last executing test programs:

14.702078326s ago: executing program 3 (id=2826):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)

14.603632644s ago: executing program 3 (id=2828):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18030000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r2, 0x43, 0xfffffffffffffffe}, 0x1d)
r3 = socket(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f0000000a0000000d0085a168d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)

14.418547285s ago: executing program 3 (id=2831):
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000200)=0xb, 0x4)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000000))

14.28496056s ago: executing program 3 (id=2836):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0900000004000000080000004000000042000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYBLOB="0000000000000000000000000000000000000000000000000000000038b5fb7e6914dfc093235457f25725b81019e5d061ea6f5974b145500c8a5ce3bcffc9853267f44afb8f5de862d03e3bb0dda8c68f15d40cd1edbaac9d5a05906a4786bbfb5ef8312a53d79fe6e2e7aea4b93b8d"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x8b)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x78, r3, 0x5, 0x0, 0x0, {0x3, 0x74, 0x600}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:udev_helper_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x4}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x2}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2={0xff, 0x7, '\x00', 0xa}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'pim6reg1\x00'}]}, 0x78}, 0x1, 0xffffffff00000003}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000000)={'macvlan1\x00', @local})

13.924030457s ago: executing program 3 (id=2843):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x9, 0x8}]}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="0a000201bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000009611ff00000000000000000000ffffe0000002ff0200000000000000050000000000014f194e20009690"], 0xd0)

3.336395597s ago: executing program 1 (id=2949):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4000002, 0x3032, 0xffffffffffffffff, 0x2a1cf000)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x10}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x18, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x14, 0x1, "8c7457ff8f99b8233ba7d81496e1da69"}]}]}]}]}], {0x14, 0x10}}, 0xd0}}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@map, 0xffffffffffffffff, 0xf3c5227cb953423c, 0x2010, 0x0, @value=r1}, 0x20)
mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x0, 0x9a}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)

2.640814362s ago: executing program 4 (id=2955):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r1, 0x107, 0x18, 0x0, &(0x7f0000000240))
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000100)={'bridge0\x00', &(0x7f0000000140)=@ethtool_drvinfo={0x3, "c653eb788ca744ab49b0bc8b7c38c5386a9f8fc329b0c08aa1974b55df51358e", "becc2b963fc758b093f0c3162721cc2c6db0e11fe93cb921e31b7afc9848f9f8", "9d5e255e876cef6a5e8b322ceb9f9f59f92f7b7e5f4cb64b0dba0d27e79083f6", "f1c9a32e2ff71a89cd1b6471db6af48500491adb8c4b1c0a8fdf46f4f3168fee", "6a5ac82f1f76e71cf5cc5d665c6006929a314c0c4e1c2a4c43afe8074197b481", "11f18e6d4f5d4f4e717b780f", 0x200, 0xc, 0x8, 0x9, 0xd1ba}})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x60880, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xb4db35664bbbaddf})
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0x6, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000}, 0x44010)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0x6, {0x0, 0x0, 0x0, r8, {0x1, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000}, 0x44010)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000061105e000000000006000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4440b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40004}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="18000000240001"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r9)
recvmmsg(r9, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/4077, 0xfed}], 0x1}, 0x9}], 0x1, 0x2000, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_NAN(r9, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x40, r10, 0x20, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x23, 0xd}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xff}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x40010}, 0x4000004)

2.459582323s ago: executing program 1 (id=2957):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000004c0)={'lo\x00', &(0x7f0000000480)=@ethtool_eee={0x44, 0x7, 0x2f97885b, 0xfff, 0x0, 0x8, 0x2, 0x3ff, [0x81, 0x9]}})
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
unshare(0x6020400)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018100000000000000c0000000c00001402000000000000000000000d000000000000c67b"], 0x0, 0x26, 0x0, 0x1}, 0x19)
setsockopt(r0, 0x200000, 0xffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, 0x1, 0x7, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFACCT_FILTER={0x44, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x5}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x67b7}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x194}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x78e}, @NFACCT_FILTER_VALUE={0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xa4}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x71}]}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x78}, 0x1, 0x0, 0x0, 0x20008000}, 0x20004050)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, 0x7, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3ff}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000180)="f257a8ea7bc273dfaeab968586dd", 0xe, 0x4080, &(0x7f0000000140)={0x11, 0xc, r6, 0x1, 0x1, 0x6, @link_local}, 0x14)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00@', @ANYRES16=r3, @ANYBLOB="000125bd7000fcdbdf254c00000008000300", @ANYRES32=r4, @ANYBLOB="0c009900080000007d0000000c0058003f00000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4002}, 0x4004050)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000004c0)={'lo\x00', &(0x7f0000000480)=@ethtool_eee={0x44, 0x7, 0x2f97885b, 0xfff, 0x0, 0x8, 0x2, 0x3ff, [0x81, 0x9]}}) (async)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) (async)
unshare(0x6020400) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018100000000000000c0000000c00001402000000000000000000000d000000000000c67b"], 0x0, 0x26, 0x0, 0x1}, 0x19) (async)
setsockopt(r0, 0x200000, 0xffffffff, 0x0, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFNL_MSG_ACCT_GET(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, 0x1, 0x7, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFACCT_FILTER={0x44, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x5}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x67b7}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x194}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x78e}, @NFACCT_FILTER_VALUE={0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xa4}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x71}]}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x78}, 0x1, 0x0, 0x0, 0x20008000}, 0x20004050) (async)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, 0x7, 0x6, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3ff}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)) (async)
sendto$packet(r5, &(0x7f0000000180)="f257a8ea7bc273dfaeab968586dd", 0xe, 0x4080, &(0x7f0000000140)={0x11, 0xc, r6, 0x1, 0x1, 0x6, @link_local}, 0x14) (async)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00@', @ANYRES16=r3, @ANYBLOB="000125bd7000fcdbdf254c00000008000300", @ANYRES32=r4, @ANYBLOB="0c009900080000007d0000000c0058003f00000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4002}, 0x4004050) (async)

