last executing test programs:

5.982404371s ago: executing program 1 (id=3107):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000340)={&(0x7f0000000540)={0x2, 0x3, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x40000001}, @sadb_address={0x5, 0x5, 0x33, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010100}}}]}, 0x70}, 0x1, 0x7, 0xfffb}, 0x0)

5.765637253s ago: executing program 1 (id=3108):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000740)={0xffffffffffffffff, &(0x7f0000000780)="853e000080b7464a3c8b29f3f7a6d6dd0a1984142189eb52343fc0d4d5db811cc78d8eba3819d118b0c46b29980ccf9e87689c1a0bfdefb6b5d98f9efd4e09b83e1261b325f0d3e2ad6214f0f4b0213bb32273380bbfa12c68df15bc9267a48fe3fd01c1203f2372a1647878d5e8be2028e7f5311846dc9d996f8671873ad96949a96828671bebb2279f782df2", &(0x7f00000005c0)=@buf="26a239039dd90284b24a35de24f1097542700600f775344e8b0d6b96711e7152b075fd4dd2879387ba29a29ff7c6cf0be5001005ae8ead942c49097c41e4438aa0fcf46a3618c333ebc1", 0x4}, 0x20)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), r2)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r5 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x170, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x13c, 0x2, [@TCA_MATCHALL_ACT={0x130, 0x2, [@m_nat={0x12c, 0x4, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x4b1, 0xc, 0x6, 0x2, 0x5}, @broadcast, @private=0xa010100, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9c7, 0x1, 0x1, 0x6, 0x5}, @private=0xa010102, @multicast2}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x1, 0x5, 0x9, 0x1}, @multicast1, @empty, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x3ff, 0x4, 0x9, 0xd249}, @local, @rand_addr=0x64010102, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x101, 0x5, 0x5, 0xe}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0xffffffff, 0x1}}]}, {0x3c, 0x6, "8b000558693bb260aa69aa7d07b2c9a22552e220f504bf79bfc774a01659f058f3f93e85e97532feb8835cdc18612767179b8ee292ccbeeb"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x170}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0xc, &(0x7f0000000700)=0xf, 0x4)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000700000005000000000000120000000000000000020000020300000006000000020008000900000004000000000000000000000a0500000000000051006100"], 0x0, 0x53, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r8, 0x4018f50b, &(0x7f0000000200)={0x0, 0x9f6, 0x7})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r11=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000100)={r11, 0x0, 0x9, 0x2, 0x6, 0x7ff}, 0x14)
r12 = socket$netlink(0x10, 0x3, 0x14)
r13 = socket(0xf, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r13, 0x10e, 0xc, &(0x7f0000000980)={0x6}, 0x10)
sendmsg$nl_route(r13, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a0001002cbd70000000000002000000ee"], 0x2c}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="880000000314010000000000000000000900020073797a300000000008004100727865001400330064766d727030000000000000000000000900020073797a1e000000000800410072786500140033006e6963766630000000000000000000000900020073797a3100000000080041007369770014003300626f6e645f736c6176655f3100000000"], 0x88}}, 0x0)

4.153016597s ago: executing program 1 (id=3121):
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffee6}, &(0x7f0000000000)=0x1d)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$IMCTRLREQ(0xffffffffffffffff, 0x80044945, &(0x7f00000009c0)={0x4004, 0xfff, 0xff, 0x80000000})
socket$xdp(0x2c, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r3}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
sendmsg$netlink(r5, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000002c0)={0x18, 0x18, 0x2, 0x70bd2c, 0x25dfdbfe, "", [@typed={0x8, 0xb8, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x18}, {&(0x7f0000000500)={0x110, 0x2e, 0x300, 0x70bd2c, 0x25dfdbfd, "", [@nested={0x25, 0x2b, 0x0, 0x1, [@typed={0xc, 0xe7, 0x0, 0x0, @u64=0x2}, @generic="1d1c04ec50032a0ae84eab42346498916a", @nested={0x4, 0x10a}]}, @nested={0xd8, 0x34, 0x0, 0x1, [@nested={0x4, 0x10b}, @generic="dc7f79d688eda44a611960af7f43caebcbe878898766c38c0384703e239f6172c68cba25d997959a3da3608ce98814ea4fd93ab783f1829bdf87e3a1ba6bba8a", @nested={0x4, 0x55}, @typed={0x8, 0x73, 0x0, 0x0, @pid}, @generic="379e35daad024e39e90617fccd09deefc034d89345a8ab2448680119379090fdf856cf260a01856fbcce174c1655d5ac62d8741c988df5f33d7f252b80ccf51192462a99716a0ecfce7c38a17df9a39c42153a9413b53d62596e362170399dba30257f978e76a767592327c8cea00219825904ceea0147e4079cf96d7966352aeb0cd724"]}]}, 0x110}, {&(0x7f00000026c0)={0x1100, 0x25, 0x200, 0x70bd2d, 0x25dfdbfd, "", [@generic="a2b546b54b493922270cc246c5835407d885ab1e78cf567e1d5bd8677dacd4631b0ea374a0d443aeed6a8431cf20a1c158c8cc06ca88d803ed59b64c53903820a37490927587dd9617956a34ae7a7e836a8350b4957b4a6fc017749c070e9dae323ecc25ff2f3ae2e8ea07cd", @nested={0x1083, 0xa7, 0x0, 0x1, [@generic="fbd4b6c1b5a7fbb1d7f0f32278a9e71e545a181975d28a3548c0466d170ba6f590893b346605ccf55862810d2d722c705629b3cf2f2f7cd5d8e185691421eccc1088dc372d77ede77b2b607676f3f2339df2da5eab1181c0fc9bc996d93c5879d7286bd6a16f32ed98d04496b68f73dbbd52d72d8ffcac5e2a7330d2e1d908587fdd0244080a0ad3b4affa0e2f2bd75b59e2f7506f54cc7b38e5d35f91db05c03ffe782a6eed96c417b59d14352fdfed668a57b108226db6f64858c1a4c5ccb2087518061e8b07ee24b5bfe8add1a029fc48ab8c7300093b0b1d21e0466d1bb0b59326fb7d23550572e37d1fa4f29f33faf735a16b6613e20b8979eabf0b0ac5a86005b1e65506757e344ed220d4c045cebc098e55fa50a7d62058f43baf39771c4cb0e73f80d310a5048e5dba2e617ba1f362b050fe92c2e896e2a638ad3e2282e86fde68a09a8ba5a65ebe0a921b9068539e16cb412c2b49d5999797e62d8feecd175af53987292755bff15fa8dc5a925a816fa48b7179d2a06c3e032ff6a906a95eae52db92f6aa9486075638f631c6007663262cdeee9e0ebafb3c39f51e0dd92c7cda7abeb9f1fb5bd322d9c8aa63f4452d76b827b9eb2378e3dab984e7c5ec36762ad878ecd35120c03f50992fce17188ca6f2cfb6dc8f39f0b7cd726282c414b257fcd90d2864d46d34d6a63b542a24b9710500ec1c084eb2cd1f71239d7e48e936e7b183a323fe15f1cea8b9f7e62d2bb1158fe85e683c1cbe6893f2d2584c502fb3cb2ecd88b70a3b4809f5ca9ce6cdda224ceda8a6a132b4190ebd741e3707b9774d62a51631659ea6d16789fef418e28fe4e5d361ca6575717016651e1553bec7f2041b3df712407e0581e906e78d2c806fd0e96ec3d6fd059d6de4ce8ee8757081c9dc53ae9ab030a04cd2b9788ddeceb16ad82ffd9a28430406baa237a3da14135a1aff8531ef2e6c9211e837d88d5c3bba54ba92350f7a52a0d3cfcae69da8a5c0892fba2f734e9442399d1ac573d637a35f0423029a47a9190cd05b2097b1c68365d79d691b8f28cc457a158307237711f2fcc465483a97e539cc5492a608c917a2ba1d84e2ad0dd8adf530500ca49da7cbfbe5a2dabe80b02e0fed4bb6b804b49d1d50e9ed5f91903a7ee4c05038efd64bee69fe7757f9bf89f19864f03027bfd126c64625544c08b5a9c0a36ecd5959ec1e00f170a86b79c78fafda6de80463192133eb3936b63fd26ead6a4e0e6ec824733233c179f621cd9aee260d009015d578cb7e055e803e60467edfe607326a60bef9e648ef5223354298e02d785a561137ed082d44d36d5a58b902e4073f5d2fb4961c181cbe5a6029422d111485631014abf1deecd4e4fa553e6e720e227760f56ebd5f69f79aeb974c6ca105cde137e60b7a3a90796f198233814c769f649120d3daa310ad36a672f6effdc5dc690d4ecfe63e11e4fbd97ffacb4acec1b43b1b9ef83d6694d3c4e36b5a28859070f9ebbb24f373ed4fc8469c943e856ee144d70e08b660c114554e303bbc2945173a1f5b9ed41d924ee9adaa0969f11d44c820d893669677ea87fd93f78a1f50fc7deb33f1bf18616360f5bb60f0fdd163cb553ef253cd2888971fbedc1e193c3b51dc7d6d7ccb6fc0beb467c9495aee38bb76aa7f98131cf45d984d3756336ad8809124978d1956dc212a5a7a6f125d2db8db9c637a9d5a388c6fac77cad70b5b9a27c6d79b1d9da86147b66fad81e56fd1d4eba8f67b59b8b2893db3dff4d8feca0e8f1eee00b5ca5464252a3b5270a610358134bd3f97331251260e9560d0ba641651c2090fa3bf1ede4a844c388031239f83df6091b1b8caa4669873f08e4ae4f54a1146d2a9cd70dea9de315f28f0751dee556c9d8dfa1f236734450408d4b8e2412997df2d078e6ad2375e343b3714fe85a3d86c02cc1b3e4051113209bffee5a4ba40736f25dfb74ea09c28c61cf8628d0eaf40c98f724d407119f5b16e801c3e2b51e55d62067cdf0f140def872abadaf5c4758bf8b2561858fa7019c05f81bcd0d4e51cd29e1e3bbc05b08d57f780839440f9931e6cd104c7637475774fecc7d69a31dd2da639d9fa8539a030cecc5a8851913f6b424f6ec4703e96bae89c52f00777babaff316823bb125e38bdc4f5d70e4023eb0cec4553a395a981ddfe3eae7890adf18ccb540a15d5bd006efa3369dfc76a04e8610c5c99d29b9145cf9162cc3575ab0d0912d8a69567ef3f52b3a97a3e6d9465bc4b4ae4fe4060d6809729e6e50ca77c53a4b4aae5699af58cbce43a4515d379855acffd3b9d4985e3e4c4b4bd67dc4b16098a1fd3e744da9cdde120d54633084b1276252c99bf08b48781829d8f91d60fe27ff788d6f6468e24f58c13f9b2b137b79b39592529a78558af1257c475a65c5f814917b5e1e0371522674bcfa3cf3116c6db56ad0a422b7242aca15cf3132732f5c534d741cc8dde1ba3c2b9744c6516f714c274f10c4c3ad654c052fd1faa18b71e5f775230931cea03246c18524d68bf5725eadecae15c83f1651d44156667b56500c2615d7a61b84cd3c8396039421ee22030582734d2cf877d70cb4c9ed0b9dd7e426c66307887de26ee28354abdf1cc7e9432fecf71a1aa3008c1f98be7869d54a5519557b554697d191ef8a2613a147b9fcdb1474fc6f4de0434b1c309a6087e6cc1e809c3455566753180b1ae7d7bae1dcb3924ad24b4c9a3b712b22943d64d1d0edcf60af31e0f97afb43e432784005d8fd888b8bbd5b91a881c836f16d0759139282c29311b1524dfb3e6ad71b452d6b3c784f15696d670af5b1dd1b2eea272a56dd03922837631cf4154984beb76a2585e0bb830000125c0f02b752a05034a9eace741fe4cdfb8045337021228371fd6d4ed63f0cf1ff60a378e096e6fe57de25f4d769c7c848389151a2eca2adb78114d2450fbe929006f733a34c8578251ff2582bd2361c6e8b31bbb6341f874382a09b9207fff98e0ed599d6d78032bb752f7f4a77fe2cd1b14ae3ede8a1c46d5824fd3062ee5166ea6e94dad7710d27c0dc8e4b12e8d5ee3ec95bd1fa278a40fb1917a6b8f7bca11823a928a5413e29d5d1decce2862215e09745dfd0e4217aef48f741ff0d92ab6140359f2ee0cee9a521c946cf301ea8c930d76536d516dbe171d0cf0ddef82f16ff5bd71cd449b96b050a566122bdd0979fa6d94f7df87627b5af551bbbf120808df24d48fd4c16de9e783014544fab4d7f8a8c7ae842a2df1240596545610545e61b3b94c29dd19000de910ca3c9fc3c63c4d54e4c41cf0bf0dd28f233ed97897b04710f3fe011d459f2c3ff4bea39e4cd58932488acc735d4c5f5911e3b4c3075d337281a06fc669bd25a424a36bb1333ac25dc59eee0a8134537799e4ff12317b16f4438bdea733fcb18c5201ae50cfdf2c6b8f98402ba4429ab438abfe2a308b6677fc20bb1176e209014ab569f347ccf88457d3a8159c2d8e8d78586ae258945be39a62e769444c44c9886df249aeb76494076aacbb4b996b5b61d1051e3e57161d5bebbe2fa721e052454365b47121a33aec7b6266d0d5fdc91bdbce941c2c24b16b45fd953e7164e870ca57c2bd46224b5890315145719f3fd6fe5f82d15a68bf97231663551e4d36b1697aef08450f256e9f0091e185ff40a6a1ac4f1ee30e00428637c25d8f46f412996fa8baec4993fb6aa1597b50585c40f5e4638e784ab3374cd46b20448d5ea6f09cb8173f60469ab9c0469b56201673449a76e8c24330ccaa1bd06aceaaeff31e6888274caae11e1f03f0f5584dad757b021ec30913f4c311e93f5026ffbe15fe93b145ebeea7707159e51a2f028901e396574ce53a7088838afa0c90d40e6f46747f919772e500e0386ab8175272ae9fdb9833fc64dca4d9e6b984304a99e8bfb5f2b4fc76b996fffb70c0218c70cd1055e7ef04acf84ece19bf84bda4252c3c3ad809792933f482f3f124b39155c19a816cc516381158472a846ddade9240c18bf28f48add51005e22d81620e2b26335aeae5c6b6dc6a0936b1e186ec116c83aa264a8c7805dfcae8b21c53e102b425a27788dfc0d968bdd78a41ff529da13aa9bb5c373ff9386279c68f25dae2b4b645fb1acbf9ad7077d2c1538566eb52130760b2361628f5e99adbde3c5ecd2ecc97ff396f5c9edf203c48902197416b18194ef34c3c5c7f9085478baf8010a1c9c29b0f785d6f48df38c2a240d3272d6c94c9910f42000f768d0b2f5f076ef26f58a5fba88bb671df886b676aa3a4745defab775f68f474e4048afc1fe48345e7eae57d1a7473da51107152ca23d62536039cb4e78904cbf6e4b5ec134a1d7e971f926c645dc395dbeb373e687c19c2b4e430232aaa407b0402761ed8353f6445e0c94aa66509c1cf34894e62b4546f8be8cc0c8801a258cc700687de5007ed3b18c6526f3de34adc5f2723813c51cd0ce75fbeaa2a1969990f1dfce03e299b00bc7b15c4f6d61d4ec5cfe4dd5c8c4b2fa64e4029f1674c7009b44653c50d8cff622644c13659af2cacf86a243170679d7552ec82035709817ab899e87ed8374f7ca8c73e0074a854fca58c190e26003d82dadb6fbff8290925d318c356476bc7e27d8bd5400faa2a47f7dad94ffb8c5af87ff2a589a9d574cf7dc4b4171920767bb2b48b542b065d2455b0fbddfa81d9982fd16cc1e4e433362ba0555324babc8e5082ef58118756f0f046c121ba63f216b129de4a5da4ce46a44f90db2ab89e4c172c88064f1a61be87a668721eff1a3794c5c05ffc08bd3ff5aadbd28265c473d7d1b8814f71718cf5c32b047d43271321407ba232663ece83dbb4d6feec4e78ad76f7bc8360941e7cf7da737eeb26f34bc3c39a07dcff7c4731f30882c0a6198b14f6055b708221ea3b336431913726acb2bcc6162398dec94b4c27e5960915fd31ad5c6b15e00cbbb7ec851f12e10bd8df063838d6221a8ccb67fbc3dd46389ca6d41d2f70fcca79587faea95a722795b4a2fe35f84505253438a77dc7235a31ef4e4368c912bd609f5cf6833139c56ffff1e7d3bc8ca4b005310b7ec44474a7a82fdc0ac31cf5d96b747c81904e852060c4ef67881562204f4d2f1429bb981259b595bb3c2d3aad0ef3355087a849c477947d7a331eebbaa68bebb805e900b5ae3a33394d192f92bfcdb2f8b9696127bf5abd4c45552779090e48821462ba7f869d3f370e52750cec57ce99b2d07e9cd721373787630a3c552c19d8c4cbf03df228cc5cd61188cba9e647770da873251415995e27e189a8c98c3a516ca9fe781cf0a011f383c0024b879df4f27d69d3a85bc6c50524fd089bf615211fce5c209dd5dd56879cf1fe6927f347f2839478c6973b699f79b011cc1d8c3ba9bd996c56eafcad62a53d704a65a90f1b3d7546b4f2a64cea43cb57481d342dd2aee28daeff658f28b83230c913570cbc461f4f1767270513e9f00e9dc2bbe84873cc11f6a0d39a91cf0d3cfa9f48bc6f223b8ab7e25e6a300cabfe61260c56c7035afe4fcbc083d858739cb684856d919e18d121701e186c8444cfe813f16cb447bae317176b45a336456d3a2ac9ac752b13e35dd1fae40654f7c59dc8818737fee8aa24de70519946ebb1a5c84a18f2fc60b6fd5124d519160633a67b68ad3c808044de95650bcfb4d64dd4cd097e787fcb3ef4be220750c1069bb7218589426b2bdfca64de275923a1f5e30e740147121a1fe437ddb95504e323f171a9b3ed0b0fa86fcbf2acecc163eb44304f1d72cf6a4b28", @nested={0x4, 0x1e}, @typed={0xc, 0x11d, 0x0, 0x0, @u64=0x6}, @nested={0x4, 0x10c}, @generic="3553f5e3c52335969701dd63488d4b6b165a700880b4f4d6ccdf97f54174a11c10e0c9532bd8fb4b287dee6c4a5a58a93e908d7259ef369f7c0f7d0879cdc10349b20546c000fe7ae235625eaf44649482bb3a671aa8067ef35a055695bb6a3ff3670d3d6d98f28d361240"]}]}, 0x1100}, {&(0x7f0000000780)={0x108, 0x29, 0x100, 0x70bd2c, 0x25dfdbfe, "", [@generic="df2bff9a7859ee5d156bfe2498713cc0d7a340ae248b0dc9b9e76ea95c5f9e3610b1ee2f66198715d3f3dc5f6ab0a239711c083fa61db1374e5610081d7f48356c4845b4688e857cec721a205954c6c73542add28c25cebf90d1555d2827038dcb2570", @nested={0x83, 0x10b, 0x0, 0x1, [@generic="a110c3674150340427ae15a398f54ff75dbe43bd3e632cc429e00c8a7f122bff2531fce421b716c1fe11ee1ac3d47f0e49f7f7341890d9f1c52869d181bf570ae085e1a764670a26c9c649f5165c23d619fc85528b6cbc740ef236436c2ce1725335ad761504bf6c15d9352dee4d5e6d87adc9d211760872e62538", @nested={0x4, 0xe8}]}, @typed={0x6, 0xc0, 0x0, 0x0, @str='/\x00'}, @typed={0x8, 0x140, 0x0, 0x0, @pid}]}, 0x108}, {&(0x7f0000000a80)={0x108, 0x12, 0x800, 0x70bd2d, 0x25dfdbfe, "", [@generic="a6d5945a7334ae079190780a7a3f4597635b21b473967993bebe046b2e6dfd47dd15a84dfe070052924780a8b8a9b6f25114077869ce71f09a20daacaf0898bbd603b96e7fe46e49cb7c35ae045def79190bb11734dbc3d2faf07e5955e35cf56e748063d0ec29c6d6fd3b8a383c1fd24a", @generic, @typed={0x14, 0x88, 0x0, 0x0, @ipv6=@private1}, @generic="486d93e67742df9026276ec03dd294f028f6719447d06b08869b5c06ed4ee69f69990262a014b0e371fe6b2ec47ccfab6074eebf9ab61e172f1a4c6c6effbfeedf1aa12b0543e27103eaff5897cc1f4451671c4a2864d0a52c1408231df2d832f4cfb6595ed417cef2e99c2a5e72b1f4cbb9"]}, 0x108}, {&(0x7f0000000d40)={0x10c, 0x3c, 0x200, 0x70bd2c, 0x25dfdbfd, "", [@generic="cdd5251af6e3a8eb36aef5695c545c0d9b401c9df2c8820a4f42522ebe780115a872fb9937fdc6a19b96addeac911b6c09dba12a151e8fbb764c02c0d803ae3cb6e1a11e659bc20eaf313ca8731a8a3bf3414ad61622e27c48330fa001dd98009241e3bdec43538bbf894ec9d827db30dade82dc479a4274a942316ef1ed5a8d8a682baffcf8ee7be617fcd6ac626037a7ce53899d2cb7a26e4d70698e0f19e625c1aadaf3eb11c7983371ea996810b0803aede88f794c837cc338017098a3dd6d4bc8881b00f113a65b0b21250aac61559a272a1b1705cade381e46", @nested={0x20, 0x13a, 0x0, 0x1, [@typed={0x6, 0xe7, 0x0, 0x0, @str='!\x00'}, @typed={0x11, 0x10c, 0x0, 0x0, @str='task_newtask\x00'}]}]}, 0x10c}, {&(0x7f0000000f00)={0x300, 0x33, 0x100, 0x70bd2c, 0x25dfdbfd, "", [@nested={0x75, 0x2d, 0x0, 0x1, [@generic="edefdf2611b9c8d571103e633f9aeb037ee4c63a2ce21eb7fd6214cf330d6a7a71cb993091902c52ede69d9229c0a0ed875c1c97e71196f00bf42d9e75fe91b00a0a0d16c8163fc4004d285564f73ea167d3996e70d41e363f0b944c68f18edf96912d23f81f5d527c80086b7a814b3f8a"]}, @nested={0x1ec, 0xfd, 0x0, 0x1, [@typed={0x7, 0x100, 0x0, 0x0, @str='*}\x00'}, @generic="e27a85ef7ffeea81a7de4f72f533a0b154165ac2aa4596814b4f699a123ced97ade11336ad639b008f016041ed6ea0c237dd87649c4f82b37c610ab2bf4da215a3bde3d80a6f2d30fe8162f4a161e4514d40c6b419df898e3e89b98594f8f956184d998a4b7937be5a5dade551b877efcc06591a5c3c4f8fa0c8e1bc96d2e93e3285fdca17173725c54a2e677d9c02b7c286b6fded8ed2310228d0305b31651a45c091012db828b90c1b4352618f55c99115967be9432b5c31f54c178f04069d9e24cd0c5fb4118478a3d9", @typed={0x8, 0x12f, 0x0, 0x0, @u32=0x42f2}, @typed={0x8, 0x11e, 0x0, 0x0, @u32=0x8}, @nested={0x4, 0x51}, @nested={0x4, 0x62}, @generic="b943deb89a545515bd6ced6534758e8d56f651399f6e", @generic="7e01b761d8add33e7ba8ae66fc4afaf41825edbbff17c35abe11d1d8e10ae247394ced082db0842cf299f1f81fd4f2a04b14ad6b7a64046dbaf427a0dc1b5375bf48da51d5489de513d20e403fa7404ccbe8a3951e945f57d93c3dd93294b45a758d6fb7d40152f5ee7bed8962ce7fd0e4a97e3e91ab8911b1c9f2a2a83c02f753550dda6e90fb3360fe024dbac65324f33c15662306bac52d76c7bd2f6b0903865a0f55e52506665c56f344a089a1a3b1d29ae0f4a32fa03cba7689ee7e8f4bb4eefdbd1ea8307e78e4f46438c3dba47f6f51", @typed={0x14, 0x137, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}]}, @typed={0x8, 0x6b, 0x0, 0x0, @u32=0x2}, @generic="e335ac4f9a115d53d2e10ad6febcb420b96079eaaad04e829caf38fb64db6587eea5313ecc089770b78b054d5bfe5235ead597012e866c7f51aea2a04b7dbdda9a5ae21f4afe2f1259b47763ed95d8f4f276162005df5c9c25b137f74fbfa5ee20ba77f92e83a42420f5a04447dcff11101b19f7c4102333360c04b43b1d032c20b257"]}, 0x300}], 0x7, &(0x7f00000012c0)=[@cred={{0x1c}}, @rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}], 0x50, 0x44000}, 0x20000840)
close(r5)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000000800000002"], 0x50)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000002680)={r6, 0x0, 0x0}, 0x20)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r7, &(0x7f0000000000)={0x24, @short={0x2, 0x0, 0xaaa2}}, 0x14)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="020100030e000000000000000000000005000600000000000a00000000000000fc000000000000000000000000000000000000000000000005000500000000000a00000000000000060100000000000000000000000000aa0100000000000000020013"], 0x70}}, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000a40)='nv\x00', 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2649baca85309be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98db7efbb059842ba4470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c11071adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eb47efb7b3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x1000, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfe}, [@IFLA_XDP={0x4}, @IFLA_GROUP={0x8}]}, 0x2c}}, 0x0)

