  104.876889][ T6741] R13: 0000000000000000 R14: 00007f418cfa5fa0 R15: 00007ffeb006eb48
[  104.876919][ T6741]  </TASK>
[  105.280403][ T5880] IPVS: starting estimator thread 0...
[  105.290622][ T6745] netlink: 36 bytes leftover after parsing attributes in process `syz.0.228'.
[  105.304439][ T6750] netlink: 24 bytes leftover after parsing attributes in process `syz.1.229'.
[  105.445862][ T6748] IPVS: using max 19 ests per chain, 45600 per kthread
[  105.569657][ T6760] netlink: 'syz.2.230': attribute type 10 has an invalid length.
[  106.167756][ T6774] netlink: 'syz.3.235': attribute type 7 has an invalid length.
[  106.282854][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  106.325709][ T6717] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  106.423457][ T6790] netlink: 104 bytes leftover after parsing attributes in process `syz.2.240'.
[  106.642321][ T6796] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.717318][ T6799] netlink: 12 bytes leftover after parsing attributes in process `syz.2.245'.
[  106.773730][ T6804] netlink: 'syz.4.246': attribute type 10 has an invalid length.
[  106.805823][ T6804] batman_adv: batadv0: Removing interface: dummy0
[  106.829117][ T6804] team0: Port device dummy0 added
[  107.280594][ T6807] team0: Port device dummy0 removed
[  107.372139][ T6822] bridge_slave_0: left allmulticast mode
[  107.399709][ T6822] bridge_slave_0: left promiscuous mode
[  107.425988][ T6822] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.466699][ T6822] bridge_slave_1: left allmulticast mode
[  107.485261][ T6822] bridge_slave_1: left promiscuous mode
[  107.503193][ T6822] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.626646][ T6822] bond0: (slave bond_slave_0): Releasing backup interface
[  107.713300][ T6822] bond_slave_0: left promiscuous mode
[  107.772809][ T6822] bond0: (slave bond_slave_1): Releasing backup interface
[  107.785951][ T6822] bond_slave_1: left promiscuous mode
[  107.829603][ T6822] team0: Port device team_slave_0 removed
[  107.892583][ T6822] team0: Port device team_slave_1 removed
[  107.906049][ T6822] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.932127][ T6822] batman_adv: batadv0: Removing interface: batadv_slave_1
[  108.027936][ T6825] team0: Mode changed to "loadbalance"
[  108.066130][ T6824] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  109.866020][ T6873] __nla_validate_parse: 3 callbacks suppressed
[  109.866040][ T6873] netlink: 512 bytes leftover after parsing attributes in process `syz.2.261'.
[  109.867751][ T6876] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  109.980449][ T6881] netlink: 'syz.0.265': attribute type 9 has an invalid length.
[  110.122877][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  110.137381][ T6832] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  110.358745][ T6884] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.362655][ T6894] netlink: 16 bytes leftover after parsing attributes in process `syz.0.267'.
[  110.382881][ T6884] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  110.401807][ T6884] bond0 (unregistering): Released all slaves
[  110.630134][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'.
[  110.964724][ T6916] ax25_connect(): syz.1.275 uses autobind, please contact jreuter@yaina.de
[  111.310104][ T3001] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.327407][ T6928] netlink: 28 bytes leftover after parsing attributes in process `syz.0.281'.
[  111.339218][ T6928] netlink: 28 bytes leftover after parsing attributes in process `syz.0.281'.
[  111.341326][ T3001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.410004][ T6928] erspan0: entered promiscuous mode
[  111.421024][ T6928] gretap0: entered promiscuous mode
[  111.430833][ T6928] hsr1: Slave A (erspan0) is not up; please bring it up to get a fully working HSR network
[  111.484459][ T6928] hsr1: Slave B (gretap0) is not up; please bring it up to get a fully working HSR network
[  111.580551][ T6935] netlink: 4 bytes leftover after parsing attributes in process `syz.1.282'.
[  111.734950][ T6942] netlink: 8 bytes leftover after parsing attributes in process `syz.4.284'.
[  111.744225][ T6942] openvswitch: netlink: Tunnel attr 10 has unexpected len 5032 expected 2
[  112.006444][ T6951] netlink: 8 bytes leftover after parsing attributes in process `syz.1.286'.
[  112.050316][ T6945] xt_CT: No such helper "snmp"
[  112.424845][ T6969] netlink: 44 bytes leftover after parsing attributes in process `syz.0.293'.
[  112.537386][ T6973] bridge0: port 1(gretap0) entered blocking state
[  112.544943][ T6973] bridge0: port 1(gretap0) entered disabled state
[  112.552099][ T6973] gretap0: entered allmulticast mode
[  112.560983][ T6973] gretap0: entered promiscuous mode
[  112.572506][ T6976] gretap0: left allmulticast mode
[  112.578304][ T6976] gretap0: left promiscuous mode
[  112.584444][ T6976] bridge0: port 1(gretap0) entered disabled state
[  112.607298][ T6973] netlink: 60 bytes leftover after parsing attributes in process `syz.4.296'.
[  112.629048][ T6975] xt_hashlimit: size too large, truncated to 1048576
[  112.688008][ T6977] xt_hashlimit: size too large, truncated to 1048576
[  113.160343][ T6991] IPVS: set_ctl: invalid protocol: 1 224.0.0.2:64
[  114.369043][ T6872] Set syz1 is full, maxelem 65536 reached
[  114.545008][ T7020] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  114.732563][ T7025] macvlan2: entered promiscuous mode
[  114.752222][ T7025] bridge0: entered promiscuous mode
[  114.877019][ T7035] __nla_validate_parse: 2 callbacks suppressed
[  114.877041][ T7035] netlink: 20 bytes leftover after parsing attributes in process `syz.1.318'.
[  115.024294][ T7044] netlink: 'syz.3.320': attribute type 16 has an invalid length.
[  115.152276][ T7051] netlink: 'syz.0.324': attribute type 1 has an invalid length.
[  115.176615][ T7051] bond1: entered promiscuous mode
[  115.182036][ T7051] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.189153][ T7053] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  115.205740][ T7051] bond1: (slave bridge2): making interface the new active one
[  115.213379][ T7051] bridge2: entered promiscuous mode
[  115.220076][ T7051] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  115.335135][ T7057] netlink: 512 bytes leftover after parsing attributes in process `syz.1.323'.
[  115.480935][ T7066] netlink: 'syz.3.329': attribute type 10 has an invalid length.
[  115.790935][ T7066] bridge_slave_0: left allmulticast mode
[  115.797736][ T7066] bridge_slave_0: left promiscuous mode
[  115.813859][ T7066] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.868246][ T7066] bridge_slave_1: left allmulticast mode
[  115.876288][ T7066] bridge_slave_1: left promiscuous mode
[  115.893693][ T7066] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.917753][ T7066] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.933587][ T7066] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.175364][ T7083] xt_nfacct: accounting object `syz1' does not exists
[  116.593315][ T7097] netlink: 'syz.4.336': attribute type 16 has an invalid length.
[  116.601617][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  117.364092][ T7119] xt_hashlimit: size too large, truncated to 1048576
[  118.063880][ T7133] netlink: 16 bytes leftover after parsing attributes in process `syz.4.347'.
[  118.089986][ T7133] xt_l2tp: invalid flags combination: 4
[  118.196618][ T7116] netlink: 208 bytes leftover after parsing attributes in process `syz.3.343'.
[  118.338072][ T7139] netlink: 24 bytes leftover after parsing attributes in process `syz.2.349'.
[  118.710510][ T7156] netlink: 12 bytes leftover after parsing attributes in process `syz.4.354'.
[  118.754432][ T7150] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  119.074332][ T7164] netlink: 168 bytes leftover after parsing attributes in process `syz.4.355'.
[  119.781398][ T7187] netlink: 24 bytes leftover after parsing attributes in process `syz.3.360'.
[  119.865374][ T7188] netlink: 120 bytes leftover after parsing attributes in process `syz.0.361'.
[  120.049699][ T7187] syzkaller0: entered promiscuous mode
[  120.065827][ T7187] syzkaller0: entered allmulticast mode
[  120.239272][ T7199] netlink: 'syz.4.364': attribute type 10 has an invalid length.
[  120.372527][ T7204] netlink: 60 bytes leftover after parsing attributes in process `syz.4.364'.
[  120.394181][ T7204] netlink: 28 bytes leftover after parsing attributes in process `syz.4.364'.
[  120.434407][ T7055] Set syz1 is full, maxelem 65536 reached
[  120.847232][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  121.321906][ T7209] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  121.842667][ T7199] team0: Port device dummy0 added
[  121.848917][ T7201] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  122.027814][ T7223] netlink: 'syz.1.371': attribute type 10 has an invalid length.
[  122.074233][ T7223] team0: Port device dummy0 added
[  122.108559][ T7223] netlink: 60 bytes leftover after parsing attributes in process `syz.1.371'.
[  122.302227][ T7228] team0: Port device dummy0 removed
[  122.440402][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.376'.
[  122.467483][ T7240] netlink: 512 bytes leftover after parsing attributes in process `syz.0.377'.
[  122.569589][ T7246] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  122.702322][   T30] audit: type=1800 audit(1742995176.466:3): pid=7256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.381" name=3199 dev="tmpfs" ino=335 res=0 errno=0
[  122.753573][ T7259] netlink: 'syz.3.383': attribute type 1 has an invalid length.
[  122.805191][ T7259] bond0: entered promiscuous mode
[  122.830009][ T7259] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.870116][ T7265] bond0: (slave bridge1): making interface the new active one
[  122.878329][ T7265] bridge1: entered promiscuous mode
[  122.884969][ T7265] bond0: (slave bridge1): Enslaving as an active interface with an up link
[  123.342031][ T7283] netlink: 12 bytes leftover after parsing attributes in process `syz.4.389'.
[  123.487032][ T7287] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  123.719820][ T7298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.394'.
[  123.769337][ T7298] nbd: must specify a device to reconfigure
[  123.952294][ T7308] netlink: 156 bytes leftover after parsing attributes in process `syz.3.398'.
[  124.038206][ T7316] netlink: 4 bytes leftover after parsing attributes in process `syz.4.399'.
[  124.126139][ T7317] netlink: 48 bytes leftover after parsing attributes in process `syz.0.401'.
[  124.156647][ T7320] netlink: 'syz.2.402': attribute type 10 has an invalid length.
[  124.202681][ T7320] team0: Port device dummy0 added
[  124.227887][ T7320] FAULT_INJECTION: forcing a failure.
[  124.227887][ T7320] name failslab, interval 1, probability 0, space 0, times 0
[  124.241174][ T7320] CPU: 1 UID: 0 PID: 7320 Comm: syz.2.402 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  124.241202][ T7320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  124.241214][ T7320] Call Trace:
[  124.241221][ T7320]  <TASK>
[  124.241230][ T7320]  dump_stack_lvl+0x241/0x360
[  124.241265][ T7320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.241288][ T7320]  ? __pfx__printk+0x10/0x10
[  124.241322][ T7320]  should_fail_ex+0x40a/0x550
[  124.241359][ T7320]  should_failslab+0xac/0x100
[  124.241388][ T7320]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  124.241418][ T7320]  ? nf_ct_ext_add+0x1a8/0x410
[  124.241443][ T7320]  ? nf_ct_ext_add+0x1a8/0x410
[  124.241466][ T7320]  krealloc_noprof+0x10f/0x300
[  124.241499][ T7320]  nf_ct_ext_add+0x1a8/0x410
[  124.241524][ T7320]  ? ctnetlink_new_conntrack+0x7d5/0x2250
[  124.241550][ T7320]  ctnetlink_new_conntrack+0x1385/0x2250
[  124.241579][ T7320]  ? __pfx___mutex_trylock_common+0x10/0x10
[  124.241609][ T7320]  ? __pfx_ctnetlink_new_conntrack+0x10/0x10
[  124.241630][ T7320]  ? rcu_is_watching+0x15/0xb0
[  124.241654][ T7320]  ? trace_contention_end+0x3c/0x120
[  124.241679][ T7320]  ? __mutex_lock+0x397/0x1010
[  124.241723][ T7320]  ? nfnetlink_rcv_msg+0xa5c/0x1180
[  124.241753][ T7320]  ? __pfx_lock_release+0x10/0x10
[  124.241797][ T7320]  ? nfnetlink_rcv_msg+0x225/0x1180
[  124.241824][ T7320]  nfnetlink_rcv_msg+0xbec/0x1180
[  124.241849][ T7320]  ? nfnetlink_rcv_msg+0x225/0x1180
[  124.241895][ T7320]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  124.241919][ T7320]  ? stack_trace_save+0x118/0x1d0
[  124.241974][ T7320]  ? dev_hard_start_xmit+0x2d4/0x840
[  124.241999][ T7320]  ? __dev_queue_xmit+0x1b73/0x3f40
[  124.242025][ T7320]  ? __netlink_deliver_tap+0x561/0x7f0
[  124.242043][ T7320]  ? netlink_deliver_tap+0x19d/0x1b0
[  124.242060][ T7320]  ? netlink_unicast+0x7c4/0x990
[  124.242086][ T7320]  ? netlink_sendmsg+0x8de/0xcb0
[  124.242104][ T7320]  ? __sock_sendmsg+0x221/0x270
[  124.242132][ T7320]  ? ____sys_sendmsg+0x53a/0x860
[  124.242155][ T7320]  ? __sys_sendmsg+0x269/0x350
[  124.242195][ T7320]  netlink_rcv_skb+0x206/0x480
[  124.242227][ T7320]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  124.242254][ T7320]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  124.242299][ T7320]  ? apparmor_capable+0x13b/0x1b0
[  124.242327][ T7320]  ? bpf_lsm_capable+0x9/0x10
[  124.242344][ T7320]  ? security_capable+0x7e/0x2d0
[  124.242382][ T7320]  nfnetlink_rcv+0x297/0x2ab0
[  124.242414][ T7320]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  124.242446][ T7320]  ? __dev_queue_xmit+0x2f4/0x3f40
[  124.242494][ T7320]  ? __dev_queue_xmit+0x1775/0x3f40
[  124.242522][ T7320]  ? kasan_save_track+0x51/0x80
[  124.242552][ T7320]  ? ____sys_sendmsg+0x53a/0x860
[  124.242582][ T7320]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  124.242607][ T7320]  ? __dev_queue_xmit+0x2f4/0x3f40
[  124.242641][ T7320]  ? __pfx___dev_queue_xmit+0x10/0x10
[  124.242688][ T7320]  ? ref_tracker_free+0x643/0x7e0
[  124.242711][ T7320]  ? __asan_memcpy+0x40/0x70
[  124.242732][ T7320]  ? __pfx_ref_tracker_free+0x10/0x10
[  124.242771][ T7320]  ? netlink_deliver_tap+0x2e/0x1b0
[  124.242790][ T7320]  ? skb_clone+0x240/0x390
[  124.242817][ T7320]  ? __pfx_lock_release+0x10/0x10
[  124.242850][ T7320]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  124.242883][ T7320]  ? netlink_deliver_tap+0x2e/0x1b0
[  124.242906][ T7320]  netlink_unicast+0x7f6/0x990
[  124.242953][ T7320]  ? __pfx_netlink_unicast+0x10/0x10
[  124.242981][ T7320]  ? __virt_addr_valid+0x45f/0x530
[  124.243002][ T7320]  ? __phys_addr_symbol+0x2f/0x70
[  124.243022][ T7320]  ? __check_object_size+0x47a/0x730
[  124.243057][ T7320]  netlink_sendmsg+0x8de/0xcb0
[  124.243092][ T7320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  124.243118][ T7320]  ? aa_sock_msg_perm+0x91/0x160
[  124.243157][ T7320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  124.243176][ T7320]  __sock_sendmsg+0x221/0x270
[  124.243212][ T7320]  ____sys_sendmsg+0x53a/0x860
[  124.243249][ T7320]  ? __pfx_____sys_sendmsg+0x10/0x10
[  124.243295][ T7320]  __sys_sendmsg+0x269/0x350
[  124.243327][ T7320]  ? __pfx___sys_sendmsg+0x10/0x10
[  124.243369][ T7320]  ? __pfx_vfs_write+0x10/0x10
[  124.243388][ T7320]  ? do_sys_openat2+0x17a/0x1d0
[  124.243450][ T7320]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  124.243484][ T7320]  ? do_syscall_64+0x100/0x230
[  124.243520][ T7320]  ? do_syscall_64+0xb6/0x230
[  124.243556][ T7320]  do_syscall_64+0xf3/0x230
[  124.243588][ T7320]  ? clear_bhb_loop+0x35/0x90
[  124.243621][ T7320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.243649][ T7320] RIP: 0033:0x7f1fa558d169
[  124.243667][ T7320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.243683][ T7320] RSP: 002b:00007f1fa33f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  124.243706][ T7320] RAX: ffffffffffffffda RBX: 00007f1fa57a5fa0 RCX: 00007f1fa558d169
[  124.243721][ T7320] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  124.243734][ T7320] RBP: 00007f1fa33f6090 R08: 0000000000000000 R09: 0000000000000000
[  124.243746][ T7320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.243758][ T7320] R13: 0000000000000000 R14: 00007f1fa57a5fa0 R15: 00007ffe5a46a618
[  124.243802][ T7320]  </TASK>
[  124.748222][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  124.873842][ T7329] bridge0: left promiscuous mode
[  124.880654][ T7329] macvlan2: left promiscuous mode
[  124.909935][ T7329] bond0: left promiscuous mode
[  124.914777][ T7329] bridge1: left promiscuous mode
[  124.973955][ T7330] team0: Port device dummy0 removed
[  124.985080][ T7330] bridge_slave_0: left allmulticast mode
[  124.991212][ T7330] bridge_slave_0: left promiscuous mode
[  124.999794][ T7330] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.046436][ T7330] bridge_slave_1: left allmulticast mode
[  125.056229][ T7330] bridge_slave_1: left promiscuous mode
[  125.062169][ T7330] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.075308][ T7330] bond0: (slave bond_slave_0): Releasing backup interface
[  125.095426][ T7330] bond0: (slave bond_slave_1): Releasing backup interface
[  125.119364][ T7330] team0: Port device team_slave_0 removed
[  125.133132][ T7330] team0: Port device team_slave_1 removed
[  125.146661][ T7330] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.156538][ T7330] batman_adv: batadv0: Removing interface: batadv_slave_0
[  125.171383][ T7330] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  125.195444][ T7330] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.530920][ T7351] IPVS: Error connecting to the multicast addr
[  125.773360][ T7366] __nla_validate_parse: 2 callbacks suppressed
[  125.773381][ T7366] netlink: 4 bytes leftover after parsing attributes in process `syz.4.414'.