2.362773706s ago: executing program 4 (id=2958):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x4800) (async)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x4800)
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x94, r1, 0x300, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x2}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x2}, @NL80211_ATTR_IE={0x57, 0x2a, [@mesh_config={0x71, 0x7, {0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xf, 0x8}}, @mesh_chsw={0x76, 0x6, {0x5, 0xf, 0x1e, 0x9}}, @supported_rates={0x1, 0x1, [{0x1b}]}, @cf={0x4, 0x6, {0x4, 0x0, 0x0, 0x8d79}}, @chsw_timing={0x68, 0x4, {0xced, 0x9}}, @mic={0x8c, 0x18, {0x392, "33a1c36bcfc5", @long="b7cc4a6b26b4b1bd1cdde0d4914864a5"}}, @rann={0x7e, 0x15, {{0x0, 0x2}, 0x7, 0x8e, @device_a, 0x60000, 0x5, 0x1}}]}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x4}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x7}]}, 0x94}}, 0x884)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, r1, 0x200, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x38f884a7, 0x4e}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x24, 0x0, 0x9, 0x101, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x2040000}, 0x4040020)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x12000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, r1, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x4, 0x6f}}}}, [@NL80211_ATTR_SCHED_SCAN_MULTI={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040000}, 0x5) (async)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x12000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, r1, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x4, 0x6f}}}}, [@NL80211_ATTR_SCHED_SCAN_MULTI={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040000}, 0x5)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NFC_CMD_START_POLL(r5, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x24, r6, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x24}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000000)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_LEAVE_IBSS(r7, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x20, r1, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x80000001, 0x75}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4000010}, 0x55)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$net_dm(&(0x7f0000000840), r8)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000008c0), r0)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000b40)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000900)={0x1d0, r9, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0xa8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5a3}]}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}]}, @TIPC_NLA_NODE={0xf0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ID={0x44, 0x3, "d7edbea5bc64fcbca882188b5be9d53a3383a09bdc77c931ae488d2a19db54ce1b5aaa986fa9410c7d76654f14ec78b2dfa689e136e7f9edc1fbe5f7a50174c6"}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "6ddcba1665a7175d8c73f00bbb80e5fc7d2e4fd54a188b43baed031f0e"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "4cfb48f35b1e58c4cf1c27300409e0929afd418587915fa1cc18c47bc40b7a943a660224"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000804)
sendmsg$TIPC_NL_KEY_FLUSH(r4, &(0x7f0000000cc0)={&(0x7f0000000b80), 0xc, &(0x7f0000000c80)={&(0x7f0000000bc0)={0x8c, r9, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x78, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8ee3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x74}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x2000c0c0}, 0x20000004)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000d40), r3) (async)
r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000d40), r3)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x2c, r10, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x4}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x6408f59bdb1c7c71)
sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000f80)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000e80)={0x84, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_bridge\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffffff81}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_team\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xc17}]}, @IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x84}, 0x1, 0x0, 0x0, 0x22008094}, 0x0) (async)
sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000f80)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000e80)={0x84, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_bridge\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffffff81}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_team\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xc17}]}, @IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x84}, 0x1, 0x0, 0x0, 0x22008094}, 0x0)
sendmsg$NL80211_CMD_SET_WOWLAN(r4, &(0x7f0000002180)={&(0x7f0000000fc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002140)={&(0x7f0000001000)={0x1128, r1, 0x0, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void, @val={0xc, 0x99, {0x5, 0x52}}}}, [@NL80211_ATTR_WOWLAN_TRIGGERS={0x1108, 0x75, 0x0, 0x1, [@NL80211_WOWLAN_TRIG_MAGIC_PKT={0x4}, @NL80211_WOWLAN_TRIG_PKT_PATTERN={0x1100, 0x4, 0x0, 0x1, [{0x10dc, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x8435}, @NL80211_PKTPAT_MASK={0xb4, 0x1, "2dff8d69ad99d87c298f06823b84cc69d523106440504ffb6fe23ae1d4656f102aa177d0369d848e1e852af464e12efc826c32ae349c054b6c64a9be91fa264847e8722f0579459a0b4efe1eb98730435c969a8785eb6c9224277ecaacd9e296d86ce48e4eede1bc5e855c0cc0e7a783b245eacac6b39b2a016ce59c63e65df3bc655a599c4cc7ffbd1c3edee9b0b631e029c3ca88ae68a01d132a469a597037c34519328cec6848f3695d55e41135d5"}, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0xffffffff}, @NL80211_PKTPAT_OFFSET={0x8}, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x9}, @NL80211_PKTPAT_PATTERN={0x1004, 0x2, "d6b282898598b082de6ae50e87337fc2b14c19fad08cc0d17eb3aff89d9787e8e64588f75f66dc78d4fe4b8ce340ebd810b2e3a83bf05ccdcafd26486fd289d6ea9219fd0163571256d5f7973de113ace59ba0ec13c1a72893e16f255d60e3d2c256e7a64ac318610a1f7b038fa3506a48cf18a98644c7f1f12839dc7ba6985cd41314fc1f54fa54a1d8c66440cc31df7d8b7d72cc82e0a595c68602977cc416e837f81173fc11b4e086677c7ebca2ce64d2be43118a5a32b420db1b31b92eadd49e38b4380ac0675bd4bef529502886f3186cda8be46f9c51f513c45baa000e5068e86c47933fdb8781716b665ce6f9741922715e96d066f19cf7adc26d27a5efab877d9f7a6030b3dbf32b1395271b95290f5ff56d5f924354f81d607fb95f7d1054e5aa978a3d9d905a6cf3853d44818daf7048d41e42c75528c42e07870b4a21a052254ebff3b8a840e02f8aaaad9661da833b6c0e413c89caf54c31ad0bd9d52f0e660128a0dd8b7c5894ae1485970b64021ed8943da1d1998a349cba706ae8e7472ae9187edd80cc088ca8a525c682adec7948e400d6dc5c92ce16ef4144bddbcd6d3c641b876a2bf612c11e3ce71ed47c9f92823ba8456895780128d47d996ec48f7eee04f1461a016379a1a1dcda177d4f4459be85155cef3886e6c20e7904d86db00bee66fdcef55b3417e49c9f56c928a6199ce7476819ee18a1d1c33bcdbe9b5f03b603558255a17ed382ff8cf74f7d5c979f0f9c8ba95cf4bfeae61dd8770013808ad9ddad695423c5d2910afdbc2e9e00e89381a290419fe888131a9850fa45d4ca93f2b6e7ce241d9541a937856d8d752f1fecfce53aa4f5816019ea601cebefedac21975228ccf35f57f3d0ff9b26d3a7538c8419ef1b96fbca2002c468fa50693ced5d7dcb2075ca234e91233787b7e27b03c83bda167e90b8df80ae50d05a3bd6ce749a74e1c2d5dde4a9ef8e1565f7fdf6908956f594e192cec41f40b8f48d5a2448f739c96b71a49543f4095770e02d2b2296a8fbd576b5f0d636d24998fa974c799dbb6966644d8bebd15a4e56a1b4edff66721f4aff1b94b1cac63a5bf9234ec4e7d591e606a3827ede48f692b7d7de70b40ed02ba820374130593dc4f273cd91b5fa847ab30352f8635b6fb0d27feca209135431153b7976444f6e7a876904ec08ec28985da1368bf7e6cbacc6668b9f7955f6ca0c41c927d7ffcebe280a1217107b62c08aab6f79e0cd7b7e3241a43ef7d1e22b716fabd97a9625647037aef8779f2c6017887a914a98873d18bf65b18b85522bbfecc3a1b771f77a708bbce3f8c685c415f19263bb1b5f1297c4a0c3c0cb21ec9cab0cf30ff0b6b642837a4e25386b7b2cedf6d1e3f8d4f6955ef4af7d94f43ad55a8bdc6ede21d54d61f933ae3e4d219bf862dd4f7fb64a6fd6f4df48b3aaabaa212858590dbf69dd0ce0e41228915b321ef011505d4876043f8be43ce8fe6563a012470e5d37fb84fef2e0d42db071088237b59074b2fc4a07d0bdca3be046892c072b6514675e17d04ee2fd3d2a39ceb591439feb680b61cfd11edb218efa5b986ff42757e981af1be9e041f72978ca993818a434966dcdc496bc74043a4ca7a883e679f44e055810ef0d921b96b4bd7b6c680719960df7f2d93e3a1688b5733221ca8b906c52d10a754d80b0a2e86d6924490e44e6279a5c88a11e9dbb07242fdcf27fa70a4dbeb85cf2eb8cbf80448f7b0c8e36c45e09cf08943e41ce66454cefba39de483d3283bc727b9e09bf5d24ecaf14f6960451512a340ec5bdded97b79102d20daf1203d4a8e53297680898eca17e76f73b767d49c6a3b08bc72ed00e30f510851d5d12988831d06537009f9e4065065cd1728af208888cf032627f9586e87da0dad9396816d7834a144941418d886b46a091305d0b4541d88295462665b09d946622eb093b8f36c08959dde164e3d1ee9a1588e8c9eef1123d19902da6972e1f889e19b564cb6f97fed50faa0e742e9a4208545b2f921e74cacef36f1b1b875931e77fcdfe22b63afe556aabe18b0563c33b95daaefa2767bae293690fb49dd030e32ad74981d805d46b293a8bcc0fa263d8f62f753c3cdb830f0f069f6a2b49a3595b7c87f336aa1e6efc0dd3a52c11b61fc983447f7cdc9c9ab21c5a3200c7006900d3422fa9389d2cf6cdf352c8d3271b6c1000b5a7416132b9582da089e25b63ae123c1a2a783e960e4d1c60725fee733c5d80618124029ca95d653e5723b1a7821e3cec6d6f19e1f89d6a8ee3e257c838775c92123df4b66bc6c71e6451e4815f3e9e2dce579ba484474b7b8514f4ba2ba95d0a1f2d26c36af2524ab74196d9f4b6e60cb9f832b54d1b76bde25dd4291b15820889740081a572506fcaa47bbf0d327b0374b201a62817a919d2180f5ed491abb03ba5d0b7dc69fe56f9ad8eb4fa23eebe6cbef4548624f342fe04bd1d3c869e99c58cd04ee367a22b00e007e4d7f708a6f5a8275ac5c58700f39c292276ff60296bb1f1519108a69cbbf13ed6b72e5b4f899b63732cf6ad4e806330a6318af53bfb69aae01ab5f5edc36daf02912b3ec9819f55ba3a7a21011cdfc2e8542756103710ec9354f9e0ba45063316aef3753a422d19d4db744eb497c778c6ba256f19383b4ca1a989a04c8c83046b9ce16c8f397a368da31d453e059fc851cb25e25eb995866ba2b54c5c0092720742a3db3d6f462dc651bb6768a798b411dbfd3f630cec6aa24ad403f46ebd271d8121fd15429dcd41c3230abba66b35ac0c1877ccdbf75757dc8dd846ae483afa681020e280b50fbe99414dc03593c3179db402dfd0a9d884722cbc21528692c6d2a1520e31c461eff8e1ebc0c542e85c4ff789171bc0772ac9e0e10e6a358398e0751226646a176bfd7293bbf07f2cc4a1661882b7348df6ec3cbb3b2ec1565b7d7b0cdd41dfd4d41aa681f5903736953206677ba514ae54b0c9d44c4ac0291e64ec2a9cca458fd89138af1ccc0b160ca9f372f216eeb7cbe135a65f8ba83079aa0c550841d568437f9cdc691fb39e607bada703c0aaacffe5c0bddf1060f3767407401cc6f83b84b8cf15bebbef15be64d3055c5161d2d723c6f9ce8c5930462008e9acc216de534fb552e7d6b6856f84ddc40f43475429189a317f1d8aec94eaaa36461477abdb9f18095d5ba2f26693b51a300fa7787ab0fb9bf501dc6db7ce83c0ccd8135f15aff8da9e8f36afbdec64b9db72324607624941a6653101f58ebafafdd92d669f4272fab3167984582a9c255ddc4511f3c5ebd98d597f3426f880248541bb89042bdf7fb94fdbde92e21c14d25a221eb84bccc182d5a82c0e8c3aad5d23dc6f741a37cad7d873e2a01dd515965ecb9710e147c55b0e0ae1dd3af5430c8d7a51e4c29e8436b2bc5e6204af484071fcb58309658aafd6ceb63f9baa7728931654e76a06d1daaed34957adda27772da38b908e99796ac4ff05b4b1ea1d47897b46be4b728b8196051ffa6b8f1221d81ec887dcf001ef6aeb122250e16cfd8989d4f7366dd8471ed5dcb7cadcf8ffebaae34e90eb6409ffddba350a7ef279763d7dda361854338dc5ee39b4fde6cdb932c5a9e9a3ed395bb64430efd979fc794f84192a6d04f811aaed1e0e0677d6f53075432d1ab9a8fb5163fc784b7ea602ebf3bb3513bc0f111c86d1db0b60052f1a300b30d7f0d23fe2a2b134341a4696bc0217aa379d86d5cdf46c061551c91d9af73954fb46350d5c0cd315300b79f06627848374f3c5da3adf83435377fa310b713e218dd9a2f81917dbed017c8a1046d0d0298b5b1ad71d53e845f3261c3d417b05a14e532c9ac7f1be33c866e1bcbd7c2cc93da64575eafbbfa824dc2426314737f3f1d20739c67eca06b09753f740523824b9691193094b8dcff7f53d983679cac7f43cf8a8124c50cf0ae9cfe8173f9c0db6aa2ff9058c1f080fdb53eb5904a1a12fe6e08cce0c1e32ae9ab8e49786156f4c8bc3ffd115d91ea3e8bd43cd78acb36bec22730e3fd7c8445c9c4e911c146b2668155bedb807b1827b8e5d8b66a4a6c118cdeb8ed45555abc838188e3fdff40b767018ef908f15ee0f9c88ecc36460fbedf2c7e7c3832701033af6843a39bc5fbe5cbe91b4376f3a8dd7bf1259fd705d025d450e51d81367e8c9a5ca1fad0d9137198ed6abf9e7f1e3d6bc3f0f1c9cfb0e20b3032be022f35049e8acb5954d7c163b907d781f93496ec5ad53ce5d649e88b44057c836a4fb2159ae882609c6782884c3882883794f011950bcc35b9daf593fd04938d73837209853ed1de3d199dedbdbf169fa2ae682176373a7be2587216f1efeca3df9155754cf221740243cb17ce5acc8779d54c072c7bd1f6305612bf6af120376ca7b91623718c4bf0a8bb2faf85fc60ab4c134383721efacffcf2067e30622b276a3fbf1bbcb559ccd0b04a683c9c899433c69817aee382983e144d2265d2070688fea88ec0d05edd165e3ffadb505d1999ed7f86b6bd757546608a9be229e2c82ddd090c3b2cd9f012c6c2379dbe03cd3836d17d3e5c540850e7376fc2187d03e02488a82be46b9442a71e3feb76f21f584cc7de4efe61a8083a123879d508d5f9ec35f3bd4e851d2586462ef2feb0b9a2cf562652fb64787a02b209ddb641584e5d91160218cecd6f8ca305d34318eda6e536dd9cef2bf2224b669a3ddbfadb291d84ec4ef9070fbdbcc974a1aae7262d5497d96066a0b41f633eb336476cf2834b8c7b319f5341c6e82cefffa9fc37ebfb92998b0e39cb337846b0d44a085059e812c5f66cdfd5399ff197d6f252ac241f7e74ab07d06bcb3eb91649fd80b47edf55e18f0f397660fa544b34c363f14414d3e4654b9b959bd8856fded9cce25e62b26998780328dcc7b5487662a4fbefe5c2e2c2a67746019ea47a24e2135d8abbb859613c5c95bfb8e8c568ca09dce4daec1674622a7a5322d49dbb24a862308bfb3021f29927a4ee05fb54bd4bfb7dd76727185c258bed4b5a96140f80e6372e69b2c74ccc3e8ceb9b9f749d54c1778cc85507f4e19d7e5198d33791464722aa83c0a9f54302b385046e71bed42e711577592934d051f84901cff1241536d842ef7f5bc1030836a8af7736be7e01e395e0984767592e375ae531838d1d80aaf580d16a694b5268213505c773ecb7b97b5f4900724e37475090e1847ad2e4019a6c7195200a1336e20d13e3d0775501850bd1b3863f90892065456b6c300bab5a384471b03b4451cb880a6c3e8419f5a2e625879347001ae246e5aba28a0f3baf017f981b7347f64c07e117ae77472323d2663de3d59ba90ddb4e9770d092db8c68ade7d33f41d9921db0ed183d4250b012b2ed9667df872e89e824378579d987e4a353f24d3851af82f85417ddb81d08aca80f1b541d25c35b5db8f2a035e5ff34f43a728924459d9183492ab19e93ea88d1bf0b9e4c3dc6be7e437a93ce1aa70834a7ae51f6d73e78f4cea1ddb8052e69427bc03a7d0be8b28d2d7817cd5f75abe3b01635c8bada5fb9749b7ac365e0d21cc0955c6e9ecebb72e1c14f16d43d67ad4307810cf311c5318c6ba0ff399973ccd736d429777596445b50c3fba08d013d7006c70678b50f65ef68a41c063df3c352aa7b6ebc977c5d55748fde020868dd916669819f0c7a1dd7fe4eaf2eb924ac8768873e86af6351df9862f5267904627677593595fe591011fb6115a6ae70cef88269db1a5f02fb89bafb9ca40319ab2af0bf43a73c77004ac932755f9b69a649ca384f"}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x7}, @NL80211_PKTPAT_MASK={0x11, 0x1, "88c428c1ce8410d216a95765ed"}]}]}]}]}, 0x1128}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000002280)={'syztnl1\x00', &(0x7f0000002200)={'syztnl0\x00', <r12=>0x0, 0x4, 0x10, 0x5, 0x10000, 0x50, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, 0x20, 0x7, 0xe0000, 0x1}})
sendmsg$nl_route_sched(r11, &(0x7f0000002400)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000023c0)={&(0x7f00000022c0)=@delqdisc={0xf8, 0x25, 0x100, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0xffff, 0x4}, {0xffe0, 0xf}, {0xf, 0x9}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_STAB={0x5c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0x6, 0x1, 0x8, 0x0, 0xf6fd, 0x4920, 0x7}}, {0x12, 0x2, [0x4, 0x8, 0x40, 0x1, 0x8, 0x9, 0x1]}}, {{0x1c, 0x1, {0x6, 0x4, 0xffff, 0x800, 0x0, 0x6, 0x0, 0x3}}, {0xa, 0x2, [0x8, 0x5, 0x0]}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_ECN={0x8, 0x4, 0x1}, @TCA_FQ_CODEL_FLOWS={0x8}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xa}, @qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x5, 0x9, 0xffffffff, 0x80000001, 0xc351, 0x80000000, 0x7, 0xc07, 0x1}}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}]}, 0xf8}, 0x1, 0x0, 0x0, 0x800}, 0x20004040) (async)
sendmsg$nl_route_sched(r11, &(0x7f0000002400)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000023c0)={&(0x7f00000022c0)=@delqdisc={0xf8, 0x25, 0x100, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0xffff, 0x4}, {0xffe0, 0xf}, {0xf, 0x9}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_STAB={0x5c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0x6, 0x1, 0x8, 0x0, 0xf6fd, 0x4920, 0x7}}, {0x12, 0x2, [0x4, 0x8, 0x40, 0x1, 0x8, 0x9, 0x1]}}, {{0x1c, 0x1, {0x6, 0x4, 0xffff, 0x800, 0x0, 0x6, 0x0, 0x3}}, {0xa, 0x2, [0x8, 0x5, 0x0]}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_ECN={0x8, 0x4, 0x1}, @TCA_FQ_CODEL_FLOWS={0x8}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xa}, @qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x5, 0x9, 0xffffffff, 0x80000001, 0xc351, 0x80000000, 0x7, 0xc07, 0x1}}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}]}, 0xf8}, 0x1, 0x0, 0x0, 0x800}, 0x20004040)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_init_net_socket$ax25(0x3, 0x5, 0xc3) (async)
r13 = syz_init_net_socket$ax25(0x3, 0x5, 0xc3)
ioctl$SIOCAX25OPTRT(r13, 0x89e7, &(0x7f0000002440)={@null, @default, 0x2, 0x56})