4.113304503s ago: executing program 0 (id=3122):
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWSETELEM={0x1c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x3}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x900, 0x0, 0x0, {0x5, 0x0, 0x8}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}}, @NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x7}}, @NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}}, @NFT_MSG_NEWFLOWTABLE={0x14, 0x16, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x110}}, 0x20008000)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r2, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000140)="376cd97cb39285495ddf4bd660c811b4dca74500799dac8f26884d6d4cc781a3b510574bd853ed8eae31de87a5", 0x2d}], 0x1}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000100)={0x66, 0xfe, 0x4, 0x0, 0x40, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x9}, 0xe)
shutdown(r3, 0x1)
socket$inet(0xa, 0x801, 0x84)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000040)=0x891c)
shutdown(0xffffffffffffffff, 0x0)
setsockopt(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)="b970f6aa2bfdc9d7afbfe5c81e0b9b00b49015199ee375d7bd1e9a044aead3faf4a0f39154893e76f7c07b1ef464add3dac1272dfb540106eff5d18585394f8978a2a6e597b9479e904e68cfe4474d047fbd2a138da70c600c760ce32fdd162b9866cd8b1d2908ea2599011aba31a4b1193250944e602609300cbbb8f2bd89acef5fd0471e96cd071c31f8", 0x8b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
shutdown(r0, 0x1)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x4040850)
socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r8, 0x112, 0x4, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90324fc6004001c000a000200053582c137153e37000c0480fc0b10000300", 0x33fe0}], 0x1}, 0x0)

3.496474224s ago: executing program 1 (id=3124):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000600)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e000000", 0x23)

3.336250683s ago: executing program 3 (id=3125):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYBLOB="dfeb010018000000000000000c01"], &(0x7f00000001c0)=""/201, 0x26, 0xc9, 0x4, 0x0, 0x0, @void, @value}, 0x28)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x7, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000140)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = epoll_create1(0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000000)={0x2000})
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time\x00')
ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0)
r4 = openat$cgroup_devices(r1, &(0x7f0000000300)='devices.deny\x00', 0x2, 0x0)
r5 = socket(0x2, 0x3, 0xff)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendto$inet(r5, &(0x7f0000000280)="71fbbeef2a8b800c752de0381c168b5d7a67428e", 0x14, 0x840, &(0x7f0000000300)={0x2, 0x4e20, @multicast1}, 0x10)
close(0x3)
write$cgroup_devices(r4, &(0x7f0000000200)=ANY=[], 0xa)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f00000000c0)={'ip6_vti0\x00', 0x400})

3.130161432s ago: executing program 1 (id=3127):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000c00)=ANY=[@ANYBLOB="b400000002000000660000000000000073014900000000009500009f010000004bb5eea0a6ec9fcd4b0a008a8443f22702000000e63bde9e4a0587536a966992ae7011d6e6c03175717e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b38000000bc4da4a9b3d5cc9e0000f6a7a729009973ff07000000000000ac79e5d84abbec7d96629490727375b853f6308a980fba61fbe0131f3c7a026d8f000008000000000000000b20d7ac2df89d7989bf53bec908213d396edf24e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7c138b3ec6ee9b83edcc55d3403acd5c50e2740a7ab7069790da79b7ab45184caffff00009bab066bf7a4ab148d44c7e2e4d219cdd7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320def97ebac25b929b3c15e33be6e7d54e622b427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b97c200000096a1cbe81a38a23f03bd741a3e60c2e294f828e06f1b2cb70328f151f949e369efed52a28b87aae9d7d2800c8eff7f93c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a131ff1f6acb9439f2d95a746291641b38333ce1c84b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb000000044a6458c31431d58973c93f5e9452258a7098bc3d014afe638a40948498fa9561213bc20845526e054d6b3ba5ca8f357df67c41acc28edacb31d38994544c3511ea1e8a448e66039425cfb03efb5d5eb81a306746adb8809ef969187763c00085e2dc401325327e54cbfceb400c2663466cd4a79c94b62c9882626499a8a29c564464f2a7aee6a929f831c93d23005787d272b5eaf0c6e11a7f0f1f39f68df44f6bf2d9b51d99c89e327b4bf7b96ad33abbd3a8b5814b5e7f85d1a47ee604ccef20bda53c9ce06910568fc200eee12fc6ef2734a6e9af5132f0c507e277fd97f9b48c840697289d38e454467f4d2f94b2f76d06edd083dafefd76deb251b5818de9c27d0df6e7b8862fe42f6c453f551f35b6d76395a1d205f276ae628fbdb8081905a1d7c2805532d3387b88f2997e8ce41c5dca83659cfb7f3a1c7b2bec8a7575dc4241dde6c680ee9a27b197739f4ad86f3bad3e42d4954bef864586ad02c27858d63efc495bcfb6ed49a5ca8987b0f2a8b14054e30f30fedf536d63769a196fc3b472195d0a1a13ecf803136d751cefb0edb5794cab8681214b39f86d88f3aebea4d465ef05f975b09f264d6c8d8e3bb6ea7d21c6602bcc8f76f2546cccc074f55c22aa8b502968040000000000000047c8a50036dd268a1aeff951f5090492b5e941feb1d3785aafe1655876e5a36c40fb5afcfd1eb28952662782097836a4d1aa3de0c06bb7dc27cf1a546b6aa6ce9932f3c6a013bc3791da4d8a33680ba8f1334d75a43e991ebd4582d786ec05cdd3152d52ab15fc7595cbd339f730d2ec8e37e6c500c4c30280a6af986f62a22d9c5c275e7798c165545abfcd304243274db15924a136a0896d56576ed7de90b1bda90f4024b9a0b3b33f688db8e38f784ae3942aba874f95d10c47e2405ceb0438cc272133fac718a6553710e4ca97df646b21d02652c54eade2e99344e11a2671cf274d397650fba8fcfb7e51a926e37b3980a1732111175dd99b9d979042b3ea411a7b4f9081ae9b82974d5eb6fd4e4bcd95e4f897dfba4e44777e6d02a896b650a66d9139696b926c36a33eb3bdc092bf4586bfab34002f802bbfe6a7679cec20cc25e01f129bbe92a65961fac7bffa3d8feda2ac927743d2bce57ee39b671948576337535180aa754e035421cf1709bc1b5e46c35515fb1fcda637a6405e9b216d2ca09795c5d2f27665da5b17bcf0f387e6dd58202a3a1148e46e55ac7ea027eb3022eee4a000ca543ab566921e5db4f741a762e5705f942855a9fa30b912045f78ab1e3fdeada84bc8ac36cc1223901e56f6ecbabbc3263098c9c47a1f505a8299b5715a455e834ddddc430f387cafa07bf915522f9a42e34eea5169b796320e892d27924045bcf56135684ca96ada82749371d5766c0d0cae8772f140eef001ca39dc28aef8a5236393fce29b0531cbd3265c209761ed41a2e473fbd84ca9b67e3ceb58a4b774ee127628faba8702c0a73f8311d269429aaadf74c439404fc9f864e69807dfe257c0c4a26c60bfa77f89bae2bd4c498a10d4e17dddb1f7539bfeb392e22e7b93d0ecf66cd253a4062bbc8a437f8924ee7a89ab73dd7c11be13707482c369f02d7b6f242599f95dbfcb55bea158665231f8fe04ed2a8c407fed1a8702e2486386f2ae6347231128be789186ff5651208c80781f85d3fb51bd28b939a8bc88a471c36fa17fd04c3fbdbd3f7bf144b1466014a77c582aa0380e612cd101d557dd1e5b7bae3da3ea2659f66a3641eaa3b008b9788a63c8f7009f9149fd9c740eddd300000000000000000000e620e3657ac82a5bd27dfa4f2add31a402346571e87b2644edb73d4affdcbbe2b8e2539b44554c10dc0ac8ba67ab9901c8e9564b4c26a87cf59b11978a86d4938ca4db01a9d8426aed32eb0d0d1dd894bbf3197f3b5744b5a4f813fd7330"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000002c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x47)

2.948277802s ago: executing program 0 (id=3128):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010019"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f00000027c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=""/4096, 0x1000}, 0x3}], 0x1, 0x2b, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3c, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000080)={0x4}, 0x1f)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, 0xf, 0x9, 0x3})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0xfffffffe, '\x00', 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x15, &(0x7f0000000640)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r7}, 0xc)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0xa43, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000980)={0x6}, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000000000000000044930286a6c8f6aa76dd02c970087f5c51d48878674ca2bd66dfd26b1750a6d1c30bcd08f9cc144a2b7c5a3e8577b6b5d2e8bb61534b6cc754441b06f1086a6348d506dfc51fcc7b17b3309629d4f4baac7c93370ddf86db5921e91ccc1119ccdff5fc2159c70e94d720e7760b1c257025a89a64d62b0a966775657723dded995efb0ccbe5ff91816bd0679d2c84dad88d57365bf18b7b4b74841bb5dd355a546a09a1e17adc54e487d38c0fa4149b4b893ad381e7b155ac65b5ecc0cb553d20523868e7357ff04b33db3fdc655da6894a69b5ac1b57a12dc7c53b73b4fa740f7423476cafb0484145a0bdf3f0ed77d20c889127a11823c3abfeac53fe4bf2fe636f1", @ANYRES32=r2, @ANYBLOB], 0x1c}}, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3a, &(0x7f0000000000)=0x1, 0x4)
socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r8 = openat$cgroup_ro(r4, &(0x7f00000000c0)='blkio.bfq.idle_time\x00', 0x0, 0x0)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x4e24, 0x2, @mcast2, 0x1}, 0x1c)

2.815486353s ago: executing program 3 (id=3131):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000740)={0xffffffffffffffff, &(0x7f0000000780)="853e000080b7464a3c8b29f3f7a6d6dd0a1984142189eb52343fc0d4d5db811cc78d8eba3819d118b0c46b29980ccf9e87689c1a0bfdefb6b5d98f9efd4e09b83e1261b325f0d3e2ad6214f0f4b0213bb32273380bbfa12c68df15bc9267a48fe3fd01c1203f2372a1647878d5e8be2028e7f5311846dc9d996f8671873ad96949a96828671bebb2279f782df2", &(0x7f00000005c0)=@buf="26a239039dd90284b24a35de24f1097542700600f775344e8b0d6b96711e7152b075fd4dd2879387ba29a29ff7c6cf0be5001005ae8ead942c49097c41e4438aa0fcf46a3618c333ebc1", 0x4}, 0x20)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), r2)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r5 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x170, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x13c, 0x2, [@TCA_MATCHALL_ACT={0x130, 0x2, [@m_nat={0x12c, 0x4, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x4b1, 0xc, 0x6, 0x2, 0x5}, @broadcast, @private=0xa010100, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9c7, 0x1, 0x1, 0x6, 0x5}, @private=0xa010102, @multicast2}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x1, 0x5, 0x9, 0x1}, @multicast1, @empty, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x3ff, 0x4, 0x9, 0xd249}, @local, @rand_addr=0x64010102, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x101, 0x5, 0x5, 0xe}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0xffffffff, 0x1}}]}, {0x3c, 0x6, "8b000558693bb260aa69aa7d07b2c9a22552e220f504bf79bfc774a01659f058f3f93e85e97532feb8835cdc18612767179b8ee292ccbeeb"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x170}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0xc, &(0x7f0000000700)=0xf, 0x4)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000700000005000000000000120000000000000000020000020300000006000000020008000900000004000000000000000000000a0500000000000051006100"], 0x0, 0x53, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r8, 0x4018f50b, &(0x7f0000000200)={0x0, 0x9f6, 0x7})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r11=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000100)={r11, 0x0, 0x9, 0x2, 0x6, 0x7ff}, 0x14)
r12 = socket$netlink(0x10, 0x3, 0x14)
r13 = socket(0xf, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r13, 0x10e, 0xc, &(0x7f0000000980)={0x6}, 0x10)
sendmsg$nl_route(r13, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a0001002cbd70000000000002000000ee"], 0x2c}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="880000000314010000000000000000000900020073797a300000000008004100727865001400330064766d727030000000000000000000000900020073797a1e000000000800410072786500140033006e6963766630000000000000000000000900020073797a3100000000080041007369770014003300626f6e645f736c6176655f3100000000"], 0x88}}, 0x0)

2.759974442s ago: executing program 1 (id=3133):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff850000007b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000100)=r1, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r2}, 0x10)
r3 = epoll_create1(0x0)
epoll_pwait(r3, &(0x7f0000000200)=[{}], 0x1, 0x6e, &(0x7f00000001c0), 0x8)
close(r3)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b904021d080303000000e8fe03a1180015000600142603600e1208000f0000810401a80016040400014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7ce", 0x6c}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
unshare(0x6a040000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$unix(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001340)="94da5eccb51e1a20410c304bb9841c6c967a604d30a461d0388cc5fd426109c870743efecee87b334e805c3784d5c181a970fe7ccbb8db3cd674bb6002f327554c3e4d711279673da6e27ec54f82e695ea6d5b3dcf0469d09109c778e2d767221b8ccc69346c927c14b19cc1ae45d93aeaace92a9d8b7bfe1e85e7c3e3b05dbaa6acf16c804726566093aa57773bac4c1f1be5e98e7f7bc6a37195a66f1649b82e56c8b6a25796e3d7819f5cc66abd8c8ae79e38382ec434ed239a2ceda5ecef75515b1bf1a89654e5b1c64ed9dd282fdc78380ef06729daf13efa410c360f63398d557686303a60e10a56cce1cc27323d229015d3246d3ccee891490dffc537ec55673ada12b257d8de9542172e18466a666aaf92c1a46c9e6b7ffa0aea5e85c7275c8d3b63a4de4cd3585acb73bec3b1cc1b367209c5f39d21846e3514a3864c450ee03772706f0c0c971eea2b251c4aa2f4c1e09b548ffffa61acb4da7dd8455ac1ae19ada3776e73746c355bac4d59091a9901596c9de3d11da283ccaefd1777132a8f06a82ff6a1e88623c8339dd388b8e4229801b9d8b075b78e6ffde8b3f00930721d397707ca813875b2e06ea7bb817f416b63ae741c2b4afeeca2e9f36a7da8f5e6a71847e282859a28c8c52559b8fa67c4d7d78d4e2078db902f90c2e553effc8f8aae03904fcb4b0dec0f92bcad45cfe30031404a3c0869b2c8270997492ae2d2acb5d3167d696fbc9e76a60067fc11c84801507f056d20b7e79ca9ee49b177128cedd7d77548f9c7636dba807a5ee6a9c5031ce072ab55d41989ac01d68332ec3084002ab2c04af2d371ab0d5327fa9932632ac871caf4209fb9f7a86eaae0fbbc959c30451b30d0461352a5a8f1537a7edb033471b6cd3f241dc19807e9827d8dbb1d4009a178454d586d16f3dee36a437fa3b202eb7a4a1d7fdb20f9cb5e8ad6a89c5676c5397404e7550f2dd934dceeca80ce426310ddd4fcfa7424b6ecd4e8775f11deda90d7268d95dc951b3371e4c69d2fa56536f7e26f7217c639428e1a376b37a597b488dd4eaba7cfe16f78562d209836bfe294c51b655a73509d66c6d8b2e0a70273263e530fa7d08259a70799d86e436b0e5bab13c8011b58a5a81d2eb217cedf4a49e7c315e2fc3a19a1ed7e2cd219817f082a9dfa0ff7018f210aa70d73ac53787d0657ac3c17a9a89f28ff6d9273c0bf0f2abfc712482d3aadf10a41bf0a88f90d670a1f6158016c84675a001b2a50058e550e3baf33e355f758caae5c8f3d298c03d6e9ddce7af248702adda2ae3fb51bcc999d7cf62a5153da4f8c3bd1ec169f666722d0e2da66b219d6a2fe032a9fb64d494217bd4786d7535c3ef43b78bfbc2a2e05150d260f5971cc497db461a63ed53e04a9072522dca0db6786b6c82d6994b6f72afbe8d14348f3e8e1ee3307b170913eb4d741ffa8ef5df7a2d1ab71c2036dd7e6dab5bb00143bf4de2aa5ef161032be8d50c56801bf4f7c5bf3dd93d721d16c80fc831c7d7faa7dd38fa96f79d9a9a968d1f9c9a34ff00e7c9d648e6c17bd5aa855c6e48f534af1497c160540a40feff567fa7c5454fc16ebfbe27c5e86d0c02e0f59f683ae418a462c2b40e0a911f86912cf14f9723f327664231769fb0f8eb60e1a8d1afb75ab2108e4114316afd8bf61006622cd71548f62f931898d77a7f1a3f0c483b60417fd05c60db6595e10907ac3d52347b606e81933fbe6caa0efea0911c104b25790afab08b8e4d9ecc70dfe8fa39c148f0c521e2ca7f4974354f787ea8f655b448e6a7131134be870d6f1f55a72a8ebe44a5ea627a80b99c6a06c8e0b1ded736f2c3a06e18946befee1fb9cc689a478744cd2b8bb7d16a3a60e53a983364cc75d7e21c02ad5764793e833b93e1237b4eae2236a44314dc78451784a417120d07089443b7ff954877c18cdf8f22dab68062b984cef3c4393b4b6bf78c1a184ee2d6a59560a3e28714ed2dc87b50113b160585826777427a4bef3f5a32b7102779f114cf8e32c4206f61f85b79d3b98c208e858748061179bc2ecef6909a08f213a03c85022095b49548aef1fde9db58df7c32285fed374c078bf6892e6483d7e48d131391fc150f4055022cd5e091acf61b31fecd595bbbac3c99587f0d814c7f131bb91d348748d35bf4a21d93d69b5e77f605788d07ab30a40b9cc5c0c8c7e8ee24d8946def655dbdd5eb315e37149b16367b3c59eb375c413ee22ab1ffb70c1f100345efa5255a74f1578cb60d7272fe435eaee93692c3ebee41b8b815a2b9dcbd05771f5a1de063928ba49ea607dc8125bf0ad42fdc15e63f283b4f341e65de4553e3c054d7652420685e0c360d36b895e36eae25ff9decfce60a33280be2f34e80195f04ed14d27c5ef6dcec1f3851bafb0874f44ff609e754c9c2d8fe3b352656e79c106268ab854eae55ef58b3725feaacc808f2c09839a4916614cf7173ef04dc5df7d85b9e1d238a7dfba7db1be35545088bd6083bb5e3c5b79048f7a82bc04fd18ab6b92822a96ee13a5851c8194b4c25cd5ec3526633be55cf36dcce48426643e29d8c39bba7ca18054428577fb80842da89644c5e76f751996c8da610e706ba9789f3cd1127ec648338a7d140f2ddc539195a99ed7ff0831bb1bb5995566fe397bd90330b33e8d346d3e75fc72f8007d8e687e72c834d7365dcfa903183d7af301fba25affb80c596cb633309c11bb52a9f384a5eb8abc2c8abe528c49880c6129f3e211890c72dbe76ba0529e2c33e2b8d322c67107608d9f317cca562faadbd7c1172e9768794795950e4c9f54aabd55bbdd4a30158b694d23f6917c09e9f5f2defee60a504b2913ad50706467c2ed843c79ae85fea9a956598ffdb61981928eb4800873fb78f33b0d78d2f63c6615b36e5882ec34377e35df88e4d1b6bd1ea52a77254641d99beaeb31ef6a83fad9fea2982c2ea0c5dffe9c14b6b11b42d521aee6669345798fe8f87cfa4ee30527643b69d2590357da0f25bc38a5e37551e1c655f4c0b03d71e6a39a15f0de3778ed8619bcfc104b19b3fc21c285b9d7f6d26a45dd25dd1849800f3311b7dedc2d69c60f917cabd808c92ea83464fb0b0ea750439a1eb6eb9354baa28777371b758d68b1c72c158ecc06843671a91022d5c0bf0d4b80bbf1c10a6843d8bb0472a79d352409b14c5cbb2ef279648adb5af833a7fde4cf10d8ec3cb8ac54c866eb49eed0adcc46ae82cce842e13871fa5810bfd1633e9ef2cd6a9cdc753eae3d68c592ef53f6550f2807d6ee5fdd4070fd6d3b3e26ac6dd1932d0a6c04878f9e374d4aafae116e5ca32592022a213d3063785fb7836a64d5807f5cb05b490b01a30036a56a44a3efbe7d1f627a38ff4cfcb192f7be94694716fc602ba651ed68404b3d16edb82fa60d31dfb3881f3c551c6050b022d4399e909f5c38741d4309e6808d16302c4d9af6ae115a704181238754cda697211043f40b924742b862414e9ca451ef1a9a26e8a7ae0a54f8ed7571974f90996505ba49fc0b7c80a969aa8eb03d3f31d58057f24f91b46c5b1635f773a33f9024c2bda5c87261231675462d03ecb84de96f8c3d63aa8f45f6dcd4c7153cd1e237d9b88a6a3788948065a4dd11e4e198d545ff7f6c9c19a7cc6e59193f86aa1dea5ece57be9ce43afe32eb2d5228198857c1f83be05000fe819078932a2b4895b961ba86b6d2e2728f89ff1ee7b4d86608690e7fd7d9ebad12638c9432b4b7adde401be2fa8a983571746561af1fea7aaac8a1c54cdbe9107708ab86e676b43c33fa0941f71d11a2f3a2372e1a03e9dd5075fe7e8e3c70ef253886df082e737dc372c62adfa68e55be25874aec903678f125671d03314f7fe89bd8922f62f946b0cbd798ce4a482045d624ee5e1d694d967551d4fcf92c3e056241a0601b831c56b298a1735ec4c52339f2636139b2d10dcf9ac66ff71a9687128054d5542f526ba05a1f921d4d16bd2ef749557dee980f4c678591ee6ef93e9187799ed0f12d189137c08ad5dff262d0e000b675aab3ce37ba8a85b11648c5d98de361f926fd58679ae57899fd54c6e77cc182fad914dc67e4866ef8b41be489e210ddb9181704fb36781bb34f2a5c50cc51272107ad03ee6823b9e9ea7675e272d39cee4596e77c5bcecfb9e0709f163ff8d09525c6ab909d2ed4f94733df2306af8dd286534125f57eda3f97bafa27db8615ad99b820b33143494221c7540a2138dde34ecae2393b647e2fd7a06c50dc23d0464fb27556d8097881d3675d9af2853e0f3f3d873506f030356d4a820f48c12d774bb06af1a947b2cece054646c1463007d1d3e250c3a658b639d2f8c9601cf9264449ed928801cd9c714504339f8f99e517549ec99563900d6f1763e81f38b7de01c6ad708386513e413b0898c853a3f606ce768cdc83fce7d42dbd0b0790cf19460f6ce4a5fd8f07def3319aaf91fe53dd10ed95f24ebdf78d34808867f3f4be51ed5d047aa214355a1b98b5690cd8d13ff20cd14527c09e24e8a86010c4fbb5769d58dfb73c1fd0b7620117a96923182bde2765165301b76cd7bcdf42ed6466398fbc4fa4cc58c6edaa1d86bc0e3bcc5b77f93c952bcee177933bba6bd157c75df99383fe8740673f4fa818d6c29a848283ac7f98cf268924c70a94c80d8827ec90b286b3952ca024938208ee51efa1f40f22301b89ee41238d2bcd91add66680c2f84a6ec7d7a835216ed05c907ff26cf414c52b564c16bcb71b2821fead0233adcaef9e925dbd4c7579a4897f533afb58794611f7e416046575fafb298d55c8139e10524b7a167e5b3f3e60dde5fe6cb2afc704371bdc1d9c2129e4050fedecec5c551a833d2bf0ccc5080205c4e6ec697f94c40578f427bdeb78b5208182850d29c75bcbd8d6e6e9c2364471be22b3cf05f3c52fd61d257d497ed92b64fd2d08460ceb854cb5d250619ef01fa77c7d3e8af3c8c080a8f049fae9d8e430427a5e65625f4f14b857ed75ae8d08bf9d5e4476ee52ce4120d8df65e810a658c04a2e1349ad6dc96ebc04ea104456e00f7b2eb5a8058dd4c45a1fbb5e8e04fe885a14c2537364cb100877974c066e91253163fb34aeecf7ae49a2724bf42cd7cfa5e24bedcea3d81f7d19510eae600eec40bae2d0e0cfc8ca07ce84c266b7f69eea654a238ec4c5b31c4bac37412c315f29aa6462b6ab02b4e97625a05b59032948594537c8d1d48d2222cfc1b87deb26418ab6f2b9ab90ac4354b5e541b9e3c5ad9ad9031b1643ba303055b4cc59168851fb9a064a58b3ac03a4f5cac7148b053120b4aaf15437b4105617f910d77f410e1a9d385aa87cd9ea53d9c892e4def86ada420596ddf6dac388fe64f5b0b56f358630ab891fed39a1004e867389be353ab7242d2b729ff882daf70e5234bf849e72932a9daf24364578e32dfea8bc199f387e5a755d54c16f78a6776cc9d15a005350587f414643a34432031d5d36ef1fc4e6fabcee5436fdf1ba480d8fb05a525161e4bdf42dfce688ae1a1b3787fb7df24195650d70ed5e8ad773135558ebae0d9565ac7c05e84047193ee51793b12122f4d2298d5338d658478130da4c701e5d1e708e15e791443d4bf0c0657f1ed40b7a54851669dd21bcf93e6594f4de1e26e0eafaff2c4820a52a51dd59afdf9bf00bec52c56e310843e355a7ac13f7b7e1e7b8e20c315551327ffbfe1fc56b2e6b70b8bc97d46da6af5cdbce56cbca62e96f070a0ed21e98af00b48577333a7d", 0xfef}], 0x1}, 0x20000001)
recvmsg$unix(r4, &(0x7f0000000580)={0x0, 0x2000000, 0x0}, 0x10002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xbcd99000)
r6 = bpf$ITER_CREATE(0x21, &(0x7f0000000140), 0x8)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000001c0)={@loopback, <r7=>0x0}, &(0x7f0000000300)=0x14)
socket$kcm(0x29, 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000340)={@private1, 0x6, r7})
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet(0x2, 0x2, 0x1)