[  125.858449][ T7365] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  125.873524][ T7372] netlink: 24 bytes leftover after parsing attributes in process `syz.1.416'.
[  125.889505][ T7372] netlink: 'syz.1.416': attribute type 1 has an invalid length.
[  125.985741][ T7366] netlink: 'syz.4.414': attribute type 7 has an invalid length.
[  126.092361][ T7382] netlink: 36 bytes leftover after parsing attributes in process `syz.1.417'.
[  126.296701][ T7388] lo speed is unknown, defaulting to 1000
[  126.302915][ T7388] lo speed is unknown, defaulting to 1000
[  126.334233][ T7388] lo speed is unknown, defaulting to 1000
[  126.343875][ T7390] netlink: 28 bytes leftover after parsing attributes in process `syz.2.421'.
[  126.377164][ T7388] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  126.388129][ T7390] netlink: 28 bytes leftover after parsing attributes in process `syz.2.421'.
[  126.403578][ T7392] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  126.414171][ T7388] infiniband s›z0: RDMA CMA: cma_listen_on_dev, error -98
[  126.440701][ T7398] netlink: 48 bytes leftover after parsing attributes in process `syz.3.423'.
[  126.450674][ T7390] erspan0: entered promiscuous mode
[  126.463663][ T7390] gretap0: entered promiscuous mode
[  126.470194][ T7390] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  126.489151][ T7390] Cannot create hsr debugfs directory
[  126.513946][ T7398] vti0: entered promiscuous mode
[  126.571191][ T7388] lo speed is unknown, defaulting to 1000
[  126.589158][ T7402] netlink: 632 bytes leftover after parsing attributes in process `syz.0.424'.
[  126.594350][ T7388] lo speed is unknown, defaulting to 1000
[  126.615295][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.3.423'.
[  126.685995][ T7388] lo speed is unknown, defaulting to 1000
[  126.692895][ T7388] lo speed is unknown, defaulting to 1000
[  126.764781][ T7388] lo speed is unknown, defaulting to 1000
[  127.174823][ T7423] xt_CT: No such helper "snmp"
[  127.205244][ T7435] netlink: 24 bytes leftover after parsing attributes in process `syz.3.436'.
[  127.315287][ T7435] lo speed is unknown, defaulting to 1000
[  127.363152][ T7440] FAULT_INJECTION: forcing a failure.
[  127.363152][ T7440] name failslab, interval 1, probability 0, space 0, times 0
[  127.394402][ T7440] CPU: 1 UID: 0 PID: 7440 Comm: syz.1.437 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  127.394433][ T7440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  127.394445][ T7440] Call Trace:
[  127.394453][ T7440]  <TASK>
[  127.394468][ T7440]  dump_stack_lvl+0x241/0x360
[  127.394500][ T7440]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.394524][ T7440]  ? __pfx__printk+0x10/0x10
[  127.394548][ T7440]  ? __kmalloc_cache_noprof+0x48/0x390
[  127.394580][ T7440]  ? __pfx___might_resched+0x10/0x10
[  127.394612][ T7440]  should_fail_ex+0x40a/0x550
[  127.394650][ T7440]  should_failslab+0xac/0x100
[  127.394677][ T7440]  ? __pfx_nfsd_net_free+0x10/0x10
[  127.394704][ T7440]  __kmalloc_cache_noprof+0x70/0x390
[  127.394733][ T7440]  ? percpu_ref_init+0xbf/0x360
[  127.394757][ T7440]  ? __pfx_nfsd_net_free+0x10/0x10
[  127.394784][ T7440]  percpu_ref_init+0xbf/0x360
[  127.394807][ T7440]  ? net_generic+0x1f/0x240
[  127.394835][ T7440]  nfsd_create_serv+0x124/0x940
[  127.394870][ T7440]  ? __pfx_nfsd_create_serv+0x10/0x10
[  127.394897][ T7440]  ? nfsd_nl_listener_set_doit+0x12d/0x1a90
[  127.394928][ T7440]  ? __pfx___mutex_lock+0x10/0x10
[  127.394962][ T7440]  ? __asan_memset+0x23/0x50
[  127.394985][ T7440]  ? netlink_unicast+0x7f6/0x990
[  127.395014][ T7440]  ? netlink_sendmsg+0x8de/0xcb0
[  127.395032][ T7440]  ? __sock_sendmsg+0x221/0x270
[  127.395062][ T7440]  ? ____sys_sendmsg+0x53a/0x860
[  127.395087][ T7440]  ? do_syscall_64+0xf3/0x230
[  127.395128][ T7440]  nfsd_nl_listener_set_doit+0x135/0x1a90
[  127.395162][ T7440]  ? __pfx___nla_validate_parse+0x10/0x10
[  127.395211][ T7440]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  127.395249][ T7440]  ? __nla_parse+0x40/0x60
[  127.395276][ T7440]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  127.395314][ T7440]  genl_rcv_msg+0xb1f/0xec0
[  127.395350][ T7440]  ? __pfx_genl_rcv_msg+0x10/0x10
[  127.395414][ T7440]  ? __pfx_lock_acquire+0x10/0x10
[  127.395445][ T7440]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  127.395483][ T7440]  ? __pfx___might_resched+0x10/0x10
[  127.395521][ T7440]  netlink_rcv_skb+0x206/0x480
[  127.395556][ T7440]  ? __pfx_genl_rcv_msg+0x10/0x10
[  127.395584][ T7440]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  127.395648][ T7440]  genl_rcv+0x28/0x40
[  127.395672][ T7440]  netlink_unicast+0x7f6/0x990
[  127.395712][ T7440]  ? __pfx_netlink_unicast+0x10/0x10
[  127.395740][ T7440]  ? __virt_addr_valid+0x45f/0x530
[  127.395761][ T7440]  ? __phys_addr_symbol+0x2f/0x70
[  127.395781][ T7440]  ? __check_object_size+0x47a/0x730
[  127.395815][ T7440]  netlink_sendmsg+0x8de/0xcb0
[  127.395850][ T7440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.395877][ T7440]  ? aa_sock_msg_perm+0x91/0x160
[  127.395916][ T7440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.395935][ T7440]  __sock_sendmsg+0x221/0x270
[  127.395970][ T7440]  ____sys_sendmsg+0x53a/0x860
[  127.396006][ T7440]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.396030][ T7440]  ? __fget_files+0x2a/0x410
[  127.396065][ T7440]  ? __fget_files+0x2a/0x410
[  127.396106][ T7440]  __sys_sendmsg+0x269/0x350
[  127.396138][ T7440]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.396179][ T7440]  ? do_sys_openat2+0x17a/0x1d0
[  127.396241][ T7440]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  127.396275][ T7440]  ? do_syscall_64+0x100/0x230
[  127.396310][ T7440]  ? do_syscall_64+0xb6/0x230
[  127.396346][ T7440]  do_syscall_64+0xf3/0x230
[  127.396377][ T7440]  ? clear_bhb_loop+0x35/0x90
[  127.396411][ T7440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.396439][ T7440] RIP: 0033:0x7fe0e0d8d169
[  127.396484][ T7440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.396500][ T7440] RSP: 002b:00007fe0e1c8a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.396522][ T7440] RAX: ffffffffffffffda RBX: 00007fe0e0fa5fa0 RCX: 00007fe0e0d8d169
[  127.396536][ T7440] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000a
[  127.396549][ T7440] RBP: 00007fe0e1c8a090 R08: 0000000000000000 R09: 0000000000000000
[  127.396561][ T7440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.396573][ T7440] R13: 0000000000000000 R14: 00007fe0e0fa5fa0 R15: 00007ffd15173448
[  127.396605][ T7440]  </TASK>
[  127.955850][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  128.057488][ T7450] openvswitch: netlink: nsh attr 2 has unexpected len 0 expected 16
[  128.062101][ T5834] Bluetooth: hci4: link tx timeout
[  128.071086][ T5834] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  128.081991][ T5834] Bluetooth: hci4: link tx timeout
[  128.087215][ T5834] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  128.094823][ T7450] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  128.094871][ T5834] Bluetooth: hci4: link tx timeout
[  128.109269][ T5834] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  128.317906][ T7450] netlink: 32 bytes leftover after parsing attributes in process `syz.1.440'.
[  128.587094][ T7476] netlink: 'syz.4.450': attribute type 1 has an invalid length.
[  128.602441][ T7477] IPVS: Error connecting to the multicast addr
[  128.699389][ T7476] bond1: entered promiscuous mode
[  128.738911][ T7476] 8021q: adding VLAN 0 to HW filter on device bond1
[  128.843947][ T7483] bond1: (slave bridge1): making interface the new active one
[  128.862022][ T7483] bridge1: entered promiscuous mode
[  128.892836][ T7483] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  128.973094][ T7488] syzkaller1: entered promiscuous mode
[  128.978949][ T7488] syzkaller1: entered allmulticast mode
[  129.173431][ T7503] xt_hashlimit: size too large, truncated to 1048576
[  129.487597][ T7496] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  129.656091][ T7518] netlink: 'syz.1.459': attribute type 1 has an invalid length.
[  129.836565][ T7519] lo speed is unknown, defaulting to 1000
[  130.118256][ T5834] Bluetooth: hci4: command 0x0406 tx timeout
[  130.171492][ T7529] lo speed is unknown, defaulting to 1000
[  131.378284][ T7577] __nla_validate_parse: 6 callbacks suppressed
[  131.378307][ T7577] netlink: 16 bytes leftover after parsing attributes in process `syz.1.471'.
[  131.482930][ T7582] xt_hashlimit: size too large, truncated to 1048576
[  131.712442][ T7596] FAULT_INJECTION: forcing a failure.
[  131.712442][ T7596] name failslab, interval 1, probability 0, space 0, times 0
[  131.775158][ T7596] CPU: 0 UID: 0 PID: 7596 Comm: syz.4.478 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  131.775191][ T7596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  131.775204][ T7596] Call Trace:
[  131.775212][ T7596]  <TASK>
[  131.775220][ T7596]  dump_stack_lvl+0x241/0x360
[  131.775254][ T7596]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.775278][ T7596]  ? __pfx__printk+0x10/0x10
[  131.775303][ T7596]  ? kmem_cache_alloc_noprof+0x48/0x380
[  131.775334][ T7596]  ? __pfx___might_resched+0x10/0x10
[  131.775369][ T7596]  should_fail_ex+0x40a/0x550
[  131.775408][ T7596]  should_failslab+0xac/0x100
[  131.775437][ T7596]  ? __anon_vma_prepare+0xc4/0x4a0
[  131.775473][ T7596]  kmem_cache_alloc_noprof+0x70/0x380
[  131.775508][ T7596]  __anon_vma_prepare+0xc4/0x4a0
[  131.775536][ T7596]  __handle_mm_fault+0x5f7d/0x6ef0
[  131.775597][ T7596]  ? __pfx___handle_mm_fault+0x10/0x10
[  131.775645][ T7596]  ? mt_find+0x2a9/0x920
[  131.775678][ T7596]  ? __pfx_lock_release+0x10/0x10
[  131.775724][ T7596]  ? mt_find+0x2a9/0x920
[  131.775757][ T7596]  ? mt_find+0x6c8/0x920
[  131.775790][ T7596]  ? mt_find+0x2a9/0x920
[  131.775827][ T7596]  ? __pfx_mt_find+0x10/0x10
[  131.775880][ T7596]  ? find_vma+0xf9/0x170
[  131.775898][ T7596]  ? __pfx_find_vma+0x10/0x10
[  131.775920][ T7596]  handle_mm_fault+0x3e5/0x8d0
[  131.775965][ T7596]  exc_page_fault+0x2b9/0x8b0
[  131.775996][ T7596]  ? __might_fault+0xaa/0x120
[  131.776021][ T7596]  asm_exc_page_fault+0x26/0x30
[  131.776049][ T7596] RIP: 0010:__put_user_4+0x11/0x20
[  131.776081][ T7596] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  131.776098][ T7596] RSP: 0018:ffffc900050b7708 EFLAGS: 00050202
[  131.776117][ T7596] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000000840
[  131.776130][ T7596] RDX: 0000000000000000 RSI: ffffffff8c2ac600 RDI: ffffffff8c80ffe0
[  131.776144][ T7596] RBP: 0000000000000000 R08: ffffffff903d2a77 R09: 1ffffffff207a54e
[  131.776157][ T7596] R10: dffffc0000000000 R11: fffffbfff207a54f R12: dffffc0000000000
[  131.776172][ T7596] R13: 1ffff92000a16ef0 R14: 0000200000000840 R15: ffff88805e0a40e8
[  131.776206][ T7596]  bt_sock_ioctl+0x1f7/0x2c0
[  131.776236][ T7596]  sock_do_ioctl+0x158/0x460
[  131.776267][ T7596]  ? kernel_text_address+0xa7/0xe0
[  131.776296][ T7596]  ? __pfx_sock_do_ioctl+0x10/0x10
[  131.776325][ T7596]  ? arch_stack_walk+0xfd/0x150
[  131.776359][ T7596]  ? stack_trace_save+0x118/0x1d0
[  131.776390][ T7596]  sock_ioctl+0x626/0x8e0
[  131.776423][ T7596]  ? __pfx_sock_ioctl+0x10/0x10
[  131.776468][ T7596]  ? kasan_save_track+0x51/0x80
[  131.776489][ T7596]  ? kasan_save_track+0x3f/0x80
[  131.776510][ T7596]  ? kasan_save_free_info+0x40/0x50
[  131.776540][ T7596]  ? __kasan_slab_free+0x59/0x70
[  131.776563][ T7596]  ? kfree+0x196/0x430
[  131.776588][ T7596]  ? security_file_ioctl+0xc6/0x2a0
[  131.776616][ T7596]  ? __se_sys_ioctl+0x46/0x170
[  131.776637][ T7596]  ? do_syscall_64+0xf3/0x230
[  131.776668][ T7596]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.776696][ T7596]  ? __pfx_sock_ioctl+0x10/0x10
[  131.776728][ T7596]  do_vfs_ioctl+0xece/0x2770
[  131.776759][ T7596]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  131.776786][ T7596]  ? mark_lock+0x9a/0x360
[  131.776824][ T7596]  ? tomoyo_path_number_perm+0x209/0x770
[  131.776856][ T7596]  ? __pfx_lock_release+0x10/0x10
[  131.776890][ T7596]  ? tomoyo_path_number_perm+0x5dd/0x770
[  131.776923][ T7596]  ? tomoyo_path_number_perm+0x5dd/0x770
[  131.776959][ T7596]  ? tomoyo_path_number_perm+0x65d/0x770
[  131.776988][ T7596]  ? __lock_acquire+0x1397/0x2100
[  131.777023][ T7596]  ? tomoyo_path_number_perm+0x209/0x770
[  131.777055][ T7596]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.777131][ T7596]  ? __fget_files+0x2a/0x410
[  131.777166][ T7596]  ? __fget_files+0x2a/0x410
[  131.777205][ T7596]  __se_sys_ioctl+0x80/0x170
[  131.777232][ T7596]  do_syscall_64+0xf3/0x230
[  131.777265][ T7596]  ? clear_bhb_loop+0x35/0x90
[  131.777298][ T7596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.777326][ T7596] RIP: 0033:0x7f72def8d169
[  131.777344][ T7596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.777360][ T7596] RSP: 002b:00007f72dfe8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.777380][ T7596] RAX: ffffffffffffffda RBX: 00007f72df1a5fa0 RCX: 00007f72def8d169
[  131.777394][ T7596] RDX: 0000200000000840 RSI: 000000000000541b RDI: 0000000000000004
[  131.777407][ T7596] RBP: 00007f72dfe8f090 R08: 0000000000000000 R09: 0000000000000000
[  131.777419][ T7596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.777431][ T7596] R13: 0000000000000000 R14: 00007f72df1a5fa0 R15: 00007ffeabae9678
[  131.777469][ T7596]  </TASK>
[  132.739340][ T7614] netlink: 24 bytes leftover after parsing attributes in process `syz.4.485'.