2.309063822s ago: executing program 1 (id=2959):
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, 0x0, &(0x7f0000001340))
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0xa, 0x2, 0x0)
getsockopt$inet_mreqn(r2, 0x29, 0x20, 0x0, &(0x7f0000000040)=0x2000)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000000)=0x10, 0x4)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r5)
sendmsg$nl_route_sched_retired(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@deltclass={0x50, 0x29, 0x10, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x4, 0xffe0}, {0xb, 0xfff3}, {0x6, 0x6}}, [@c_atm={{0x8}, {0xc, 0x2, [@TCA_ATM_HDR={0x5, 0x3, "fe"}]}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_MASK={0x5, 0x4, 0x53}}}]}, 0x50}}, 0x4810)
sendmmsg$unix(r5, &(0x7f0000006680)=[{{0x0, 0x0, &(0x7f0000005180)=[{&(0x7f0000001c00)="11b8e2e95f", 0x5}, {&(0x7f0000001c40)="b65ede783a15f51188f244407b54032c8de25afb0afe506046e064644f2466c938a010a17fcb02b152f6fafc6a07c80e1748758b76ab0c765cc835d6bc3143018f56accc7455f32a5ded552d125de404258cf9a07cb2bb9df4cfc7a4878fae90f0f2add904f5f9fd5e2f0943af860ab4f794d3e60998d45fb240e3618e98cb897c73aef2860f4a3854cf598c9d23c56ed4923b56dd2484bcd17db02fb475ae043f50d95d527a8151ce0d49dad5978796e94f56deeee4a613358d170e0c1574fe0be3b4", 0xc3}, {&(0x7f0000001d40)="be5173b5faac7a921e735f22e37b4c89c5b395256ef33d740561b860ac4d892da8c4f613ad50893212b37a34bd18", 0x2e}, {&(0x7f0000002f40)="edcb47e6a89a35448916ef8ebe79d0feb594b2acdb1d1ef934dbaf81338fc0195bea3a23d4957a5a35512ce1d891f82850b09da2702856be8e8493ee649b57aeb62b3d9c03cd312e3f0fe654c9825f8da087d346a7f65037783aec233b320c9b6ffeecb6e30e6cc7ece99e6c4e19f0f034de1a2a46de008038fbc586e4d78da4739e657cd5f78bf057564063d60f0ef831d1db86e539c39743d54c6e3c3c8d8b1f513da969dbcee48499cf22b08d527c8bc0232084916e8522d5334eb93683fe5e57e9c9ebb7ca0b17d805fd7e6c04543b1d1964e4e563", 0xd7}, {&(0x7f0000003040)="898e025a12647f7a83932efc4015d5c42c0df1f41a26decd0ab74f066e652fedf10ccef98972b7fa4b4fb8c5a2e52b815167cd8bb7aa07eb9c4970a9badb37b91d6ed2e228571abbf5b2ecc370710143ad0432f365cf119e082f689df5137f8faf75d86b4a2ad092ae3669df73ae65734870f6a0ce6033cf5954e6d874cde209043566b9659f586abca6eeb414edd719655e50271e2362422d3138129955cf4499774d69503614427f7a6b45c9b9d80c6706afda3ef6699961e7dcc09908a0cccbda811c8454fa06b243177dc4269a8119e29230b8e80da66bbbc6c0d20a1093709e6249f0705b88c8a7133ffe7615830d53ae30815c8d602c7872c17e03acaceb07174063067b017bf27db1ecb42aeacd0f9e4d926633d80721b7f46a15a7111a0a3276b1eba48efcbe2cfd0aadb5084a44864f4b587f01d420e7405c8b34815f404c739eed371efaa85ee5a7c6bfec8d589c91349c0c15676f440a36cf94e4bef98df8a7faf5809145a36effad742cdc39a3802f403d7ee238687b93ede2238b9f09cf8e9aa71978f38a2b628abc70c87d05646ef9510545dac4e7e9ef9c584df41e6a83085e8517c2ac9348ea81b01c2b7076b901d3b6b3a8d029d34e4cc770025e5e906a34069c2f190bffa9eef4954d390fbc0b2840ada9934ef5ff13bdbd4bef2da0b6d5c3897a278eacbca87de28a8e527dcf8b85cea7a79477fa3b9c67e4e053a31fc20a3624046218d5430f83fa150f7135e202e6b4b614f4c20199270a9d296de3a4dd42e2ef9b7804e5c9c1a85dae01710fc4138d2db21fdfe104c281c884aea24149ed8beaf35735913200cc45a0afbb079c03df0b969ce3a1487b8fb2aff5b3168fa9966c851f0c94c0f2b0eea81f85c8ff37e14b11d42f9b6538aa322cf3e73a89ce9afe0b60be6e348a592bc17995864363e99c44069944d9df9a5f2dbc89b447b7319e3459ea33495c80e8843a95a667b48060a1a6c87a3126f496baa08a9382ec1c8843d739c1943767a32dbec4398d5b83078dd8e1b3f329fc069eae1475e5e69c5da83ccc18781b0d730d5102f902f5c18cc0e37c0041f42ff3df8991120aff39ec714d5006a2a217bf1e4a0db924f213e49e6ab8a10fe9041699646c3b9545fe317a3a8e441a7cb93a55127a8a0f9809a2c2a58898566724f24d1f5cf9d76b26cd2c283463ef5771b149e13c026ec25f4d68f603e17c39170ca9a72bbd828e8091f84ac7ce6f5819dd4516288c1eb1608ad79bc61daecb24269f93c414c4be64de56bf8a38e5aabffa7d8573e80ea9b6da5b979540ce74d6cdc9aeb1b481ecc1ce440ac586d1327c2b94c9c89e1cb7fc3cd404edcff243ea798f7f2f1538ad58ee5f4f1bf4566ac975c6fbde0975bb55971b31ba5c4d34413631c765deb180e5ae6a1894527b702e6174980019babfab834797d824666c3a78f616af8810c4a155d5ab652d1d6c65a5ade05c48c5b2d063bfbf9a1776a5017550887e1356530b1ee34759ad365c2314d2a48cace93ed94d27794e4c01666be7db0be73e1489c0984f7e4d067be0f677701caae2c87e13bb452664d0cbd437c45569a3463892c6c1653e3a1365774e277ede892da336449485bb4c60f579f5434a29ba06ce00a0fb03db8190df5728d32811a3882752ec16fd35a18efa677244a820c6bcd59a94a9329028c7419ab9777c85b54db761f8576a27ac0e0261e42b2148e05847b223815be198aec2a231929815472f4c1af86ac38fea812d019cf568ad3567d710b960f8daa0eee7a65f02b0c74ea9419a1d29b4045d6e3116cf5b1dfd4c47d1ec5de0dc31cb2281e654beb28bbd163c902543fb9d25965312021f463874de34e23a143bf9802e4fdd482e3414c10c6ed95b99f6c5fb4cd63363c2c2e71a7193869c8189f392c6670fd97938de05e934d516807ccb7f8efaaad3d600012fb5e2026b8409952d0773e393560f6322c7384b76642b1edf49fd698de78bea1a1f72a268bfcf14ff66ddaeb44a56c5b3ca9ed8a362a08c74d7f8034a75f2850b7af44e1f193f329991e66c19bc25e422347e34e7fda03572a40059a7621ea74237dc38f2f1a232f51b661b3f2a414ad4fe09a83dfa1d22fe4779e7c9d1265c2a0ceeb1f84e2a4dc7d02becfc1a7bdb9644108eea14f78e1b6e62be7329b1617ccf96026961347a8a2fa1ad426425e59c69ffcd2832e4ca01bd666b5fe43de2a1f6c3957f859216917c001c87c81a2441e99a89795545f556ce6390147af69af2738c5387c5b18b1776bc0594d75ac201d4313f09e3186218f833a287cf8fe86615aed52beb2ce1f89cfa5f5081b65c49f467b2662a43a3ada3ac7459e3de8d76781b446959ac84cb16a5207e608c1897035e4bef8f381d6000cc48968f563d04c7545f70f3e1ed92efb7ef7aba929d67d4f9070a653fa30364651e316e25c82b5ac745f64d3bda49d71c4f802641a8d4e66e21cc77acee93eb955b5f8a53fc50a3ffaaa340d69eb2dd9fa1baf1e2c9e5515edac8f684cbdbc1379e31a43a41986bdfa5381da420555c091c35f0ae66af34308f5ad489e1888c9185d963ac053ee41b234f84137d78c36098fef8f98511ee10bcff42147c98bf7e9d12f076508b19fa53ea7230e5e43d74c293c4424443340eaa7d3cc90ffa498d8c61b1d5a70ad2c18f1fe615e48599df87603a5b4cffa3a6d419268952784caefd7f96b92b3b7ed6a2c7a124c4d2fd81f5a38df8a099e55276de5f1fa7d0a24908e34047a68a2b89facc7983cbe4c80fa5c2ce6d5c27389d6bdfecbf617c8d9a8bc57bbbc1524ad6648b13fa6daa7748f97440d1489064a63da9216c1a234641a9360c115bc74688d7e09c8cab54709949a6b55006c6ef7ba20d43cd4b75abe1e917ac77ee44d9a07ef307291e5dc22e505a56895c7616a0c6a2d85216c556b5b07f5497f19e8b6c2280fc067ffdeea8d0af1aad8003478c591d6ca612c4f2aa296924552391ff9f080b298fdb4dc3ab7ab78dcb0c949ba7e467e2004b5446fce8ec4426bf13da36780bb2b6543e9bf7cff086977110099fe9c104b117a1eb053f6c9e1cfd43c3382659ab3d1bce786836c699bafb14d50750f80c977a92358d96709927ea142639da3c8feb361d8da7dde03e03487bbb6b93dee5db9bc4176a977551b7d471d60ec8570cceb8fe76edea0c7cd805b6bafd3c8fcfb6a81057eca1dd53cd48c1aba9109755a63730c967bf0ac225a95f2692786719baecab21b92fd9fdf354ce1b4eec96ee315f3b2d9a5ca3aa49dfc23ee0aae333aa2c83c3e05fbf801fb5b73e5c9614ddb29beee1a636d7c0fc6cd70cad399a2dea9a6a924a075b0316fe2302f12f9af40a59f06494651b4cee3a75f0da67ff90f56b9d8561dd1ff1cf64787441df010c0256a75d6332d99aabd5f3446a914c95943fe0d021d0339c8bd5552c2cee6dd58129da0183033765242eeb538037686d28d5da4d157a263cea45140e29f1c328f27cb707f8215ab3dd6b1f23d0b716069fe580aa19088fb5e60d1a3c4a8a7af3c96034a39fcbd1d19eb77718aa27efe05e4604ad746c81c6a714838d5cc4deb39489a5924d8f2ed5f4672e1421876fb6fd77d979d24aff5169afd4e8205ff1eae59eb5bbc77bfe47591a8d6b862ed95550adedd6b85fd75f6c9c2999a36cbedea055a3cbbc559f91c8af195e7b05b880f8d6e22f8bdd42e81bc4b260e38ed526d93f0a04dbf1bcab0added9fa5ff7367408004d14dab11923a3213156fcd6f28af522dcbd5bb34a84e467b183be3b85423c7ad5c0ee286708b49615f67ea8d5314912e89a0d1eae11c8e1de1854a5a14e7461c852bec278d89b52e8b5c8c61f849769986c7cc07f2487fe1bcf391d3c37347c3b4f0e4668072f146569bdc6acd5add80777a098e2627f716ba250c8e2b0b6b4b3ae30b6aedcee17aaf3e03d32dfb2dbf6ce33a063bc1bbea8bdd55d1762d27be3328be2855c0088d67ee5e175bed1a048157b289029ae46b3f7cff44cc85a9b51f523ccdb61bcbf09b34dd3aa70d4e24dac1c5dbaf65235626d6323c7587b1ad906c9aa86dda8a5ac36e135b5eb8289f49ee95a068917aea45d84ba78f138460c434b5efb0ffd8f93b8b3beda5c77bad9e2df0565b71fd70f4c053011a5432150d2a953b535e0684d7af4fc16af011a95493e5a283dc63550e99011877ed7e237990fcd401df40910f111f3f656dd7aab0ea463915c7fea608f25b1c5663e6fbfa63e6bed757c0f3229cf59ed61a1ba526e6c97f11566535b0e7e771fe0d3bada147ada519fc7d2343a893e21055e56dcf3d1b708e1cba35fbe7a770fc03d57ad4e60a77f081d5ca137da07ec3f2e52fb754837105c1df2b5e1f0464b6406ec51d89e6686f0fb520b5caf7f30e2dba4d55eb230e6c6d93e39ac323be99ee11fb9947428b82c4e9b0b3eab4e6d1fe2c44fa1f9a6f9cd4089e7c4adeca58d592a27194ede7091766630ba4c9358d2ec940284032fc48ca8c44806964913e52b45266fe0550c3f79a9614607f32a16ff8fdd263ca270403776400dd67d0b940d2413431d6cebe478fc3399c6f28f1b7f883ff6a4da7dedfccdf370e84867fe671a9f75cfcd97448db1416d66283cca891b1d1b6978f0d1dd2d92e06544ac19dc878b3096c3a0b5ab7c59c9b743a86903bc44e72328ec2a8195fa98e03a7ca56716b98bc65a8fa444a459187489fba729c5b42a1eefdc06f6392bea45164f20bb59a1f9bbb04e4f70735c73a89d2be94c0e54027180c9066266f46c25922fe7979f430605511dd4de843229e9751b9c6ad7edfd34e7e4d3eae748d09bb2b14f8bd606cb847f02fa562708cda6139b873da13f9241df081ed82a6e00ae896bb36e4e892650de91814bb28795ea40b9e8c778f132cd9b5b5e64ec16c469df4b9531d886a6c0b37018f5e3ad21338c588e2e01c2fc9d13e60", 0xdb3}], 0x5}}], 0x1, 0x20000800)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r6, 0x6, 0x25, 0x0, &(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000680)={0x0, 0xfffffe2f, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r7, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64=r3], 0x38}}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="08000000005748620afc62b015629da837b5405470f0a3e9acf8d53c024de75f7cd1ceb66ed13a17a1492bcca824f42270ac96a8e60bc79f0f67475a2c335ac6df53295bf93cbca1200dae1fb046da00570c09fbd8dd9af11d84902f9085020800000029c95456951946875151bf8fc1bdcafbd56d3725c4d7473a64d49242203e5f5ba14ca7", @ANYRES32=0x0, @ANYBLOB="83140500000000002000128008000100677470001400028005000500010000000800070064010101"], 0x40}}, 0x8040)