1.947087248s ago: executing program 0 (id=3142):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000340)={&(0x7f0000000540)={0x2, 0x3, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x40000001}, @sadb_address={0x5, 0x5, 0x33, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010100}}}]}, 0x70}, 0x1, 0x7, 0x400300}, 0x0)

1.663724184s ago: executing program 0 (id=3145):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_ext={0x1c, 0x13, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffa}, {}, {}, [@jmp={0x5, 0x0, 0xa, 0x1, 0x7, 0x6, 0x1}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xc, 0x0, 0x0, 0x0, 0xc0000000}, @alu={0x4, 0x1, 0x1490efc22f7a8ebb, 0x3, 0x0, 0x80, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0x348d03c7, 0xa6, &(0x7f00000005c0)=""/166, 0x41100, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000006c0)={0x5, 0x8, 0x5, 0x4}, 0x10, 0x18392, 0xffffffffffffffff, 0x3, &(0x7f0000000700)=[0xffffffffffffffff], &(0x7f0000000b00)=[{0x4, 0x2, 0x10, 0xa}, {0x3, 0x1, 0x1, 0x6}, {0x3, 0x5, 0xd, 0x4}], 0x10, 0x9, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014002b8008000100", @ANYRES32=r0, @ANYBLOB="082303000200000008001b"], 0x3c}, 0x1, 0xc3ff, 0x0, 0x20048050}, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000740)={"8c3ef01be86258108b331b07f91efab2", 0x0, 0x0, {0x6, 0x40}, {0x3, 0x1}, 0x6, [0x1, 0x5, 0x9, 0x9, 0x7, 0x5, 0x10, 0x953, 0x1, 0x4, 0x8, 0x9000000000000000, 0x2, 0x4, 0x2, 0x5]})
socket$inet_tcp(0x2, 0x1, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000813061feed4a921a5e6fa8022da1d09d31fdedb43223d6ecbfededd21a844edb56649a7e86ef636f15699b24de2ea3ef38ccc1a30d1c6482f15baa4817e7ce184303a6485f995caa152c4c7f6f66790c4731294dd4c8278ebee0ce2aeeb88802d850160be5ad5662d223bea5578d0829c4825f3ed989b41f66cf18bd6d353ff5c1246d9238041ea411b4280419fe553244d21c8b9336f9b99761e5c99674241c022b6b87c09e1de4e8b4b7998c8481a72cfc783ec4ae23dd4c5b146974051cdf561d1e610147894443bb925627b646523ede2e5c9094bd30c09f39a00b6c893b5f8d58b2fa16c7ea6b1e22a3cee037d577496c373d02420fa78650fbac3e696ac014fec1bc763fe52125812f95a309683f33cb0ea4da685578d838"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$can_j1939(0x1d, 0x2, 0x7)
write$bt_hci(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[@ANYBLOB="010120"], 0xc)

1.614532504s ago: executing program 3 (id=3148):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000600)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba", 0x34)

1.328538106s ago: executing program 3 (id=3150):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81})
write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x8, 0x1010, r3, 0xffffc000)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$BTRFS_IOC_SPACE_INFO(r3, 0xc0109414, &(0x7f00000031c0)={0xb5c, 0x5, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r7=>0x0})
sendto$packet(r5, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb10000", 0x13, 0x0, &(0x7f0000000140)={0x11, 0x0, r7}, 0x14)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r8}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r9, &(0x7f0000000200), 0xf000)
r10 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r10, &(0x7f0000003140)=[{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000140)="a180", 0x2}], 0x1, 0x0, 0x0, 0x404c080}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4008001}], 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r11}, 0xc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

1.232267613s ago: executing program 2 (id=3152):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001180)=ANY=[@ANYBLOB="300000002000010000000000000000000200000000000000000000000c00144000000000000000000500130001"], 0x30}, 0x1, 0xfffffffffffffffe}, 0x0)

775.570057ms ago: executing program 3 (id=3154):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010011a801000f480040005800800090000000000080003803000018005000600ffa1000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e83c000c"], 0x270}}, 0x0)

567.873542ms ago: executing program 2 (id=3156):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710024000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c000240"], 0xdc}}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)

561.356626ms ago: executing program 3 (id=3157):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), r0)
recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x1}], 0x3, 0x2000, 0x0)
recvmmsg(r0, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/4087, 0xff7}, {&(0x7f0000001440)=""/139, 0x8b}, {&(0x7f0000001340)=""/62, 0x3e}], 0x3}, 0x5}], 0x1, 0x100, 0x0)

456.219861ms ago: executing program 2 (id=3159):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000740)={0xffffffffffffffff, &(0x7f0000000780)="853e000080b7464a3c8b29f3f7a6d6dd0a1984142189eb52343fc0d4d5db811cc78d8eba3819d118b0c46b29980ccf9e87689c1a0bfdefb6b5d98f9efd4e09b83e1261b325f0d3e2ad6214f0f4b0213bb32273380bbfa12c68df15bc9267a48fe3fd01c1203f2372a1647878d5e8be2028e7f5311846dc9d996f8671873ad96949a96828671bebb2279f782df2", &(0x7f00000005c0)=@buf="26a239039dd90284b24a35de24f1097542700600f775344e8b0d6b96711e7152b075fd4dd2879387ba29a29ff7c6cf0be5001005ae8ead942c49097c41e4438aa0fcf46a3618c333ebc1", 0x4}, 0x20)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), r2)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r5 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x170, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x13c, 0x2, [@TCA_MATCHALL_ACT={0x130, 0x2, [@m_nat={0x12c, 0x4, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x4b1, 0xc, 0x6, 0x2, 0x5}, @broadcast, @private=0xa010100, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9c7, 0x1, 0x1, 0x6, 0x5}, @private=0xa010102, @multicast2}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x1, 0x5, 0x9, 0x1}, @multicast1, @empty, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x3ff, 0x4, 0x9, 0xd249}, @local, @rand_addr=0x64010102, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x101, 0x5, 0x5, 0xe}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0xffffffff, 0x1}}]}, {0x3c, 0x6, "8b000558693bb260aa69aa7d07b2c9a22552e220f504bf79bfc774a01659f058f3f93e85e97532feb8835cdc18612767179b8ee292ccbeeb"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x170}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0xc, &(0x7f0000000700)=0xf, 0x4)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000700000005000000000000120000000000000000020000020300000006000000020008000900000004000000000000000000000a0500000000000051006100"], 0x0, 0x53, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r8, 0x4018f50b, &(0x7f0000000200)={0x0, 0x9f6, 0x7})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r11=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000100)={r11, 0x0, 0x9, 0x2, 0x6, 0x7ff}, 0x14)
r12 = socket$netlink(0x10, 0x3, 0x14)
r13 = socket(0xf, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r13, 0x10e, 0xc, &(0x7f0000000980)={0x6}, 0x10)
sendmsg$nl_route(r13, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a0001002cbd70000000000002000000ee"], 0x2c}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="880000000314010000000000000000000900020073797a300000000008004100727865001400330064766d727030000000000000000000000900020073797a1e000000000800410072786500140033006e6963766630000000000000000000000900020073797a3100000000080041007369770014003300626f6e645f736c6176655f3100000000"], 0x88}}, 0x0)

437.624025ms ago: executing program 4 (id=3160):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000600)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba", 0x34)

417.696966ms ago: executing program 0 (id=3161):
r0 = socket$kcm(0x29, 0x4, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000000b0601080000000000000000050000020500010007"], 0x34}}, 0x4800)
sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{}], 0x1}, 0x20000000)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="000000f8ff"], 0x48)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="1c00000021006bcd210002006e04fcff80000010000000017aa60864", 0x1c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r2, 0x58, &(0x7f0000000280)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x38}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x6}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x2, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000001c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)

337.676021ms ago: executing program 4 (id=3162):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="05000000000000007111b100000000008510000002000000850000005a00000095000000000006009500a5050000000004a27709ba2222e589d68252394ef0dd4e6cae5531618032d609898848b142269801f956364b72c11b7339076cb6343889e33f64d35ea2d945f0649c7e9d8d7fd85888473aabcd0533bd9a1cc934c1e52e1f19980f9c443a7e1edb719962306a6d5e20283f2ceb9451f1c97e5d7951c6a1b65da93a7597ca08f7fda32d9730682c906d4405a9489a527f40596e528ede8807bbe1a268bcf7c1e41cc5915993f3a6bb6ff5c96ce44951fffc68d991756ba2c1f5b1f3d75ddea5d8065ad34a220afc903bab4d19c5c6cb0d2f7eb366fddc77dacf"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

241.001487ms ago: executing program 4 (id=3163):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)={0x14, 0x14, 0xf03, 0x0, 0x0, {0x2c}}, 0x14}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003, 0x10000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x3, 0x1e}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x0)

239.791739ms ago: executing program 2 (id=3164):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x8004}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

128.552835ms ago: executing program 4 (id=3165):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="800000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000010000005000128009000100766c616e00000000400002800600010000000000340003800c00010000000000000000000c00010094040000000000000c00010000010000000000000c000100040000000000000008000500", @ANYRES32=r1, @ANYBLOB="080003"], 0x80}}, 0x8000)

124.479266ms ago: executing program 2 (id=3166):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000340)={&(0x7f0000000540)={0x2, 0x3, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x40000001}, @sadb_address={0x5, 0x5, 0x33, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010100}}}]}, 0x70}, 0x1, 0x7, 0x2000000}, 0x0)

74.185923ms ago: executing program 4 (id=3167):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r2, 0x2, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x0, 0xffffffff, 0xffffffff, 0x138, 0xffffffff, 0x248, 0xffffffff, 0xffffffff, 0x248, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev, [], [], 'batadv0\x00', 'lo\x00'}, 0x0, 0xf0, 0x138, 0x0, {0x0, 0x4c00}, [@common=@dst={{0x48}, {0x0, 0x0, 0xbce0257315b3f3d6}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x378)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xc, 0x14, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x4000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600f7ff04000000ff0ff1ff0600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

12.438547ms ago: executing program 0 (id=3168):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x18, 0xc, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, [@jmp={0x5, 0x1, 0x7, 0x8, 0x7, 0xffffffffffffffe0, 0x4}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'batadv0\x00', 0x10})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x38, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0x8, 0x8, 0x0, 0x1, [@typed={0x4, 0x8}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x17, 0x0, 0x0, @u64=0x4000000000000005}]}]}, 0x38}}, 0xc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r0}, 0x10)

11.904118ms ago: executing program 2 (id=3169):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)
recvfrom(r0, 0x0, 0x0, 0x40000000, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x2a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r0, 0x942e, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b07, &(0x7f0000000000)={'wlan0\x00'}) (fail_nth: 3)

0s ago: executing program 4 (id=3170):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x2d8, 0xffffffff, 0xf8, 0xf8, 0xf8, 0xffffffff, 0xffffffff, 0x2f0, 0x2f0, 0x2f0, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @loopback, 0x0, 0x0, 'veth0_to_team\x00', 'wlan0\x00', {}, {}, 0x73}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x5}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}, {{@ip={@private, @loopback, 0x0, 0x0, 'batadv_slave_0\x00', 'veth1\x00'}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x338)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3c0, 0x1e8, 0x0, 0x0, 0x2d8, 0x2d8, 0x2d8, 0x7fffffe, 0x0, {[{{@arp={@remote, @multicast2, 0xffffffff, 0x0, 0x3, 0x10, {@empty, {[0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}}, {@mac=@broadcast, {[0x0, 0x0, 0x0, 0xff, 0xff]}}, 0x0, 0xe, 0x6, 0x1, 0x0, 0x1, 'vlan0\x00', 'wlan0\x00', {}, {}, 0x0, 0x2}, 0xc0, 0xfe0f}, @unspec=@CONNSECMARK={0x0, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0xc0, 0x100, 0x0, {0x0, 0x1e03}}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "2c3bb27d9d5b379b853c7744b526e29755ec721db80fdb00f95f8a608b8d"}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x3, 0x0, {@mac=@broadcast, {[0x0, 0x0, 0x0, 0x0, 0xff]}}, {}, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 'pim6reg0\x00', 'netpci0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0xfd44)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095", @ANYRES64=r0], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x7fff, 0x2, 0x250c, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50)

kernel console output (not intermixed with test programs):