[  132.969175][ T7625] netlink: 16 bytes leftover after parsing attributes in process `syz.1.488'.
[  133.002530][ T7624] lo speed is unknown, defaulting to 1000
[  133.014048][ T7625] netlink: 8 bytes leftover after parsing attributes in process `syz.1.488'.
[  133.059678][ T7617] netlink: 36 bytes leftover after parsing attributes in process `syz.0.486'.
[  133.084330][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  133.093240][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  133.167043][ T7630] netlink: 16 bytes leftover after parsing attributes in process `syz.3.489'.
[  133.267604][ T7635] vcan1: entered promiscuous mode
[  133.274908][ T7635] vcan1: entered allmulticast mode
[  133.539433][ T7643] netlink: 4 bytes leftover after parsing attributes in process `syz.0.493'.
[  133.557962][ T7644] netlink: 4 bytes leftover after parsing attributes in process `syz.0.493'.
[  133.580718][ T7643] netlink: 'syz.0.493': attribute type 2 has an invalid length.
[  133.588900][ T7643] netlink: 'syz.0.493': attribute type 1 has an invalid length.
[  133.699180][ T7647] FAULT_INJECTION: forcing a failure.
[  133.699180][ T7647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.729508][ T7647] CPU: 0 UID: 0 PID: 7647 Comm: syz.0.494 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  133.729537][ T7647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  133.729550][ T7647] Call Trace:
[  133.729557][ T7647]  <TASK>
[  133.729565][ T7647]  dump_stack_lvl+0x241/0x360
[  133.729596][ T7647]  ? __pfx_dump_stack_lvl+0x10/0x10
[  133.729618][ T7647]  ? __pfx__printk+0x10/0x10
[  133.729641][ T7647]  ? __pfx_lock_release+0x10/0x10
[  133.729681][ T7647]  should_fail_ex+0x40a/0x550
[  133.729719][ T7647]  _copy_from_user+0x2d/0xb0
[  133.729747][ T7647]  copy_msghdr_from_user+0xae/0x680
[  133.729782][ T7647]  ? __pfx___might_resched+0x10/0x10
[  133.729815][ T7647]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  133.729854][ T7647]  ? do_recvmmsg+0x44e/0xab0
[  133.729881][ T7647]  ? __might_fault+0xaa/0x120
[  133.729907][ T7647]  do_recvmmsg+0x3bd/0xab0
[  133.729947][ T7647]  ? __pfx_do_recvmmsg+0x10/0x10
[  133.729994][ T7647]  ? ksys_write+0x22a/0x2b0
[  133.730018][ T7647]  ? __pfx_lock_release+0x10/0x10
[  133.730056][ T7647]  ? sb_end_write+0xe9/0x1c0
[  133.730087][ T7647]  ? vfs_write+0x7fa/0xd10
[  133.730111][ T7647]  ? __mutex_unlock_slowpath+0x227/0x800
[  133.730153][ T7647]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  133.730185][ T7647]  ? __fget_files+0x2a/0x410
[  133.730232][ T7647]  __x64_sys_recvmmsg+0x199/0x250
[  133.730263][ T7647]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  133.730292][ T7647]  ? do_syscall_64+0x100/0x230
[  133.730327][ T7647]  ? do_syscall_64+0xb6/0x230
[  133.730371][ T7647]  do_syscall_64+0xf3/0x230
[  133.730403][ T7647]  ? clear_bhb_loop+0x35/0x90
[  133.730436][ T7647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.730465][ T7647] RIP: 0033:0x7f392618d169
[  133.730483][ T7647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.730500][ T7647] RSP: 002b:00007f3926f8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  133.730522][ T7647] RAX: ffffffffffffffda RBX: 00007f39263a5fa0 RCX: 00007f392618d169
[  133.730536][ T7647] RDX: 0000000000001003 RSI: 00002000000048c0 RDI: 0000000000000006
[  133.730548][ T7647] RBP: 00007f3926f8b090 R08: 0000000000000000 R09: 0000000000000000
[  133.730560][ T7647] R10: 0000000000010122 R11: 0000000000000246 R12: 0000000000000002
[  133.730572][ T7647] R13: 0000000000000000 R14: 00007f39263a5fa0 R15: 00007ffed93f0698
[  133.730603][ T7647]  </TASK>
[  133.880183][ T7649] netlink: 120 bytes leftover after parsing attributes in process `syz.1.495'.
[  134.036209][ T7636] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.045869][ T7636] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.054893][ T7636] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.063930][ T7636] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  134.077078][ T7636] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  134.308631][ T7657] netlink: 12 bytes leftover after parsing attributes in process `syz.2.498'.
[  134.774014][ T7673] netlink: 'syz.2.504': attribute type 3 has an invalid length.
[  135.151132][ T7682] netlink: 'syz.2.508': attribute type 10 has an invalid length.
[  135.159228][ T7661] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  135.188015][ T7682] team0: Port device dummy0 added
[  135.260797][ T7684] bond1: left promiscuous mode
[  135.270209][ T7684] bridge1: left promiscuous mode
[  135.484863][ T7685] team0: Port device dummy0 removed
[  135.503301][ T7687] lo speed is unknown, defaulting to 1000
[  136.119598][ T7705] xt_nfacct: accounting object `syz1' does not exists
[  136.246417][ T7709] vlan0: entered promiscuous mode
[  136.261918][ T7709] vlan0: entered allmulticast mode
[  136.278561][ T7709] hsr_slave_1: entered allmulticast mode
[  136.395983][ T7712] __nla_validate_parse: 3 callbacks suppressed
[  136.396003][ T7712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.519'.
[  136.549547][ T7717] IPVS: Error connecting to the multicast addr
[  137.251574][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  137.326046][ T7717] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  137.414572][ T7766] netlink: 156 bytes leftover after parsing attributes in process `syz.1.524'.
[  137.572904][ T7773] netlink: 48 bytes leftover after parsing attributes in process `syz.2.526'.
[  137.823925][ T7782] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  137.876246][ T7784] netlink: 'syz.1.532': attribute type 10 has an invalid length.
[  137.898316][ T7784] team0: Port device dummy0 added
[  137.907887][ T7784] netlink: 60 bytes leftover after parsing attributes in process `syz.1.532'.
[  137.973091][ T7786] netlink: 28 bytes leftover after parsing attributes in process `syz.2.533'.
[  137.982269][ T7786] netlink: 28 bytes leftover after parsing attributes in process `syz.2.533'.
[  138.083368][ T7787] team0: Port device dummy0 removed
[  138.264292][ T7792] tipc: Started in network mode
[  138.269927][ T7792] tipc: Node identity 00000000000000000000ffffac14142, cluster identity 4711
[  138.284899][ T7792] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  138.308114][ T7793] IPVS: Error connecting to the multicast addr
[  138.615297][ T7800] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  138.683812][ T7659] Set syz1 is full, maxelem 65536 reached
[  138.960084][ T7811] netlink: del zone limit has 4 unknown bytes
[  139.091744][ T7815] netlink: 312 bytes leftover after parsing attributes in process `syz.3.541'.
[  139.154874][ T7821] netlink: 12 bytes leftover after parsing attributes in process `syz.1.543'.
[  139.711295][ T7839] IPVS: Error connecting to the multicast addr
[  139.777055][ T7835] xt_CT: No such helper "snmp"
[  139.993342][ T7851] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  140.058339][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.2.556'.
[  140.393867][ T7869] netlink: 232 bytes leftover after parsing attributes in process `syz.2.561'.
[  140.675761][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  140.683056][ T7856] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  141.035529][ T7893] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  141.103847][ T7900] lo speed is unknown, defaulting to 1000
[  141.420196][ T7914] netlink: 'syz.2.579': attribute type 1 has an invalid length.
[  141.452863][ T7912] __nla_validate_parse: 6 callbacks suppressed
[  141.452883][ T7912] netlink: 8 bytes leftover after parsing attributes in process `syz.0.577'.
[  141.456013][ T7914] bond1: entered promiscuous mode
[  141.473696][ T7914] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.532089][ T7914] bond1: (slave bridge1): making interface the new active one
[  141.567035][ T7914] bridge1: entered promiscuous mode
[  141.576948][ T7914] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  141.662468][ T7922] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  141.738123][ T7928] netlink: 4 bytes leftover after parsing attributes in process `syz.4.582'.
[  141.903103][ T7936] netlink: 44 bytes leftover after parsing attributes in process `syz.3.585'.
[  142.032292][ T7936] netlink: 16 bytes leftover after parsing attributes in process `syz.3.585'.
[  142.052115][   T30] audit: type=1800 audit(1742995195.816:4): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.588" name="memory.events" dev="tmpfs" ino=571 res=0 errno=0
[  142.116557][   T30] audit: type=1804 audit(1742995195.876:5): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.588" name="memory.events" dev="tmpfs" ino=571 res=1 errno=0
[  142.159326][ T7936] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  142.177936][ T7943] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  142.193435][ T7943] bond1: left promiscuous mode
[  142.198548][ T7943] bridge1: left promiscuous mode
[  142.279630][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.588'.
[  142.315814][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.588'.
[  142.366747][ T7948] netlink: 48 bytes leftover after parsing attributes in process `syz.3.590'.
[  142.422122][ T7948] netlink: 12 bytes leftover after parsing attributes in process `syz.3.590'.
[  142.654288][ T7956] vti0: left promiscuous mode
[  143.075934][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  143.463373][ T7960] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  143.601424][ T7992] netlink: 512 bytes leftover after parsing attributes in process `syz.4.603'.
[  143.627231][ T7999] x_tables: duplicate underflow at hook 3
[  143.648162][ T7998] netlink: 16 bytes leftover after parsing attributes in process `syz.0.607'.
[  143.757171][ T8004] warning: `syz.0.607' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  143.877881][ T8007] lo speed is unknown, defaulting to 1000
[  143.893368][ T8007] lo speed is unknown, defaulting to 1000
[  143.901458][ T8007] lo speed is unknown, defaulting to 1000
[  144.199631][ T8007] infiniband syz0: set down
[  144.204572][ T8007] infiniband syz0: added lo
[  144.230279][ T8015] netlink: 'syz.3.612': attribute type 39 has an invalid length.
[  144.231485][ T5887] lo speed is unknown, defaulting to 1000
[  144.255054][ T8007] RDS/IB: syz0: added
[  144.260125][ T8007] smc: adding ib device syz0 with port count 1
[  144.267039][ T8007] smc:    ib device syz0 port 1 has pnetid 
[  144.319227][ T8017] macvlan2: entered promiscuous mode
[  144.324881][ T8017] macvlan2: entered allmulticast mode
[  144.331337][ T8017] bond0: entered allmulticast mode
[  144.341739][ T8017] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  144.352349][ T8017] team0: Port device macvlan2 added
[  144.366517][ T8007] lo speed is unknown, defaulting to 1000
[  144.405282][ T5887] lo speed is unknown, defaulting to 1000
[  144.834461][ T8007] lo speed is unknown, defaulting to 1000
[  144.928774][ T8028] vlan2: entered promiscuous mode
[  145.157612][ T8007] lo speed is unknown, defaulting to 1000
[  145.350229][ T8033] xt_hashlimit: size too large, truncated to 1048576
[  145.456283][ T8007] lo speed is unknown, defaulting to 1000
[  145.583686][ T8026] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  145.744365][ T8007] lo speed is unknown, defaulting to 1000
[  146.408596][ T8046] vcan2: entered promiscuous mode
[  146.413708][ T8046] vcan2: entered allmulticast mode
[  146.625931][ T8052] lo speed is unknown, defaulting to 1000
[  146.652177][ T8052] lo speed is unknown, defaulting to 1000
[  146.731266][ T8059] FAULT_INJECTION: forcing a failure.