2.257076467s ago: executing program 2 (id=2960):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58)
r2 = accept$alg(r1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)='\x00\x00\x00\x00', 0x4)
sendmsg$alg(r2, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x90}, 0x2000)
recvmmsg(r2, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000200)=""/120, 0x78}], 0x1}, 0x5}], 0x1, 0x0, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r3, 0x10c, 0x6, &(0x7f0000000bc0)=0x8001, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
getsockopt$sock_buf(r4, 0x1, 0x19, 0x0, &(0x7f0000003080))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200000054000480500001800a000100696e6e65720000004000028008000240000000840800034000000007080004400000000f08000140000000001c0005800c000100707b796c6f6164000c00028008000240000000050900010073797a30000000000900020073797a32"], 0xa8}}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r0, @ANYRES8=r3, @ANYRES32=r4], 0x4c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$alg(0x26, 0x5, 0x0) (async)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58) (async)
accept$alg(r1, 0x0, 0x0) (async)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)='\x00\x00\x00\x00', 0x4) (async)
sendmsg$alg(r2, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x90}, 0x2000) (async)
recvmmsg(r2, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000200)=""/120, 0x78}], 0x1}, 0x5}], 0x1, 0x0, 0x0) (async)
syz_init_net_socket$llc(0x1a, 0x2, 0x0) (async)
setsockopt$llc_int(r3, 0x10c, 0x6, &(0x7f0000000bc0)=0x8001, 0x4) (async)
socket$inet6_udplite(0xa, 0x2, 0x88) (async)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) (async)
getsockopt$sock_buf(r4, 0x1, 0x19, 0x0, &(0x7f0000003080)) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) (async)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200000054000480500001800a000100696e6e65720000004000028008000240000000840800034000000007080004400000000f08000140000000001c0005800c000100707b796c6f6164000c00028008000240000000050900010073797a30000000000900020073797a32"], 0xa8}}, 0x0) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r0, @ANYRES8=r3, @ANYRES32=r4], 0x4c}}, 0x0) (async)