  355.646846][T12090] lo speed is unknown, defaulting to 1000
[  356.171464][T12101] siw: device registration error -23
[  356.685577][T12112] xt_hashlimit: max too large, truncated to 1048576
[  356.882538][T12124] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1999'.
[  356.907951][T12126] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.936334][T12126] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.007873][T12126] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.071532][T12126] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.801514][T12135] lo speed is unknown, defaulting to 1000
[  357.830914][T12135] lo speed is unknown, defaulting to 1000
[  357.886917][T12142] xt_CT: No such helper "snmp"
[  358.082263][T12156] xt_hashlimit: max too large, truncated to 1048576
[  358.181016][T12159] lo speed is unknown, defaulting to 1000
[  358.187847][T12159] lo speed is unknown, defaulting to 1000
[  358.296146][T12163] lo speed is unknown, defaulting to 1000
[  358.321048][T12163] lo speed is unknown, defaulting to 1000
[  358.334144][T12167] siw: device registration error -23
[  358.535963][T12170] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  358.571271][T12170] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2011'.
[  358.603419][T12170] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2011'.
[  358.977983][T12179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2013'.
[  359.137225][T12184] xt_CT: No such helper "snmp"
[  359.208560][T12188] netlink: 'syz.2.2013': attribute type 12 has an invalid length.
[  359.275405][T12188] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2013'.
[  359.331541][ T5853] Bluetooth: hci4: link tx timeout
[  359.337049][ T5853] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  359.387161][T12196] netlink: 'syz.4.2018': attribute type 1 has an invalid length.
[  359.398589][T12198] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2018'.
[  359.412667][T12196] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  360.016488][T12212] netlink: 'syz.4.2022': attribute type 10 has an invalid length.
[  360.178426][T12208] lo speed is unknown, defaulting to 1000
[  360.268938][T12208] lo speed is unknown, defaulting to 1000
[  360.335197][T12201] lo speed is unknown, defaulting to 1000
[  360.436396][T12201] lo speed is unknown, defaulting to 1000
[  360.798793][T12238] __nla_validate_parse: 1 callbacks suppressed
[  360.798815][T12238] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2031'.
[  360.824348][T12240] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2031'.
[  360.856086][T12238] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2031'.
[  360.903658][T12242] siw: device registration error -23
[  360.908522][T12243] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2031'.
[  360.991821][T12248] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2033'.
[  361.010172][T12250] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  361.098755][T12253] lo speed is unknown, defaulting to 1000
[  361.105934][T12252] lo speed is unknown, defaulting to 1000
[  361.106032][T12253] lo speed is unknown, defaulting to 1000
[  361.140404][T12252] lo speed is unknown, defaulting to 1000
[  361.360283][ T5839] Bluetooth: hci4: command 0x0405 tx timeout
[  361.594072][T12258] lo speed is unknown, defaulting to 1000
[  361.612763][T12258] lo speed is unknown, defaulting to 1000
[  361.869292][T12276] netlink: 'syz.4.2041': attribute type 1 has an invalid length.
[  361.935848][T12279] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  361.944977][T12279] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  361.953783][T12279] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  361.962610][T12279] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  361.976540][T12279] bond6: (slave geneve2): making interface the new active one
[  361.987612][T12279] bond6: (slave geneve2): Enslaving as an active interface with an up link
[  362.113933][T12287] netlink: 'syz.0.2043': attribute type 1 has an invalid length.
[  362.157627][T12287] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2043'.
[  362.376766][T12293] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  362.442682][T12295] lo speed is unknown, defaulting to 1000
[  362.467717][T12295] lo speed is unknown, defaulting to 1000
[  362.493396][T12301] syzkaller1: entered promiscuous mode
[  362.499035][T12301] syzkaller1: entered allmulticast mode
[  362.510094][T12301] netlink: 'syz.3.2048': attribute type 1 has an invalid length.
[  362.518122][T12301] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2048'.
[  362.581711][T12304] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2051'.
[  362.839478][T12319] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2056'.
[  363.163299][T12333] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  363.349203][T12342] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2062'.
[  363.359456][T12345] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  363.381143][T12343] lo speed is unknown, defaulting to 1000
[  363.388152][T12343] lo speed is unknown, defaulting to 1000
[  364.334008][T12367] xt_hashlimit: size too large, truncated to 1048576
[  364.717639][T12373] IPv6: NLM_F_CREATE should be specified when creating new route
[  365.020040][T12387] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  365.115877][T12392] lo speed is unknown, defaulting to 1000
[  365.163561][T12392] lo speed is unknown, defaulting to 1000
[  365.225257][T12397] netlink: 'syz.0.2078': attribute type 1 has an invalid length.
[  365.463860][T12397] 8021q: adding VLAN 0 to HW filter on device bond3
[  365.654766][T12403] 8021q: adding VLAN 0 to HW filter on device bond3
[  365.729396][T12403] bond3: (slave vcan1): The slave device specified does not support setting the MAC address
[  365.838130][T12403] bond3: (slave vcan1): Error -95 calling set_mac_address
[  366.059222][ T9662] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  366.126953][ T9662] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  366.258361][T12465] tipc: Started in network mode
[  366.299994][T12465] tipc: Node identity , cluster identity 4711
[  366.306167][T12465] tipc: Failed to set node id, please configure manually
[  366.329843][T12465] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  366.579158][T12487] __nla_validate_parse: 2 callbacks suppressed
[  366.579183][T12487] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2094'.
[  366.683260][T12489] FAULT_INJECTION: forcing a failure.
[  366.683260][T12489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.692706][T12486] tipc: Started in network mode
[  366.707127][T12486] tipc: Node identity -, cluster identity 4711
[  366.714851][T12486] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  366.748689][T12489] CPU: 1 UID: 0 PID: 12489 Comm: syz.3.2098 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  366.748723][T12489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  366.748748][T12489] Call Trace:
[  366.748756][T12489]  <TASK>
[  366.748765][T12489]  dump_stack_lvl+0x241/0x360
[  366.748798][T12489]  ? __pfx_dump_stack_lvl+0x10/0x10
[  366.748821][T12489]  ? __pfx__printk+0x10/0x10
[  366.748846][T12489]  ? __pfx_lock_release+0x10/0x10
[  366.748886][T12489]  should_fail_ex+0x40a/0x550
[  366.748921][T12489]  _copy_from_user+0x2d/0xb0
[  366.748953][T12489]  do_sock_getsockopt+0x1d1/0x740
[  366.748983][T12489]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  366.749003][T12489]  ? __fget_files+0x2a/0x410
[  366.749066][T12489]  ? __fget_files+0x395/0x410
[  366.749096][T12489]  ? __fget_files+0x2a/0x410
[  366.749133][T12489]  __x64_sys_getsockopt+0x2a1/0x370
[  366.749164][T12489]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  366.749189][T12489]  ? do_syscall_64+0x100/0x230
[  366.749220][T12489]  ? do_syscall_64+0xb6/0x230
[  366.749249][T12489]  do_syscall_64+0xf3/0x230
[  366.749275][T12489]  ? clear_bhb_loop+0x35/0x90
[  366.749309][T12489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.749345][T12489] RIP: 0033:0x7f807418d169
[  366.749363][T12489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.749379][T12489] RSP: 002b:00007f8075036038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  366.749390][T12492] dvmrp5: entered allmulticast mode
[  366.749402][T12489] RAX: ffffffffffffffda RBX: 00007f80743a5fa0 RCX: 00007f807418d169
[  366.749418][T12489] RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000004
[  366.749431][T12489] RBP: 00007f8075036090 R08: 0000400000000940 R09: 0000000000000000
[  366.749443][T12489] R10: 0000400000000180 R11: 0000000000000246 R12: 0000000000000001
[  366.749454][T12489] R13: 0000000000000000 R14: 00007f80743a5fa0 R15: 00007ffc76cebde8
[  366.749484][T12489]  </TASK>
[  366.994628][T12493] pimreg: left allmulticast mode
[  367.032512][T12493] dvmrp5: left allmulticast mode
[  367.124200][T12504] netlink: 'syz.1.2101': attribute type 3 has an invalid length.
[  367.201139][T12504] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2101'.
[  367.593710][T12508] lo speed is unknown, defaulting to 1000
[  367.664534][T12508] lo speed is unknown, defaulting to 1000
[  367.984174][T12533] FAULT_INJECTION: forcing a failure.
[  367.984174][T12533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.017388][T12533] CPU: 0 UID: 0 PID: 12533 Comm: syz.2.2114 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  368.017421][T12533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  368.017435][T12533] Call Trace:
[  368.017442][T12533]  <TASK>
[  368.017452][T12533]  dump_stack_lvl+0x241/0x360
[  368.017484][T12533]  ? __pfx_dump_stack_lvl+0x10/0x10
[  368.017509][T12533]  ? __pfx__printk+0x10/0x10
[  368.017534][T12533]  ? __pfx_lock_release+0x10/0x10
[  368.017576][T12533]  should_fail_ex+0x40a/0x550
[  368.017614][T12533]  _copy_from_user+0x2d/0xb0
[  368.017643][T12533]  sk_getsockopt+0x1cb/0x31f0
[  368.017674][T12533]  ? __pfx_sk_getsockopt+0x10/0x10
[  368.017716][T12533]  ? __pfx___might_resched+0x10/0x10
[  368.017744][T12533]  ? __might_fault+0xaa/0x120
[  368.017766][T12533]  ? __pfx_lock_release+0x10/0x10
[  368.017806][T12533]  ? __might_fault+0xaa/0x120
[  368.017827][T12533]  ? __might_fault+0xc6/0x120
[  368.017853][T12533]  do_sock_getsockopt+0x29f/0x740
[  368.017883][T12533]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  368.017904][T12533]  ? __fget_files+0x2a/0x410
[  368.017948][T12533]  ? __fget_files+0x395/0x410
[  368.017978][T12533]  ? __fget_files+0x2a/0x410
[  368.018017][T12533]  __x64_sys_getsockopt+0x2a1/0x370
[  368.018049][T12533]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  368.018073][T12533]  ? do_syscall_64+0x100/0x230
[  368.018104][T12533]  ? do_syscall_64+0xb6/0x230
[  368.018133][T12533]  do_syscall_64+0xf3/0x230
[  368.018159][T12533]  ? clear_bhb_loop+0x35/0x90
[  368.018194][T12533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.018225][T12533] RIP: 0033:0x7fc21af8d169
[  368.018244][T12533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.018263][T12533] RSP: 002b:00007fc21bd4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  368.018287][T12533] RAX: ffffffffffffffda RBX: 00007fc21b1a5fa0 RCX: 00007fc21af8d169
[  368.018303][T12533] RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000004
[  368.018315][T12533] RBP: 00007fc21bd4e090 R08: 0000400000000940 R09: 0000000000000000
[  368.018329][T12533] R10: 0000400000000180 R11: 0000000000000246 R12: 0000000000000001
[  368.018342][T12533] R13: 0000000000000000 R14: 00007fc21b1a5fa0 R15: 00007ffda51a0ce8
[  368.018373][T12533]  </TASK>
[  368.081858][T12538] siw: device registration error -23
[  368.628519][T12545] lo speed is unknown, defaulting to 1000
[  368.703804][T12545] lo speed is unknown, defaulting to 1000
[  368.760189][T12552] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  368.768801][T12552] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  368.777693][T12552] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  368.786632][T12552] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 20000 - 0
[  368.949625][T12555] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.003261][T12555] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.017185][T12555] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.028016][T12555] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.203244][T12567] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2125'.
[  369.271460][T12571] sctp: [Deprecated]: syz.4.2126 (pid 12571) Use of struct sctp_assoc_value in delayed_ack socket option.
[  369.271460][T12571] Use struct sctp_sack_info instead
[  369.433786][T12576] FAULT_INJECTION: forcing a failure.
[  369.433786][T12576] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  369.450812][T12576] CPU: 0 UID: 0 PID: 12576 Comm: syz.4.2128 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  369.450854][T12576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  369.450867][T12576] Call Trace:
[  369.450875][T12576]  <TASK>
[  369.450885][T12576]  dump_stack_lvl+0x241/0x360
[  369.450918][T12576]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.450943][T12576]  ? __pfx__printk+0x10/0x10
[  369.450966][T12576]  ? __pfx_lock_release+0x10/0x10
[  369.451008][T12576]  should_fail_ex+0x40a/0x550
[  369.451044][T12576]  _copy_to_user+0x31/0xb0
[  369.451076][T12576]  copy_to_sockptr_offset+0x6e/0xb0
[  369.451125][T12576]  sk_getsockopt+0x23bb/0x31f0
[  369.451157][T12576]  ? __pfx_sk_getsockopt+0x10/0x10
[  369.451201][T12576]  ? __pfx___might_resched+0x10/0x10
[  369.451231][T12576]  ? __might_fault+0xaa/0x120
[  369.451268][T12576]  ? __pfx_lock_release+0x10/0x10
[  369.451310][T12576]  ? __might_fault+0xaa/0x120
[  369.451332][T12576]  ? __might_fault+0xc6/0x120
[  369.451375][T12576]  do_sock_getsockopt+0x29f/0x740
[  369.451405][T12576]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  369.451425][T12576]  ? __fget_files+0x2a/0x410
[  369.451458][T12576]  ? __fget_files+0x395/0x410
[  369.451487][T12576]  ? __fget_files+0x2a/0x410
[  369.451526][T12576]  __x64_sys_getsockopt+0x2a1/0x370
[  369.451558][T12576]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  369.451584][T12576]  ? do_syscall_64+0x100/0x230
[  369.451614][T12576]  ? do_syscall_64+0xb6/0x230
[  369.451661][T12576]  do_syscall_64+0xf3/0x230
[  369.451688][T12576]  ? clear_bhb_loop+0x35/0x90
[  369.451723][T12576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.451753][T12576] RIP: 0033:0x7f9c3c38d169
[  369.451772][T12576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.451790][T12576] RSP: 002b:00007f9c3d22d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  369.451814][T12576] RAX: ffffffffffffffda RBX: 00007f9c3c5a5fa0 RCX: 00007f9c3c38d169
[  369.451831][T12576] RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000004
[  369.451844][T12576] RBP: 00007f9c3d22d090 R08: 0000400000000940 R09: 0000000000000000
[  369.451859][T12576] R10: 0000400000000180 R11: 0000000000000246 R12: 0000000000000001
[  369.451874][T12576] R13: 0000000000000000 R14: 00007f9c3c5a5fa0 R15: 00007ffc97db1258
[  369.451907][T12576]  </TASK>
[  369.712805][T12577] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2127'.
[  369.749965][T12577] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2127'.
[  369.804989][T12585] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2130'.
[  369.871816][T12548] lo speed is unknown, defaulting to 1000
[  369.951637][T12548] lo speed is unknown, defaulting to 1000
[  370.264837][T12600] syzkaller0: entered allmulticast mode
[  370.299470][T12600] syzkaller0 (unregistering): left allmulticast mode
[  370.307661][T12600] tipc: Disabling bearer <eth:syzkaller0>
[  370.440935][T12597] siw: device registration error -23
[  370.525000][T12612] netlink: 160 bytes leftover after parsing attributes in process `syz.3.2136'.
[  370.536197][T12611] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2138'.
[  370.547600][T12611] netlink: 300 bytes leftover after parsing attributes in process `syz.4.2138'.
[  370.573198][T12611] netlink: 'syz.4.2138': attribute type 10 has an invalid length.
[  370.576061][T12612] lo speed is unknown, defaulting to 1000
[  370.581296][T12611] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2138'.
[  370.598659][T12611] team0: entered promiscuous mode
[  370.604091][T12611] team_slave_0: entered promiscuous mode
[  370.617053][T12611] team_slave_1: entered promiscuous mode
[  370.623120][T12611] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  370.632257][T12611] 8021q: adding VLAN 0 to HW filter on device team0
[  370.641260][T12611] bond0: (slave team0): Releasing backup interface
[  370.685052][T12612] lo speed is unknown, defaulting to 1000
[  370.843340][T12622] FAULT_INJECTION: forcing a failure.
[  370.843340][T12622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.869898][T12622] CPU: 1 UID: 0 PID: 12622 Comm: syz.2.2141 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  370.869932][T12622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  370.869946][T12622] Call Trace:
[  370.869953][T12622]  <TASK>
[  370.869963][T12622]  dump_stack_lvl+0x241/0x360
[  370.870011][T12622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  370.870036][T12622]  ? __pfx__printk+0x10/0x10
[  370.870061][T12622]  ? do_raw_spin_lock+0x14f/0x370
[  370.870097][T12622]  should_fail_ex+0x40a/0x550
[  370.870134][T12622]  _copy_to_user+0x31/0xb0
[  370.870166][T12622]  sk_getsockopt+0x1f98/0x31f0
[  370.870199][T12622]  ? __pfx_sk_getsockopt+0x10/0x10
[  370.870244][T12622]  ? __pfx___might_resched+0x10/0x10
[  370.870273][T12622]  ? __might_fault+0xaa/0x120
[  370.870295][T12622]  ? __pfx_lock_release+0x10/0x10
[  370.870338][T12622]  ? __might_fault+0xaa/0x120
[  370.870358][T12622]  ? __might_fault+0xc6/0x120
[  370.870384][T12622]  do_sock_getsockopt+0x29f/0x740
[  370.870415][T12622]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  370.870437][T12622]  ? __fget_files+0x2a/0x410
[  370.870471][T12622]  ? __fget_files+0x395/0x410
[  370.870512][T12622]  ? __fget_files+0x2a/0x410
[  370.870549][T12622]  __x64_sys_getsockopt+0x2a1/0x370
[  370.870579][T12622]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  370.870604][T12622]  ? do_syscall_64+0x100/0x230
[  370.870634][T12622]  ? do_syscall_64+0xb6/0x230
[  370.870663][T12622]  do_syscall_64+0xf3/0x230
[  370.870688][T12622]  ? clear_bhb_loop+0x35/0x90
[  370.870722][T12622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.870751][T12622] RIP: 0033:0x7fc21af8d169
[  370.870770][T12622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.870788][T12622] RSP: 002b:00007fc21bd4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  370.870815][T12622] RAX: ffffffffffffffda RBX: 00007fc21b1a5fa0 RCX: 00007fc21af8d169
[  370.870830][T12622] RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000004
[  370.870843][T12622] RBP: 00007fc21bd4e090 R08: 0000400000000940 R09: 0000000000000000
[  370.870857][T12622] R10: 0000400000000180 R11: 0000000000000246 R12: 0000000000000001
[  370.870871][T12622] R13: 0000000000000000 R14: 00007fc21b1a5fa0 R15: 00007ffda51a0ce8
[  370.870902][T12622]  </TASK>
[  371.850512][T12648] __nla_validate_parse: 2 callbacks suppressed
[  371.850535][T12648] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2146'.
[  372.591427][T12655] lo speed is unknown, defaulting to 1000
[  372.598427][T12655] lo speed is unknown, defaulting to 1000
[  373.106349][T12680] netlink: 'syz.3.2158': attribute type 11 has an invalid length.
[  373.536047][T12693] Timeout policy `syz0' can only be used by L3 protocol number 59477
[  373.544253][T12695] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2163'.
[  373.661557][T12700] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2164'.
[  373.713148][T12705] netlink: 'syz.0.2165': attribute type 7 has an invalid length.
[  373.723749][T12706] netlink: 'syz.0.2165': attribute type 7 has an invalid length.
[  373.811975][T12708] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2167'.
[  374.020725][T12718] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2172'.
[  374.137925][T12724] xt_ecn: cannot match TCP bits for non-tcp packets
[  374.168168][T12726] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2175'.
[  374.243818][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2177'.
[  374.253490][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2177'.
[  374.262603][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2177'.
[  374.274137][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2177'.
[  374.332281][T12732] netlink: 'syz.2.2176': attribute type 58 has an invalid length.
[  374.716481][T12752] lo speed is unknown, defaulting to 1000
[  374.741586][T12752] lo speed is unknown, defaulting to 1000
[  374.959757][ T5852] Bluetooth: hci0: command 0x0401 tx timeout
[  374.965897][ T5853] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  375.981289][T12811] lo speed is unknown, defaulting to 1000
[  375.988396][T12811] lo speed is unknown, defaulting to 1000
[  377.223621][T12830] __nla_validate_parse: 164 callbacks suppressed
[  377.223645][T12830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2212'.
[  377.875521][T12857] netlink: 18 bytes leftover after parsing attributes in process `syz.2.2219'.
[  378.127325][T12863] netlink: 'syz.2.2221': attribute type 1 has an invalid length.
[  378.167623][T12863] 8021q: adding VLAN 0 to HW filter on device bond6
[  378.256599][T12868] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2222'.
[  378.266857][T12863] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2221'.
[  378.499750][T12877] lo speed is unknown, defaulting to 1000
[  378.541765][T12877] lo speed is unknown, defaulting to 1000
[  378.630021][T12883] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2226'.
[  378.643151][T12883] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2226'.
[  379.112496][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  379.704784][T12895] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2231'.
[  380.169019][T12903] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  380.280582][T12908] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2236'.
[  380.312769][T12912] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2235'.
[  380.350285][T12913] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2236'.
[  380.360657][T12912] unsupported nlmsg_type 40
[  380.549450][T12919] team0: left promiscuous mode
[  380.559383][T12919] team_slave_0: left promiscuous mode
[  380.568592][T12919] team_slave_1: left promiscuous mode
[  380.574572][T12919] mac80211_hwsim hwsim11 wlan1: left promiscuous mode
[  380.869035][T12923] syzkaller0: entered promiscuous mode
[  380.875046][T12923] syzkaller0: entered allmulticast mode
[  381.202488][T12940] lo speed is unknown, defaulting to 1000
[  381.217159][T12940] lo speed is unknown, defaulting to 1000
[  384.066730][T12974] __nla_validate_parse: 1 callbacks suppressed
[  384.066755][T12974] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2252'.
[  384.104014][T12982] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  384.438981][T12994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2261'.
[  384.456011][T12994] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2261'.
[  384.465254][T12994] netlink: 'syz.4.2261': attribute type 1 has an invalid length.
[  384.473611][T12994] netlink: 10 bytes leftover after parsing attributes in process `syz.4.2261'.
[  384.495227][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2258'.
[  384.510444][T12994] nbd: socks must be embedded in a SOCK_ITEM attr
[  384.517127][T12994] block nbd0: shutting down sockets
[  384.547087][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2258'.
[  384.580186][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2258'.
[  384.637858][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2258'.
[  384.654953][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2258'.
[  384.665362][T12995] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2258'.
[  384.861211][T13007] ip6gretap0 (unregistering): left promiscuous mode
[  384.892610][T13012] sctp: [Deprecated]: syz.4.2266 (pid 13012) Use of int in max_burst socket option.
[  384.892610][T13012] Use struct sctp_assoc_value instead
[  384.973488][T13009] lo speed is unknown, defaulting to 1000
[  384.991615][T13009] lo speed is unknown, defaulting to 1000
[  385.338732][T12991] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  385.621540][T13048] netlink: 'syz.1.2275': attribute type 1 has an invalid length.
[  385.670495][T13048] nbd: socks must be embedded in a SOCK_ITEM attr
[  385.677328][T13048] block nbd0: shutting down sockets
[  386.352487][T13073] netlink: 'syz.4.2288': attribute type 1 has an invalid length.
[  386.386109][T13080] ieee802154 phy0 wpan0: encryption failed: -22
[  386.399954][T13073] nbd: socks must be embedded in a SOCK_ITEM attr
[  386.408811][T13073] block nbd0: shutting down sockets
[  386.443754][T13079] ieee802154 phy0 wpan0: encryption failed: -22
[  386.640635][T13093] netlink: 'syz.3.2289': attribute type 10 has an invalid length.
[  386.688938][T13088] lo speed is unknown, defaulting to 1000
[  386.696113][T13088] lo speed is unknown, defaulting to 1000
[  386.740473][T13093] veth0_vlan: left promiscuous mode
[  386.795282][T13093] veth0_vlan: entered promiscuous mode
[  386.842548][T13093] team0: Device veth0_vlan failed to register rx_handler
[  387.289443][T13111] syzkaller1: tun_chr_ioctl cmd 1074025677
[  387.302845][T13111] syzkaller1: Refused to change device type
[  387.328361][T13111] netlink: 'syz.3.2296': attribute type 1 has an invalid length.
[  387.452064][T13122] netlink: 'syz.4.2301': attribute type 1 has an invalid length.
[  387.500676][T13122] nbd: socks must be embedded in a SOCK_ITEM attr
[  387.507797][T13122] block nbd0: shutting down sockets
[  387.725210][T13135] FAULT_INJECTION: forcing a failure.
[  387.725210][T13135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  387.754499][T13135] CPU: 0 UID: 0 PID: 13135 Comm: syz.2.2304 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  387.754533][T13135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  387.754546][T13135] Call Trace:
[  387.754554][T13135]  <TASK>
[  387.754563][T13135]  dump_stack_lvl+0x241/0x360
[  387.754604][T13135]  ? __pfx_dump_stack_lvl+0x10/0x10
[  387.754629][T13135]  ? __pfx__printk+0x10/0x10
[  387.754654][T13135]  ? bnep_get_connlist+0x20a/0x270
[  387.754690][T13135]  should_fail_ex+0x40a/0x550
[  387.754728][T13135]  _copy_to_user+0x31/0xb0
[  387.754759][T13135]  do_bnep_sock_ioctl+0x5a3/0x8d0
[  387.754792][T13135]  ? __pfx_do_bnep_sock_ioctl+0x10/0x10
[  387.754822][T13135]  ? tomoyo_path_number_perm+0x5dd/0x770
[  387.754855][T13135]  ? tomoyo_path_number_perm+0x5dd/0x770
[  387.754890][T13135]  ? __lock_acquire+0x1397/0x2100
[  387.754939][T13135]  sock_do_ioctl+0x158/0x460
[  387.754976][T13135]  ? __pfx_sock_do_ioctl+0x10/0x10
[  387.755024][T13135]  sock_ioctl+0x626/0x8e0
[  387.755053][T13135]  ? __pfx_sock_ioctl+0x10/0x10
[  387.755081][T13135]  ? __fget_files+0x2a/0x410
[  387.755116][T13135]  ? __fget_files+0x2a/0x410
[  387.755152][T13135]  ? __pfx_sock_ioctl+0x10/0x10
[  387.755180][T13135]  __se_sys_ioctl+0xf5/0x170
[  387.755206][T13135]  do_syscall_64+0xf3/0x230
[  387.755234][T13135]  ? clear_bhb_loop+0x35/0x90
[  387.755268][T13135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.755297][T13135] RIP: 0033:0x7fc21af8d169
[  387.755317][T13135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.755336][T13135] RSP: 002b:00007fc21bd4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  387.755361][T13135] RAX: ffffffffffffffda RBX: 00007fc21b1a5fa0 RCX: 00007fc21af8d169
[  387.755376][T13135] RDX: 00004000000003c0 RSI: 00000000800442d2 RDI: 0000000000000004
[  387.755390][T13135] RBP: 00007fc21bd4e090 R08: 0000000000000000 R09: 0000000000000000
[  387.755404][T13135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.755417][T13135] R13: 0000000000000000 R14: 00007fc21b1a5fa0 R15: 00007ffda51a0ce8
[  387.755448][T13135]  </TASK>
[  388.281982][T13154] netlink: 'syz.1.2312': attribute type 1 has an invalid length.
[  388.290767][T13154] netlink: 'syz.1.2312': attribute type 1 has an invalid length.
[  388.435363][T13163] netlink: 'syz.1.2314': attribute type 1 has an invalid length.
[  388.479816][T13163] nbd: socks must be embedded in a SOCK_ITEM attr
[  388.486611][T13163] block nbd0: shutting down sockets
[  388.594758][T13169] lo speed is unknown, defaulting to 1000
[  388.627352][T13169] lo speed is unknown, defaulting to 1000
[  389.025135][T13188] netlink: 'syz.4.2323': attribute type 1 has an invalid length.
[  389.416754][T13206] __nla_validate_parse: 123 callbacks suppressed
[  389.416781][T13206] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2329'.
[  389.492520][T13206] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2329'.
[  389.580028][T13206] validate_nla: 1 callbacks suppressed
[  389.580055][T13206] netlink: 'syz.3.2329': attribute type 1 has an invalid length.
[  389.628042][T13206] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2329'.
[  389.687604][T13212] sit0: left promiscuous mode
[  389.692654][T13212] syz_tun: left promiscuous mode
[  389.729309][T13212] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 20001 - 0
[  389.738058][T13206] nbd: socks must be embedded in a SOCK_ITEM attr
[  389.745352][T13206] block nbd0: shutting down sockets
[  389.762400][T13212] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 20001 - 0
[  389.788329][T13212] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 20001 - 0
[  389.814741][T13212] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 20001 - 0
[  390.083256][T13199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  390.411624][T13240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2340'.
[  390.438769][T13242] netlink: 'syz.2.2342': attribute type 4 has an invalid length.
[  390.452679][T13242] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2342'.
[  390.538299][T13246] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  390.557628][T13245] syzkaller1: tun_chr_ioctl cmd 1074025677
[  390.564032][T13245] syzkaller1: linktype set to 780
[  390.738587][T13255] netlink: 'syz.1.2345': attribute type 4 has an invalid length.
[  390.764600][T13255] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2345'.
[  390.782797][T13259] netlink: 'syz.4.2348': attribute type 9 has an invalid length.
[  390.870172][T13265] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2349'.
[  391.174251][T13270] syzkaller0: entered promiscuous mode
[  391.180287][T13270] syzkaller0: entered allmulticast mode
[  391.202104][T13270] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2353'.
[  391.240540][T13268] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2351'.
[  391.545911][T13271] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2351'.
[  391.656635][T13274] siw: device registration error -23
[  391.800839][T13284] xt_CT: No such helper "snmp"
[  394.432036][T13282] lo speed is unknown, defaulting to 1000
[  394.447787][T13295] lo speed is unknown, defaulting to 1000
[  394.454653][T13282] lo speed is unknown, defaulting to 1000
[  394.474369][T13295] lo speed is unknown, defaulting to 1000
[  394.925300][T13323] xt_CT: No such helper "snmp"
[  395.217399][T13331] lo speed is unknown, defaulting to 1000
[  395.225866][T13331] lo speed is unknown, defaulting to 1000
[  395.291483][T13333] __nla_validate_parse: 1 callbacks suppressed
[  395.291510][T13333] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2371'.
[  395.678889][T13336] 8021q: adding VLAN 0 to HW filter on device bond0
[  395.708682][T13336] 8021q: adding VLAN 0 to HW filter on device batadv0
[  395.817992][T13336] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  395.828856][T13336] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  395.845986][T13336] veth1_vlan: left promiscuous mode
[  395.853240][T13336] veth0_vlan: left promiscuous mode
[  395.859521][T13336] veth0_vlan: entered promiscuous mode
[  395.872326][T13336] veth1_vlan: entered promiscuous mode
[  395.887203][T13336] veth1_macvtap: left promiscuous mode
[  395.901991][T13336] veth0_macvtap: left promiscuous mode
[  395.908925][T13336] veth0_macvtap: entered promiscuous mode
[  395.917638][T13336] veth1_macvtap: entered promiscuous mode
[  395.934194][T13336] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.945648][T13336] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.954584][T13336] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.963501][T13336] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.983395][T13336] hsr1: Slave B (batadv_slave_0) is not up; please bring it up to get a fully working HSR network
[  396.035448][T13336] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  396.044761][T13336] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  396.053265][T13336] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  396.061967][T13336] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  396.085737][T13336] 8021q: adding VLAN 0 to HW filter on device bond1
[  396.096149][T13350] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2376'.
[  396.108335][T13336] 8021q: adding VLAN 0 to HW filter on device bond2
[  396.156007][T13336] 8021q: adding VLAN 0 to HW filter on device bond3
[  396.214236][T13336] syz.0.2371 (13336) used greatest stack depth: 18160 bytes left
[  396.489322][T13367] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2377'.
[  396.509784][T13364] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2379'.
[  396.571850][T13364] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2379'.
[  396.626266][T13362] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2377'.
[  396.686731][T13371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2384'.
[  396.696720][T13371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2384'.
[  396.706077][T13371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2384'.
[  396.716144][T13371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2384'.
[  397.030085][ T9662] ip6_tunnel: # xmit: Local address not yet configured!
[  397.073933][  T975] ip6_tunnel: # xmit: Local address not yet configured!
[  397.083189][ T9662] ip6_tunnel: # xmit: Local address not yet configured!
[  397.182088][T13400] siw: device registration error -23
[  397.374870][T13410] xt_hashlimit: max too large, truncated to 1048576
[  397.394487][T13408] sctp: [Deprecated]: syz.4.2395 (pid 13408) Use of int in max_burst socket option.
[  397.394487][T13408] Use struct sctp_assoc_value instead
[  397.519896][ T5840] ip6_tunnel: # xmit: Local address not yet configured!
[  397.537088][ T5840] ip6_tunnel: # xmit: Local address not yet configured!
[  397.832059][ T5848] bond0: (slave syz_tun): Releasing backup interface
[  397.862159][T13421] netlink: 'syz.3.2400': attribute type 1 has an invalid length.
[  397.874305][T13421] netlink: 'syz.3.2400': attribute type 11 has an invalid length.
[  398.179862][T13428] xt_CT: No such helper "snmp"
[  398.415159][ T5853] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  398.426494][ T5853] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  398.442142][ T5853] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  398.453176][ T5853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  398.464758][ T5853] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  398.476742][ T5853] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  398.572566][T13444] lo speed is unknown, defaulting to 1000
[  398.588702][T13444] lo speed is unknown, defaulting to 1000
[  398.948787][T13444] chnl_net:caif_netlink_parms(): no params data found
[  399.134547][T13444] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.152925][T13444] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.155638][T13481] xt_hashlimit: max too large, truncated to 1048576
[  399.168384][T13444] bridge_slave_0: entered allmulticast mode
[  399.182719][T13444] bridge_slave_0: entered promiscuous mode
[  399.200243][T13444] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.216704][T13444] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.226496][T13444] bridge_slave_1: entered allmulticast mode
[  399.244595][T13444] bridge_slave_1: entered promiscuous mode
[  399.286419][T13444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  399.299339][T13444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  399.348161][T13444] team0: Port device team_slave_0 added
[  399.361503][T13444] team0: Port device team_slave_1 added
[  399.521025][T13483] lo speed is unknown, defaulting to 1000
[  399.524050][T13444] batman_adv: batadv0: Adding interface: batadv_slave_0
[  399.557008][T13444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.642634][T13444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  399.662951][T13444] batman_adv: batadv0: Adding interface: batadv_slave_1
[  399.670463][T13444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.696808][T13444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  399.708204][T13483] lo speed is unknown, defaulting to 1000
[  399.862528][T13444] hsr_slave_0: entered promiscuous mode
[  399.869146][T13444] hsr_slave_1: entered promiscuous mode
[  400.468508][T13502] __nla_validate_parse: 99 callbacks suppressed
[  400.468529][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2426'.
[  400.550309][ T5853] Bluetooth: hci3: command tx timeout
[  400.848454][T13510] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2427'.
[  400.879999][T13510] netlink: 'syz.1.2427': attribute type 1 has an invalid length.
[  400.895545][T13510] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2427'.
[  401.006101][T13510] netlink: 'syz.1.2427': attribute type 10 has an invalid length.
[  401.123760][T13510] team0: Cannot enslave team device to itself
[  401.165382][T13444] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  401.241400][T13444] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  401.270010][    C1] ip6_tunnel: # xmit: Local address not yet configured!
[  401.284869][T13444] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  401.296459][T13444] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  401.318452][T13519] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2429'.
[  401.485979][T13444] 8021q: adding VLAN 0 to HW filter on device bond0
[  401.502638][T13521] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2430'.
[  401.506148][T13523] macvlan1: entered promiscuous mode
[  401.525912][T13523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2431'.
[  401.891821][T13523] macvlan1 (unregistering): left promiscuous mode
[  401.960120][T13538] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  402.000433][T13444] 8021q: adding VLAN 0 to HW filter on device team0
[  402.016175][ T9693] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.023438][ T9693] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.078593][ T9693] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.085825][ T9693] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.449016][T13554] xt_CT: No such helper "snmp"
[  402.473774][T13444] 8021q: adding VLAN 0 to HW filter on device batadv0
[  402.606932][T13567] siw: device registration error -23
[  402.630476][ T5853] Bluetooth: hci3: command tx timeout
[  402.764932][T13573] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2446'.
[  402.945195][T13580] xt_hashlimit: max too large, truncated to 1048576
[  402.952715][T13577] syzkaller0: entered promiscuous mode
[  402.952749][T13577] syzkaller0: entered allmulticast mode
[  404.711857][ T5839] Bluetooth: hci3: command tx timeout
[  405.731201][T13444] veth0_vlan: entered promiscuous mode
[  405.774758][T13593] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2453'.
[  405.784077][T13593] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2453'.
[  405.833755][T13444] veth1_vlan: entered promiscuous mode
[  405.874692][T13597] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2454'.
[  405.892652][T13597] netlink: 'syz.2.2454': attribute type 11 has an invalid length.
[  406.063002][T13608] xt_hashlimit: max too large, truncated to 1048576
[  406.133730][T13602] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  406.181490][T13444] veth0_macvtap: entered promiscuous mode
[  406.213418][T13444] veth1_macvtap: entered promiscuous mode
[  406.292528][T13444] batman_adv: batadv0: Interface activated: batadv_slave_0
[  406.337213][T13444] batman_adv: batadv0: Interface activated: batadv_slave_1
[  406.383782][T13444] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  406.407308][T13444] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  406.433070][T13444] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  406.447016][T13444] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.620792][ T9662] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.647414][ T9662] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.684033][T13626] netlink: 'syz.2.2464': attribute type 4 has an invalid length.
[  406.722337][ T9666] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.735255][ T9666] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.786317][T13628] xt_CT: No such helper "pptp"
[  406.791550][ T5853] Bluetooth: hci3: command tx timeout
[  406.851243][T13632] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input10
[  406.965726][T13639] xt_hashlimit: max too large, truncated to 1048576
[  407.040410][T13642] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2398'.
[  407.100082][T13645] xt_CT: No such helper "snmp"
[  407.235047][T13655] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  407.396651][T13657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'.
[  407.465041][T13657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'.
[  407.625257][T13657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'.
[  407.692381][T13673] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2473'.
[  407.705256][T13657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'.
[  407.718069][T13657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'.
[  407.822584][T13677] xt_hashlimit: max too large, truncated to 1048576
[  408.015307][T13684] netlink: 'syz.1.2481': attribute type 1 has an invalid length.
[  408.029155][T13687] netlink: 'syz.0.2483': attribute type 1 has an invalid length.
[  408.082804][T13684] nbd: socks must be embedded in a SOCK_ITEM attr
[  408.090722][T13684] block nbd0: shutting down sockets
[  408.296745][T13698] netlink: 'syz.4.2488': attribute type 29 has an invalid length.
[  408.307459][T13698] netlink: 'syz.4.2488': attribute type 29 has an invalid length.
[  408.692246][T13724] bridge_slave_0: left allmulticast mode
[  408.698124][T13724] bridge_slave_0: left promiscuous mode
[  408.706012][T13724] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.761697][T13724] bridge_slave_1: left allmulticast mode
[  408.767457][T13724] bridge_slave_1: left promiscuous mode
[  408.783922][T13724] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.811292][T13728] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  408.819632][T13728] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  408.853685][T13724] bond0: (slave bond_slave_0): Releasing backup interface
[  408.867536][T13724] bond0: (slave bond_slave_1): Releasing backup interface
[  408.936121][T13724] team0: Port device team_slave_0 removed
[  408.963300][T13724] team0: Port device team_slave_1 removed
[  408.970224][T13724] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  408.977747][T13724] batman_adv: batadv0: Removing interface: batadv_slave_0
[  408.989064][T13724] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  408.997212][T13724] batman_adv: batadv0: Removing interface: batadv_slave_1
[  409.039137][T13726] team0: Mode changed to "loadbalance"
[  409.554785][T13766] syz.1.2507 uses old SIOCAX25GETINFO
[  409.776190][T13779] netlink: 'syz.1.2511': attribute type 1 has an invalid length.
[  409.830287][    C1] ip6_tunnel: # xmit: Local address not yet configured!
[  409.856442][T13779] 8021q: adding VLAN 0 to HW filter on device bond2
[  410.786590][T13838] __nla_validate_parse: 163 callbacks suppressed
[  410.786614][T13838] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2525'.
[  410.919167][T13846] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2528'.
[  410.941799][T13839] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2522'.
[  411.315303][T13864] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.422875][T13864] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.495128][T13858] siw: device registration error -23
[  411.514977][T13869] siw: device registration error -23
[  411.539153][T13864] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.553717][T13876] netlink: 'syz.2.2536': attribute type 9 has an invalid length.
[  411.668255][T13864] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.847959][T13864] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  411.863827][T13864] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  411.880551][T13864] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  411.903478][T13864] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  412.234115][T13899] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2546'.
[  412.291016][T13899] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2546'.
[  412.402982][T13905] lo speed is unknown, defaulting to 1000
[  412.410585][T13905] lo speed is unknown, defaulting to 1000
[  413.514728][T13925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2551'.
[  413.524253][T13925] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2551'.
[  413.597206][T13921] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0)
[  413.683080][T13925] netlink: 'syz.0.2551': attribute type 19 has an invalid length.
[  413.692073][T13921] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[  413.734423][T13932] FAULT_INJECTION: forcing a failure.
[  413.734423][T13932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  413.747815][T13932] CPU: 0 UID: 0 PID: 13932 Comm: syz.2.2555 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  413.747845][T13932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  413.747858][T13932] Call Trace:
[  413.747867][T13932]  <TASK>
[  413.747876][T13932]  dump_stack_lvl+0x241/0x360
[  413.747909][T13932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.747934][T13932]  ? __pfx__printk+0x10/0x10
[  413.747959][T13932]  ? __pfx_lock_release+0x10/0x10
[  413.748002][T13932]  should_fail_ex+0x40a/0x550
[  413.748040][T13932]  _copy_from_user+0x2d/0xb0
[  413.748071][T13932]  copy_msghdr_from_user+0xae/0x680
[  413.748108][T13932]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  413.748136][T13932]  ? __fget_files+0x2a/0x410
[  413.748171][T13932]  ? __fget_files+0x2a/0x410
[  413.748211][T13932]  __sys_sendmsg+0x209/0x350
[  413.748249][T13932]  ? __pfx___sys_sendmsg+0x10/0x10
[  413.748288][T13932]  ? do_sys_openat2+0x17a/0x1d0
[  413.748347][T13932]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  413.748383][T13932]  ? do_syscall_64+0x100/0x230
[  413.748414][T13932]  ? do_syscall_64+0xb6/0x230
[  413.748443][T13932]  do_syscall_64+0xf3/0x230
[  413.748470][T13932]  ? clear_bhb_loop+0x35/0x90
[  413.748505][T13932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.748535][T13932] RIP: 0033:0x7fc21af8d169
[  413.748555][T13932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.748574][T13932] RSP: 002b:00007fc21bd4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  413.748597][T13932] RAX: ffffffffffffffda RBX: 00007fc21b1a5fa0 RCX: 00007fc21af8d169
[  413.748613][T13932] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 0000000000000004
[  413.748626][T13932] RBP: 00007fc21bd4e090 R08: 0000000000000000 R09: 0000000000000000
[  413.748640][T13932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.748652][T13932] R13: 0000000000000000 R14: 00007fc21b1a5fa0 R15: 00007ffda51a0ce8
[  413.748683][T13932]  </TASK>
[  414.120081][T13940] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2557'.
[  414.241167][T13944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2560'.
[  414.283689][T13946] No such timeout policy "syz0"
[  414.342875][T13948] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2563'.
[  414.352025][T13948] sch_tbf: burst 0 is lower than device lo mtu (82) !
[  414.374640][T13948] netlink: 'syz.2.2563': attribute type 6 has an invalid length.
[  414.532353][T13951] lo speed is unknown, defaulting to 1000
[  414.582103][T13951] lo speed is unknown, defaulting to 1000
[  414.877279][T13978] FAULT_INJECTION: forcing a failure.
[  414.877279][T13978] name failslab, interval 1, probability 0, space 0, times 0
[  414.890857][T13978] CPU: 1 UID: 0 PID: 13978 Comm: syz.3.2568 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  414.890887][T13978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  414.890902][T13978] Call Trace:
[  414.890910][T13978]  <TASK>
[  414.890919][T13978]  dump_stack_lvl+0x241/0x360
[  414.890953][T13978]  ? __pfx_dump_stack_lvl+0x10/0x10
[  414.890978][T13978]  ? __pfx__printk+0x10/0x10
[  414.891002][T13978]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  414.891036][T13978]  ? __pfx___might_resched+0x10/0x10
[  414.891070][T13978]  should_fail_ex+0x40a/0x550
[  414.891108][T13978]  should_failslab+0xac/0x100
[  414.891138][T13978]  kmem_cache_alloc_node_noprof+0x77/0x380
[  414.891168][T13978]  ? __alloc_skb+0x1c3/0x440
[  414.891195][T13978]  __alloc_skb+0x1c3/0x440
[  414.891220][T13978]  ? __pfx___alloc_skb+0x10/0x10
[  414.891239][T13978]  ? __rcu_read_unlock+0xa1/0x110
[  414.891272][T13978]  ? netlink_autobind+0xd6/0x2f0
[  414.891303][T13978]  ? netlink_autobind+0x2b0/0x2f0
[  414.891350][T13978]  netlink_sendmsg+0x634/0xcb0
[  414.891398][T13978]  ? __pfx_netlink_sendmsg+0x10/0x10
[  414.891432][T13978]  ? aa_sock_msg_perm+0x91/0x160
[  414.891472][T13978]  ? __pfx_netlink_sendmsg+0x10/0x10
[  414.891500][T13978]  __sock_sendmsg+0x221/0x270
[  414.891533][T13978]  ____sys_sendmsg+0x53a/0x860
[  414.891571][T13978]  ? __pfx_____sys_sendmsg+0x10/0x10
[  414.891597][T13978]  ? __fget_files+0x2a/0x410
[  414.891640][T13978]  ? __fget_files+0x2a/0x410
[  414.891678][T13978]  __sys_sendmsg+0x269/0x350
[  414.891711][T13978]  ? __pfx___sys_sendmsg+0x10/0x10
[  414.891747][T13978]  ? do_sys_openat2+0x17a/0x1d0
[  414.891803][T13978]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  414.891837][T13978]  ? do_syscall_64+0x100/0x230
[  414.891868][T13978]  ? do_syscall_64+0xb6/0x230
[  414.891897][T13978]  do_syscall_64+0xf3/0x230
[  414.891922][T13978]  ? clear_bhb_loop+0x35/0x90
[  414.891957][T13978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.891986][T13978] RIP: 0033:0x7f807418d169
[  414.892005][T13978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  414.892024][T13978] RSP: 002b:00007f8075036038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  414.892048][T13978] RAX: ffffffffffffffda RBX: 00007f80743a5fa0 RCX: 00007f807418d169
[  414.892064][T13978] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 0000000000000004
[  414.892078][T13978] RBP: 00007f8075036090 R08: 0000000000000000 R09: 0000000000000000
[  414.892091][T13978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  414.892103][T13978] R13: 0000000000000000 R14: 00007f80743a5fa0 R15: 00007ffc76cebde8
[  414.892134][T13978]  </TASK>
[  415.540704][T13996] netlink: 'syz.3.2571': attribute type 3 has an invalid length.
[  415.567381][T13996] netlink: 'syz.3.2571': attribute type 1 has an invalid length.
[  415.641665][T14001] vlan4: entered allmulticast mode
[  415.719142][T13997] tipc: Started in network mode
[  415.725481][T13997] tipc: Node identity 263c13d13159, cluster identity 4711
[  415.733156][T13997] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  415.788345][T13995] tipc: Resetting bearer <eth:syzkaller0>
[  416.819727][ T5889] tipc: Node number set to 392500177
[  418.312539][T13995] tipc: Disabling bearer <eth:syzkaller0>
[  418.605110][T14039] __nla_validate_parse: 77 callbacks suppressed
[  418.605134][T14039] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2585'.