[  146.731266][ T8059] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  146.785581][ T8059] CPU: 1 UID: 0 PID: 8059 Comm: syz.2.630 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  146.785615][ T8059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  146.785628][ T8059] Call Trace:
[  146.785635][ T8059]  <TASK>
[  146.785644][ T8059]  dump_stack_lvl+0x241/0x360
[  146.785677][ T8059]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.785701][ T8059]  ? __pfx__printk+0x10/0x10
[  146.785725][ T8059]  ? validate_chain+0x11e/0x5920
[  146.785755][ T8059]  should_fail_ex+0x40a/0x550
[  146.785793][ T8059]  prepare_alloc_pages+0x1da/0x5b0
[  146.785826][ T8059]  __alloc_frozen_pages_noprof+0x16f/0x710
[  146.785853][ T8059]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  146.785898][ T8059]  alloc_pages_mpol+0x311/0x660
[  146.785931][ T8059]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  146.785970][ T8059]  vma_alloc_folio_noprof+0x12b/0x260
[  146.786002][ T8059]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  146.786035][ T8059]  ? do_raw_spin_unlock+0x13c/0x8b0
[  146.786067][ T8059]  folio_prealloc+0x2e/0x170
[  146.786090][ T8059]  do_wp_page+0x1253/0x49b0
[  146.786136][ T8059]  ? __pfx_do_wp_page+0x10/0x10
[  146.786183][ T8059]  ? __pfx_lock_acquire+0x10/0x10
[  146.786213][ T8059]  ? rcu_is_watching+0x15/0xb0
[  146.786241][ T8059]  ? do_raw_spin_lock+0x14f/0x370
[  146.786268][ T8059]  ? __pfx____pte_offset_map+0x10/0x10
[  146.786319][ T8059]  __handle_mm_fault+0x2303/0x6ef0
[  146.786350][ T8059]  ? mark_lock+0x9a/0x360
[  146.786399][ T8059]  ? __pfx___handle_mm_fault+0x10/0x10
[  146.786455][ T8059]  ? mt_find+0x2a9/0x920
[  146.786487][ T8059]  ? __pfx_lock_release+0x10/0x10
[  146.786530][ T8059]  ? mt_find+0x2a9/0x920
[  146.786568][ T8059]  ? mt_find+0x6c8/0x920
[  146.786602][ T8059]  ? mt_find+0x2a9/0x920
[  146.786636][ T8059]  ? __pfx_mt_find+0x10/0x10
[  146.786687][ T8059]  ? find_vma+0xf9/0x170
[  146.786705][ T8059]  ? __pfx_find_vma+0x10/0x10
[  146.786721][ T8059]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  146.786756][ T8059]  handle_mm_fault+0x3e5/0x8d0
[  146.786798][ T8059]  exc_page_fault+0x2b9/0x8b0
[  146.786834][ T8059]  asm_exc_page_fault+0x26/0x30
[  146.786861][ T8059] RIP: 0010:__put_user_nocheck_4+0x7/0x20
[  146.786893][ T8059] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00
[  146.786908][ T8059] RSP: 0018:ffffc9000b8378f8 EFLAGS: 00050202
[  146.786927][ T8059] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000006030
[  146.786940][ T8059] RDX: ffff88805a1dbc00 RSI: 0000000000000162 RDI: 00000000ffffffff
[  146.786953][ T8059] RBP: ffffc9000b837a70 R08: ffffffff89c11abf R09: 1ffffffff207a54e
[  146.786967][ T8059] R10: dffffc0000000000 R11: fffffbfff207a54f R12: 0000200000006000
[  146.786982][ T8059] R13: 0000000000000162 R14: 0000000000000000 R15: ffffc9000b837d00
[  146.787002][ T8059]  ? ____sys_recvmsg+0x28f/0x480
[  146.787037][ T8059]  ____sys_recvmsg+0x2a7/0x480
[  146.787073][ T8059]  ? __pfx_____sys_recvmsg+0x10/0x10
[  146.787111][ T8059]  ? do_recvmmsg+0x44e/0xab0
[  146.787138][ T8059]  ? __might_fault+0xaa/0x120
[  146.787169][ T8059]  do_recvmmsg+0x426/0xab0
[  146.787207][ T8059]  ? __pfx_do_recvmmsg+0x10/0x10
[  146.787256][ T8059]  ? ksys_write+0x22a/0x2b0
[  146.787279][ T8059]  ? __pfx_lock_release+0x10/0x10
[  146.787317][ T8059]  ? sb_end_write+0xe9/0x1c0
[  146.787347][ T8059]  ? vfs_write+0x7fa/0xd10
[  146.787372][ T8059]  ? __mutex_unlock_slowpath+0x227/0x800
[  146.787413][ T8059]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  146.787444][ T8059]  ? __fget_files+0x2a/0x410
[  146.787490][ T8059]  __x64_sys_recvmmsg+0x199/0x250
[  146.787520][ T8059]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  146.787550][ T8059]  ? do_syscall_64+0x100/0x230
[  146.787584][ T8059]  ? do_syscall_64+0xb6/0x230
[  146.787619][ T8059]  do_syscall_64+0xf3/0x230
[  146.787650][ T8059]  ? clear_bhb_loop+0x35/0x90
[  146.787682][ T8059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.787709][ T8059] RIP: 0033:0x7f1fa558d169
[  146.787726][ T8059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.787742][ T8059] RSP: 002b:00007f1fa33f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  146.787760][ T8059] RAX: ffffffffffffffda RBX: 00007f1fa57a5fa0 RCX: 00007f1fa558d169
[  146.787775][ T8059] RDX: 0000000000001003 RSI: 00002000000048c0 RDI: 0000000000000006
[  146.787787][ T8059] RBP: 00007f1fa33f6090 R08: 0000000000000000 R09: 0000000000000000
[  146.787799][ T8059] R10: 0000000000010122 R11: 0000000000000246 R12: 0000000000000002
[  146.787810][ T8059] R13: 0000000000000000 R14: 00007f1fa57a5fa0 R15: 00007ffe5a46a618
[  146.787840][ T8059]  </TASK>
[  147.478371][ T8047] __nla_validate_parse: 2 callbacks suppressed
[  147.478390][ T8047] netlink: 28 bytes leftover after parsing attributes in process `syz.0.624'.
[  147.553463][ T8047] netlink: 'syz.0.624': attribute type 7 has an invalid length.
[  147.591094][ T8047] netlink: 'syz.0.624': attribute type 8 has an invalid length.
[  147.611594][ T8066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.632'.
[  147.628138][ T8047] netlink: 4 bytes leftover after parsing attributes in process `syz.0.624'.
[  147.635715][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  147.850801][ T7991] Set syz1 is full, maxelem 65536 reached
[  148.234170][ T8063] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  148.342135][ T8077] netlink: 12 bytes leftover after parsing attributes in process `syz.2.636'.
[  148.464615][ T8083] netlink: 'syz.4.639': attribute type 1 has an invalid length.
[  148.522920][ T8083] bond2: entered promiscuous mode
[  148.546196][ T8083] 8021q: adding VLAN 0 to HW filter on device bond2
[  148.590019][ T8090] bond2: (slave bridge3): making interface the new active one
[  148.638881][ T8090] bridge3: entered promiscuous mode
[  148.662744][ T8090] bond2: (slave bridge3): Enslaving as an active interface with an up link
[  149.155938][ T8111] x_tables: ip_tables: policy.0 match: invalid size 312 (kernel) != (user) 32
[  149.222082][ T8113] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  149.296667][   T10] IPVS: starting estimator thread 0...
[  149.416556][ T8117] IPVS: using max 21 ests per chain, 50400 per kthread
[  149.500916][ T8125] netlink: 48 bytes leftover after parsing attributes in process `syz.1.653'.
[  149.681533][ T8132] netlink: 4 bytes leftover after parsing attributes in process `syz.2.656'.
[  150.049197][ T8139] xt_hashlimit: size too large, truncated to 1048576
[  150.088597][ T8141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.659'.
[  150.108002][ T8144] xt_hashlimit: size too large, truncated to 1048576
[  150.163764][ T8146] 
: renamed from bond0
[  150.520169][ T8148] netlink: 8 bytes leftover after parsing attributes in process `syz.2.661'.
[  150.582016][ T8157] vcan1: left promiscuous mode
[  150.587488][ T8157] vcan1: left allmulticast mode
[  150.594594][ T8157] bond0: left allmulticast mode
[  150.601057][ T8157] macvlan2: left promiscuous mode
[  150.606502][ T8157] macvlan2: left allmulticast mode
[  150.612629][ T8157] vcan2: left promiscuous mode
[  150.617670][ T8157] vcan2: left allmulticast mode
[  150.881581][ T8166] netlink: 16 bytes leftover after parsing attributes in process `syz.1.667'.
[  151.133850][ T8176] netlink: 24 bytes leftover after parsing attributes in process `syz.1.670'.
[  151.155313][ T8176] netlink: 'syz.1.670': attribute type 1 has an invalid length.
[  151.317546][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  151.324404][ T8123] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  151.360534][ T8152] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  151.485052][ T8189] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  152.559176][ T8240] netlink: 'syz.0.690': attribute type 1 has an invalid length.
[  152.582966][ T8240] bond0: entered promiscuous mode
[  152.636302][ T8240] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.664546][ T8242] bond0: (slave bridge3): making interface the new active one
[  152.673816][ T8242] bridge3: entered promiscuous mode
[  152.699430][ T8242] bond0: (slave bridge3): Enslaving as an active interface with an up link
[  152.979309][ T8251] __nla_validate_parse: 3 callbacks suppressed
[  152.979331][ T8251] netlink: 32 bytes leftover after parsing attributes in process `syz.0.694'.
[  153.163974][ T8255] xt_CT: You must specify a L4 protocol and not use inversions on it
[  153.316918][ T8260] netlink: 'syz.3.699': attribute type 72 has an invalid length.
[  153.332771][ T8260] netlink: 120 bytes leftover after parsing attributes in process `syz.3.699'.
[  153.440111][ T8257] lo speed is unknown, defaulting to 1000
[  153.468195][ T8257] lo speed is unknown, defaulting to 1000
[  153.559401][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  153.664450][ T8239] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  153.674603][ T8245] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  153.927721][ T8268] netlink: 4 bytes leftover after parsing attributes in process `syz.3.700'.
[  154.295323][ T8275] FAULT_INJECTION: forcing a failure.
[  154.295323][ T8275] name failslab, interval 1, probability 0, space 0, times 0
[  154.328777][ T8275] CPU: 0 UID: 0 PID: 8275 Comm: syz.2.705 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  154.328808][ T8275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  154.328820][ T8275] Call Trace:
[  154.328827][ T8275]  <TASK>
[  154.328836][ T8275]  dump_stack_lvl+0x241/0x360
[  154.328878][ T8275]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.328902][ T8275]  ? __pfx__printk+0x10/0x10
[  154.328926][ T8275]  ? fs_reclaim_acquire+0x93/0x130
[  154.328950][ T8275]  ? __pfx___might_resched+0x10/0x10
[  154.328978][ T8275]  ? dynamic_dname+0x144/0x1b0
[  154.329003][ T8275]  should_fail_ex+0x40a/0x550
[  154.329040][ T8275]  should_failslab+0xac/0x100
[  154.329072][ T8275]  __kmalloc_noprof+0xdd/0x4c0
[  154.329101][ T8275]  ? tomoyo_encode+0x26f/0x540
[  154.329128][ T8275]  tomoyo_encode+0x26f/0x540
[  154.329151][ T8275]  ? __pfx_sockfs_dname+0x10/0x10
[  154.329186][ T8275]  tomoyo_realpath_from_path+0x59e/0x5e0
[  154.329222][ T8275]  tomoyo_path_number_perm+0x239/0x770
[  154.329253][ T8275]  ? __lock_acquire+0x1397/0x2100
[  154.329288][ T8275]  ? tomoyo_path_number_perm+0x209/0x770
[  154.329321][ T8275]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  154.329400][ T8275]  ? __fget_files+0x2a/0x410
[  154.329435][ T8275]  ? __fget_files+0x2a/0x410
[  154.329471][ T8275]  security_file_ioctl+0xc6/0x2a0
[  154.329502][ T8275]  __se_sys_ioctl+0x46/0x170
[  154.329528][ T8275]  do_syscall_64+0xf3/0x230
[  154.329561][ T8275]  ? clear_bhb_loop+0x35/0x90
[  154.329595][ T8275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.329623][ T8275] RIP: 0033:0x7f1fa558d169
[  154.329641][ T8275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.329658][ T8275] RSP: 002b:00007f1fa33f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.329680][ T8275] RAX: ffffffffffffffda RBX: 00007f1fa57a5fa0 RCX: 00007f1fa558d169
[  154.329694][ T8275] RDX: 0000200000002280 RSI: 0000000000008943 RDI: 0000000000000005
[  154.329707][ T8275] RBP: 00007f1fa33f6090 R08: 0000000000000000 R09: 0000000000000000
[  154.329719][ T8275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.329731][ T8275] R13: 0000000000000000 R14: 00007f1fa57a5fa0 R15: 00007ffe5a46a618
[  154.329762][ T8275]  </TASK>
[  154.371614][ T8275] ERROR: Out of memory at tomoyo_realpath_from_path.
[  154.645110][ T8285] netlink: 8 bytes leftover after parsing attributes in process `syz.0.709'.
[  154.734579][ T8290] netlink: 120 bytes leftover after parsing attributes in process `syz.3.710'.
[  154.850645][ T8292] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  155.215894][ T8305] netlink: 12 bytes leftover after parsing attributes in process `syz.2.716'.
[  155.475938][ T8312] netlink: 68 bytes leftover after parsing attributes in process `syz.4.719'.
[  155.712089][ T8327] netlink: 120 bytes leftover after parsing attributes in process `syz.3.723'.
[  156.916991][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  156.934403][ T8294] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  157.293659][ T8329] vlan0: entered promiscuous mode
[  157.311687][ T8329] bond0: entered promiscuous mode
[  157.420111][ T8343] netlink: 'syz.3.726': attribute type 10 has an invalid length.
[  157.489655][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.0.727'.
[  157.494918][ T8348] smc: ib device syz0 ibport 1 applied user defined pnetid SYZ1
[  157.518327][ T8347] netlink: 2 bytes leftover after parsing attributes in process `syz.0.727'.
[  157.938628][ T8366] FAULT_INJECTION: forcing a failure.