2.151867222s ago: executing program 4 (id=2961):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), r0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@struct={0xd, 0x1, 0x0, 0x4, 0x1, 0x3, [{0x0, 0x0, 0x9}]}, @func_proto]}, {0x0, [0x0, 0xb56cea99d7d0f667]}}, 0x0, 0x40}, 0x28)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x60}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'pimreg0\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000001000000000000000000009500000000000000ee03c2c59a70e47171e86924f46506fac10650fa56134d1a0d8ad55b7c3043cc1f0ffa3c010d3edb930ef80550c071b4bea7cc6ca3b7db244b1133d5594636aa1b8e58d7fbb9895bbe2ebc50d15ee2edb7166252be3c837151bc0e0dacad87b8356a1efa537891795c01a4f5733038fe7351db32b8c0b478a9fb967e197d7fcd0d09c3cae178687707e63d3eeb4a3c8125d5ce6c827f0808c4bce2cd91986e1881d09a9d6e3c4526d11afbb7"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r7, r6, 0x25, 0x0, @val=@netfilter={0x1, 0x0, 0x7}}, 0x20)
close(r8)
r9 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPIOCGCHAN(r9, 0x80047437, &(0x7f0000000280))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1830000001000000000000000300000095"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000}, 0x94)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000300)={'bond0\x00', <r12=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000001e0000000c0001800800", @ANYRES32], 0x20}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x58, 0x1, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_TUPLE_ORIG={0x20, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x4, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x15}}, {0x8, 0x2, @remote}}}]}, @CTA_FILTER={0x24, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x6}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0xa80}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x80}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x502}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x406c450}, 0x0)
r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000800), 0x80001, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x100010, r13, 0x620ee000)
sendmsg$nl_route(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="780000001000010400"/20, @ANYRES32=r12, @ANYBLOB="60300300001400005800128009000100626f6e6400000000480002802c0008"], 0x78}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x74}]}, 0x0, 0x4}, 0x94)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r14, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x6, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x52, 0x0, 0x0, 0x0, 0x7}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}]}, &(0x7f0000000500)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x3, 0x6, 0x0, 0x4}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000580)=[{0x1, 0x2, 0xd, 0x3}], 0x10, 0x4}, 0x94)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000003c0)={0x50, r1, 0x111, 0x70bd27, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x9}, {0x6, 0x16, 0xfffa}, {0x5, 0x12, 0x1}}]}, 0x50}, 0x1, 0x0, 0x0, 0x804}, 0x20000)

2.088602122s ago: executing program 2 (id=2962):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, 0x0, 0x0)
listen(r0, 0x4)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001400030400000000000000542d"], 0x44}}, 0x0)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000240), 0x8)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={0x0, 0xa8}}, 0x10000000)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'})
connect$llc(r3, &(0x7f0000000180)={0x1a, 0x0, 0x4, 0x8, 0x0, 0x78}, 0x10)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r4, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x5, 0x3032, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @random="476d0000eafb", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x8, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}, @multicast1}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x2e}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
sendmmsg(r3, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
socket$alg(0x26, 0x5, 0x0)

1.546232359s ago: executing program 0 (id=2965):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x9, 0x8}]}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="0a000201bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000009611ff00000000000000000000ffffe0000002ff0200000000000000be0000000000014f194e20009690"], 0xd0)

1.376915823s ago: executing program 2 (id=2966):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[], 0x38}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
poll(&(0x7f00000030c0)=[{r1, 0x1000}], 0x1, 0x4)
close(0xffffffffffffffff)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000001280)=@mangle={'mangle\x00', 0x2, 0x6, 0x5b0, 0x148, 0x2f8, 0x228, 0x228, 0x228, 0x618, 0x618, 0x618, 0x618, 0x618, 0x6, 0x0, {[{{@ipv6={@mcast1, @private1, [], [0x0, 0x0, 0xff000000], 'pimreg0\x00', 'vlan1\x00', {}, {}, 0x21}, 0x0, 0x120, 0x148, 0x0, {0x7a00000010000000}, [@inet=@rpfilter={{0x28}, {0x8}}, @common=@inet=@multiport={{0x50}, {0x0, 0xc, [], [], 0x1}}]}, @HL={0x28, 'HL\x00', 0x0, {0x3}}}, {{@ipv6={@mcast2, @dev, [0x0, 0x0, 0x0, 0xffffffff], [], 'bridge0\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {0x0, 0x8}, {}, 0x300, 0x4}}}, {{@ipv6={@ipv4, @empty, [], [0x0, 0x0, 0x0, 0xffffff00], '\x00', 'bond_slave_0\x00', {}, {}, 0x84}, 0x0, 0xa8, 0xd0, 0x48000000}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, [0xff000000, 0xff000000, 0x0, 0xff000000], [0x0, 0x0, 0xff000000, 0xffffffff], 'veth1_to_hsr\x00', '\x00', {0xff}, {}, 0x62, 0x35, 0x1, 0x10}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@multicast1, @ipv4=@remote, 0x0, 0x37}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x610)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000800), r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x9fd, 0x84, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x803, r3}, 0x38) (fail_nth: 95)

1.288653771s ago: executing program 1 (id=2967):
socket$igmp6(0xa, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x800)
socket(0x1, 0x803, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x1}, 0x1c)
ioctl$int_in(r1, 0x5452, 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0xaf4, 0x0)
shutdown(r1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x14, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000000)='bridge0\x00')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r5, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x30, r8, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x5}, @L2TP_ATTR_IFNAME={0x14}]}, 0x30}}, 0x2)
syz_emit_ethernet(0x4c, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x3, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "ffb00afe4e70"}}}}}}}, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x70, 0x0, 0x9, 0x801, 0x0, 0x0, {}, [@NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x4}}]}, 0x70}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

1.001739629s ago: executing program 0 (id=2968):
socket$pppl2tp(0x18, 0x1, 0x1) (async)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) (async)
r1 = socket$packet(0x11, 0x2, 0x300) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r2)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r3, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x121}]}, 0x24}, 0x1, 0x0, 0x0, 0x850}, 0x20040880) (async)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000200)=@req3={0x10000, 0x100000001, 0x10003, 0x1, 0x0, 0x0, 0xfffffffc}, 0x1c) (async)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) (async)
ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, 0x0) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500ef001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r4, 0x27, 0xe, 0x0, &(0x7f0000000000)="f8ad1dcc02cb29dcc80032008100", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffc1)

987.217172ms ago: executing program 2 (id=2969):
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e21, 0x5, @loopback, 0xa}}, 0x0, 0x0, 0x3d, 0x0, "bb02a3c364ca41d6e5415445244740bd4c0b42a21d7214bf92594925208a0e2f964e654dc534a6324d4993fcf19b2df3ee818a118a7c49462189316d8b6d2ccd00"}, 0xd8) (async)
r0 = socket$kcm(0x23, 0x5, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000240)=0x9, 0x4)
listen(r0, 0x800)
r2 = accept4(r0, 0x0, 0x0, 0x80000)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
recvmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0) (async)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff000000"], 0x78) (async)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000040)={0x1, [<r6=>0x0]}, &(0x7f0000000080)=0x8)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000140)={<r7=>r3}) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_genetlink_get_family_id$SEG6(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r9, 0x301}, 0x14}}, 0x0) (async)
sendmsg$SEG6_CMD_SETHMAC(r7, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, r9, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x8004) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000000c0)={r6, 0x6}, &(0x7f0000000100)=0x8)

903.801426ms ago: executing program 4 (id=2970):
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000480)={'filter\x00', 0x104, 0x4, 0x3c0, 0x0, 0xe8, 0x1f0, 0x2d8, 0x2d8, 0x2d8, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'macvlan0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@arp={@loopback, @multicast2, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'veth0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xe8}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x410)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000"], 0xa4}}, 0x4)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="740000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa8886004000024001280090001007866726d000000001400028008000100010000000800020011000000050021000000000008000a00", @ANYRES32, @ANYBLOB='\n\x00:'], 0x74}}, 0x0)
r1 = accept4$llc(0xffffffffffffffff, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000000c0)=0x10, 0x800)
r2 = socket$kcm(0x10, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, &(0x7f0000000280)="ca", &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
getpeername$llc(r1, &(0x7f0000000100)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000180)=0x10)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000480)={'filter\x00', 0x104, 0x4, 0x3c0, 0x0, 0xe8, 0x1f0, 0x2d8, 0x2d8, 0x2d8, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'macvlan0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@arp={@loopback, @multicast2, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'veth0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xe8}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x410) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000"], 0xa4}}, 0x4) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="740000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa8886004000024001280090001007866726d000000001400028008000100010000000800020011000000050021000000000008000a00", @ANYRES32, @ANYBLOB='\n\x00:'], 0x74}}, 0x0) (async)
accept4$llc(0xffffffffffffffff, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000000c0)=0x10, 0x800) (async)
socket$kcm(0x10, 0x2, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, &(0x7f0000000280)="ca", &(0x7f0000000000)=""/3, 0x2}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) (async)
getpeername$llc(r1, &(0x7f0000000100)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000180)=0x10) (async)

772.783386ms ago: executing program 0 (id=2971):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000600)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
syz_emit_ethernet(0x6e, &(0x7f0000000000)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x21}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00318e", 0x38, 0x3a, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x1, 0x0, 0x4, '\x00', {0x0, 0x6, "000006", 0xda34, 0x3a, 0xff, @rand_addr=' \x01\x00', @empty, [], "ccd151d71f80b0c9"}}}}}}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x30, r1, 0x1, 0x0, 0x2, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xe}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x8010)