[  418.630215][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.639903][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.650455][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.670597][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.683316][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.693234][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.703517][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.713970][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.724077][T14042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2588'.
[  418.847436][T14051] netlink: 'syz.4.2590': attribute type 10 has an invalid length.
[  418.880861][T14051] team0: entered promiscuous mode
[  418.886374][T14051] bridge0: port 1(team0) entered blocking state
[  418.893669][T14051] bridge0: port 1(team0) entered disabled state
[  418.900533][T14051] team0: entered allmulticast mode
[  419.078658][T14057] FAULT_INJECTION: forcing a failure.
[  419.078658][T14057] name failslab, interval 1, probability 0, space 0, times 0
[  419.128769][T14057] CPU: 1 UID: 0 PID: 14057 Comm: syz.4.2595 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  419.128805][T14057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  419.128819][T14057] Call Trace:
[  419.128827][T14057]  <TASK>
[  419.128837][T14057]  dump_stack_lvl+0x241/0x360
[  419.128875][T14057]  ? __pfx_dump_stack_lvl+0x10/0x10
[  419.128902][T14057]  ? __pfx__printk+0x10/0x10
[  419.128928][T14057]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  419.128965][T14057]  ? __pfx___might_resched+0x10/0x10
[  419.129001][T14057]  should_fail_ex+0x40a/0x550
[  419.129041][T14057]  should_failslab+0xac/0x100
[  419.129075][T14057]  kmem_cache_alloc_node_noprof+0x77/0x380
[  419.129117][T14057]  ? __alloc_skb+0x1c3/0x440
[  419.129146][T14057]  __alloc_skb+0x1c3/0x440
[  419.129175][T14057]  ? __pfx___alloc_skb+0x10/0x10
[  419.129204][T14057]  ? netlink_ack_tlv_len+0x6e/0x200
[  419.129240][T14057]  netlink_ack+0x145/0xa60
[  419.129268][T14057]  ? __pfx_lock_acquire+0x10/0x10
[  419.129300][T14057]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  419.129329][T14057]  ? __pfx___might_resched+0x10/0x10
[  419.129369][T14057]  netlink_rcv_skb+0x294/0x480
[  419.129402][T14057]  ? __pfx_genl_rcv_msg+0x10/0x10
[  419.129428][T14057]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  419.129493][T14057]  genl_rcv+0x28/0x40
[  419.129514][T14057]  netlink_unicast+0x7f6/0x990
[  419.129550][T14057]  ? __pfx_netlink_unicast+0x10/0x10
[  419.129575][T14057]  ? __virt_addr_valid+0x45f/0x530
[  419.129598][T14057]  ? __phys_addr_symbol+0x2f/0x70
[  419.129618][T14057]  ? __check_object_size+0x47a/0x730
[  419.129653][T14057]  netlink_sendmsg+0x8de/0xcb0
[  419.129698][T14057]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.129733][T14057]  ? aa_sock_msg_perm+0x91/0x160
[  419.129773][T14057]  ? __pfx_netlink_sendmsg+0x10/0x10
[  419.129803][T14057]  __sock_sendmsg+0x221/0x270
[  419.129839][T14057]  ____sys_sendmsg+0x53a/0x860
[  419.129874][T14057]  ? __pfx_____sys_sendmsg+0x10/0x10
[  419.129893][T14057]  ? __fget_files+0x2a/0x410
[  419.129922][T14057]  ? __fget_files+0x2a/0x410
[  419.129955][T14057]  __sys_sendmsg+0x269/0x350
[  419.129978][T14057]  ? __pfx___sys_sendmsg+0x10/0x10
[  419.130008][T14057]  ? do_sys_openat2+0x17a/0x1d0
[  419.130056][T14057]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  419.130085][T14057]  ? do_syscall_64+0x100/0x230
[  419.130118][T14057]  ? do_syscall_64+0xb6/0x230
[  419.130148][T14057]  do_syscall_64+0xf3/0x230
[  419.130170][T14057]  ? clear_bhb_loop+0x35/0x90
[  419.130204][T14057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.130230][T14057] RIP: 0033:0x7f570c78d169
[  419.130247][T14057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.130261][T14057] RSP: 002b:00007f570d615038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  419.130281][T14057] RAX: ffffffffffffffda RBX: 00007f570c9a5fa0 RCX: 00007f570c78d169
[  419.130294][T14057] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 0000000000000004
[  419.130305][T14057] RBP: 00007f570d615090 R08: 0000000000000000 R09: 0000000000000000
[  419.130317][T14057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.130327][T14057] R13: 0000000000000000 R14: 00007f570c9a5fa0 R15: 00007ffde91b85f8
[  419.130352][T14057]  </TASK>
[  419.460028][T14039] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  419.494191][T14063] openvswitch: netlink: Flow actions attr not present in new flow.
[  419.521134][T14060] netlink: 'syz.1.2592': attribute type 1 has an invalid length.
[  419.589054][T14060] netlink: 'syz.1.2592': attribute type 3 has an invalid length.
[  420.395571][T14097] xt_CT: No such helper "snmp"
[  420.538333][T14117] siw: device registration error -23
[  420.710706][ T5853] Bluetooth: hci0: command 0x0401 tx timeout
[  420.795111][T14130] vlan0: entered allmulticast mode
[  420.822969][T14130] batadv0: entered allmulticast mode
[  420.845763][T14130] batadv0: left allmulticast mode
[  421.112156][ T5892] ip6_tunnel: # xmit: Local address not yet configured!
[  421.598122][T14160] netlink: 'syz.4.2629': attribute type 10 has an invalid length.
[  421.623068][T14160] syz_tun: entered promiscuous mode
[  421.635383][T14160] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  421.696346][T14155] xt_CT: No such helper "snmp"
[  421.824235][T14169] siw: device registration error -23
[  422.026391][T14177] lo speed is unknown, defaulting to 1000
[  422.033676][T14177] lo speed is unknown, defaulting to 1000
[  422.070147][ T5889] ip6_tunnel: # xmit: Local address not yet configured!
[  422.496927][T14192] netlink: 'syz.0.2635': attribute type 2 has an invalid length.
[  422.898962][T14189] lo speed is unknown, defaulting to 1000
[  422.918927][T14204] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  423.105401][T14189] lo speed is unknown, defaulting to 1000
[  423.433986][T14230] FAULT_INJECTION: forcing a failure.
[  423.433986][T14230] name failslab, interval 1, probability 0, space 0, times 0
[  423.449626][T14230] CPU: 0 UID: 0 PID: 14230 Comm: syz.4.2649 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  423.449657][T14230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  423.449672][T14230] Call Trace:
[  423.449679][T14230]  <TASK>
[  423.449688][T14230]  dump_stack_lvl+0x241/0x360
[  423.449734][T14230]  ? __pfx_dump_stack_lvl+0x10/0x10
[  423.449760][T14230]  ? __pfx__printk+0x10/0x10
[  423.449785][T14230]  ? __kmalloc_cache_noprof+0x48/0x390
[  423.449818][T14230]  ? __pfx___might_resched+0x10/0x10
[  423.449852][T14230]  should_fail_ex+0x40a/0x550
[  423.449890][T14230]  should_failslab+0xac/0x100
[  423.449922][T14230]  __kmalloc_cache_noprof+0x70/0x390
[  423.449950][T14230]  ? hash_mac_create+0x2c0/0xf00
[  423.449981][T14230]  hash_mac_create+0x2c0/0xf00
[  423.450008][T14230]  ? __kasan_kmalloc+0x98/0xb0
[  423.450040][T14230]  ? __pfx_hash_mac_create+0x10/0x10
[  423.450068][T14230]  ip_set_create+0xa78/0x1960
[  423.450095][T14230]  ? ip_set_create+0x48a/0x1960
[  423.450124][T14230]  ? __pfx_ip_set_create+0x10/0x10
[  423.450179][T14230]  ? nfnetlink_rcv_msg+0x225/0x1180
[  423.450203][T14230]  nfnetlink_rcv_msg+0xbec/0x1180
[  423.450227][T14230]  ? nfnetlink_rcv_msg+0x225/0x1180
[  423.450274][T14230]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  423.450295][T14230]  ? stack_trace_save+0x118/0x1d0
[  423.450350][T14230]  ? dev_hard_start_xmit+0x27a/0x7d0
[  423.450372][T14230]  ? __dev_queue_xmit+0x1b73/0x3f40
[  423.450395][T14230]  ? __netlink_deliver_tap+0x561/0x7f0
[  423.450424][T14230]  ? netlink_deliver_tap+0x19d/0x1b0
[  423.450452][T14230]  ? netlink_unicast+0x7c4/0x990
[  423.450476][T14230]  ? netlink_sendmsg+0x8de/0xcb0
[  423.450504][T14230]  ? __sock_sendmsg+0x221/0x270
[  423.450531][T14230]  ? ____sys_sendmsg+0x53a/0x860
[  423.450553][T14230]  ? __sys_sendmsg+0x269/0x350
[  423.450592][T14230]  netlink_rcv_skb+0x206/0x480
[  423.450629][T14230]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  423.450655][T14230]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  423.450702][T14230]  ? apparmor_capable+0x13b/0x1b0
[  423.450738][T14230]  ? bpf_lsm_capable+0x9/0x10
[  423.450771][T14230]  ? security_capable+0x7e/0x2d0
[  423.450811][T14230]  nfnetlink_rcv+0x297/0x2ab0
[  423.450841][T14230]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  423.450876][T14230]  ? __dev_queue_xmit+0x2f4/0x3f40
[  423.450904][T14230]  ? __dev_queue_xmit+0x1775/0x3f40
[  423.450929][T14230]  ? kasan_save_track+0x51/0x80
[  423.450960][T14230]  ? ____sys_sendmsg+0x53a/0x860
[  423.450986][T14230]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  423.451009][T14230]  ? __dev_queue_xmit+0x2f4/0x3f40
[  423.451040][T14230]  ? __pfx___dev_queue_xmit+0x10/0x10
[  423.451087][T14230]  ? ref_tracker_free+0x643/0x7e0
[  423.451110][T14230]  ? __asan_memcpy+0x40/0x70
[  423.451131][T14230]  ? __pfx_ref_tracker_free+0x10/0x10
[  423.451171][T14230]  ? netlink_deliver_tap+0x2e/0x1b0
[  423.451199][T14230]  ? skb_clone+0x240/0x390
[  423.451225][T14230]  ? __pfx_lock_release+0x10/0x10
[  423.451259][T14230]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  423.451304][T14230]  ? netlink_deliver_tap+0x2e/0x1b0
[  423.451365][T14230]  netlink_unicast+0x7f6/0x990
[  423.451404][T14230]  ? __pfx_netlink_unicast+0x10/0x10
[  423.451428][T14230]  ? __virt_addr_valid+0x45f/0x530
[  423.451451][T14230]  ? __phys_addr_symbol+0x2f/0x70
[  423.451471][T14230]  ? __check_object_size+0x47a/0x730
[  423.451506][T14230]  netlink_sendmsg+0x8de/0xcb0
[  423.451551][T14230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  423.451588][T14230]  ? aa_sock_msg_perm+0x91/0x160
[  423.451627][T14230]  ? __pfx_netlink_sendmsg+0x10/0x10
[  423.451657][T14230]  __sock_sendmsg+0x221/0x270
[  423.451691][T14230]  ____sys_sendmsg+0x53a/0x860
[  423.451732][T14230]  ? __pfx_____sys_sendmsg+0x10/0x10
[  423.451754][T14230]  ? __fget_files+0x2a/0x410
[  423.451790][T14230]  ? __fget_files+0x2a/0x410
[  423.451833][T14230]  __sys_sendmsg+0x269/0x350
[  423.451864][T14230]  ? __pfx___sys_sendmsg+0x10/0x10
[  423.451903][T14230]  ? do_sys_openat2+0x17a/0x1d0
[  423.451966][T14230]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  423.452002][T14230]  ? do_syscall_64+0x100/0x230
[  423.452033][T14230]  ? do_syscall_64+0xb6/0x230
[  423.452063][T14230]  do_syscall_64+0xf3/0x230
[  423.452090][T14230]  ? clear_bhb_loop+0x35/0x90
[  423.452125][T14230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.452155][T14230] RIP: 0033:0x7f570c78d169
[  423.452174][T14230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  423.452193][T14230] RSP: 002b:00007f570d615038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  423.452217][T14230] RAX: ffffffffffffffda RBX: 00007f570c9a5fa0 RCX: 00007f570c78d169
[  423.452233][T14230] RDX: 000000000400c040 RSI: 0000400000000000 RDI: 0000000000000003
[  423.452248][T14230] RBP: 00007f570d615090 R08: 0000000000000000 R09: 0000000000000000
[  423.452261][T14230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.452273][T14230] R13: 0000000000000000 R14: 00007f570c9a5fa0 R15: 00007ffde91b85f8
[  423.452308][T14230]  </TASK>
[  424.586199][T14250] lo speed is unknown, defaulting to 1000
[  424.696036][T14250] lo speed is unknown, defaulting to 1000
[  425.057152][T14268] bond0: (slave syz_tun): Releasing backup interface
[  425.085984][T14268] bond0: (slave team0): Releasing backup interface
[  425.093392][T14268] bond0: (slave team0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:1a - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  425.126865][T14268] bond0: (slave veth0_to_bond): Releasing backup interface
[  425.159244][T14268] team0: Port device wlan1 removed
[  425.176691][T14268] bond2: (slave vti0): Releasing backup interface
[  425.202818][T14268] bond3: (slave ip6gretap1): Releasing active interface
[  425.502482][T14288] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  426.044186][T14310] sch_tbf: burst 1 is lower than device ip6tnl0 mtu (1452) !
[  426.143426][T14315] xt_hashlimit: max too large, truncated to 1048576
[  426.610281][T14322] xt_CT: No such helper "snmp"
[  426.617728][T14332] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  426.794498][T14338] __nla_validate_parse: 241 callbacks suppressed
[  426.794519][T14338] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2680'.
[  426.830504][T14341] netlink: 'syz.2.2681': attribute type 10 has an invalid length.
[  426.838665][T14341] syz_tun: entered promiscuous mode
[  426.852031][T14341] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  427.089949][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.120097][    C1] ip6_tunnel: # xmit: Local address not yet configured!
[  427.166983][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.293111][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.392713][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.421166][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.497132][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.521477][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.540708][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.554946][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  427.833408][T14383] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  427.854193][T14377] vlan4: entered promiscuous mode
[  427.930144][T14378] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  427.937877][T14378] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  428.033708][T14390] netlink: 'syz.1.2693': attribute type 10 has an invalid length.
[  428.132590][T14396] xt_hashlimit: max too large, truncated to 1048576
[  428.199873][T14390] syz_tun: entered promiscuous mode
[  428.515548][T14420] lo speed is unknown, defaulting to 1000
[  428.527460][T14420] lo speed is unknown, defaulting to 1000
[  428.542783][T14421] siw: device registration error -23
[  428.706906][T14426] lo speed is unknown, defaulting to 1000
[  428.827943][T14426] lo speed is unknown, defaulting to 1000
[  428.834128][T14430] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  429.490607][T14443] netlink: 'syz.3.2713': attribute type 10 has an invalid length.
[  429.521320][T14444] netlink: 'syz.0.2712': attribute type 1 has an invalid length.
[  429.544190][T14446] xt_hashlimit: max too large, truncated to 1048576
[  429.720804][T14455] 
@ÿ: renamed from bond_slave_0
[  430.060990][T14466] netlink: 'syz.0.2720': attribute type 1 has an invalid length.
[  430.111717][T14459] bond0: (slave syz_tun): Releasing backup interface
[  430.138710][T14459] team0: left allmulticast mode
[  430.161047][T14459] bridge0: port 1(team0) entered disabled state
[  430.243234][T14466] 8021q: adding VLAN 0 to HW filter on device bond5
[  430.342200][T14463] bond5: (slave veth7): Enslaving as an active interface with a down link
[  430.758631][T14479] sctp: [Deprecated]: syz.0.2722 (pid 14479) Use of int in maxseg socket option.
[  430.758631][T14479] Use struct sctp_assoc_value instead
[  430.785906][T14483] netlink: 'syz.4.2726': attribute type 13 has an invalid length.
[  430.795770][T14483] netlink: 'syz.4.2726': attribute type 12 has an invalid length.
[  431.000367][T14489] xt_hashlimit: max too large, truncated to 1048576
[  431.032083][T14493] (unnamed net_device) (uninitialized): option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0)
[  431.397080][T14515] netlink: 'syz.3.2737': attribute type 10 has an invalid length.
[  431.819401][T14527] xt_CT: No such helper "snmp"
[  432.224893][T14551] x_tables: duplicate underflow at hook 1
[  432.495483][T14561] xt_CT: No such helper "snmp"
[  432.536864][T14569] siw: device registration error -23
[  432.564523][T14558] xt_CT: No such helper "pptp"
[  432.905639][ T5850] bond0: (slave syz_tun): Releasing backup interface
[  433.239306][T14588] bond0: (slave syz_tun): Releasing backup interface
[  433.259391][T14588] syz_tun: left allmulticast mode
[  433.268717][T14588] bond0: left promiscuous mode
[  433.274434][T14588] bond0: left allmulticast mode
[  433.286654][T14588] team0: Port device bond0 removed
[  433.294887][T14588] team0: left allmulticast mode
[  433.300743][T14588] team0: left promiscuous mode
[  433.306013][T14588] bridge0: port 1(team0) entered disabled state
[  433.348352][T14591] __nla_validate_parse: 180 callbacks suppressed
[  433.348375][T14591] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2765'.
[  433.575207][T14601] netlink: 'syz.3.2767': attribute type 2 has an invalid length.
[  433.584638][T14599] xt_CT: No such helper "snmp"
[  433.608334][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  433.630103][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  433.650115][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  433.673739][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  433.682348][ T5839] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  433.691765][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  433.802123][T14601] sctp: [Deprecated]: syz.3.2767 (pid 14601) Use of struct sctp_assoc_value in delayed_ack socket option.
[  433.802123][T14601] Use struct sctp_sack_info instead
[  433.932073][T14615] ieee802154 phy0 wpan0: encryption failed: -22
[  433.981042][T14602] lo speed is unknown, defaulting to 1000
[  434.015646][T14602] lo speed is unknown, defaulting to 1000
[  434.092915][T14628] xt_hashlimit: max too large, truncated to 1048576
[  434.285149][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.321507][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.351858][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.361059][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.370762][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.387129][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.420872][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.434550][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.444232][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  434.464174][T14602] chnl_net:caif_netlink_parms(): no params data found
[  434.778958][T14663] netlink: 'syz.0.2788': attribute type 1 has an invalid length.
[  434.817073][T14668] xt_hashlimit: max too large, truncated to 1048576
[  434.830544][T14670] FAULT_INJECTION: forcing a failure.
[  434.830544][T14670] name failslab, interval 1, probability 0, space 0, times 0
[  434.843582][T14670] CPU: 0 UID: 0 PID: 14670 Comm: syz.4.2793 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  434.843613][T14670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  434.843627][T14670] Call Trace:
[  434.843636][T14670]  <TASK>
[  434.843644][T14670]  dump_stack_lvl+0x241/0x360
[  434.843678][T14670]  ? __pfx_dump_stack_lvl+0x10/0x10
[  434.843702][T14670]  ? __pfx__printk+0x10/0x10
[  434.843739][T14670]  should_fail_ex+0x40a/0x550
[  434.843777][T14670]  should_failslab+0xac/0x100
[  434.843807][T14670]  ? skb_clone+0x20c/0x390
[  434.843830][T14670]  kmem_cache_alloc_noprof+0x70/0x380
[  434.843873][T14670]  skb_clone+0x20c/0x390
[  434.843902][T14670]  __netlink_deliver_tap+0x3c4/0x7f0
[  434.843944][T14670]  ? netlink_deliver_tap+0x2e/0x1b0
[  434.843973][T14670]  netlink_deliver_tap+0x19d/0x1b0
[  434.844004][T14670]  netlink_unicast+0x7c4/0x990
[  434.844039][T14670]  ? __pfx_netlink_unicast+0x10/0x10
[  434.844064][T14670]  ? __virt_addr_valid+0x45f/0x530
[  434.844085][T14670]  ? __phys_addr_symbol+0x2f/0x70
[  434.844104][T14670]  ? __check_object_size+0x47a/0x730
[  434.844138][T14670]  netlink_sendmsg+0x8de/0xcb0
[  434.844182][T14670]  ? __pfx_netlink_sendmsg+0x10/0x10
[  434.844218][T14670]  ? aa_sock_msg_perm+0x91/0x160
[  434.844257][T14670]  ? __pfx_netlink_sendmsg+0x10/0x10
[  434.844287][T14670]  __sock_sendmsg+0x221/0x270
[  434.844319][T14670]  ____sys_sendmsg+0x53a/0x860
[  434.844352][T14670]  ? __pfx_____sys_sendmsg+0x10/0x10
[  434.844374][T14670]  ? __fget_files+0x2a/0x410
[  434.844408][T14670]  ? __fget_files+0x2a/0x410
[  434.844449][T14670]  __sys_sendmsg+0x269/0x350
[  434.844477][T14670]  ? __pfx___sys_sendmsg+0x10/0x10
[  434.844516][T14670]  ? do_sys_openat2+0x17a/0x1d0
[  434.844581][T14670]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  434.844616][T14670]  ? do_syscall_64+0x100/0x230
[  434.844646][T14670]  ? do_syscall_64+0xb6/0x230
[  434.844676][T14670]  do_syscall_64+0xf3/0x230
[  434.844702][T14670]  ? clear_bhb_loop+0x35/0x90
[  434.844735][T14670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.844764][T14670] RIP: 0033:0x7f570c78d169
[  434.844783][T14670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.844801][T14670] RSP: 002b:00007f570d615038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  434.844824][T14670] RAX: ffffffffffffffda RBX: 00007f570c9a5fa0 RCX: 00007f570c78d169
[  434.844839][T14670] RDX: 000000000400c040 RSI: 0000400000000000 RDI: 0000000000000003
[  434.844853][T14670] RBP: 00007f570d615090 R08: 0000000000000000 R09: 0000000000000000
[  434.844872][T14670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.844885][T14670] R13: 0000000000000000 R14: 00007f570c9a5fa0 R15: 00007ffde91b85f8
[  434.844917][T14670]  </TASK>
[  434.849368][T14602] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.137643][T14602] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.145050][T14602] bridge_slave_0: entered allmulticast mode
[  435.191089][T14602] bridge_slave_0: entered promiscuous mode
[  435.247533][T14663] bond6: entered promiscuous mode
[  435.253829][T14663] 8021q: adding VLAN 0 to HW filter on device bond6
[  435.370173][T14671] 8021q: adding VLAN 0 to HW filter on device bond6
[  435.400747][T14671] bond6: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  435.442283][T14671] bond6: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  435.484809][T14671] bond6: (slave ip6gre1): making interface the new active one
[  435.501878][T14671] ip6gre1: entered promiscuous mode
[  435.508792][T14671] bond6: (slave ip6gre1): Enslaving as an active interface with an up link
[  435.557295][T14602] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.576386][T14602] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.604148][T14602] bridge_slave_1: entered allmulticast mode
[  435.620066][T14602] bridge_slave_1: entered promiscuous mode
[  435.750996][ T5839] Bluetooth: hci4: command tx timeout
[  435.783429][T14686] lo speed is unknown, defaulting to 1000
[  435.802946][T14686] lo speed is unknown, defaulting to 1000
[  435.836366][T14602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  435.952137][T14602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  435.972392][T14700] xt_hashlimit: max too large, truncated to 1048576
[  436.060907][T14702] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  436.198913][T14602] team0: Port device team_slave_0 added
[  436.252007][T14713] FAULT_INJECTION: forcing a failure.
[  436.252007][T14713] name failslab, interval 1, probability 0, space 0, times 0
[  436.340005][T14713] CPU: 0 UID: 0 PID: 14713 Comm: syz.3.2805 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  436.340038][T14713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  436.340052][T14713] Call Trace:
[  436.340060][T14713]  <TASK>
[  436.340070][T14713]  dump_stack_lvl+0x241/0x360
[  436.340103][T14713]  ? __pfx_dump_stack_lvl+0x10/0x10
[  436.340129][T14713]  ? __pfx__printk+0x10/0x10
[  436.340154][T14713]  ? __kmalloc_cache_noprof+0x48/0x390
[  436.340187][T14713]  ? __pfx___might_resched+0x10/0x10
[  436.340223][T14713]  should_fail_ex+0x40a/0x550
[  436.340261][T14713]  should_failslab+0xac/0x100
[  436.340293][T14713]  __kmalloc_cache_noprof+0x70/0x390
[  436.340323][T14713]  ? hash_mac_create+0x2c0/0xf00
[  436.340354][T14713]  hash_mac_create+0x2c0/0xf00
[  436.340385][T14713]  ? __nla_parse+0x40/0x60
[  436.340409][T14713]  ? __pfx_hash_mac_create+0x10/0x10
[  436.340437][T14713]  ip_set_create+0xa78/0x1960
[  436.340465][T14713]  ? ip_set_create+0x48a/0x1960
[  436.340494][T14713]  ? __pfx_ip_set_create+0x10/0x10
[  436.340551][T14713]  ? nfnetlink_rcv_msg+0x225/0x1180
[  436.340576][T14713]  nfnetlink_rcv_msg+0xbec/0x1180
[  436.340601][T14713]  ? nfnetlink_rcv_msg+0x225/0x1180
[  436.340649][T14713]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  436.340733][T14713]  netlink_rcv_skb+0x206/0x480
[  436.340765][T14713]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  436.340791][T14713]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  436.340838][T14713]  ? apparmor_capable+0x13b/0x1b0
[  436.340866][T14713]  ? bpf_lsm_capable+0x9/0x10
[  436.340898][T14713]  ? security_capable+0x7e/0x2d0
[  436.340939][T14713]  nfnetlink_rcv+0x297/0x2ab0
[  436.340962][T14713]  ? __pfx_validate_chain+0x10/0x10
[  436.341003][T14713]  ? mark_lock+0x9a/0x360
[  436.341023][T14713]  ? __pfx_validate_chain+0x10/0x10
[  436.341055][T14713]  ? __lock_acquire+0x1397/0x2100
[  436.341096][T14713]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  436.341125][T14713]  ? mark_lock+0x9a/0x360
[  436.341151][T14713]  ? __lock_acquire+0x1397/0x2100
[  436.341218][T14713]  ? __pfx_lock_release+0x10/0x10
[  436.341251][T14713]  ? netlink_deliver_tap+0x2e/0x1b0
[  436.341283][T14713]  ? __pfx_lock_release+0x10/0x10
[  436.341333][T14713]  ? netlink_deliver_tap+0x2e/0x1b0
[  436.341366][T14713]  netlink_unicast+0x7f6/0x990
[  436.341413][T14713]  ? __pfx_netlink_unicast+0x10/0x10
[  436.341443][T14713]  ? __virt_addr_valid+0x45f/0x530
[  436.341466][T14713]  ? __phys_addr_symbol+0x2f/0x70
[  436.341487][T14713]  ? __check_object_size+0x47a/0x730
[  436.341522][T14713]  netlink_sendmsg+0x8de/0xcb0
[  436.341567][T14713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  436.341604][T14713]  ? aa_sock_msg_perm+0x91/0x160
[  436.341644][T14713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  436.341674][T14713]  __sock_sendmsg+0x221/0x270
[  436.341709][T14713]  ____sys_sendmsg+0x53a/0x860
[  436.341751][T14713]  ? __pfx_____sys_sendmsg+0x10/0x10
[  436.341773][T14713]  ? __fget_files+0x2a/0x410
[  436.341807][T14713]  ? __fget_files+0x2a/0x410
[  436.341846][T14713]  __sys_sendmsg+0x269/0x350
[  436.341875][T14713]  ? __pfx___sys_sendmsg+0x10/0x10
[  436.341914][T14713]  ? do_sys_openat2+0x17a/0x1d0
[  436.341975][T14713]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  436.342010][T14713]  ? do_syscall_64+0x100/0x230