[  157.938628][ T8366] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  157.952965][ T8366] CPU: 0 UID: 0 PID: 8366 Comm: syz.4.734 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  157.952993][ T8366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  157.953006][ T8366] Call Trace:
[  157.953015][ T8366]  <TASK>
[  157.953023][ T8366]  dump_stack_lvl+0x241/0x360
[  157.953054][ T8366]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.953077][ T8366]  ? __pfx__printk+0x10/0x10
[  157.953109][ T8366]  should_fail_ex+0x40a/0x550
[  157.953145][ T8366]  prepare_alloc_pages+0x1da/0x5b0
[  157.953176][ T8366]  __alloc_frozen_pages_noprof+0x16f/0x710
[  157.953203][ T8366]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  157.953238][ T8366]  ? __pfx_lock_release+0x10/0x10
[  157.953274][ T8366]  alloc_pages_mpol+0x311/0x660
[  157.953308][ T8366]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  157.953348][ T8366]  vma_alloc_folio_noprof+0x12b/0x260
[  157.953381][ T8366]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  157.953426][ T8366]  ? __anon_vma_prepare+0x3e5/0x4a0
[  157.953451][ T8366]  folio_prealloc+0x2e/0x170
[  157.953475][ T8366]  __handle_mm_fault+0x32e6/0x6ef0
[  157.953539][ T8366]  ? __pfx___handle_mm_fault+0x10/0x10
[  157.953587][ T8366]  ? mt_find+0x2a9/0x920
[  157.953620][ T8366]  ? __pfx_lock_release+0x10/0x10
[  157.953665][ T8366]  ? mt_find+0x2a9/0x920
[  157.953711][ T8366]  ? mt_find+0x6c8/0x920
[  157.953742][ T8366]  ? mt_find+0x2a9/0x920
[  157.953778][ T8366]  ? __pfx_mt_find+0x10/0x10
[  157.953829][ T8366]  ? find_vma+0xf9/0x170
[  157.953847][ T8366]  ? __pfx_find_vma+0x10/0x10
[  157.953869][ T8366]  handle_mm_fault+0x3e5/0x8d0
[  157.953912][ T8366]  exc_page_fault+0x2b9/0x8b0
[  157.953941][ T8366]  ? __might_fault+0xaa/0x120
[  157.953965][ T8366]  asm_exc_page_fault+0x26/0x30
[  157.953992][ T8366] RIP: 0010:__put_user_4+0x11/0x20
[  157.954023][ T8366] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  157.954039][ T8366] RSP: 0018:ffffc9001baf7708 EFLAGS: 00050202
[  157.954057][ T8366] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000000840
[  157.954070][ T8366] RDX: 0000000000000000 RSI: ffffffff8c2ac600 RDI: ffffffff8c80ffe0
[  157.954083][ T8366] RBP: 0000000000000000 R08: ffffffff903d2a77 R09: 1ffffffff207a54e
[  157.954096][ T8366] R10: dffffc0000000000 R11: fffffbfff207a54f R12: dffffc0000000000
[  157.954111][ T8366] R13: 1ffff9200375eef0 R14: 0000200000000840 R15: ffff888071e9d0e8
[  157.954143][ T8366]  bt_sock_ioctl+0x1f7/0x2c0
[  157.954172][ T8366]  sock_do_ioctl+0x158/0x460
[  157.954202][ T8366]  ? kernel_text_address+0xa7/0xe0
[  157.954229][ T8366]  ? __pfx_sock_do_ioctl+0x10/0x10
[  157.954257][ T8366]  ? arch_stack_walk+0xfd/0x150
[  157.954290][ T8366]  ? stack_trace_save+0x118/0x1d0
[  157.954320][ T8366]  sock_ioctl+0x626/0x8e0
[  157.954352][ T8366]  ? __pfx_sock_ioctl+0x10/0x10
[  157.954394][ T8366]  ? kasan_save_track+0x51/0x80
[  157.954415][ T8366]  ? kasan_save_track+0x3f/0x80
[  157.954435][ T8366]  ? kasan_save_free_info+0x40/0x50
[  157.954464][ T8366]  ? __kasan_slab_free+0x59/0x70
[  157.954485][ T8366]  ? kfree+0x196/0x430
[  157.954508][ T8366]  ? security_file_ioctl+0xc6/0x2a0
[  157.954534][ T8366]  ? __se_sys_ioctl+0x46/0x170
[  157.954553][ T8366]  ? do_syscall_64+0xf3/0x230
[  157.954582][ T8366]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.954608][ T8366]  ? __pfx_sock_ioctl+0x10/0x10
[  157.954638][ T8366]  do_vfs_ioctl+0xece/0x2770
[  157.954667][ T8366]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  157.954693][ T8366]  ? mark_lock+0x9a/0x360
[  157.954728][ T8366]  ? tomoyo_path_number_perm+0x209/0x770
[  157.954758][ T8366]  ? __pfx_lock_release+0x10/0x10
[  157.954793][ T8366]  ? tomoyo_path_number_perm+0x5dd/0x770
[  157.954824][ T8366]  ? tomoyo_path_number_perm+0x5dd/0x770
[  157.954858][ T8366]  ? tomoyo_path_number_perm+0x65d/0x770
[  157.954885][ T8366]  ? __lock_acquire+0x1397/0x2100
[  157.954918][ T8366]  ? tomoyo_path_number_perm+0x209/0x770
[  157.954949][ T8366]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  157.955040][ T8366]  ? __fget_files+0x2a/0x410
[  157.955074][ T8366]  ? __fget_files+0x2a/0x410
[  157.955114][ T8366]  __se_sys_ioctl+0x80/0x170
[  157.955151][ T8366]  do_syscall_64+0xf3/0x230
[  157.955181][ T8366]  ? clear_bhb_loop+0x35/0x90
[  157.955212][ T8366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.955238][ T8366] RIP: 0033:0x7f72def8d169
[  157.955255][ T8366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.955270][ T8366] RSP: 002b:00007f72dfe8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.955289][ T8366] RAX: ffffffffffffffda RBX: 00007f72df1a5fa0 RCX: 00007f72def8d169
[  157.955303][ T8366] RDX: 0000200000000840 RSI: 000000000000541b RDI: 0000000000000004
[  157.955315][ T8366] RBP: 00007f72dfe8f090 R08: 0000000000000000 R09: 0000000000000000
[  157.955327][ T8366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  157.955338][ T8366] R13: 0000000000000000 R14: 00007f72df1a5fa0 R15: 00007ffeabae9678
[  157.955367][ T8366]  </TASK>
[  158.490649][ T8370] __nla_validate_parse: 1 callbacks suppressed
[  158.490668][ T8370] netlink: 120 bytes leftover after parsing attributes in process `syz.1.736'.
[  158.525896][ T8372] netlink: 'syz.3.737': attribute type 10 has an invalid length.
[  158.589899][ T8375] bond0: (slave bridge1): Releasing backup interface
[  158.599078][ T8367] delete_channel: no stack
[  158.638096][ T8367] netlink: 312 bytes leftover after parsing attributes in process `syz.2.735'.
[  159.684558][ T8410] openvswitch: netlink: Key type 216 is out of range max 32
[  159.723537][ T8377] netlink: 200 bytes leftover after parsing attributes in process `syz.4.738'.
[  160.408381][ T8447] Driver unsupported XDP return value 0 on prog  (id 284) dev N/A, expect packet loss!
[  160.453949][ T8447] netlink: 4 bytes leftover after parsing attributes in process `syz.2.759'.
[  160.459477][ T8454] netlink: 20 bytes leftover after parsing attributes in process `syz.4.762'.
[  160.483757][ T8454] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  160.623975][ T8458] netlink: 40 bytes leftover after parsing attributes in process `syz.0.763'.
[  160.631571][ T8460] netlink: 24 bytes leftover after parsing attributes in process `syz.1.764'.
[  160.707200][ T8462] netlink: 'syz.2.765': attribute type 1 has an invalid length.
[  160.817128][ T8462] bond2: entered promiscuous mode
[  160.823035][ T8462] 8021q: adding VLAN 0 to HW filter on device bond2
[  160.832999][ T8472] netlink: 260 bytes leftover after parsing attributes in process `syz.0.769'.
[  160.892213][ T8473] bond2: (slave bridge3): making interface the new active one
[  160.900545][ T8473] bridge3: entered promiscuous mode
[  160.907994][ T8473] bond2: (slave bridge3): Enslaving as an active interface with an up link
[  160.918423][ T8471] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  160.990641][ T8480] netlink: 60 bytes leftover after parsing attributes in process `syz.3.770'.
[  161.068647][ T8483] netlink: 'syz.1.772': attribute type 9 has an invalid length.
[  161.199967][ T8487] bond2: left promiscuous mode
[  161.209676][ T8487] bridge3: left promiscuous mode
[  161.236063][ T8489] netlink: 'syz.3.775': attribute type 10 has an invalid length.
[  161.244046][ T8491] netlink: 'syz.3.775': attribute type 10 has an invalid length.
[  161.314742][ T8491] netlink: 12 bytes leftover after parsing attributes in process `syz.3.775'.
[  161.662682][ T8511] openvswitch: netlink: Flow actions attr not present in new flow.
[  161.729670][ T8509] lo speed is unknown, defaulting to 1000
[  161.736623][ T8509] lo speed is unknown, defaulting to 1000
[  162.639531][ T8539] CĂ: renamed from team_slave_0
[  162.660867][ T8539] netlink: 'syz.3.793': attribute type 3 has an invalid length.
[  162.685390][ T8539] A link change request failed with some changes committed already. Interface CĂ may have been left with an inconsistent configuration, please check.
[  162.742896][ T8545] netlink: del zone limit has 4 unknown bytes
[  162.793362][ T8539] lo speed is unknown, defaulting to 1000
[  162.817574][ T8539] lo speed is unknown, defaulting to 1000
[  162.834726][ T8546] xt_CT: No such helper "snmp"
[  162.976754][ T8551] netlink: 'syz.2.800': attribute type 4 has an invalid length.
[  162.999903][ T8551] netlink: 'syz.2.800': attribute type 4 has an invalid length.
[  163.005613][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  163.040860][ T8478] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  163.083652][ T8507] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  163.603826][ T8579] sit0: entered promiscuous mode
[  163.609245][ T8579] netlink: 'syz.0.810': attribute type 1 has an invalid length.
[  163.617149][ T8579] __nla_validate_parse: 5 callbacks suppressed
[  163.617166][ T8579] netlink: 1 bytes leftover after parsing attributes in process `syz.0.810'.
[  163.864587][ T8583] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  163.977508][ T8588] netlink: 24 bytes leftover after parsing attributes in process `syz.1.814'.
[  163.984496][ T8592] netlink: 48 bytes leftover after parsing attributes in process `syz.3.815'.
[  164.103955][ T8592] netlink: 12 bytes leftover after parsing attributes in process `syz.3.815'.
[  164.222867][ T8588] lo speed is unknown, defaulting to 1000
[  164.260279][ T8588] lo speed is unknown, defaulting to 1000
[  164.363650][ T8611] netlink: 232 bytes leftover after parsing attributes in process `syz.3.820'.
[  164.636598][ T8619] netlink: 24 bytes leftover after parsing attributes in process `syz.0.824'.
[  164.689176][ T8621] netlink: 20 bytes leftover after parsing attributes in process `syz.3.825'.
[  164.757108][ T8623] netlink: 24 bytes leftover after parsing attributes in process `syz.2.826'.
[  164.837280][ T8623] netlink: 16 bytes leftover after parsing attributes in process `syz.2.826'.
[  164.990102][ T8634] netlink: 'syz.2.830': attribute type 1 has an invalid length.
[  165.009900][ T8637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.829'.
[  165.099886][ T8634] bond3: entered promiscuous mode
[  165.105816][ T8634] 8021q: adding VLAN 0 to HW filter on device bond3
[  165.150181][ T8640] bond3: (slave bridge4): making interface the new active one
[  165.167078][ T8640] bridge4: entered promiscuous mode
[  165.173757][ T8640] bond3: (slave bridge4): Enslaving as an active interface with an up link
[  165.859856][ T8667] FAULT_INJECTION: forcing a failure.
[  165.859856][ T8667] name failslab, interval 1, probability 0, space 0, times 0
[  165.872889][ T8667] CPU: 1 UID: 0 PID: 8667 Comm: syz.3.840 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  165.872917][ T8667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  165.872929][ T8667] Call Trace:
[  165.872936][ T8667]  <TASK>
[  165.872945][ T8667]  dump_stack_lvl+0x241/0x360
[  165.872977][ T8667]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.873001][ T8667]  ? __pfx__printk+0x10/0x10
[  165.873025][ T8667]  ? fs_reclaim_acquire+0x93/0x130
[  165.873056][ T8667]  ? __pfx___might_resched+0x10/0x10
[  165.873082][ T8667]  ? dynamic_dname+0x144/0x1b0
[  165.873107][ T8667]  should_fail_ex+0x40a/0x550
[  165.873145][ T8667]  should_failslab+0xac/0x100
[  165.873175][ T8667]  __kmalloc_noprof+0xdd/0x4c0
[  165.873204][ T8667]  ? tomoyo_encode+0x26f/0x540
[  165.873231][ T8667]  tomoyo_encode+0x26f/0x540
[  165.873254][ T8667]  ? __pfx_sockfs_dname+0x10/0x10
[  165.873288][ T8667]  tomoyo_realpath_from_path+0x59e/0x5e0
[  165.873324][ T8667]  tomoyo_path_number_perm+0x239/0x770
[  165.873354][ T8667]  ? __lock_acquire+0x1397/0x2100
[  165.873390][ T8667]  ? tomoyo_path_number_perm+0x209/0x770
[  165.873422][ T8667]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.873497][ T8667]  ? __fget_files+0x2a/0x410
[  165.873531][ T8667]  ? __fget_files+0x2a/0x410
[  165.873568][ T8667]  security_file_ioctl+0xc6/0x2a0
[  165.873600][ T8667]  __se_sys_ioctl+0x46/0x170
[  165.873626][ T8667]  do_syscall_64+0xf3/0x230
[  165.873658][ T8667]  ? clear_bhb_loop+0x35/0x90
[  165.873691][ T8667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.873720][ T8667] RIP: 0033:0x7f418cd8d169
[  165.873739][ T8667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.873756][ T8667] RSP: 002b:00007f418db5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.873779][ T8667] RAX: ffffffffffffffda RBX: 00007f418cfa5fa0 RCX: 00007f418cd8d169
[  165.873795][ T8667] RDX: 0000200000001300 RSI: 000000000000541b RDI: 0000000000000004
[  165.873809][ T8667] RBP: 00007f418db5c090 R08: 0000000000000000 R09: 0000000000000000
[  165.873822][ T8667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.873834][ T8667] R13: 0000000000000000 R14: 00007f418cfa5fa0 R15: 00007ffeb006eb48
[  165.873865][ T8667]  </TASK>
[  165.873883][ T8667] ERROR: Out of memory at tomoyo_realpath_from_path.
[  165.892288][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  166.122631][ T8626] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  166.221254][ T8677] netlink: 'syz.0.845': attribute type 10 has an invalid length.
[  166.222727][ T8675] IPVS: Error connecting to the multicast addr
[  166.243387][ T8677] team0: Port device dummy0 added
[  166.868160][ T8696] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  167.220015][ T8701] netlink: 'syz.0.849': attribute type 1 has an invalid length.
[  167.498187][ T8688] netlink: 'syz.2.847': attribute type 6 has an invalid length.
[  167.509596][ T8688] netlink: 'syz.2.847': attribute type 7 has an invalid length.
[  167.517580][ T8688] netlink: 'syz.2.847': attribute type 8 has an invalid length.
[  167.859715][ T8718] sit0: left promiscuous mode
[  167.895269][ T8718] macvlan2: left promiscuous mode
[  167.921027][ T8718] macvlan2: left allmulticast mode
[  167.965344][ T8718] bond1: left promiscuous mode
[  167.991035][ T8718] bridge2: left promiscuous mode
[  168.032093][ T8718] bond0: left promiscuous mode
[  168.061287][ T8718] bridge3: left promiscuous mode
[  168.160679][ T8726] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  168.214642][ T8731] sctp: [Deprecated]: syz.0.861 (pid 8731) Use of int in max_burst socket option.
[  168.214642][ T8731] Use struct sctp_assoc_value instead
[  168.311292][ T8735] IPVS: Error connecting to the multicast addr
[  168.998345][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  169.005243][ T8714] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  169.012275][ T8721] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  169.055688][ T8752] netlink: 'syz.2.866': attribute type 3 has an invalid length.
[  169.078653][ T8755] x_tables: duplicate underflow at hook 2
[  169.091527][ T8756] __nla_validate_parse: 5 callbacks suppressed
[  169.091547][ T8756] netlink: 48 bytes leftover after parsing attributes in process `syz.0.867'.
[  169.134155][ T8742] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  169.161125][ T8765] bond0: option arp_interval: invalid value (18446744072034198015)
[  169.169796][ T8765] bond0: option arp_interval: allowed values 0 - 2147483647
[  169.198585][ T8752] netlink: 36 bytes leftover after parsing attributes in process `syz.2.866'.
[  169.219676][ T8765] netem: unknown loss type 0
[  169.224651][ T8765] netem: change failed
[  169.393612][ T8774] netlink: 16 bytes leftover after parsing attributes in process `syz.4.870'.
[  169.437964][ T8774] xt_l2tp: invalid flags combination: 4
[  169.649589][ T8785] vlan0: entered promiscuous mode
[  169.654698][ T8785] 
: entered promiscuous mode
[  170.029357][ T8802] xt_hashlimit: size too large, truncated to 1048576
[  170.173464][ T8808] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  170.218898][ T8810] xt_hashlimit: size too large, truncated to 1048576
[  170.328628][ T8813] bond2: left promiscuous mode
[  170.341972][ T8813] bridge3: left promiscuous mode
[  170.380639][ T8819] netlink: 'syz.1.882': attribute type 4 has an invalid length.
[  170.404890][ T8819] netlink: 'syz.1.882': attribute type 11 has an invalid length.
[  170.444614][ T8819] netlink: 224 bytes leftover after parsing attributes in process `syz.1.882'.
[  170.520193][ T8792] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  170.622945][ T8822] FAULT_INJECTION: forcing a failure.