631.153607ms ago: executing program 2 (id=2972):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x80, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TARGET_INFO={0x2c, 0x3, "7339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c700"/40}, @NFTA_TARGET_NAME={0x8, 0x1, 'TEE\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000001c0000041c0200b5b53cea2cc410d08ab5966b5059e74c893f00024000000000000002000051a7e25000"/66], &(0x7f0000000540)=""/228, 0x36, 0xe4, 0x1}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000001000010400004000fedbdf2501f80000", @ANYRES32=0x0, @ANYBLOB="01020400000000002800128008000100736974001c00028008000200c6120001060008001900000005000a00fd000000080004000100010008000a00fa"], 0x58}}, 0x0)

557.313841ms ago: executing program 1 (id=2973):
unshare(0x22020400)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={<r0=>0xffffffffffffffff, 0x1ff, 0x0, 0x9})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x1, 0x0, r2}}, 0x40)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x80010, r1, 0xa2e61000)
sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)={0x154, 0x33, 0x100, 0x70bd28, 0x25dfdbfe, {0x8}, [@nested={0x138, 0x147, 0x0, 0x1, [@nested={0x124, 0xe6, 0x0, 0x1, [@nested={0x80, 0xe3, 0x0, 0x1, [@generic="08f9a6c02d3f583435c9fc751f272f4683d0677f2d608c10f4d2c9c93ee1f7967ac2e16b96aeb55bd7635487c45b41b4314611dd4084c01e6bdd284a4d1ed12dd3f0d01da3d21620bcc91c2c0ea59ae6daa205d53ffeb102f845831dc17755c4b34a2f152cbc0c36e3eaa62a663512d61d9d3441de79dd6f08da96cc"]}, @generic="d6dbd3500e7d0e3993e61e595e3a39aca2a665e66d44ecaeeb14adee049cda98e465683e98d994ba5d5695fcda3f532d7c766cf26e248c5654c4", @generic="f57ad8d5ac069d6983116126fa35c0eef6f9ac521f2edf40802a0c103e178235760052dee7178e836962fdbfc9ae355e6a5b451d086e45898f2585ce56dc7aae186ff933923388de05e9171d04e2f8d4f456c948cfee5544214002e153b6e3c3f6ab3f3ab962"]}, @nested={0x4, 0xd6}, @typed={0xfffffed4, 0x11c, 0x0, 0x0, @u64=0x586}]}, @typed={0x8, 0x92, 0x0, 0x0, @pid=r2}]}, 0x154}, 0x1, 0x0, 0x0, 0xd000}, 0x4008054)

478.95474ms ago: executing program 0 (id=2974):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x2, 0x4, 0x1, 0xbf22, 0x110}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x1, 0x4, 0x6, 0x0, r0}, 0x48) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x1001, 0x16}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f00000001c0), &(0x7f0000000600)=@udp6=r2}, 0x20)
ioctl$sock_qrtr_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000005280))

422.894255ms ago: executing program 4 (id=2975):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r3)
r5 = epoll_create(0x10000e9)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_DEL(r5, 0x2, r6)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000ec0)={0xe4, r4, 0xe701ac47a3d23ecd, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0xce, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x00\x00\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=E0\xe8R\x83'}]}, 0xe4}}, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000280)={0x14, r7, 0x711, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40040d4}, 0x20040000)
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r7, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x667}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048005}, 0x24000840)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000980), r2)
sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20020003}, 0xc, &(0x7f0000000a00)={&(0x7f0000000a80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="000125bd7000fbdbdb257c0000000c00990004b70000260000000a0500000802110000000000c87c4c9076a5e0d9f480d2ba95281df7c2a752155c71f73e3c2189248ecbf0b07c28e754452a67e0a551abd08f252dffd5e9f69dd7543040a640f6bb7a1d7815429f6f54b44b56d015fb0ef60c38b28dc12b9a640cb3130f1f46d96c91d72fadf5bc4b7354dd1d0c04c33a"], 0x2c}, 0x1, 0x0, 0x0, 0x20008001}, 0x4800)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0x0, 0xffffffff, 0xffffffff, 0x250, 0xffffffff, 0x328, 0xffffffff, 0xffffffff, 0x328, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x18}}, [], [], 'wg1\x00', 'caif0\x00', {}, {}, 0x62}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2d8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r9=>0x0})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r11, &(0x7f0000000040)={&(0x7f0000000500)={0x24, @long}, 0x14, &(0x7f0000001880)={0x0}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x20, 0x2, 0x1, 0x3, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x5}, 0x4000040)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f00000002c0)={'erspan0\x00', <r13=>r9, 0x8, 0x1, 0x34d, 0x2, {{0x31, 0x4, 0x0, 0x4, 0xc4, 0x66, 0x0, 0x3, 0x4, 0x0, @multicast2, @empty, {[@rr={0x7, 0x1f, 0x96, [@initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x12}, @rand_addr=0x64010101, @empty, @private=0xa010102, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @cipso={0x86, 0x70, 0x1, [{0x0, 0x10, "480f5c73b4edc5009e6ed018d73e"}, {0x7, 0xe, "46d8447199631808e7cc24ca"}, {0x7, 0xe, "9c54e582af02add923b9544f"}, {0x5, 0x7, "82b35dfefd"}, {0x0, 0xd, "7f875638f63385ae482958"}, {0x0, 0xd, "76b71df4caac7c79bac4a9"}, {0x1, 0x8, "f5215a640c26"}, {0x0, 0x12, "20a093dfa056add7b356e5effe0f0f89"}, {0x7, 0x3, '<'}]}, @lsrr={0x83, 0x1b, 0x27, [@local, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0xa}, @multicast1, @loopback]}, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000400)={'erspan0\x00', &(0x7f0000000780)={'tunl0\x00', <r14=>0x0, 0x7800, 0x8000, 0xd, 0x9, {{0x24, 0x4, 0x2, 0x9, 0x90, 0x65, 0x0, 0x5, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @remote, {[@generic={0x88, 0x4, "90c3"}, @ssrr={0x89, 0xf, 0x34, [@broadcast, @multicast2, @rand_addr=0x64010102]}, @cipso={0x86, 0x2b, 0xfffffffffffffffc, [{0x6, 0x11, "6536cda563f74b4038c879f7348be0"}, {0x4, 0x2}, {0x2, 0x10, "029ff2582a462c0726ebc3776cd2"}, {0x0, 0x2}]}, @generic={0x89, 0xb, "98f60870214e3994ca"}, @lsrr={0x83, 0x2b, 0x2d, [@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x10}, @multicast1, @remote, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x3b}, @loopback, @local, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x20}]}, @ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}]}}}}})
sendmsg$nl_route(r12, &(0x7f0000000900)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)=@RTM_NEWMDB={0x78, 0x54, 0x100, 0x70bd2a, 0x25dfdbfc, {0x7, r13}, [@MDBA_SET_ENTRY={0x20, 0x1, {r14, 0x1, 0x0, 0x4, {@ip4=@broadcast, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x0, 0x2, 0x4, {@in6_addr=@mcast2, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x0, 0x3, 0x4, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40}, 0x40)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r15 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r15, 0x29, 0xc8, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)

398.102922ms ago: executing program 0 (id=2976):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xe, 0x20000000000000bb, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0xfffffff8, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r3, @ANYBLOB="052b33d061000016300012800b0001006272696467650000200002800c002efdffffffffffffffff050007001f"], 0x6c}, 0x1, 0x0, 0x0, 0x10004000}, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5}]}}}]}, 0x3c}}, 0x0)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r6, 0x891a, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000060a0b0400000000000000000200000064000480600001800a000100696e6e65720000005000028008000240000000840800034000000007080004400000000f08000140000000152c0005800c0001007061796c6f6164001c00028008000340000000e1080004400000008b08000240000000050900010073797a30000000000900020073797a32"], 0xb8}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='sched_kthread_stop_ret\x00', r8}, 0x10)
r9 = socket$rxrpc(0x21, 0x2, 0xa)
r10 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r10, &(0x7f0000000000)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e22, 0xffffffff, @mcast1, 0x9}}, 0x24)
close(r9)

247.77207ms ago: executing program 1 (id=2977):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x9, 0x8}]}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="0a000201bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000009611ff00000000000000000000ffffe0000002ff0200000000000000cc0000000000014f194e20009690"], 0xd0)

209.833882ms ago: executing program 2 (id=2978):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x149e42, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x2}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1) (async)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0xbc, 0x6, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFTA_RULE_COMPAT={0x54, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x5c}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x67}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x86dd}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8847}]}, @NFTA_RULE_COMPAT={0x54, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0xe5}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xf7}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8808}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x84}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x3c}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x29}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x4a}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8035}]}]}, @NFT_MSG_DELRULE={0x28, 0x8, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x1}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWFLOWTABLE={0x20, 0x16, 0xa, 0x0, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWOBJ={0x90, 0x12, 0xa, 0x201, 0x0, 0x0, {0xf}, @NFT_OBJECT_SECMARK=@NFTA_OBJ_DATA={0x7c, 0x4, 0x0, 0x1, [@NFTA_SECMARK_CTX={0x27, 0x1, 'system_u:object_r:apt_var_lib_t:s0\x00'}, @NFTA_SECMARK_CTX={0x27, 0x1, 'system_u:object_r:insmod_exec_t:s0\x00'}, @NFTA_SECMARK_CTX={0x27, 0x1, 'system_u:object_r:mtrr_device_t:s0\x00'}]}}, @NFT_MSG_DELOBJ={0x2c, 0x14, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x8}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x234}, 0x1, 0x0, 0x0, 0x8800}, 0x20004880) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

163.672399ms ago: executing program 4 (id=2979):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000000)=0x2044, 0x4) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@mpls_getroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x0, 0x0, 0x0, 0xfc, 0x0, 0xfe, 0x7}}, 0x1c}}, 0x40000) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r0, 0x0, 0x1, 0x100, &(0x7f0000000040)=[0x0], 0x1, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0]}, 0x40)