[  436.342041][T14713]  ? do_syscall_64+0xb6/0x230
[  436.342072][T14713]  do_syscall_64+0xf3/0x230
[  436.342098][T14713]  ? clear_bhb_loop+0x35/0x90
[  436.342134][T14713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.342163][T14713] RIP: 0033:0x7f807418d169
[  436.342183][T14713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.342202][T14713] RSP: 002b:00007f8075036038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  436.342227][T14713] RAX: ffffffffffffffda RBX: 00007f80743a5fa0 RCX: 00007f807418d169
[  436.342244][T14713] RDX: 000000000400c040 RSI: 0000400000000000 RDI: 0000000000000003
[  436.342258][T14713] RBP: 00007f8075036090 R08: 0000000000000000 R09: 0000000000000000
[  436.342272][T14713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  436.342285][T14713] R13: 0000000000000000 R14: 00007f80743a5fa0 R15: 00007ffc76cebde8
[  436.342317][T14713]  </TASK>
[  436.782262][T14689] lo speed is unknown, defaulting to 1000
[  436.789199][T14689] lo speed is unknown, defaulting to 1000
[  436.864908][T14602] team0: Port device team_slave_1 added
[  436.947053][T14717] syzkaller1: entered promiscuous mode
[  436.961197][T14717] syzkaller1: entered allmulticast mode
[  436.975740][T14724] veth0_to_bridge: entered promiscuous mode
[  437.122805][T14733] siw: device registration error -23
[  437.200352][T14718] veth0_to_bridge: left promiscuous mode
[  437.211230][T14602] batman_adv: batadv0: Adding interface: batadv_slave_0
[  437.218343][T14602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.259870][T14602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  437.292528][T14602] batman_adv: batadv0: Adding interface: batadv_slave_1
[  437.319028][T14602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.396635][T14602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  437.426391][T14735] lo speed is unknown, defaulting to 1000
[  437.466752][T14735] lo speed is unknown, defaulting to 1000
[  437.518990][T14602] hsr_slave_0: entered promiscuous mode
[  437.534168][T14602] hsr_slave_1: entered promiscuous mode
[  437.541070][T14602] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  437.548677][T14602] Cannot create hsr debugfs directory
[  437.834914][ T5839] Bluetooth: hci4: command tx timeout
[  438.090011][T14754] lo speed is unknown, defaulting to 1000
[  438.097042][T14754] lo speed is unknown, defaulting to 1000
[  438.583834][T14760] siw: device registration error -23
[  438.947531][T14770] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  439.148727][T14774] netlink: 'syz.4.2824': attribute type 2 has an invalid length.
[  439.192694][T14774] fþ: entered promiscuous mode
[  439.217964][T14602] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  439.271661][T14778] FAULT_INJECTION: forcing a failure.
[  439.271661][T14778] name failslab, interval 1, probability 0, space 0, times 0
[  439.291291][T14778] CPU: 1 UID: 0 PID: 14778 Comm: syz.3.2825 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  439.291324][T14778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  439.291338][T14778] Call Trace:
[  439.291345][T14778]  <TASK>
[  439.291353][T14778]  dump_stack_lvl+0x241/0x360
[  439.291386][T14778]  ? __pfx_dump_stack_lvl+0x10/0x10
[  439.291410][T14778]  ? __pfx__printk+0x10/0x10
[  439.291441][T14778]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  439.291473][T14778]  ? __pfx___might_resched+0x10/0x10
[  439.291504][T14778]  should_fail_ex+0x40a/0x550
[  439.291540][T14778]  should_failslab+0xac/0x100
[  439.291569][T14778]  __kmalloc_node_noprof+0xe1/0x4d0
[  439.291597][T14778]  ? __kvmalloc_node_noprof+0x72/0x190
[  439.291637][T14778]  __kvmalloc_node_noprof+0x72/0x190
[  439.291670][T14778]  hash_mac_create+0x312/0xf00
[  439.291701][T14778]  ? __nla_parse+0x40/0x60
[  439.291724][T14778]  ? __pfx_hash_mac_create+0x10/0x10
[  439.291751][T14778]  ip_set_create+0xa78/0x1960
[  439.291778][T14778]  ? ip_set_create+0x48a/0x1960
[  439.291804][T14778]  ? __pfx_ip_set_create+0x10/0x10
[  439.291857][T14778]  ? nfnetlink_rcv_msg+0x225/0x1180
[  439.291881][T14778]  nfnetlink_rcv_msg+0xbec/0x1180
[  439.291904][T14778]  ? nfnetlink_rcv_msg+0x225/0x1180
[  439.291949][T14778]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  439.292023][T14778]  netlink_rcv_skb+0x206/0x480
[  439.292055][T14778]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  439.292080][T14778]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  439.292123][T14778]  ? apparmor_capable+0x13b/0x1b0
[  439.292149][T14778]  ? bpf_lsm_capable+0x9/0x10
[  439.292178][T14778]  ? security_capable+0x7e/0x2d0
[  439.292218][T14778]  nfnetlink_rcv+0x297/0x2ab0
[  439.292244][T14778]  ? __pfx_validate_chain+0x10/0x10
[  439.292282][T14778]  ? mark_lock+0x9a/0x360
[  439.292302][T14778]  ? __pfx_validate_chain+0x10/0x10
[  439.292328][T14778]  ? __lock_acquire+0x1397/0x2100
[  439.292368][T14778]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  439.292395][T14778]  ? mark_lock+0x9a/0x360
[  439.292420][T14778]  ? __lock_acquire+0x1397/0x2100
[  439.292493][T14778]  ? __pfx_lock_release+0x10/0x10
[  439.292526][T14778]  ? netlink_deliver_tap+0x2e/0x1b0
[  439.292557][T14778]  ? __pfx_lock_release+0x10/0x10
[  439.292603][T14778]  ? netlink_deliver_tap+0x2e/0x1b0
[  439.292635][T14778]  netlink_unicast+0x7f6/0x990
[  439.292671][T14778]  ? __pfx_netlink_unicast+0x10/0x10
[  439.292696][T14778]  ? __virt_addr_valid+0x45f/0x530
[  439.292717][T14778]  ? __phys_addr_symbol+0x2f/0x70
[  439.292738][T14778]  ? __check_object_size+0x47a/0x730
[  439.292771][T14778]  netlink_sendmsg+0x8de/0xcb0
[  439.292814][T14778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  439.292850][T14778]  ? aa_sock_msg_perm+0x91/0x160
[  439.292889][T14778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  439.292918][T14778]  __sock_sendmsg+0x221/0x270
[  439.292951][T14778]  ____sys_sendmsg+0x53a/0x860
[  439.292983][T14778]  ? __pfx_____sys_sendmsg+0x10/0x10
[  439.293005][T14778]  ? __fget_files+0x2a/0x410
[  439.293039][T14778]  ? __fget_files+0x2a/0x410
[  439.293079][T14778]  __sys_sendmsg+0x269/0x350
[  439.293108][T14778]  ? __pfx___sys_sendmsg+0x10/0x10
[  439.293145][T14778]  ? do_sys_openat2+0x17a/0x1d0
[  439.293204][T14778]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  439.293238][T14778]  ? do_syscall_64+0x100/0x230
[  439.293267][T14778]  ? do_syscall_64+0xb6/0x230
[  439.293296][T14778]  do_syscall_64+0xf3/0x230
[  439.293322][T14778]  ? clear_bhb_loop+0x35/0x90
[  439.293357][T14778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.293385][T14778] RIP: 0033:0x7f807418d169
[  439.293404][T14778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.293433][T14778] RSP: 002b:00007f8075036038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  439.293457][T14778] RAX: ffffffffffffffda RBX: 00007f80743a5fa0 RCX: 00007f807418d169
[  439.293473][T14778] RDX: 000000000400c040 RSI: 0000400000000000 RDI: 0000000000000003
[  439.293487][T14778] RBP: 00007f8075036090 R08: 0000000000000000 R09: 0000000000000000
[  439.293501][T14778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.293514][T14778] R13: 0000000000000000 R14: 00007f80743a5fa0 R15: 00007ffc76cebde8
[  439.293545][T14778]  </TASK>
[  439.298656][T14602] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  439.616983][T14783] __nla_validate_parse: 147 callbacks suppressed
[  439.617006][T14783] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2828'.
[  439.786513][T14602] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  439.850118][T14602] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  439.910539][ T5839] Bluetooth: hci4: command tx timeout
[  439.916985][T14784] lo speed is unknown, defaulting to 1000
[  440.028754][T14784] lo speed is unknown, defaulting to 1000
[  440.040035][T14788] lo speed is unknown, defaulting to 1000
[  440.057570][T14788] lo speed is unknown, defaulting to 1000
[  440.555529][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  441.420939][T14797] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.429967][T14797] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.438472][T14797] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.448456][T14797] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.706177][T14797] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  441.714857][T14797] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  441.723390][T14797] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  441.731866][T14797] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  441.939041][T14797] syzkaller1: left promiscuous mode
[  441.949546][T14797] syzkaller1: left allmulticast mode
[  441.983664][T14797] bond6: left promiscuous mode
[  441.988488][T14797] ip6gre1: left promiscuous mode
[  441.994262][ T5839] Bluetooth: hci4: command tx timeout
[  442.150218][T14802] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  442.314542][T14823] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  442.338027][T14819] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  442.347178][T14819] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  442.355758][T14819] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  442.364363][T14819] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  442.556786][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.566514][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.576723][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.587390][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.598406][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.609768][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.619677][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.629170][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.639061][T14830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2838'.
[  442.892643][T14602] 8021q: adding VLAN 0 to HW filter on device bond0
[  442.961664][T14602] 8021q: adding VLAN 0 to HW filter on device team0
[  443.056099][ T9670] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.063363][ T9670] bridge0: port 1(bridge_slave_0) entered forwarding state
[  443.131143][T14851] syzkaller0: entered allmulticast mode
[  443.254368][T14851] syzkaller0 (unregistering): left allmulticast mode
[  443.316283][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.323506][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  443.851814][T14602] 8021q: adding VLAN 0 to HW filter on device batadv0
[  443.856720][T14873] xt_hashlimit: max too large, truncated to 1048576
[  443.907933][T14602] veth0_vlan: entered promiscuous mode
[  443.922920][T14602] veth1_vlan: entered promiscuous mode
[  444.014813][T14877] macsec1: entered promiscuous mode
[  444.020202][T14877] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  444.027940][T14877] macsec1: entered allmulticast mode
[  444.037969][T14877] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  444.092158][T14602] veth0_macvtap: entered promiscuous mode
[  444.160022][T14602] veth1_macvtap: entered promiscuous mode
[  444.211548][T14884] netlink: 'syz.3.2855': attribute type 3 has an invalid length.
[  444.259251][T14602] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.305244][T14602] batman_adv: batadv0: Interface activated: batadv_slave_1
[  444.653914][T14889] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  444.836316][T14906] xt_CT: No such helper "snmp"
[  444.918472][T14909] FAULT_INJECTION: forcing a failure.
[  444.918472][T14909] name failslab, interval 1, probability 0, space 0, times 0
[  444.931368][T14909] CPU: 1 UID: 0 PID: 14909 Comm: syz.4.2864 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  444.931398][T14909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  444.931411][T14909] Call Trace:
[  444.931420][T14909]  <TASK>
[  444.931430][T14909]  dump_stack_lvl+0x241/0x360
[  444.931460][T14909]  ? __pfx_dump_stack_lvl+0x10/0x10
[  444.931482][T14909]  ? __pfx__printk+0x10/0x10
[  444.931504][T14909]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  444.931534][T14909]  ? __pfx___might_resched+0x10/0x10
[  444.931566][T14909]  should_fail_ex+0x40a/0x550
[  444.931599][T14909]  should_failslab+0xac/0x100
[  444.931627][T14909]  kmem_cache_alloc_node_noprof+0x77/0x380
[  444.931656][T14909]  ? __alloc_skb+0x1c3/0x440
[  444.931674][T14909]  ? stack_trace_save+0x118/0x1d0
[  444.931702][T14909]  __alloc_skb+0x1c3/0x440
[  444.931727][T14909]  ? __pfx___alloc_skb+0x10/0x10
[  444.931763][T14909]  ? netlink_ack_tlv_len+0x6e/0x200
[  444.931794][T14909]  netlink_ack+0x145/0xa60
[  444.931819][T14909]  ? netlink_sendmsg+0x8de/0xcb0
[  444.931845][T14909]  ? __sock_sendmsg+0x221/0x270
[  444.931870][T14909]  ? __sys_sendmsg+0x269/0x350
[  444.931905][T14909]  netlink_rcv_skb+0x294/0x480
[  444.931933][T14909]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  444.931958][T14909]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  444.931998][T14909]  ? apparmor_capable+0x13b/0x1b0
[  444.932025][T14909]  ? bpf_lsm_capable+0x9/0x10
[  444.932054][T14909]  ? security_capable+0x7e/0x2d0
[  444.932089][T14909]  nfnetlink_rcv+0x297/0x2ab0
[  444.932116][T14909]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  444.932146][T14909]  ? __dev_queue_xmit+0x2f4/0x3f40
[  444.932172][T14909]  ? __dev_queue_xmit+0x1775/0x3f40
[  444.932195][T14909]  ? kasan_save_track+0x51/0x80
[  444.932222][T14909]  ? ____sys_sendmsg+0x53a/0x860
[  444.932246][T14909]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  444.932267][T14909]  ? __dev_queue_xmit+0x2f4/0x3f40
[  444.932294][T14909]  ? __pfx___dev_queue_xmit+0x10/0x10
[  444.932332][T14909]  ? ref_tracker_free+0x643/0x7e0
[  444.932353][T14909]  ? __asan_memcpy+0x40/0x70
[  444.932372][T14909]  ? __pfx_ref_tracker_free+0x10/0x10
[  444.932407][T14909]  ? netlink_deliver_tap+0x2e/0x1b0
[  444.932433][T14909]  ? skb_clone+0x240/0x390
[  444.932456][T14909]  ? __pfx_lock_release+0x10/0x10
[  444.932488][T14909]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  444.932526][T14909]  ? netlink_deliver_tap+0x2e/0x1b0
[  444.932556][T14909]  netlink_unicast+0x7f6/0x990
[  444.932589][T14909]  ? __pfx_netlink_unicast+0x10/0x10
[  444.932612][T14909]  ? __virt_addr_valid+0x45f/0x530
[  444.932632][T14909]  ? __phys_addr_symbol+0x2f/0x70
[  444.932651][T14909]  ? __check_object_size+0x47a/0x730
[  444.932682][T14909]  netlink_sendmsg+0x8de/0xcb0
[  444.932722][T14909]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.932765][T14909]  ? aa_sock_msg_perm+0x91/0x160
[  444.932802][T14909]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.932829][T14909]  __sock_sendmsg+0x221/0x270
[  444.932859][T14909]  ____sys_sendmsg+0x53a/0x860
[  444.932890][T14909]  ? __pfx_____sys_sendmsg+0x10/0x10
[  444.932910][T14909]  ? __fget_files+0x2a/0x410
[  444.932942][T14909]  ? __fget_files+0x2a/0x410
[  444.932978][T14909]  __sys_sendmsg+0x269/0x350
[  444.933005][T14909]  ? __pfx___sys_sendmsg+0x10/0x10
[  444.933041][T14909]  ? do_sys_openat2+0x17a/0x1d0
[  444.933095][T14909]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  444.933128][T14909]  ? do_syscall_64+0x100/0x230
[  444.933156][T14909]  ? do_syscall_64+0xb6/0x230
[  444.933182][T14909]  do_syscall_64+0xf3/0x230
[  444.933207][T14909]  ? clear_bhb_loop+0x35/0x90
[  444.933239][T14909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.933268][T14909] RIP: 0033:0x7f570c78d169
[  444.933287][T14909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.933305][T14909] RSP: 002b:00007f570d615038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  444.933327][T14909] RAX: ffffffffffffffda RBX: 00007f570c9a5fa0 RCX: 00007f570c78d169
[  444.933342][T14909] RDX: 000000000400c040 RSI: 0000400000000000 RDI: 0000000000000003
[  444.933356][T14909] RBP: 00007f570d615090 R08: 0000000000000000 R09: 0000000000000000
[  444.933368][T14909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  444.933380][T14909] R13: 0000000000000000 R14: 00007f570c9a5fa0 R15: 00007ffde91b85f8
[  444.933410][T14909]  </TASK>
[  445.190244][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  445.639743][T14920] netlink: 'syz.3.2868': attribute type 2 has an invalid length.
[  447.639287][T14602] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  447.649786][T14602] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  447.658539][T14602] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  447.667596][T14602] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  448.045122][ T9666] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.063240][ T9666] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.110707][ T9698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.118619][ T9698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.287440][T14946] __nla_validate_parse: 74 callbacks suppressed
[  448.287462][T14946] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2759'.
[  448.415107][T14951] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2879'.
[  448.435221][T14953] xt_hashlimit: max too large, truncated to 1048576
[  448.484928][T14951] wlan1: mtu greater than device maximum
[  448.498214][T14951] team0: Device wlan1 failed to change mtu
[  448.533579][T14955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2882'.
[  448.627869][T14958] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2884'.
[  448.733552][T14966] openvswitch: netlink: Actions may not be safe on all matching packets
[  449.236475][T14980] xt_CT: No such helper "snmp"
[  449.672251][T15001] sctp: [Deprecated]: syz.2.2897 (pid 15001) Use of struct sctp_assoc_value in delayed_ack socket option.
[  449.672251][T15001] Use struct sctp_sack_info instead
[  449.705132][T14983] lo speed is unknown, defaulting to 1000
[  449.869740][T14983] lo speed is unknown, defaulting to 1000
[  450.009038][T15011] xt_hashlimit: max too large, truncated to 1048576
[  450.016341][T15015] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2901'.
[  450.389888][T14985] lo speed is unknown, defaulting to 1000
[  450.396602][T14985] lo speed is unknown, defaulting to 1000
[  450.741419][T15030] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2905'.
[  450.892817][T15034] xt_CT: No such helper "snmp"
[  451.724068][T15057] netlink: 'syz.4.2914': attribute type 1 has an invalid length.
[  451.762143][T15057] 8021q: adding VLAN 0 to HW filter on device bond1
[  451.806772][T15060] bond1: (slave ip6gretap1): making interface the new active one
[  451.816293][T15060] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  451.831902][T15057] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2914'.
[  451.846275][T15057] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2914'.
[  452.200439][T15077] netlink: 'syz.4.2919': attribute type 5 has an invalid length.
[  452.294307][T15077] IPVS: length: 78 != 934344
[  452.431118][T15080] netlink: 'syz.2.2921': attribute type 35 has an invalid length.
[  452.856397][T15092] netlink: 'syz.3.2925': attribute type 39 has an invalid length.
[  453.410033][T15117] lo speed is unknown, defaulting to 1000
[  453.421247][T15117] lo speed is unknown, defaulting to 1000
[  453.906146][T15127] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  454.074303][T15128] lo speed is unknown, defaulting to 1000
[  454.081808][T15128] lo speed is unknown, defaulting to 1000
[  454.694346][T15159] atomic_op ffff88805ba5f198 conn xmit_atomic 0000000000000000
[  454.736670][T15161] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2947'.
[  454.770373][T15161] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2947'.
[  454.928416][T15167] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2951'.
[  454.989767][T15166] sch_tbf: burst 3631 is lower than device lo mtu (65550) !
[  455.112773][T15173] netlink: 'syz.4.2954': attribute type 4 has an invalid length.
[  455.123344][T15173] netlink: 3581 bytes leftover after parsing attributes in process `syz.4.2954'.
[  455.363512][T15181] ip6tnl1: entered promiscuous mode
[  455.369032][T15181] ip6tnl1: entered allmulticast mode
[  455.414239][T15184] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2956'.
[  455.526312][T15188] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2958'.
[  455.649026][T15176] lo speed is unknown, defaulting to 1000
[  455.735422][T15199] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2962'.
[  455.879278][T15176] lo speed is unknown, defaulting to 1000
[  455.890832][T15206] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  455.910316][ T5853] Bluetooth: hci4: command 0x0405 tx timeout
[  456.151432][T15222] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2971'.
[  456.732420][ T5888] IPVS: starting estimator thread 0...
[  456.755619][T15233] lo: entered promiscuous mode
[  456.879947][T15241] IPVS: using max 21 ests per chain, 50400 per kthread
[  457.408596][T15261] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2985'.
[  457.430081][T15266] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.523580][T15261] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2985'.
[  458.008773][T15290] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  458.565364][T15304] FAULT_INJECTION: forcing a failure.
[  458.565364][T15304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  458.583630][T15304] CPU: 0 UID: 0 PID: 15304 Comm: syz.1.3008 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  458.583664][T15304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  458.583678][T15304] Call Trace:
[  458.583686][T15304]  <TASK>
[  458.583695][T15304]  dump_stack_lvl+0x241/0x360
[  458.583735][T15304]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.583759][T15304]  ? __pfx__printk+0x10/0x10
[  458.583784][T15304]  ? __pfx_lock_release+0x10/0x10
[  458.583826][T15304]  should_fail_ex+0x40a/0x550
[  458.583864][T15304]  _copy_from_user+0x2d/0xb0
[  458.583894][T15304]  get_timespec64+0x97/0x280
[  458.583930][T15304]  ? __pfx_get_timespec64+0x10/0x10
[  458.583963][T15304]  ? trace_sys_enter+0x74/0x120
[  458.583991][T15304]  __x64_sys_nanosleep+0xc5/0x2d0
[  458.584017][T15304]  ? __might_fault+0xc6/0x120
[  458.584037][T15304]  ? __pfx___x64_sys_nanosleep+0x10/0x10
[  458.584061][T15304]  ? trace_sys_enter+0x74/0x120
[  458.584080][T15304]  ? rcu_is_watching+0x15/0xb0
[  458.584106][T15304]  ? trace_sys_enter+0x25/0x120
[  458.584132][T15304]  do_syscall_64+0xf3/0x230
[  458.584160][T15304]  ? clear_bhb_loop+0x35/0x90
[  458.584193][T15304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.584222][T15304] RIP: 0033:0x7fb64c58d169
[  458.584240][T15304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.584258][T15304] RSP: 002b:00007fb64d321038 EFLAGS: 00000246 ORIG_RAX: 0000000000000023
[  458.584282][T15304] RAX: ffffffffffffffda RBX: 00007fb64c7a6080 RCX: 00007fb64c58d169
[  458.584298][T15304] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000080
[  458.584312][T15304] RBP: 00007fb64d321090 R08: 0000000000000000 R09: 0000000000000000
[  458.584325][T15304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.584338][T15304] R13: 0000000000000000 R14: 00007fb64c7a6080 R15: 00007ffccbf030b8
[  458.584370][T15304]  </TASK>
[  458.810259][T15309] netlink: 'syz.3.2999': attribute type 1 has an invalid length.
[  458.826421][T15309] netlink: 'syz.3.2999': attribute type 3 has an invalid length.
[  459.127259][T15326] IPVS: set_ctl: invalid protocol: 94 224.0.0.2:20002
[  460.447968][T15331] lo speed is unknown, defaulting to 1000
[  460.627258][T15354] __nla_validate_parse: 93 callbacks suppressed
[  460.627284][T15354] netlink: 124 bytes leftover after parsing attributes in process `syz.0.3015'.
[  460.715409][T15331] lo speed is unknown, defaulting to 1000
[  460.868684][T15358] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.254349][T15370] siw: device registration error -23
[  461.454962][T15388] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3027'.
[  461.511807][T15388] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3027'.
[  461.747344][T15398] syzkaller0: entered promiscuous mode
[  461.753416][T15398] syzkaller0: entered allmulticast mode
[  461.841666][T15401] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3032'.
[  462.685507][T15411] xt_CT: No such helper "snmp"
[  464.434377][T15418] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  464.726774][T15424] sctp: [Deprecated]: syz.0.3041 (pid 15424) Use of int in max_burst socket option deprecated.
[  464.726774][T15424] Use struct sctp_assoc_value instead
[  464.833645][T15434] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3046'.
[  464.889849][T15432] syz_tun: left promiscuous mode
[  464.933263][T15432] team0: left promiscuous mode
[  465.082708][T15444] xt_hashlimit: max too large, truncated to 1048576
[  465.130761][T15432] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.139223][T15432] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.148635][T15432] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.158521][T15432] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.195056][T15432] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  465.203887][T15432] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  465.212703][T15432] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  465.221763][T15432] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  465.336864][T15438] siw: device registration error -23
[  465.474505][T15455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3052'.
[  465.484733][T15455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3052'.
[  465.494814][T15455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3052'.
[  465.505230][T15455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3052'.
[  465.515664][T15455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3052'.
[  465.538695][T15455] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.546085][T15455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  465.732465][T15458] pimreg: entered allmulticast mode
[  465.756746][T15466] 8021q: VLANs not supported on pimreg
[  465.795765][T15458] netlink: 'syz.1.3051': attribute type 1 has an invalid length.
[  465.805740][T15465] siw: device registration error -23