[  170.622945][ T8822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.636776][ T8822] CPU: 1 UID: 0 PID: 8822 Comm: syz.3.888 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  170.636804][ T8822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  170.636816][ T8822] Call Trace:
[  170.636823][ T8822]  <TASK>
[  170.636831][ T8822]  dump_stack_lvl+0x241/0x360
[  170.636861][ T8822]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.636885][ T8822]  ? __pfx__printk+0x10/0x10
[  170.636912][ T8822]  ? snprintf+0xda/0x120
[  170.636940][ T8822]  should_fail_ex+0x40a/0x550
[  170.636977][ T8822]  _copy_to_user+0x31/0xb0
[  170.637009][ T8822]  simple_read_from_buffer+0xca/0x150
[  170.637060][ T8822]  proc_fail_nth_read+0x1e9/0x250
[  170.637094][ T8822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.637127][ T8822]  ? rw_verify_area+0x243/0x630
[  170.637149][ T8822]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.637181][ T8822]  vfs_read+0x1f8/0xb40
[  170.637204][ T8822]  ? fdget_pos+0x254/0x320
[  170.637236][ T8822]  ? __pfx___mutex_lock+0x10/0x10
[  170.637270][ T8822]  ? __pfx_vfs_read+0x10/0x10
[  170.637295][ T8822]  ? __fget_files+0x2a/0x410
[  170.637328][ T8822]  ? __fget_files+0x395/0x410
[  170.637357][ T8822]  ? __fget_files+0x2a/0x410
[  170.637399][ T8822]  ksys_read+0x18f/0x2b0
[  170.637424][ T8822]  ? __pfx_ksys_read+0x10/0x10
[  170.637447][ T8822]  ? do_syscall_64+0x100/0x230
[  170.637483][ T8822]  ? do_syscall_64+0xb6/0x230
[  170.637519][ T8822]  do_syscall_64+0xf3/0x230
[  170.637551][ T8822]  ? clear_bhb_loop+0x35/0x90
[  170.637584][ T8822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.637612][ T8822] RIP: 0033:0x7f418cd8bb7c
[  170.637630][ T8822] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  170.637647][ T8822] RSP: 002b:00007f418db5c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  170.637669][ T8822] RAX: ffffffffffffffda RBX: 00007f418cfa5fa0 RCX: 00007f418cd8bb7c
[  170.637684][ T8822] RDX: 000000000000000f RSI: 00007f418db5c0a0 RDI: 0000000000000003
[  170.637696][ T8822] RBP: 00007f418db5c090 R08: 0000000000000000 R09: 0000000000000000
[  170.637709][ T8822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  170.637721][ T8822] R13: 0000000000000000 R14: 00007f418cfa5fa0 R15: 00007ffeb006eb48
[  170.637759][ T8822]  </TASK>
[  170.965635][ T8828] netlink: 48 bytes leftover after parsing attributes in process `syz.0.887'.
[  171.095845][ T8837] netlink: 'syz.4.891': attribute type 10 has an invalid length.
[  171.183507][ T8840] team0: Port device dummy0 removed
[  171.226323][ T8840] bond1: (slave bridge1): Releasing backup interface
[  171.278832][ T8840] bond2: (slave bridge3): Releasing backup interface
[  171.338265][ T8846] netlink: 'syz.0.895': attribute type 13 has an invalid length.
[  171.602020][ T8846] macvtap0: entered promiscuous mode
[  171.614133][ T8846] macvtap0: refused to change device tx_queue_len
[  171.672311][ T8855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.896'.
[  171.949015][ T8867] bond0: entered promiscuous mode
[  171.955166][ T8867] batadv0: entered promiscuous mode
[  171.987517][ T8867] hsr2: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  172.005555][ T8867] hsr2: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  172.046123][ T8867] 8021q: adding VLAN 0 to HW filter on device hsr2
[  172.270085][ T8877] netlink: 20 bytes leftover after parsing attributes in process `syz.1.905'.
[  172.387489][ T8888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.906'.
[  172.415624][ T8888] netlink: 32 bytes leftover after parsing attributes in process `syz.4.906'.
[  172.469325][ T8888] gretap1: entered promiscuous mode
[  172.562524][ T8893] lo speed is unknown, defaulting to 1000
[  172.569659][ T8893] lo speed is unknown, defaulting to 1000
[  172.595595][   T56] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  173.723302][ T8915] FAULT_INJECTION: forcing a failure.
[  173.723302][ T8915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.739711][ T8915] CPU: 1 UID: 0 PID: 8915 Comm: syz.4.917 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  173.739746][ T8915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  173.739760][ T8915] Call Trace:
[  173.739767][ T8915]  <TASK>
[  173.739775][ T8915]  dump_stack_lvl+0x241/0x360
[  173.739811][ T8915]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.739834][ T8915]  ? __pfx__printk+0x10/0x10
[  173.739862][ T8915]  ? snprintf+0xda/0x120
[  173.739891][ T8915]  should_fail_ex+0x40a/0x550
[  173.739929][ T8915]  _copy_to_user+0x31/0xb0
[  173.739961][ T8915]  simple_read_from_buffer+0xca/0x150
[  173.739993][ T8915]  proc_fail_nth_read+0x1e9/0x250
[  173.740026][ T8915]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.740060][ T8915]  ? rw_verify_area+0x243/0x630
[  173.740081][ T8915]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.740113][ T8915]  vfs_read+0x1f8/0xb40
[  173.740136][ T8915]  ? fdget_pos+0x254/0x320
[  173.740168][ T8915]  ? __pfx___mutex_lock+0x10/0x10
[  173.740200][ T8915]  ? __pfx_vfs_read+0x10/0x10
[  173.740226][ T8915]  ? __fget_files+0x2a/0x410
[  173.740263][ T8915]  ? __fget_files+0x395/0x410
[  173.740298][ T8915]  ? __fget_files+0x2a/0x410
[  173.740339][ T8915]  ksys_read+0x18f/0x2b0
[  173.740364][ T8915]  ? __pfx_ksys_read+0x10/0x10
[  173.740388][ T8915]  ? do_syscall_64+0x100/0x230
[  173.740423][ T8915]  ? do_syscall_64+0xb6/0x230
[  173.740458][ T8915]  do_syscall_64+0xf3/0x230
[  173.740491][ T8915]  ? clear_bhb_loop+0x35/0x90
[  173.740523][ T8915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.740552][ T8915] RIP: 0033:0x7f72def8bb7c
[  173.740570][ T8915] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  173.740586][ T8915] RSP: 002b:00007f72dfe8f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  173.740607][ T8915] RAX: ffffffffffffffda RBX: 00007f72df1a5fa0 RCX: 00007f72def8bb7c
[  173.740622][ T8915] RDX: 000000000000000f RSI: 00007f72dfe8f0a0 RDI: 0000000000000004
[  173.740634][ T8915] RBP: 00007f72dfe8f090 R08: 0000000000000000 R09: 0000000000000000
[  173.740646][ T8915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.740658][ T8915] R13: 0000000000000000 R14: 00007f72df1a5fa0 R15: 00007ffeabae9678
[  173.740689][ T8915]  </TASK>
[  173.741339][ T8893] netlink: 28 bytes leftover after parsing attributes in process `syz.2.909'.
[  173.780049][ T8912] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  174.102745][ T8925] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  174.260436][ T8893] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  174.304624][ T8895] lo speed is unknown, defaulting to 1000
[  174.325721][ T8929] netlink: 'syz.3.920': attribute type 1 has an invalid length.
[  174.350991][ T8895] lo speed is unknown, defaulting to 1000
[  174.442748][ T8936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.923'.
[  174.676742][ T8944] netlink: 24 bytes leftover after parsing attributes in process `syz.0.926'.
[  174.834080][ T8944] lo speed is unknown, defaulting to 1000
[  174.847964][ T8944] lo speed is unknown, defaulting to 1000
[  174.862803][ T8950] netlink: 48 bytes leftover after parsing attributes in process `syz.1.928'.
[  174.922394][ T8952] netlink: 8 bytes leftover after parsing attributes in process `syz.4.929'.
[  174.942064][ T8952] netlink: 12 bytes leftover after parsing attributes in process `syz.4.929'.
[  175.003589][ T8952] tipc: Started in network mode
[  175.008727][ T8952] tipc: Node identity aaaaaaaaaaaa, cluster identity 4711
[  175.017658][ T8954] netlink: 211456 bytes leftover after parsing attributes in process `syz.1.930'.
[  175.028088][ T8952] tipc: Enabled bearer <eth:syz_tun>, priority 10
[  175.036025][ T8952] netlink: 14 bytes leftover after parsing attributes in process `syz.4.929'.
[  175.045281][ T8954] netlink: zone id is out of range
[  175.050648][ T8954] netlink: zone id is out of range
[  175.056778][ T8954] netlink: zone id is out of range
[  175.072382][ T8954] netlink: zone id is out of range
[  175.072903][ T8952] tipc: Disabling bearer <eth:syz_tun>
[  175.096950][ T8954] netlink: zone id is out of range
[  175.108337][ T8954] netlink: zone id is out of range
[  175.113578][ T8954] netlink: zone id is out of range
[  175.392016][ T8962] netlink: 156 bytes leftover after parsing attributes in process `syz.1.933'.
[  175.655976][ T8971] netlink: 48 bytes leftover after parsing attributes in process `syz.3.935'.
[  175.683727][ T8965] bond3: left promiscuous mode
[  175.694678][ T8970] netlink: 20 bytes leftover after parsing attributes in process `syz.1.936'.
[  175.732114][   T10] IPVS: starting estimator thread 0...
[  175.741635][ T8960] xt_CT: No such helper "snmp"
[  175.747441][ T8965] bridge4: left promiscuous mode
[  175.815385][ T8972] bridge0: port 1(gretap0) entered blocking state
[  175.825974][ T8974] IPVS: using max 19 ests per chain, 45600 per kthread
[  175.829637][ T8972] bridge0: port 1(gretap0) entered disabled state
[  175.849530][ T8972] gretap0: entered allmulticast mode
[  175.861119][ T8972] gretap0: left allmulticast mode
[  175.879803][ T8970] vlan2: entered promiscuous mode
[  175.885236][ T8970] batadv0: entered promiscuous mode
[  176.118525][ T8983] netlink: 'syz.2.938': attribute type 30 has an invalid length.
[  176.121509][ T8984] lo speed is unknown, defaulting to 1000
[  176.173177][ T8984] lo speed is unknown, defaulting to 1000
[  177.464007][ T9034] netlink: 'syz.3.954': attribute type 58 has an invalid length.
[  177.480451][ T8980] lo speed is unknown, defaulting to 1000
[  177.495405][ T9028] lo speed is unknown, defaulting to 1000
[  177.504660][ T8980] lo speed is unknown, defaulting to 1000
[  177.569258][ T9037] macvtap0: left promiscuous mode
[  177.982508][ T9028] lo speed is unknown, defaulting to 1000
[  178.278878][ T9057] macvtap1: entered promiscuous mode
[  178.305435][ T9057] bond0: entered promiscuous mode
[  178.330391][ T9057] bridge3: entered promiscuous mode
[  178.347433][ T9057] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  178.354913][ T9057] team0: Device macvtap1 failed to register rx_handler
[  178.378632][ T9057] bond0: left promiscuous mode
[  178.383467][ T9057] bridge3: left promiscuous mode
[  179.264768][ T9076] xt_nfacct: accounting object `syz1' does not exists
[  179.317185][ T9081] lo speed is unknown, defaulting to 1000
[  179.344452][ T9081] lo speed is unknown, defaulting to 1000
[  179.634706][ T9098] xt_hashlimit: max too large, truncated to 1048576
[  179.654902][ T9097] xt_hashlimit: max too large, truncated to 1048576
[  179.871069][ T9105] __nla_validate_parse: 13 callbacks suppressed
[  179.871090][ T9105] netlink: 16 bytes leftover after parsing attributes in process `syz.1.982'.
[  180.350844][ T9114] netlink: 56 bytes leftover after parsing attributes in process `syz.4.986'.
[  180.474107][ T9120] netlink: 24 bytes leftover after parsing attributes in process `syz.0.988'.
[  180.657483][ T9122] netlink: 12 bytes leftover after parsing attributes in process `syz.4.989'.
[  181.503993][ T9126] lo speed is unknown, defaulting to 1000
[  181.541876][ T9126] lo speed is unknown, defaulting to 1000
[  181.722421][ T9134] xt_CT: No such helper "snmp"
[  181.762077][ T9143] netlink: 'syz.4.995': attribute type 39 has an invalid length.
[  181.908169][ T9145] vlan2: entered promiscuous mode
[  182.276392][ T9150] net_ratelimit: 5 callbacks suppressed
[  182.276413][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.351813][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.371721][ T9153] netlink: 12 bytes leftover after parsing attributes in process `syz.3.999'.
[  182.388141][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.418851][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.452855][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.495115][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.570301][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.615800][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.642623][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.655146][ T9160] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1000'.
[  182.666055][ T9150] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  183.147713][ T9171] FAULT_INJECTION: forcing a failure.
[  183.147713][ T9171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.162795][ T9171] CPU: 0 UID: 0 PID: 9171 Comm: syz.1.1006 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  183.162825][ T9171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  183.162838][ T9171] Call Trace:
[  183.162845][ T9171]  <TASK>
[  183.162854][ T9171]  dump_stack_lvl+0x241/0x360
[  183.162899][ T9171]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.162924][ T9171]  ? __pfx__printk+0x10/0x10
[  183.162948][ T9171]  ? __pfx_lock_release+0x10/0x10
[  183.162991][ T9171]  should_fail_ex+0x40a/0x550
[  183.163029][ T9171]  _copy_from_user+0x2d/0xb0
[  183.163060][ T9171]  copy_msghdr_from_user+0xae/0x680
[  183.163093][ T9171]  ? __pfx___might_resched+0x10/0x10
[  183.163126][ T9171]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  183.163165][ T9171]  ? do_recvmmsg+0x44e/0xab0
[  183.163193][ T9171]  ? __might_fault+0xaa/0x120
[  183.163220][ T9171]  do_recvmmsg+0x3bd/0xab0
[  183.163260][ T9171]  ? __pfx_do_recvmmsg+0x10/0x10
[  183.163311][ T9171]  ? ksys_write+0x22a/0x2b0
[  183.163335][ T9171]  ? __pfx_lock_release+0x10/0x10
[  183.163374][ T9171]  ? sb_end_write+0xe9/0x1c0
[  183.163406][ T9171]  ? vfs_write+0x7fa/0xd10
[  183.163432][ T9171]  ? __mutex_unlock_slowpath+0x227/0x800
[  183.163476][ T9171]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  183.163508][ T9171]  ? __fget_files+0x2a/0x410
[  183.163556][ T9171]  __x64_sys_recvmmsg+0x199/0x250
[  183.163587][ T9171]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  183.163618][ T9171]  ? do_syscall_64+0x100/0x230
[  183.163652][ T9171]  ? do_syscall_64+0xb6/0x230
[  183.163687][ T9171]  do_syscall_64+0xf3/0x230
[  183.163720][ T9171]  ? clear_bhb_loop+0x35/0x90
[  183.163754][ T9171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.163782][ T9171] RIP: 0033:0x7fe0e0d8d169
[  183.163817][ T9171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.163833][ T9171] RSP: 002b:00007fe0e1c8a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  183.163866][ T9171] RAX: ffffffffffffffda RBX: 00007fe0e0fa5fa0 RCX: 00007fe0e0d8d169
[  183.163882][ T9171] RDX: 0000000000001003 RSI: 00002000000048c0 RDI: 0000000000000006
[  183.163895][ T9171] RBP: 00007fe0e1c8a090 R08: 0000000000000000 R09: 0000000000000000
[  183.163907][ T9171] R10: 0000000000010122 R11: 0000000000000246 R12: 0000000000000002
[  183.163919][ T9171] R13: 0000000000000000 R14: 00007fe0e0fa5fa0 R15: 00007ffd15173448
[  183.163950][ T9171]  </TASK>
[  183.445003][ T9173] netlink: 'syz.4.1007': attribute type 10 has an invalid length.
[  183.459604][ T9173] team0: Port device dummy0 added
[  183.570371][ T9173] team0: Port device dummy0 removed
[  183.914310][ T9184] gretap1: left promiscuous mode
[  184.029182][ T9191] netlink: 632 bytes leftover after parsing attributes in process `syz.0.1014'.
[  184.076896][ T9191] lo speed is unknown, defaulting to 1000
[  184.083845][ T9191] lo speed is unknown, defaulting to 1000
[  184.242418][ T9201] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1017'.
[  184.302611][ T9203] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1018'.