155.68951ms ago: executing program 3 (id=2848):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000180), 0x24)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000)=0x2, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r3, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@mpls_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x8}}, 0x1c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd1, &(0x7f00000000c0)=0x3, 0x4)
socket$netlink(0x10, 0x3, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000200003393b0f3244c6c2fae"], 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x4, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xb7}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)
close(r6)
ioctl$SIOCSIFHWADDR(r6, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"})
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="10cf00000020000861a5b30698e58267766402217eea9a4110050000", @ANYRES32=r9, @ANYBLOB="100008800c0001000000000000000200"], 0x30}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000ffffffff030000000000000044010000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000e4e4b0990db2737f9a27307a63ea71441fa55feb231caf3e987a89fe3794105a801d7fb917d983265de9bd7c2ff92a20913ce52b51e880b7666bf697b06af313d8428d6e859df2092e15749a7d26f36bfffa025f1e55388f6edea84bbc331e4602be9a8db6e419bb10a28eeb30edca2f04b39d1c3dc2730a1f2861aeca74d221fadc2091d0a60d907e76d88f8cf9738202f6f58961910cf435569224659385971eda503bab51", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000010000000400"/28], 0x50)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'lo\x00'})
r11 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_SIOCOUTQNSD(r10, 0x894b, &(0x7f0000000140))
sendmsg$802154_dgram(r11, &(0x7f0000000040)={&(0x7f0000000500)={0x24, @long}, 0x14, &(0x7f0000001880)={0x0}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)

0s ago: executing program 0 (id=2980):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket(0x15, 0x80000, 0x7fffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xfc9f, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0xfffffffffffffc4a, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010026bd7000ffdbdf25010000000000000008410000004c0018fffffc00696200"/98], 0x68}, 0x1, 0x0, 0x0, 0x840}, 0x800)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000078c0)={'wlan0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000500)=ANY=[@ANYBLOB="0e00000000000000000000000020200041080000", @ANYRES32, @ANYBLOB="0000000000000000000000000000cbfaf6150094", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000840)={0x34, r7, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @default=0x9b4}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x6}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x34}}, 0x4000000)
r9 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x52, 0x1, 0x0, 0x0, {0xa}, [@typed={0x8, 0x4, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f0000007980)={0x0, 0x3d, &(0x7f0000007940)={&(0x7f0000007900)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="39fb25bd7000fddbdf2501000000080001004500000008000300", @ANYRES32=r5, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000000)={<r10=>0x0}, &(0x7f0000000040)=0x8)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r9, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="80000000", @ANYRES16=r0, @ANYBLOB="00042dbd7000ffdbdf25760000000c00990004000000070000000c005800000000000000000c00580006000000000000000c0058001b000000000000000c00580070000000000000000c0058007d000000000000000c0058000b000000000000000c00580014000000000000000c0058007600000000000000"], 0x80}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000100)=@buf={0x45, &(0x7f00000001c0)="ef8f4094aad4d15f642949808aed44660dee2729a25d5a94e8298d366c9716880ccb5f30126cd90ab00478eb6b3f42c9c7c18a9043b44e4c7e9220269b003fb8134dcae84e"})
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000080)={r10, 0x43, "9be6c1bab787e48de18508000000000000001c0f7ce993d4226f5fbc290c5f7ac264b39b31bd56735773fb0d5f9cd48f4e7d67bcc228d51560fd02455d2c4d8438069a"}, &(0x7f0000000180)=0x4b)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r12, @ANYBLOB="1c0100"/13], 0x38}}, 0x0)
sendmsg$NL80211_CMD_SET_BEACON(r9, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000280)={&(0x7f0000000a00)=ANY=[@ANYBLOB="74040000", @ANYRES16=0x0, @ANYBLOB="00042abd7000ffdbdf250e0000000c0099000700000008000000bb000f00010882848c8924098c3601040cb034896512505050505050ffffffffffff0802110000008c106902684a0d5869e4e6773bb848b61840087f3d7795a5329e5f796f3f2054d1598903a1f747b62812030a80e78e9cd8645d6d2659caeff05e45e585a8d2ef606ee52c1cb503cb6ddbb0a825a04b336ade34f54c17aed3389cdb1f745499970d54e95a9a453488b5b132bd9ea0f90a733b0c6e25387f8822989623e30223356457c8ece530b10e4319674cbe12cb80ec4d13004d000f0000060101010101012a01002a0102dd0754559b102277cd8325400806080211000001090000000802110000000600000001000080ffffffffffff00008000030174bd06080211000000000000ab000e00808004000802e20000000802110000163884e192010802110000001100000043810600000000000000640008000406080907008000060204000505057704dff5250300b1082d1a0000080400000000000000030007000e000000060c06000000017206030303030303710701ffff00020b00dd21050392b0329baec62ec214699f0563789bf584aea989f0b1e16245c23c15a50274dd158922ac0791673484e589cb8c1185d5907a05848ff7009c020e0080b00300ffffffffffff0802110000015050505050505f0008004200d509000000000000070024080108920b829b0ec81206030138040604010400ed7c060201802d1a010006f8ffffffffffffff00000b00170000000100010000000f7206030303030303dddce0ba421e5d05f80e08009800f89086a238a538ddd94e3b88396ba76c221c38ec28d301b61fce83da64c1327fd492f0ae2406e4856006d13e7dade345f2e0d963f29318748f044511f85d6640513ee4e97fd3db613695db56bfebc06c1231abfc6a8870eef71b705bac00790ca977bd5af23d7ba2275032e121cb9c86f414eb5118cea7e44a9549c51066fe3cb56067690af5a58e9ea30325b590fd2b13c8c912b3b8e4b1b831b3d24cc244a1d5de43a10f7708f27c6fdd5afea5e98ae721f7c8b22bf8f6ebb7f3b78300200bcb23fb762434d173485492f1f6e60386dd7c179b4634ddb7740cef2f134539bd34e254fe2c36623fce87040c6b2bff69e5455494be0a1a56fbb6bf8140294268b8f450b0d06c2481a2c7352367220cddbdf60fc4e4adc9440ed3201205f7b8f1f8acb3f2ac63f807c528b72dd3a5aa1410b7c790934326493b1cfcde176ba9d4d71dc99536c222249d05c2d3244fddd5bb2458253b71e1a50c15147b1658eb0060195425a1920a24d76edb2e0032b1ce966bd58e8881303d85d9488df07f516315ee8417117dfa559f020000005d41a99e11ce408d1eb83928bb9558dd126cc2f820ee225b068201810d5ea136fbf799bbdee814e9c762254139178599d922ae5f24e5b5d6629083606d048ffbe0a4ee6cad3d204544a857001b0e69014d2c6fbef631872850436c9192fb0347e0793b22e92cb5662cacc92c6aaf0cce27316153d9af71ff67a9e936bd6cd326362895631059f49fce0394c8b3148c2c9e4d98703f25eceeb4df385c0e0a5fad0920c83ca4e4e74f9c6e4feff6335df202fc848f030b9476970733353f600e59df1d26b73000681d0f67120e891e02d70d1670940bbfbbe202049d7f8b3b9cb67b9bc5464a310a08ddc33bb0a971b964a94d10bbdb0af86e7e0a"], 0x474}, 0x1, 0x0, 0x0, 0xc840}, 0x40)

kernel console output (not intermixed with test programs):