[  465.815313][T15458] __nla_validate_parse: 61 callbacks suppressed
[  465.815334][T15458] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3051'.
[  465.850158][T15466] pimreg: left allmulticast mode
[  465.964910][T15475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3060'.
[  466.031918][T15477] FAULT_INJECTION: forcing a failure.
[  466.031918][T15477] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  466.045362][T15477] CPU: 0 UID: 0 PID: 15477 Comm: syz.3.3061 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  466.045391][T15477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  466.045405][T15477] Call Trace:
[  466.045413][T15477]  <TASK>
[  466.045422][T15477]  dump_stack_lvl+0x241/0x360
[  466.045456][T15477]  ? __pfx_dump_stack_lvl+0x10/0x10
[  466.045480][T15477]  ? __pfx__printk+0x10/0x10
[  466.045504][T15477]  ? __pfx_lock_release+0x10/0x10
[  466.045547][T15477]  should_fail_ex+0x40a/0x550
[  466.045585][T15477]  _copy_from_user+0x2d/0xb0
[  466.045614][T15477]  copy_msghdr_from_user+0xae/0x680
[  466.045651][T15477]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  466.045679][T15477]  ? __fget_files+0x2a/0x410
[  466.045714][T15477]  ? __fget_files+0x2a/0x410
[  466.045754][T15477]  __sys_sendmsg+0x209/0x350
[  466.045784][T15477]  ? __pfx___sys_sendmsg+0x10/0x10
[  466.045821][T15477]  ? do_sys_openat2+0x17a/0x1d0
[  466.045879][T15477]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  466.045914][T15477]  ? do_syscall_64+0x100/0x230
[  466.045943][T15477]  ? do_syscall_64+0xb6/0x230
[  466.045973][T15477]  do_syscall_64+0xf3/0x230
[  466.046000][T15477]  ? clear_bhb_loop+0x35/0x90
[  466.046035][T15477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.046077][T15477] RIP: 0033:0x7f807418d169
[  466.046096][T15477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.046115][T15477] RSP: 002b:00007f8075036038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  466.046139][T15477] RAX: ffffffffffffffda RBX: 00007f80743a5fa0 RCX: 00007f807418d169
[  466.046155][T15477] RDX: 0000000000044080 RSI: 00004000000000c0 RDI: 0000000000000003
[  466.046170][T15477] RBP: 00007f8075036090 R08: 0000000000000000 R09: 0000000000000000
[  466.046184][T15477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  466.046197][T15477] R13: 0000000000000000 R14: 00007f80743a5fa0 R15: 00007ffc76cebde8
[  466.046228][T15477]  </TASK>
[  466.640799][T15494] netlink: 'syz.3.3065': attribute type 10 has an invalid length.
[  466.719817][T15494] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3065'.
[  466.786486][T15502] xt_CT: No such helper "snmp"
[  466.914503][T15494] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  466.950080][T15494] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  466.972932][T15494] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.000862][T15494] team0: Failed to send port change of device geneve0 via netlink (err -105)
[  467.011806][T15494] team0: Failed to send options change via netlink (err -105)
[  467.042803][T15494] team0: Port device geneve0 added
[  467.053048][T15520] netlink: 'syz.2.3071': attribute type 1 has an invalid length.
[  467.106977][T15496] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.165494][T15518] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3071'.
[  467.166552][T15520] 8021q: adding VLAN 0 to HW filter on device bond1
[  467.370661][T15496] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.503374][T15535] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3079'.
[  467.524385][T15535] Cannot find del_set index 2416 as target
[  467.558722][T15512] geneve2: entered promiscuous mode
[  467.569746][T15512] geneve2: entered allmulticast mode
[  467.580570][T15512] bond1: (slave geneve2): making interface the new active one
[  467.590525][T15512] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  467.605282][T15518] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  467.663586][T15518] batman_adv: batadv0: Removing interface: batadv_slave_1
[  467.796768][T15515] lo speed is unknown, defaulting to 1000
[  467.826414][T15496] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.906152][T15515] lo speed is unknown, defaulting to 1000
[  467.970120][T15507] lo speed is unknown, defaulting to 1000
[  468.027236][T15507] lo speed is unknown, defaulting to 1000
[  468.364283][T15496] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  468.427690][T15496] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  468.488415][T15496] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  468.547125][T15496] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  468.667436][T15563] xt_hashlimit: max too large, truncated to 1048576
[  468.814371][T15567] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3093'.
[  468.865946][T15569] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3092'.
[  468.875377][T15569] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3092'.
[  469.149003][T15573] lo speed is unknown, defaulting to 1000
[  469.171268][T15573] lo speed is unknown, defaulting to 1000
[  469.196087][T15577] siw: device registration error -23
[  470.085844][T15604] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.093442][T15604] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.218781][T15604] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  470.442794][T15604] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  470.452503][T15604] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  470.461754][T15604] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  470.471015][T15604] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  470.482463][T15604] geneve2: left promiscuous mode
[  470.487478][T15604] geneve2: left allmulticast mode
[  470.800455][T15624] siw: device registration error -23
[  470.898298][T15629] openvswitch: netlink: Missing valid actions attribute.
[  470.907065][T15629] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  471.125350][T15635] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3116'.
[  471.142182][T15635] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3116'.
[  471.346699][T15640] lo speed is unknown, defaulting to 1000
[  471.354242][T15640] lo speed is unknown, defaulting to 1000
[  472.224479][T15653] syz_tun: left promiscuous mode
[  472.528025][T15654] netlink: 'syz.0.3122': attribute type 10 has an invalid length.
[  472.600876][T15654] netlink: 'syz.0.3122': attribute type 10 has an invalid length.
[  472.627941][T15654] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3122'.
[  472.815676][T15663] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.3122'.
[  473.305852][T15665] xt_CT: No such helper "snmp"
[  473.654683][T15688] siw: device registration error -23
[  473.672618][T15696] xt_hashlimit: max too large, truncated to 1048576
[  473.735029][T15691] lo speed is unknown, defaulting to 1000
[  473.754291][T15691] lo speed is unknown, defaulting to 1000
[  474.535657][T15718] FAULT_INJECTION: forcing a failure.
[  474.535657][T15718] name failslab, interval 1, probability 0, space 0, times 0
[  474.548826][T15718] CPU: 0 UID: 0 PID: 15718 Comm: syz.2.3147 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  474.548853][T15718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  474.548865][T15718] Call Trace:
[  474.548873][T15718]  <TASK>
[  474.548883][T15718]  dump_stack_lvl+0x241/0x360
[  474.548914][T15718]  ? __pfx_dump_stack_lvl+0x10/0x10
[  474.548938][T15718]  ? __pfx__printk+0x10/0x10
[  474.548963][T15718]  ? fs_reclaim_acquire+0x93/0x130
[  474.548987][T15718]  ? __pfx___might_resched+0x10/0x10
[  474.549014][T15718]  ? dynamic_dname+0x144/0x1b0
[  474.549039][T15718]  should_fail_ex+0x40a/0x550
[  474.549076][T15718]  should_failslab+0xac/0x100
[  474.549106][T15718]  __kmalloc_noprof+0xdd/0x4c0
[  474.549135][T15718]  ? tomoyo_encode+0x26f/0x540
[  474.549161][T15718]  tomoyo_encode+0x26f/0x540
[  474.549184][T15718]  ? __pfx_sockfs_dname+0x10/0x10
[  474.549215][T15718]  tomoyo_realpath_from_path+0x59e/0x5e0
[  474.549252][T15718]  tomoyo_path_number_perm+0x239/0x770
[  474.549281][T15718]  ? __lock_acquire+0x1397/0x2100
[  474.549318][T15718]  ? tomoyo_path_number_perm+0x209/0x770
[  474.549350][T15718]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  474.549424][T15718]  ? __fget_files+0x2a/0x410
[  474.549463][T15718]  ? __fget_files+0x2a/0x410
[  474.549496][T15718]  security_file_ioctl+0xc6/0x2a0
[  474.549525][T15718]  __se_sys_ioctl+0x46/0x170
[  474.549551][T15718]  do_syscall_64+0xf3/0x230
[  474.549578][T15718]  ? clear_bhb_loop+0x35/0x90
[  474.549621][T15718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.549650][T15718] RIP: 0033:0x7fc91858d169
[  474.549669][T15718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.549687][T15718] RSP: 002b:00007fc91949b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  474.549709][T15718] RAX: ffffffffffffffda RBX: 00007fc9187a5fa0 RCX: 00007fc91858d169
[  474.549724][T15718] RDX: 0000400000000000 RSI: 0000000000008b07 RDI: 0000000000000006
[  474.549738][T15718] RBP: 00007fc91949b090 R08: 0000000000000000 R09: 0000000000000000
[  474.549751][T15718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.549764][T15718] R13: 0000000000000000 R14: 00007fc9187a5fa0 R15: 00007fff17ebf508
[  474.549795][T15718]  </TASK>
[  474.879722][T15718] ERROR: Out of memory at tomoyo_realpath_from_path.
[  474.893772][T15730] FAULT_INJECTION: forcing a failure.
[  474.893772][T15730] name failslab, interval 1, probability 0, space 0, times 0
[  474.907022][T15730] CPU: 0 UID: 0 PID: 15730 Comm: syz.4.3151 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  474.907054][T15730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  474.907068][T15730] Call Trace:
[  474.907076][T15730]  <TASK>
[  474.907085][T15730]  dump_stack_lvl+0x241/0x360
[  474.907119][T15730]  ? __pfx_dump_stack_lvl+0x10/0x10
[  474.907144][T15730]  ? __pfx__printk+0x10/0x10
[  474.907169][T15730]  ? __kmalloc_cache_noprof+0x48/0x390
[  474.907202][T15730]  ? __pfx___might_resched+0x10/0x10
[  474.907238][T15730]  should_fail_ex+0x40a/0x550
[  474.907277][T15730]  should_failslab+0xac/0x100
[  474.907308][T15730]  __kmalloc_cache_noprof+0x70/0x390
[  474.907338][T15730]  ? tcf_block_get_ext+0x145/0x1670
[  474.907373][T15730]  tcf_block_get_ext+0x145/0x1670
[  474.907413][T15730]  ? lockdep_rtnl_is_held+0x26/0x40
[  474.907444][T15730]  clsact_init+0x30d/0x760
[  474.907478][T15730]  ? __pfx_clsact_init+0x10/0x10
[  474.907504][T15730]  ? qdisc_alloc+0x7dd/0xa80
[  474.907542][T15730]  ? __pfx_clsact_init+0x10/0x10
[  474.907569][T15730]  qdisc_create+0xaf0/0x12b0
[  474.907594][T15730]  ? bpf_trace_run2+0x1fc/0x540
[  474.907641][T15730]  ? __pfx_qdisc_create+0x10/0x10
[  474.907678][T15730]  tc_modify_qdisc+0x17ce/0x2420
[  474.907733][T15730]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  474.907757][T15730]  ? __mutex_lock+0x397/0x1010
[  474.907821][T15730]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  474.907850][T15730]  rtnetlink_rcv_msg+0x73f/0xcf0
[  474.907880][T15730]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  474.907912][T15730]  ? __lock_acquire+0x1397/0x2100
[  474.907947][T15730]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  474.907997][T15730]  netlink_rcv_skb+0x206/0x480
[  474.908030][T15730]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  474.908064][T15730]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  474.908110][T15730]  ? netlink_deliver_tap+0x2e/0x1b0
[  474.908137][T15730]  netlink_unicast+0x7f6/0x990
[  474.908167][T15730]  ? __pfx_netlink_unicast+0x10/0x10
[  474.908187][T15730]  ? __virt_addr_valid+0x45f/0x530
[  474.908205][T15730]  ? __phys_addr_symbol+0x2f/0x70
[  474.908221][T15730]  ? __check_object_size+0x47a/0x730
[  474.908249][T15730]  netlink_sendmsg+0x8de/0xcb0
[  474.908284][T15730]  ? __pfx_netlink_sendmsg+0x10/0x10
[  474.908314][T15730]  ? aa_sock_msg_perm+0x91/0x160
[  474.908345][T15730]  ? __pfx_netlink_sendmsg+0x10/0x10
[  474.908370][T15730]  __sock_sendmsg+0x221/0x270
[  474.908397][T15730]  ____sys_sendmsg+0x53a/0x860
[  474.908424][T15730]  ? __pfx_____sys_sendmsg+0x10/0x10
[  474.908441][T15730]  ? __fget_files+0x2a/0x410
[  474.908469][T15730]  ? __fget_files+0x2a/0x410
[  474.908501][T15730]  __sys_sendmsg+0x269/0x350
[  474.908525][T15730]  ? __pfx___sys_sendmsg+0x10/0x10
[  474.908554][T15730]  ? do_sys_openat2+0x17a/0x1d0
[  474.908601][T15730]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  474.908634][T15730]  ? do_syscall_64+0x100/0x230
[  474.908658][T15730]  ? do_syscall_64+0xb6/0x230
[  474.908682][T15730]  do_syscall_64+0xf3/0x230
[  474.908703][T15730]  ? clear_bhb_loop+0x35/0x90
[  474.908730][T15730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.908754][T15730] RIP: 0033:0x7f570c78d169
[  474.908770][T15730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.908785][T15730] RSP: 002b:00007f570d615038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  474.908804][T15730] RAX: ffffffffffffffda RBX: 00007f570c9a5fa0 RCX: 00007f570c78d169
[  474.908817][T15730] RDX: 0000000000044080 RSI: 00004000000000c0 RDI: 0000000000000003
[  474.908829][T15730] RBP: 00007f570d615090 R08: 0000000000000000 R09: 0000000000000000
[  474.908839][T15730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.908850][T15730] R13: 0000000000000000 R14: 00007f570c9a5fa0 R15: 00007ffde91b85f8
[  474.908876][T15730]  </TASK>
[  474.975240][T15731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3145'.
[  475.331625][T15731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3145'.
[  475.351353][T15731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3145'.
[  475.399693][T15731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3145'.
[  475.429612][ T5839] Bluetooth: hci4: command 0x0405 tx timeout
[  475.439269][T15731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3145'.
[  475.458951][T15731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3145'.
[  475.683002][T15745] xt_hashlimit: max too large, truncated to 1048576
[  475.761148][T15747] siw: device registration error -23
[  476.219070][T13444] ------------[ cut here ]------------
[  476.225294][T13444] refcount_t: underflow; use-after-free.
[  476.232011][T13444] WARNING: CPU: 0 PID: 13444 at lib/refcount.c:28 refcount_warn_saturate+0x15a/0x1d0
[  476.242636][T13444] Modules linked in:
[  476.246601][T13444] CPU: 0 UID: 0 PID: 13444 Comm: syz-executor Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  476.257826][T13444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  476.261676][T15771] FAULT_INJECTION: forcing a failure.
[  476.261676][T15771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  476.268370][T13444] RIP: 0010:refcount_warn_saturate+0x15a/0x1d0
[  476.281634][T15771] CPU: 1 UID: 0 PID: 15771 Comm: syz.2.3169 Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  476.281665][T15771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  476.281680][T15771] Call Trace:
[  476.281688][T15771]  <TASK>
[  476.281699][T15771]  dump_stack_lvl+0x241/0x360
[  476.281731][T15771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  476.281758][T15771]  ? __pfx__printk+0x10/0x10
[  476.281783][T15771]  ? __pfx_lock_release+0x10/0x10
[  476.281815][T15771]  ? tomoyo_path_number_perm+0x65d/0x770
[  476.281847][T15771]  ? __lock_acquire+0x1397/0x2100
[  476.281887][T15771]  should_fail_ex+0x40a/0x550
[  476.281926][T15771]  _copy_from_user+0x2d/0xb0
[  476.281958][T15771]  wext_handle_ioctl+0xef/0x280
[  476.281992][T15771]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  476.282041][T15771]  sock_ioctl+0x17c/0x8e0
[  476.282072][T15771]  ? __pfx_sock_ioctl+0x10/0x10
[  476.282101][T15771]  ? __fget_files+0x2a/0x410
[  476.282137][T15771]  ? __fget_files+0x2a/0x410
[  476.282174][T15771]  ? __pfx_sock_ioctl+0x10/0x10
[  476.282234][T15771]  __se_sys_ioctl+0xf5/0x170
[  476.282263][T15771]  do_syscall_64+0xf3/0x230
[  476.282292][T15771]  ? clear_bhb_loop+0x35/0x90
[  476.282327][T15771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.282363][T15771] RIP: 0033:0x7fc91858d169
[  476.282384][T15771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.282403][T15771] RSP: 002b:00007fc91949b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  476.282428][T15771] RAX: ffffffffffffffda RBX: 00007fc9187a5fa0 RCX: 00007fc91858d169
[  476.282444][T15771] RDX: 0000400000000000 RSI: 0000000000008b07 RDI: 0000000000000006
[  476.282458][T15771] RBP: 00007fc91949b090 R08: 0000000000000000 R09: 0000000000000000
[  476.282472][T15771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.282485][T15771] R13: 0000000000000000 R14: 00007fc9187a5fa0 R15: 00007fff17ebf508
[  476.282518][T15771]  </TASK>
[  476.488193][T13444] Code: c0 b2 80 8c e8 27 21 8c fc 90 0f 0b 90 90 eb 99 e8 9b 64 cc fc c6 05 e9 ac 31 0b 01 90 48 c7 c7 20 b3 80 8c e8 07 21 8c fc 90 <0f> 0b 90 90 e9 76 ff ff ff e8 78 64 cc fc c6 05 c3 ac 31 0b 01 90
[  476.508255][T13444] RSP: 0018:ffffc90003a67738 EFLAGS: 00010246
[  476.514459][T13444] RAX: 3aecb7159c9ddb00 RBX: ffff888032f16878 RCX: ffff888058909e00
[  476.522866][T13444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  476.530977][T13444] RBP: 0000000000000003 R08: ffffffff81819e32 R09: fffffbfff1d3a67c
[  476.539003][T13444] R10: dffffc0000000000 R11: fffffbfff1d3a67c R12: ffff888032f16860
[  476.547443][T13444] R13: ffffffff8638bc20 R14: 1ffff110065e2d0c R15: ffff888032f16860
[  476.555571][T13444] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  476.564941][T13444] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  476.571658][T13444] CR2: 00007fc918572c20 CR3: 000000000e938000 CR4: 00000000003526f0
[  476.580034][T13444] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  476.588055][T13444] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  476.596335][T13444] Call Trace:
[  476.600040][T13444]  <TASK>
[  476.603033][T13444]  ? __warn+0x165/0x4d0
[  476.607235][T13444]  ? refcount_warn_saturate+0x15a/0x1d0
[  476.612895][T13444]  ? report_bug+0x2b3/0x500
[  476.617453][T13444]  ? refcount_warn_saturate+0x15a/0x1d0
[  476.623472][T13444]  ? handle_bug+0x60/0x90
[  476.627954][T13444]  ? exc_invalid_op+0x1a/0x50
[  476.632781][T13444]  ? asm_exc_invalid_op+0x1a/0x20
[  476.637860][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  476.643881][T13444]  ? __warn_printk+0x292/0x360
[  476.648704][T13444]  ? refcount_warn_saturate+0x15a/0x1d0
[  476.654528][T13444]  ? refcount_warn_saturate+0x159/0x1d0
[  476.660524][T13444]  klist_dec_and_del+0x3ec/0x3f0
[  476.665530][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  476.671240][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  476.676861][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  476.682926][T13444]  klist_remove+0x25e/0x480
[  476.687498][T13444]  ? __pfx_klist_remove+0x10/0x10
[  476.692655][T13444]  ? __pfx_kobject_move+0x10/0x10
[  476.697749][T13444]  ? get_device_parent+0x25d/0x410
[  476.703289][T13444]  device_move+0x1b4/0x710
[  476.707764][T13444]  ? kasan_quarantine_put+0xdc/0x230
[  476.713191][T13444]  hci_conn_del_sysfs+0xb5/0x170
[  476.718204][T13444]  hci_conn_del+0x8c4/0xc40
[  476.723160][T13444]  hci_conn_hash_flush+0x258/0x350
[  476.728351][T13444]  ? __pfx_hci_conn_hash_flush+0x10/0x10
[  476.734134][T13444]  ? drain_workqueue+0x2d3/0x3a0
[  476.739144][T13444]  ? hci_discovery_set_state+0x57/0x180
[  476.745152][T13444]  hci_dev_close_sync+0xa8b/0x1260
[  476.750417][T13444]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  476.756009][T13444]  ? rcu_is_watching+0x15/0xb0
[  476.761225][T13444]  hci_unregister_dev+0x20b/0x510
[  476.766318][T13444]  vhci_release+0x80/0xd0
[  476.770800][T13444]  ? __pfx_vhci_release+0x10/0x10
[  476.775892][T13444]  __fput+0x3e9/0x9f0
[  476.780333][T13444]  task_work_run+0x24f/0x310
[  476.784984][T13444]  ? __pfx_task_work_run+0x10/0x10
[  476.790237][T13444]  ? do_exit+0xa25/0x28e0
[  476.794626][T13444]  ? do_exit+0xa25/0x28e0
[  476.799030][T13444]  do_exit+0xa2a/0x28e0
[  476.803665][T13444]  ? __pfx_do_exit+0x10/0x10
[  476.808307][T13444]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  476.814439][T13444]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  476.821228][T13444]  ? _raw_spin_unlock_irq+0x23/0x50
[  476.826492][T13444]  ? lockdep_hardirqs_on+0x99/0x150
[  476.831797][T13444]  do_group_exit+0x207/0x2c0
[  476.836418][T13444]  __x64_sys_exit_group+0x3f/0x40
[  476.841850][T13444]  x64_sys_call+0x26a8/0x26b0
[  476.846568][T13444]  do_syscall_64+0xf3/0x230
[  476.851212][T13444]  ? clear_bhb_loop+0x35/0x90
[  476.856033][T13444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.862270][T13444] RIP: 0033:0x7f570c78d169
[  476.866707][T13444] Code: Unable to access opcode bytes at 0x7f570c78d13f.
[  476.873923][T13444] RSP: 002b:00007ffde91b8178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  476.882741][T13444] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f570c78d169
[  476.890842][T13444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  476.898850][T13444] RBP: 00007f570c7eaad8 R08: 00007ffde91b5f17 R09: 00000000000927c0
[  476.907116][T13444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.915202][T13444] R13: 00000000000927c0 R14: 0000000000000000 R15: 00007ffde91b8a10
[  476.923648][T13444]  </TASK>
[  476.926732][T13444] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  476.934042][T13444] CPU: 0 UID: 0 PID: 13444 Comm: syz-executor Not tainted 6.14.0-rc5-syzkaller-01188-g0ea09cbf8350 #0
[  476.944983][T13444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  476.955053][T13444] Call Trace:
[  476.958347][T13444]  <TASK>
[  476.961283][T13444]  dump_stack_lvl+0x241/0x360
[  476.965978][T13444]  ? __pfx_dump_stack_lvl+0x10/0x10
[  476.971224][T13444]  ? __pfx__printk+0x10/0x10
[  476.975832][T13444]  ? vscnprintf+0x5d/0x90
[  476.980211][T13444]  panic+0x349/0x880
[  476.984135][T13444]  ? __warn+0x174/0x4d0
[  476.988308][T13444]  ? __pfx_panic+0x10/0x10
[  476.992754][T13444]  __warn+0x344/0x4d0
[  476.996748][T13444]  ? refcount_warn_saturate+0x15a/0x1d0
[  477.002318][T13444]  report_bug+0x2b3/0x500
[  477.006661][T13444]  ? refcount_warn_saturate+0x15a/0x1d0
[  477.012238][T13444]  handle_bug+0x60/0x90
[  477.016418][T13444]  exc_invalid_op+0x1a/0x50
[  477.020948][T13444]  asm_exc_invalid_op+0x1a/0x20
[  477.025817][T13444] RIP: 0010:refcount_warn_saturate+0x15a/0x1d0
[  477.031994][T13444] Code: c0 b2 80 8c e8 27 21 8c fc 90 0f 0b 90 90 eb 99 e8 9b 64 cc fc c6 05 e9 ac 31 0b 01 90 48 c7 c7 20 b3 80 8c e8 07 21 8c fc 90 <0f> 0b 90 90 e9 76 ff ff ff e8 78 64 cc fc c6 05 c3 ac 31 0b 01 90
[  477.051619][T13444] RSP: 0018:ffffc90003a67738 EFLAGS: 00010246
[  477.057730][T13444] RAX: 3aecb7159c9ddb00 RBX: ffff888032f16878 RCX: ffff888058909e00
[  477.065732][T13444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  477.073741][T13444] RBP: 0000000000000003 R08: ffffffff81819e32 R09: fffffbfff1d3a67c
[  477.081753][T13444] R10: dffffc0000000000 R11: fffffbfff1d3a67c R12: ffff888032f16860
[  477.089746][T13444] R13: ffffffff8638bc20 R14: 1ffff110065e2d0c R15: ffff888032f16860
[  477.097750][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  477.103324][T13444]  ? __warn_printk+0x292/0x360
[  477.108106][T13444]  ? refcount_warn_saturate+0x159/0x1d0
[  477.113675][T13444]  klist_dec_and_del+0x3ec/0x3f0
[  477.118634][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  477.124199][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  477.129764][T13444]  ? __pfx_klist_children_put+0x10/0x10
[  477.135328][T13444]  klist_remove+0x25e/0x480
[  477.139852][T13444]  ? __pfx_klist_remove+0x10/0x10
[  477.144900][T13444]  ? __pfx_kobject_move+0x10/0x10
[  477.149945][T13444]  ? get_device_parent+0x25d/0x410
[  477.155081][T13444]  device_move+0x1b4/0x710
[  477.159519][T13444]  ? kasan_quarantine_put+0xdc/0x230
[  477.164825][T13444]  hci_conn_del_sysfs+0xb5/0x170
[  477.169792][T13444]  hci_conn_del+0x8c4/0xc40
[  477.174319][T13444]  hci_conn_hash_flush+0x258/0x350
[  477.179459][T13444]  ? __pfx_hci_conn_hash_flush+0x10/0x10
[  477.185127][T13444]  ? drain_workqueue+0x2d3/0x3a0
[  477.190093][T13444]  ? hci_discovery_set_state+0x57/0x180
[  477.195658][T13444]  hci_dev_close_sync+0xa8b/0x1260
[  477.200795][T13444]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  477.206355][T13444]  ? rcu_is_watching+0x15/0xb0
[  477.211145][T13444]  hci_unregister_dev+0x20b/0x510
[  477.216200][T13444]  vhci_release+0x80/0xd0
[  477.220550][T13444]  ? __pfx_vhci_release+0x10/0x10
[  477.225599][T13444]  __fput+0x3e9/0x9f0
[  477.229618][T13444]  task_work_run+0x24f/0x310
[  477.234227][T13444]  ? __pfx_task_work_run+0x10/0x10
[  477.239361][T13444]  ? do_exit+0xa25/0x28e0
[  477.243728][T13444]  ? do_exit+0xa25/0x28e0
[  477.248089][T13444]  do_exit+0xa2a/0x28e0
[  477.252282][T13444]  ? __pfx_do_exit+0x10/0x10
[  477.256896][T13444]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  477.262903][T13444]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  477.269260][T13444]  ? _raw_spin_unlock_irq+0x23/0x50
[  477.274475][T13444]  ? lockdep_hardirqs_on+0x99/0x150
[  477.279694][T13444]  do_group_exit+0x207/0x2c0
[  477.284315][T13444]  __x64_sys_exit_group+0x3f/0x40
[  477.289392][T13444]  x64_sys_call+0x26a8/0x26b0
[  477.294101][T13444]  do_syscall_64+0xf3/0x230
[  477.298636][T13444]  ? clear_bhb_loop+0x35/0x90
[  477.303350][T13444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.309274][T13444] RIP: 0033:0x7f570c78d169
[  477.313706][T13444] Code: Unable to access opcode bytes at 0x7f570c78d13f.
[  477.320734][T13444] RSP: 002b:00007ffde91b8178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  477.329168][T13444] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f570c78d169
[  477.337155][T13444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  477.345145][T13444] RBP: 00007f570c7eaad8 R08: 00007ffde91b5f17 R09: 00000000000927c0
[  477.353129][T13444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.361111][T13444] R13: 00000000000927c0 R14: 0000000000000000 R15: 00007ffde91b8a10
[  477.369117][T13444]  </TASK>
[  477.372509][T13444] Kernel Offset: disabled
[  477.377038][T13444] Rebooting in 86400 seconds..