[  184.317109][ T9205] netlink: 'syz.4.1019': attribute type 11 has an invalid length.
[  184.329994][ T9203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1018'.
[  184.355853][ T9203] netlink: 'syz.3.1018': attribute type 1 has an invalid length.
[  184.436636][ T9203] nbd: socks must be embedded in a SOCK_ITEM attr
[  184.444402][ T9203] block nbd0: shutting down sockets
[  184.506649][   T56] Bluetooth: hci4: link tx timeout
[  184.512156][   T56] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  185.442424][ T9232] team0: Port device macvlan2 removed
[  185.471124][ T9232] vlan0: entered promiscuous mode
[  185.516811][ T9232] xt_l2tp: invalid flags combination: c
[  185.908080][ T9242] sock: sock_timestamping_bind_phc: sock not bind to device
[  186.245643][ T9255] vlan0: left promiscuous mode
[  186.287929][ T9257] 8021q: VLANs not supported on wg1
[  186.380493][ T9260] __nla_validate_parse: 1 callbacks suppressed
[  186.380516][ T9260] netlink: 260 bytes leftover after parsing attributes in process `syz.0.1041'.
[  186.595831][ T5848] Bluetooth: hci4: command 0x0406 tx timeout
[  187.056474][ T9269] netlink: 120 bytes leftover after parsing attributes in process `syz.0.1044'.
[  187.323046][ T9277] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1046'.
[  187.709512][ T9282] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  187.885359][ T9290] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1052'.
[  188.735164][ T9300] net_ratelimit: 55 callbacks suppressed
[  188.735188][ T9300] netlink: del zone limit has 4 unknown bytes
[  189.019196][ T9304] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1058'.
[  189.065571][ T9304] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1058'.
[  191.118007][ T9304] erspan0: entered promiscuous mode
[  191.124422][ T9304] gretap0: entered promiscuous mode
[  191.130381][ T9304] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  191.138801][ T9304] Cannot create hsr debugfs directory
[  191.144318][ T9304] hsr1: Slave A (erspan0) is not up; please bring it up to get a fully working HSR network
[  191.175849][ T9304] hsr1: Slave B (gretap0) is not up; please bring it up to get a fully working HSR network
[  191.203481][ T9313] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1060'.
[  191.490505][ T9335] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1067'.
[  191.584955][ T9335] lo speed is unknown, defaulting to 1000
[  191.621758][ T9335] lo speed is unknown, defaulting to 1000
[  191.815846][ T9350] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  191.842696][ T9347] IPVS: set_ctl: invalid protocol: 44 224.0.0.2:256
[  192.033172][ T9356] xt_nfacct: accounting object `syz1' does not exists
[  192.277345][ T9360] IPVS: set_ctl: invalid protocol: 136 224.0.0.1:20001
[  192.757832][ T9375] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  193.302667][ T9395] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1089'.
[  193.362732][ T9395] x_tables: duplicate underflow at hook 2
[  193.642916][ T9409] netlink: 'syz.4.1091': attribute type 1 has an invalid length.
[  193.816011][ T9420] netlink: 'syz.2.1095': attribute type 10 has an invalid length.
[  193.844158][ T9420] team0: Port device dummy0 added
[  193.871331][ T9424] netlink: 'syz.1.1098': attribute type 1 has an invalid length.
[  193.912945][ T9424] 8021q: adding VLAN 0 to HW filter on device bond3
[  193.922047][ T9420] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1095'.
[  193.953067][ T9424] bond3: (slave gretap1): making interface the new active one
[  193.967170][ T9424] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  194.081628][ T9430] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1100'.
[  194.102718][ T9431] team0: Port device dummy0 removed
[  194.119877][ T9431] bond1: (slave bridge1): Releasing backup interface
[  194.152254][ T9431] bond2: (slave bridge3): Releasing backup interface
[  194.164121][ T9431] bond3: (slave bridge4): Releasing backup interface
[  194.488937][ T9444] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1105'.
[  194.502006][ T9444] xt_l2tp: invalid flags combination: 4
[  194.536050][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  194.542510][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  195.655035][ T9454] netlink: 'syz.2.1108': attribute type 7 has an invalid length.
[  195.670336][ T9454] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1108'.
[  196.608335][   T56] Bluetooth: hci3: command 0x0406 tx timeout
[  196.614474][   T56] Bluetooth: hci2: command 0x0406 tx timeout
[  196.621528][ T5846] Bluetooth: hci1: command 0x0406 tx timeout
[  196.728810][ T9472] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1115'.
[  196.738453][ T9473] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1115'.
[  196.749904][ T9472] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1115'.
[  196.759279][ T9472] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1115'.
[  196.768360][ T9472] netlink: 284 bytes leftover after parsing attributes in process `syz.1.1115'.
[  196.779863][ T9472] netlink: 516 bytes leftover after parsing attributes in process `syz.1.1115'.
[  197.017687][ T9491] vlan0: entered promiscuous mode
[  197.091561][ T9494] FAULT_INJECTION: forcing a failure.
[  197.091561][ T9494] name failslab, interval 1, probability 0, space 0, times 0
[  197.104636][ T9494] CPU: 1 UID: 0 PID: 9494 Comm: syz.2.1120 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  197.104692][ T9494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  197.104706][ T9494] Call Trace:
[  197.104713][ T9494]  <TASK>
[  197.104722][ T9494]  dump_stack_lvl+0x241/0x360
[  197.104755][ T9494]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.104779][ T9494]  ? __pfx__printk+0x10/0x10
[  197.104803][ T9494]  ? fs_reclaim_acquire+0x93/0x130
[  197.104827][ T9494]  ? __pfx___might_resched+0x10/0x10
[  197.104854][ T9494]  ? dynamic_dname+0x144/0x1b0
[  197.104879][ T9494]  should_fail_ex+0x40a/0x550
[  197.104918][ T9494]  should_failslab+0xac/0x100
[  197.104949][ T9494]  __kmalloc_noprof+0xdd/0x4c0
[  197.104977][ T9494]  ? tomoyo_encode+0x26f/0x540
[  197.105005][ T9494]  tomoyo_encode+0x26f/0x540
[  197.105029][ T9494]  ? __pfx_sockfs_dname+0x10/0x10
[  197.105064][ T9494]  tomoyo_realpath_from_path+0x59e/0x5e0
[  197.105101][ T9494]  tomoyo_path_number_perm+0x239/0x770
[  197.105132][ T9494]  ? __lock_acquire+0x1397/0x2100
[  197.105168][ T9494]  ? tomoyo_path_number_perm+0x209/0x770
[  197.105201][ T9494]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  197.105278][ T9494]  ? __fget_files+0x2a/0x410
[  197.105313][ T9494]  ? __fget_files+0x2a/0x410
[  197.105350][ T9494]  security_file_ioctl+0xc6/0x2a0
[  197.105381][ T9494]  __se_sys_ioctl+0x46/0x170
[  197.105408][ T9494]  do_syscall_64+0xf3/0x230
[  197.105448][ T9494]  ? clear_bhb_loop+0x35/0x90
[  197.105482][ T9494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.105511][ T9494] RIP: 0033:0x7f1fa558d169
[  197.105529][ T9494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.105546][ T9494] RSP: 002b:00007f1fa33f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  197.105567][ T9494] RAX: ffffffffffffffda RBX: 00007f1fa57a5fa0 RCX: 00007f1fa558d169
[  197.105582][ T9494] RDX: 0000200000001300 RSI: 000000000000541b RDI: 0000000000000004
[  197.105595][ T9494] RBP: 00007f1fa33f6090 R08: 0000000000000000 R09: 0000000000000000
[  197.105608][ T9494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.105620][ T9494] R13: 0000000000000000 R14: 00007f1fa57a5fa0 R15: 00007ffe5a46a618
[  197.105659][ T9494]  </TASK>
[  197.343523][ T9494] ERROR: Out of memory at tomoyo_realpath_from_path.
[  197.501152][ T9505] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1124'.
[  197.543979][ T9503] netlink: 'syz.2.1123': attribute type 10 has an invalid length.
[  197.617294][ T9507] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1125'.
[  197.700226][ T9507] lo speed is unknown, defaulting to 1000
[  197.710941][ T9507] lo speed is unknown, defaulting to 1000
[  197.721190][ T9511] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1127'.
[  197.928437][ T9495] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  198.010343][ T9522] FAULT_INJECTION: forcing a failure.
[  198.010343][ T9522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.049539][ T9524] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  198.076222][ T9522] CPU: 0 UID: 0 PID: 9522 Comm: syz.1.1129 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  198.076251][ T9522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  198.076264][ T9522] Call Trace:
[  198.076270][ T9522]  <TASK>
[  198.076278][ T9522]  dump_stack_lvl+0x241/0x360
[  198.076309][ T9522]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.076332][ T9522]  ? __pfx__printk+0x10/0x10
[  198.076354][ T9522]  ? __pfx_lock_release+0x10/0x10
[  198.076394][ T9522]  should_fail_ex+0x40a/0x550
[  198.076429][ T9522]  _copy_from_user+0x2d/0xb0
[  198.076459][ T9522]  copy_msghdr_from_user+0xae/0x680
[  198.076509][ T9522]  ? __pfx___might_resched+0x10/0x10
[  198.076542][ T9522]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  198.076581][ T9522]  ? do_recvmmsg+0x44e/0xab0
[  198.076608][ T9522]  ? __might_fault+0xaa/0x120
[  198.076635][ T9522]  do_recvmmsg+0x3bd/0xab0
[  198.076684][ T9522]  ? __pfx_do_recvmmsg+0x10/0x10
[  198.076734][ T9522]  ? ksys_write+0x22a/0x2b0
[  198.076758][ T9522]  ? __pfx_lock_release+0x10/0x10
[  198.076796][ T9522]  ? sb_end_write+0xe9/0x1c0
[  198.076828][ T9522]  ? vfs_write+0x7fa/0xd10
[  198.076854][ T9522]  ? __mutex_unlock_slowpath+0x227/0x800
[  198.076897][ T9522]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  198.076929][ T9522]  ? __fget_files+0x2a/0x410
[  198.076987][ T9522]  __x64_sys_recvmmsg+0x199/0x250
[  198.077018][ T9522]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  198.077047][ T9522]  ? do_syscall_64+0x100/0x230
[  198.077082][ T9522]  ? do_syscall_64+0xb6/0x230
[  198.077116][ T9522]  do_syscall_64+0xf3/0x230
[  198.077147][ T9522]  ? clear_bhb_loop+0x35/0x90
[  198.077180][ T9522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.077207][ T9522] RIP: 0033:0x7fe0e0d8d169
[  198.077225][ T9522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.077242][ T9522] RSP: 002b:00007fe0e1c8a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  198.077264][ T9522] RAX: ffffffffffffffda RBX: 00007fe0e0fa5fa0 RCX: 00007fe0e0d8d169
[  198.077279][ T9522] RDX: 0000000000001003 RSI: 00002000000048c0 RDI: 0000000000000006
[  198.077292][ T9522] RBP: 00007fe0e1c8a090 R08: 0000000000000000 R09: 0000000000000000
[  198.077304][ T9522] R10: 0000000000010122 R11: 0000000000000246 R12: 0000000000000003
[  198.077316][ T9522] R13: 0000000000000000 R14: 00007fe0e0fa5fa0 R15: 00007ffd15173448
[  198.077346][ T9522]  </TASK>
[  198.420037][ T9531] lo speed is unknown, defaulting to 1000
[  198.427063][ T9531] lo speed is unknown, defaulting to 1000
[  198.657673][ T9538] netlink: 'syz.2.1135': attribute type 10 has an invalid length.
[  198.679468][ T9538] 8021q: adding VLAN 0 to HW filter on device team0
[  198.687912][ T9538] team0: entered promiscuous mode
[  198.693497][ T9538] bond0: (slave team0): Enslaving as an active interface with an up link
[  199.047774][ T9548] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1138'.
[  199.212288][ T9530] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.592083][ T9569] netlink: 'syz.2.1147': attribute type 9 has an invalid length.
[  199.623951][ T9571] lo speed is unknown, defaulting to 1000
[  199.631066][ T9571] lo speed is unknown, defaulting to 1000
[  199.885578][ T9578] IPVS: Error connecting to the multicast addr
[  200.010427][ T9552] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  200.291452][ T9583] lo speed is unknown, defaulting to 1000
[  200.330763][ T9583] lo speed is unknown, defaulting to 1000
[  200.341496][ T9573] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.428384][ T9573] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.438565][ T9573] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.447062][ T9573] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.704403][ T9578] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  200.970951][ T9602] netlink: 'syz.1.1158': attribute type 1 has an invalid length.
[  201.019051][ T9602] bond4: entered promiscuous mode
[  201.024504][ T9602] 8021q: adding VLAN 0 to HW filter on device bond4
[  201.031940][ T9599] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  201.102465][ T9607] bond4: (slave bridge0): making interface the new active one
[  201.155644][ T9607] bridge0: entered promiscuous mode
[  201.218093][ T9607] bond4: (slave bridge0): Enslaving as an active interface with an up link
[  201.636100][ T5848] Bluetooth: hci4: command 0x0406 tx timeout
[  201.999709][ T9621] __nla_validate_parse: 3 callbacks suppressed
[  201.999731][ T9621] netlink: 372 bytes leftover after parsing attributes in process `syz.4.1163'.
[  202.094550][ T9641] bond4: left promiscuous mode
[  202.108424][ T9641] bridge0: left promiscuous mode
[  202.247022][ T9645] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  202.360186][ T9651] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1173'.
[  202.405146][ T9651] lo speed is unknown, defaulting to 1000
[  202.412050][ T9653] netlink: 'syz.3.1174': attribute type 10 has an invalid length.
[  202.423679][ T9651] lo speed is unknown, defaulting to 1000
[  202.455030][ T9653] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1174'.
[  202.571290][ T9661] xt_NFQUEUE: number of total queues is 0
[  202.755650][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  202.764775][ T9619] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  202.896445][ T9668] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1180'.
[  202.907194][ T9675] openvswitch: netlink: Message has 4 unknown bytes.
[  202.913950][ T9675] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  203.349853][ T9687] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1182'.
[  203.376967][ T9689] netlink: 'syz.3.1184': attribute type 1 has an invalid length.
[  203.460741][ T9689] bond1: entered promiscuous mode
[  203.481165][ T9689] 8021q: adding VLAN 0 to HW filter on device bond1
[  203.542366][ T9691] bond1: (slave bridge3): making interface the new active one
[  203.550168][ T9691] bridge3: entered promiscuous mode
[  203.559624][ T9691] bond1: (slave bridge3): Enslaving as an active interface with an up link
[  203.769366][ T9697] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  203.984567][ T9712] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  204.079421][ T9716] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1193'.
[  204.135051][ T9716] lo speed is unknown, defaulting to 1000
[  204.147135][ T9716] lo speed is unknown, defaulting to 1000
[  204.904532][ T9736] netlink: 512 bytes leftover after parsing attributes in process `syz.2.1198'.
[  206.031789][ T9753] netlink: 'syz.4.1205': attribute type 7 has an invalid length.
[  206.040739][ T5834] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  206.050018][ T9753] netlink: 176 bytes leftover after parsing attributes in process `syz.4.1205'.
[  206.061464][ T9740] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  206.161501][ T9759] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1208'.
[  206.327735][ T9767] xt_hashlimit: size too large, truncated to 1048576
[  206.610489][ T9744] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  206.794976][ T9780] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1212'.
[  206.885137][ T9780] lo speed is unknown, defaulting to 1000
[  206.897460][ T9786] netlink: 'syz.1.1215': attribute type 1 has an invalid length.
[  206.911679][ T9786] batadv1: entered promiscuous mode
[  206.918552][ T9786] batadv1: entered allmulticast mode
[  206.983670][ T9780] lo speed is unknown, defaulting to 1000
[  207.133668][ T9795] __nla_validate_parse: 1 callbacks suppressed
[  207.133689][ T9795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1218'.
[  207.184218][ T9795] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1218'.
[  207.239739][ T9795] netlink: 'syz.0.1218': attribute type 1 has an invalid length.
[  207.270441][ T9802] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1217'.
[  207.287434][ T9802] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1217'.
[  207.313850][ T9802] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1217'.
[  207.326875][ T9795] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1218'.
[  207.413466][ T9806] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1220'.
[  207.423252][ T9806] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1220'.
[  207.466416][ T5834] block nbd0: Receive control failed (result -107)
[  207.841867][ T9808] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1221'.
[  208.134426][ T9823] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1223'.
[  209.167993][ T9855] netlink: 'syz.3.1235': attribute type 58 has an invalid length.
[  209.434798][ T9859] lo speed is unknown, defaulting to 1000
[  209.457215][ T9859] lo speed is unknown, defaulting to 1000
[  209.461803][ T9861] lo speed is unknown, defaulting to 1000
[  209.628721][ T9861] lo speed is unknown, defaulting to 1000
[  209.830504][ T9868] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  209.890716][ T9868] vlan2: entered promiscuous mode
[  210.321659][ T9878] erspan0: entered promiscuous mode
[  210.398400][ T9878] gretap0: entered promiscuous mode
[  210.416326][ T9878] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  210.466163][ T9878] Cannot create hsr debugfs directory
[  210.489725][ T9878] hsr1: Slave A (erspan0) is not up; please bring it up to get a fully working HSR network
[  210.536209][ T9878] hsr1: Slave B (gretap0) is not up; please bring it up to get a fully working HSR network
[  210.872495][ T9896] netlink: 'syz.3.1249': attribute type 15 has an invalid length.
[  210.900881][ T9896] netlink: 'syz.3.1249': attribute type 6 has an invalid length.
[  212.425763][ T9939] __nla_validate_parse: 8 callbacks suppressed
[  212.425787][ T9939] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1262'.
[  213.347520][ T9965] syz.2.1272: vmalloc error: size 33558528, failed to allocated page array size 65544, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  213.376451][ T9965] CPU: 1 UID: 0 PID: 9965 Comm: syz.2.1272 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  213.376483][ T9965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  213.376495][ T9965] Call Trace:
[  213.376502][ T9965]  <TASK>
[  213.376511][ T9965]  dump_stack_lvl+0x241/0x360
[  213.376542][ T9965]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.376565][ T9965]  ? __pfx__printk+0x10/0x10
[  213.376601][ T9965]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  213.376630][ T9965]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  213.376660][ T9965]  warn_alloc+0x278/0x410
[  213.376687][ T9965]  ? __pfx_warn_alloc+0x10/0x10
[  213.376717][ T9965]  ? xskq_create+0xb6/0x170
[  213.376741][ T9965]  ? __get_vm_area_node+0x1c8/0x2d0
[  213.376771][ T9965]  ? __get_vm_area_node+0x25c/0x2d0
[  213.376811][ T9965]  __vmalloc_node_range_noprof+0x62f/0x1380
[  213.376863][ T9965]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  213.376890][ T9965]  ? __kasan_kmalloc+0x98/0xb0
[  213.376920][ T9965]  vmalloc_user_noprof+0x74/0x80
[  213.376942][ T9965]  ? xskq_create+0xb6/0x170
[  213.376965][ T9965]  xskq_create+0xb6/0x170
[  213.377009][ T9965]  xsk_init_queue+0xa1/0x100
[  213.377037][ T9965]  xsk_setsockopt+0x560/0x810
[  213.377064][ T9965]  ? __pfx_xsk_setsockopt+0x10/0x10
[  213.377088][ T9965]  ? __pfx_aa_sk_perm+0x10/0x10
[  213.377123][ T9965]  ? __pfx_lock_acquire+0x10/0x10
[  213.377153][ T9965]  ? aa_sock_opt_perm+0x79/0x120
[  213.377193][ T9965]  ? __pfx_xsk_setsockopt+0x10/0x10
[  213.377216][ T9965]  do_sock_setsockopt+0x3af/0x720
[  213.377248][ T9965]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  213.377279][ T9965]  ? __fget_files+0x395/0x410
[  213.377309][ T9965]  ? __fget_files+0x2a/0x410
[  213.377348][ T9965]  __x64_sys_setsockopt+0x1ee/0x280
[  213.377382][ T9965]  do_syscall_64+0xf3/0x230
[  213.377415][ T9965]  ? clear_bhb_loop+0x35/0x90
[  213.377448][ T9965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.377477][ T9965] RIP: 0033:0x7f1fa558d169
[  213.377496][ T9965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.377514][ T9965] RSP: 002b:00007f1fa33f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  213.377548][ T9965] RAX: ffffffffffffffda RBX: 00007f1fa57a5fa0 RCX: 00007f1fa558d169
[  213.377563][ T9965] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  213.377581][ T9965] RBP: 00007f1fa560e2a0 R08: 0000000000000004 R09: 0000000000000000
[  213.377594][ T9965] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[  213.377606][ T9965] R13: 0000000000000000 R14: 00007f1fa57a5fa0 R15: 00007ffe5a46a618
[  213.377637][ T9965]  </TASK>
[  213.377688][ T9965] Mem-Info:
[  213.529359][ T9965] active_anon:7493 inactive_anon:0 isolated_anon:0
[  213.529359][ T9965]  active_file:1792 inactive_file:38356 isolated_file:0
[  213.529359][ T9965]  unevictable:768 dirty:267 writeback:0
[  213.529359][ T9965]  slab_reclaimable:11791 slab_unreclaimable:112451
[  213.529359][ T9965]  mapped:28811 shmem:1433 pagetables:784
[  213.529359][ T9965]  sec_pagetables:0 bounce:0
[  213.529359][ T9965]  kernel_misc_reclaimable:0
[  213.529359][ T9965]  free:1308934 free_pcp:1721 free_cma:0
[  213.711502][ T9965] Node 0 active_anon:30572kB inactive_anon:0kB active_file:7168kB inactive_file:153352kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115244kB dirty:1068kB writeback:0kB shmem:4196kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11756kB pagetables:3136kB sec_pagetables:0kB all_unreclaimable? no
[  213.746162][ T9965] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  213.792392][ T9965] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  213.854400][ T9965] lowmem_reserve[]: 0 2489 2490 2490 2490
[  213.861750][ T9965] Node 0 DMA32 free:1312960kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:30736kB inactive_anon:0kB active_file:7168kB inactive_file:153024kB unevictable:1536kB writepending:1068kB present:3129332kB managed:2549656kB mlocked:0kB bounce:0kB free_pcp:7684kB local_pcp:6388kB free_cma:0kB
[  213.933079][ T9965] lowmem_reserve[]: 0 0 0 0 0
[  213.944400][ T9965] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  213.974165][ T9965] lowmem_reserve[]: 0 0 0 0 0
[  213.979135][ T9965] Node 1 Normal free:3906188kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  214.016079][ T9974] xt_NFQUEUE: number of total queues is 0
[  214.037282][ T9975] lo speed is unknown, defaulting to 1000
[  214.063344][ T9975] lo speed is unknown, defaulting to 1000
[  214.074644][ T9977] lo speed is unknown, defaulting to 1000
[  214.075609][ T9965] lowmem_reserve[]: 0 0 0 0 0
[  214.085193][ T9965] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  214.141172][ T9965] Node 0 DMA32: 1*4kB (E) 1*8kB (M) 327*16kB (UE) 7*32kB (UE) 193*64kB (UME) 116*128kB (UME) 83*256kB (UME) 39*512kB (UME) 17*1024kB (UME) 6*2048kB (UME) 295*4096kB (M) = 1311900kB
[  214.212864][ T9965] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  214.217410][ T9981] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1277'.
[  214.237790][ T9982] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1276'.
[  214.241471][ T9965] Node 1 Normal: 223*4kB (UME) 70*8kB (UME) 34*16kB (UME) 216*32kB (UME) 91*64kB (UME) 28*128kB (UME) 13*256kB (UM) 5*512kB (UM) 1*1024kB (M) 3*2048kB (U) 946*4096kB (ME) = 3906188kB
[  214.255703][ T9982] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1276'.
[  214.286315][ T9965] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  214.320664][ T9982] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1276'.
[  214.322240][ T9965] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  214.359322][ T9965] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  214.368626][ T9982] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1276'.
[  214.381680][ T9965] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  214.420800][ T9965] 41581 total pagecache pages
[  214.432486][ T9965] 0 pages in swap cache
[  214.437188][ T9965] Free swap  = 124996kB
[  214.441503][ T9965] Total swap = 124996kB
[  214.452434][ T9965] 2097051 pages RAM
[  214.457049][ T9965] 0 pages HighMem/MovableOnly
[  214.461768][ T9965] 427915 pages reserved
[  214.475594][ T9965] 0 pages cma reserved
[  214.612599][ T9977] lo speed is unknown, defaulting to 1000
[  215.069030][ T9993] netlink: 'syz.4.1280': attribute type 4 has an invalid length.
[  215.083511][ T9993] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1280'.
[  215.318526][T10009] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1283'.
[  215.601002][T10016] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  216.525902][T10039] netlink: 312 bytes leftover after parsing attributes in process `syz.0.1295'.
[  217.062981][ T5848]  non-paged memory
[  217.067936][ T5848] list_del corruption, ffff88802fe28e00->next is LIST_POISON1 (dead000000000100)
[  217.078681][ T5848] ------------[ cut here ]------------
[  217.084186][ T5848] kernel BUG at lib/list_debug.c:58!
[  217.089749][ T5848] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  217.096720][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: kworker/u9:6 Not tainted 6.14.0-rc7-syzkaller-01962-ga19f40d919ca #0
[  217.107590][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  217.117660][ T5848] Workqueue: hci4 hci_conn_timeout
[  217.122787][ T5848] RIP: 0010:__list_del_entry_valid_or_report+0x10f/0x190
[  217.129828][ T5848] Code: 60 03 81 8c 4c 89 fe e8 ef 53 2a fc 90 0f 0b 48 89 df e8 b4 8d 0a fd 48 c7 c7 c0 03 81 8c 4c 89 fe 48 89 da e8 d2 53 2a fc 90 <0f> 0b 48 89 df e8 97 8d 0a fd 48 c7 c7 20 04 81 8c 4c 89 fe 48 89
[  217.149615][ T5848] RSP: 0018:ffffc900040dfa28 EFLAGS: 00010246
[  217.155693][ T5848] RAX: 000000000000004e RBX: dead000000000100 RCX: dfdfec6995d0c700
[  217.163669][ T5848] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  217.171645][ T5848] RBP: ffff88802fe28e20 R08: ffffffff81a146fc R09: fffffbfff1d3a69c
[  217.179625][ T5848] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: dead000000000122
[  217.188557][ T5848] R13: dffffc0000000000 R14: dead000000000100 R15: ffff88802fe28e00
[  217.196539][ T5848] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  217.205477][ T5848] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  217.212149][ T5848] CR2: 0000001b30414ff8 CR3: 000000004d548000 CR4: 00000000003526f0
[  217.220145][ T5848] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  217.228122][ T5848] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  217.236110][ T5848] Call Trace:
[  217.239390][ T5848]  <TASK>
[  217.242317][ T5848]  ? __die_body+0x5f/0xb0
[  217.246656][ T5848]  ? die+0x9e/0xc0
[  217.250387][ T5848]  ? do_trap+0x15a/0x3a0
[  217.254634][ T5848]  ? __list_del_entry_valid_or_report+0x10f/0x190
[  217.261061][ T5848]  ? do_error_trap+0x1dc/0x2c0
[  217.265841][ T5848]  ? __list_del_entry_valid_or_report+0x10f/0x190
[  217.272271][ T5848]  ? __pfx_do_error_trap+0x10/0x10
[  217.277654][ T5848]  ? report_bug+0x3e8/0x500
[  217.282175][ T5848]  ? handle_invalid_op+0x34/0x40
[  217.287117][ T5848]  ? __list_del_entry_valid_or_report+0x10f/0x190
[  217.293547][ T5848]  ? exc_invalid_op+0x38/0x50
[  217.298228][ T5848]  ? asm_exc_invalid_op+0x1a/0x20
[  217.303264][ T5848]  ? __wake_up_klogd+0xcc/0x110
[  217.308126][ T5848]  ? __list_del_entry_valid_or_report+0x10f/0x190
[  217.314547][ T5848]  ? __list_del_entry_valid_or_report+0x10e/0x190
[  217.320976][ T5848]  hci_cmd_sync_dequeue_once+0x262/0x360
[  217.326617][ T5848]  hci_cancel_connect_sync+0xc3/0x120
[  217.332020][ T5848]  hci_abort_conn+0x194/0x330
[  217.336704][ T5848]  ? process_scheduled_works+0x9c6/0x18e0
[  217.342433][ T5848]  ? process_scheduled_works+0x9c6/0x18e0
[  217.348163][ T5848]  process_scheduled_works+0xabe/0x18e0
[  217.353727][ T5848]  ? __pfx_process_scheduled_works+0x10/0x10
[  217.359716][ T5848]  ? assign_work+0x364/0x3d0
[  217.364315][ T5848]  worker_thread+0x870/0xd30
[  217.368920][ T5848]  ? __kthread_parkme+0x169/0x1d0
[  217.373958][ T5848]  ? __pfx_worker_thread+0x10/0x10
[  217.379077][ T5848]  kthread+0x7a9/0x920
[  217.383148][ T5848]  ? __pfx_kthread+0x10/0x10
[  217.387740][ T5848]  ? __pfx_worker_thread+0x10/0x10
[  217.392856][ T5848]  ? __pfx_kthread+0x10/0x10
[  217.397443][ T5848]  ? __pfx_kthread+0x10/0x10
[  217.402035][ T5848]  ? __pfx_kthread+0x10/0x10
[  217.406620][ T5848]  ? _raw_spin_unlock_irq+0x23/0x50
[  217.411822][ T5848]  ? lockdep_hardirqs_on+0x99/0x150
[  217.417028][ T5848]  ? __pfx_kthread+0x10/0x10
[  217.421614][ T5848]  ret_from_fork+0x4b/0x80
[  217.426038][ T5848]  ? __pfx_kthread+0x10/0x10
[  217.430629][ T5848]  ret_from_fork_asm+0x1a/0x30
[  217.435408][ T5848]  </TASK>
[  217.438428][ T5848] Modules linked in:
[  217.443305][ T5848] ---[ end trace 0000000000000000 ]---
[  217.452595][ T5848] RIP: 0010:__list_del_entry_valid_or_report+0x10f/0x190
[  217.459721][ T5848] Code: 60 03 81 8c 4c 89 fe e8 ef 53 2a fc 90 0f 0b 48 89 df e8 b4 8d 0a fd 48 c7 c7 c0 03 81 8c 4c 89 fe 48 89 da e8 d2 53 2a fc 90 <0f> 0b 48 89 df e8 97 8d 0a fd 48 c7 c7 20 04 81 8c 4c 89 fe 48 89
[  217.479969][ T5848] RSP: 0018:ffffc900040dfa28 EFLAGS: 00010246
[  217.486225][ T5848] RAX: 000000000000004e RBX: dead000000000100 RCX: dfdfec6995d0c700
[  217.496585][ T5848] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  217.505056][ T5848] RBP: ffff88802fe28e20 R08: ffffffff81a146fc R09: fffffbfff1d3a69c
[  217.513704][ T5848] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: dead000000000122
[  217.521918][ T5848] R13: dffffc0000000000 R14: dead000000000100 R15: ffff88802fe28e00
[  217.530059][ T5848] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  217.539617][ T5848] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  217.546295][ T5848] CR2: 0000001b30414ff8 CR3: 000000004d548000 CR4: 00000000003526f0
[  217.554298][ T5848] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  217.562476][ T5848] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  217.571043][ T5848] Kernel panic - not syncing: Fatal exception
[  217.577476][ T5848] Kernel Offset: disabled
[  217.581804][ T5848] Rebooting in 86400 seconds..