butes in process `syz.3.1992'.
[  210.502314][T12436] ieee802154 phy1 wpan1: encryption failed: -22
[  210.601011][T12440] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1990'.
[  210.612020][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.724862][T12440] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  211.163386][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.220003][T12471] netlink: 'syz.4.2003': attribute type 1 has an invalid length.
[  211.275458][T12475] FAULT_INJECTION: forcing a failure.
[  211.275458][T12475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.311765][T12475] CPU: 0 UID: 0 PID: 12475 Comm: syz.2.2005 Not tainted syzkaller #0 PREEMPT(full) 
[  211.311792][T12475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  211.311804][T12475] Call Trace:
[  211.311812][T12475]  <TASK>
[  211.311820][T12475]  dump_stack_lvl+0xe8/0x150
[  211.311851][T12475]  should_fail_ex+0x414/0x560
[  211.311886][T12475]  _copy_from_user+0x2d/0xb0
[  211.311911][T12475]  generic_map_update_batch+0x566/0x810
[  211.311945][T12475]  ? __pfx_generic_map_update_batch+0x10/0x10
[  211.311968][T12475]  ? __fget_files+0x2a/0x420
[  211.311999][T12475]  ? __pfx_generic_map_update_batch+0x10/0x10
[  211.312020][T12475]  bpf_map_do_batch+0x39b/0x630
[  211.312053][T12475]  __sys_bpf+0x690/0x860
[  211.312081][T12475]  ? __pfx___sys_bpf+0x10/0x10
[  211.312123][T12475]  ? ksys_write+0x22a/0x250
[  211.312144][T12475]  ? __pfx_ksys_write+0x10/0x10
[  211.312170][T12475]  __x64_sys_bpf+0x7c/0x90
[  211.312195][T12475]  do_syscall_64+0xec/0xf80
[  211.312215][T12475]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.312234][T12475]  ? trace_irq_disable+0x37/0x100
[  211.312258][T12475]  ? clear_bhb_loop+0x60/0xb0
[  211.312281][T12475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.312300][T12475] RIP: 0033:0x7f2aa718f749
[  211.312318][T12475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.312334][T12475] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  211.312355][T12475] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  211.312369][T12475] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  211.312382][T12475] RBP: 00007f2aa7fbb090 R08: 0000000000000000 R09: 0000000000000000
[  211.312394][T12475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  211.312405][T12475] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  211.312436][T12475]  </TASK>
[  211.530372][T12477] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2006'.
[  211.578262][T12485] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2007'.
[  211.657424][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.667308][T12487] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2006'.
[  211.736552][T12493] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  211.805972][T12495] ipt_REJECT: TCP_RESET invalid for non-tcp
[  211.869085][T12493] syzkaller0: entered promiscuous mode
[  211.913404][T12493] syzkaller0: entered allmulticast mode
[  211.928206][T12493] tipc: Resetting bearer <eth:syzkaller0>
[  211.941175][T12501] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2013'.
[  211.951912][T12500] syzkaller0: entered allmulticast mode
[  212.518077][T12501] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  212.717143][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.776365][T12523] FAULT_INJECTION: forcing a failure.
[  212.776365][T12523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.779810][ T1104] tipc: Resetting bearer <eth:syzkaller0>
[  212.790139][T12523] CPU: 1 UID: 0 PID: 12523 Comm: syz.0.2019 Not tainted syzkaller #0 PREEMPT(full) 
[  212.790164][T12523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  212.790176][T12523] Call Trace:
[  212.790183][T12523]  <TASK>
[  212.790191][T12523]  dump_stack_lvl+0xe8/0x150
[  212.790220][T12523]  should_fail_ex+0x414/0x560
[  212.790253][T12523]  _copy_from_user+0x2d/0xb0
[  212.790277][T12523]  generic_map_update_batch+0x50f/0x810
[  212.790310][T12523]  ? __pfx_generic_map_update_batch+0x10/0x10
[  212.790331][T12523]  ? __fget_files+0x2a/0x420
[  212.790396][T12523]  ? __pfx_generic_map_update_batch+0x10/0x10
[  212.790417][T12523]  bpf_map_do_batch+0x39b/0x630
[  212.790449][T12523]  __sys_bpf+0x690/0x860
[  212.790476][T12523]  ? __pfx___sys_bpf+0x10/0x10
[  212.790515][T12523]  ? ksys_write+0x22a/0x250
[  212.790536][T12523]  ? __pfx_ksys_write+0x10/0x10
[  212.790560][T12523]  __x64_sys_bpf+0x7c/0x90
[  212.790583][T12523]  do_syscall_64+0xec/0xf80
[  212.790601][T12523]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.790619][T12523]  ? trace_irq_disable+0x37/0x100
[  212.790643][T12523]  ? clear_bhb_loop+0x60/0xb0
[  212.790664][T12523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.790682][T12523] RIP: 0033:0x7f738678f749
[  212.790699][T12523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.790717][T12523] RSP: 002b:00007f73875af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  212.790736][T12523] RAX: ffffffffffffffda RBX: 00007f73869e5fa0 RCX: 00007f738678f749
[  212.790751][T12523] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  212.790763][T12523] RBP: 00007f73875af090 R08: 0000000000000000 R09: 0000000000000000
[  212.790775][T12523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  212.790787][T12523] R13: 00007f73869e6038 R14: 00007f73869e5fa0 R15: 00007ffd2baf5cc8
[  212.790817][T12523]  </TASK>
[  212.967835][T12526] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2020'.
[  212.981599][T12511] vcan1: entered promiscuous mode
[  213.003724][T12511] vcan1: entered allmulticast mode
[  213.050380][T12492] tipc: Resetting bearer <eth:syzkaller0>
[  213.145625][T12530] netlink: 'syz.4.2021': attribute type 83 has an invalid length.
[  213.160346][T12530] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2021'.
[  213.426642][T12545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2024'.
[  213.436790][T12545] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2024'.
[  213.724151][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.203766][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.324598][T12492] tipc: Disabling bearer <eth:syzkaller0>
[  214.373407][T12545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2024'.
[  214.387855][T12545] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2024'.
[  214.589930][T12557] FAULT_INJECTION: forcing a failure.
[  214.589930][T12557] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.616605][T12557] CPU: 1 UID: 0 PID: 12557 Comm: syz.3.2030 Not tainted syzkaller #0 PREEMPT(full) 
[  214.616632][T12557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  214.616644][T12557] Call Trace:
[  214.616652][T12557]  <TASK>
[  214.616660][T12557]  dump_stack_lvl+0xe8/0x150
[  214.616690][T12557]  should_fail_ex+0x414/0x560
[  214.616725][T12557]  _copy_from_user+0x2d/0xb0
[  214.616750][T12557]  generic_map_update_batch+0x566/0x810
[  214.616785][T12557]  ? __pfx_generic_map_update_batch+0x10/0x10
[  214.616808][T12557]  ? __fget_files+0x2a/0x420
[  214.616839][T12557]  ? __pfx_generic_map_update_batch+0x10/0x10
[  214.616860][T12557]  bpf_map_do_batch+0x39b/0x630
[  214.616892][T12557]  __sys_bpf+0x690/0x860
[  214.616920][T12557]  ? __pfx___sys_bpf+0x10/0x10
[  214.616963][T12557]  ? ksys_write+0x22a/0x250
[  214.616984][T12557]  ? __pfx_ksys_write+0x10/0x10
[  214.617011][T12557]  __x64_sys_bpf+0x7c/0x90
[  214.617036][T12557]  do_syscall_64+0xec/0xf80
[  214.617056][T12557]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.617075][T12557]  ? trace_irq_disable+0x37/0x100
[  214.617099][T12557]  ? clear_bhb_loop+0x60/0xb0
[  214.617123][T12557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.617146][T12557] RIP: 0033:0x7fa1d658f749
[  214.617163][T12557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.617181][T12557] RSP: 002b:00007fa1d7475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  214.617204][T12557] RAX: ffffffffffffffda RBX: 00007fa1d67e5fa0 RCX: 00007fa1d658f749
[  214.617218][T12557] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  214.617231][T12557] RBP: 00007fa1d7475090 R08: 0000000000000000 R09: 0000000000000000
[  214.617243][T12557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  214.617255][T12557] R13: 00007fa1d67e6038 R14: 00007fa1d67e5fa0 R15: 00007ffd2ace72b8
[  214.617288][T12557]  </TASK>
[  214.818890][T12563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2027'.
[  214.882162][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.220830][T12587] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2038'.
[  215.241889][T12590] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2038'.
[  215.516090][T12607] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.524974][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.614145][T12607] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  215.696515][T12617] FAULT_INJECTION: forcing a failure.
[  215.696515][T12617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.725425][T12617] CPU: 0 UID: 0 PID: 12617 Comm: syz.0.2046 Not tainted syzkaller #0 PREEMPT(full) 
[  215.725453][T12617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  215.725466][T12617] Call Trace:
[  215.725475][T12617]  <TASK>
[  215.725483][T12617]  dump_stack_lvl+0xe8/0x150
[  215.725512][T12617]  should_fail_ex+0x414/0x560
[  215.725547][T12617]  _copy_from_user+0x2d/0xb0
[  215.725571][T12617]  generic_map_update_batch+0x50f/0x810
[  215.725607][T12617]  ? __pfx_generic_map_update_batch+0x10/0x10
[  215.725630][T12617]  ? __fget_files+0x2a/0x420
[  215.725660][T12617]  ? __pfx_generic_map_update_batch+0x10/0x10
[  215.725680][T12617]  bpf_map_do_batch+0x39b/0x630
[  215.725713][T12617]  __sys_bpf+0x690/0x860
[  215.725742][T12617]  ? __pfx___sys_bpf+0x10/0x10
[  215.725798][T12617]  __x64_sys_bpf+0x7c/0x90
[  215.725829][T12617]  do_syscall_64+0xec/0xf80
[  215.725849][T12617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.725867][T12617]  ? trace_irq_disable+0x37/0x100
[  215.725891][T12617]  ? clear_bhb_loop+0x60/0xb0
[  215.725915][T12617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.725934][T12617] RIP: 0033:0x7f738678f749
[  215.725951][T12617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.725975][T12617] RSP: 002b:00007f73875af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  215.725996][T12617] RAX: ffffffffffffffda RBX: 00007f73869e5fa0 RCX: 00007f738678f749
[  215.726011][T12617] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  215.726024][T12617] RBP: 00007f73875af090 R08: 0000000000000000 R09: 0000000000000000
[  215.726036][T12617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  215.726048][T12617] R13: 00007f73869e6038 R14: 00007f73869e5fa0 R15: 00007ffd2baf5cc8
[  215.726080][T12617]  </TASK>
[  215.914806][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.033328][T12633] netlink: 'syz.0.2050': attribute type 11 has an invalid length.
[  216.226433][T12641] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.234977][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.243970][T12641] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.248788][T12623] team0 (unregistering): Port device batadv2 removed
[  216.252917][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.331228][T12639] macsec0: left allmulticast mode
[  216.353033][T12639] veth1_macvtap: left allmulticast mode
[  216.362305][T12639] macsec0: left promiscuous mode
[  216.385277][T12639] bridge0: port 1(macsec0) entered disabled state
[  216.652809][T12664] netlink: 'syz.3.2064': attribute type 2 has an invalid length.
[  216.669953][T12664] gre2: entered promiscuous mode
[  216.675800][T12664] gre2: entered allmulticast mode
[  216.896778][T12674] IPVS: Scheduler module ip_vs_sip not found
[  216.903810][T12682] IPVS: length: 239 != 24
[  217.069977][T12688] tc_dump_action: action bad kind
[  217.505022][T12719] netlink: 'syz.2.2081': attribute type 1 has an invalid length.
[  217.521277][T12719] __nla_validate_parse: 5 callbacks suppressed
[  217.521296][T12719] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2081'.
[  217.677665][T12719] wg1 speed is unknown, defaulting to 1000
[  217.895421][T12743] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2085'.
[  217.925366][T12738] syzkaller0: entered promiscuous mode
[  217.930877][T12738] syzkaller0: entered allmulticast mode
[  217.937377][T12742] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2087'.
[  217.958156][T12743] bridge_slave_1: left allmulticast mode
[  217.964495][T12743] bridge_slave_1: left promiscuous mode
[  217.970616][T12743] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.984125][T12743] bridge_slave_0: left allmulticast mode
[  217.989786][T12743] bridge_slave_0: left promiscuous mode
[  217.995746][T12743] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.004362][ T5972] net_ratelimit: 7 callbacks suppressed
[  219.004375][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.085920][T11763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.500487][T12777] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2099'.
[  219.539087][T12784] netlink: 'syz.0.2101': attribute type 1 has an invalid length.
[  219.558437][T12777] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.568047][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.801014][T12797] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2105'.
[  219.948047][T11780] IPVS: starting estimator thread 0...
[  219.966842][T12807] Cannot find del_set index 4 as target
[  220.014330][T12811] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2111'.
[  220.025560][T12813] netlink: 'syz.2.2112': attribute type 21 has an invalid length.
[  220.037713][T12813] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2112'.
[  220.054479][T12809] IPVS: using max 31 ests per chain, 74400 per kthread
[  220.066817][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.297094][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.325418][T12832] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.2119'.
[  220.438511][T12838] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2121'.
[  220.625804][T12854] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2126'.
[  220.795748][T12865] openvswitch: netlink: IPv4 tun info is not correct
[  221.083880][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.178805][T12891] openvswitch: netlink: Missing key (keys=40, expected=100)
[  221.189220][T12891] openvswitch: netlink: Missing key (keys=40, expected=100)
[  221.848181][T12937] FAULT_INJECTION: forcing a failure.
[  221.848181][T12937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.874020][T12937] CPU: 1 UID: 0 PID: 12937 Comm: syz.4.2149 Not tainted syzkaller #0 PREEMPT(full) 
[  221.874048][T12937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  221.874060][T12937] Call Trace:
[  221.874068][T12937]  <TASK>
[  221.874076][T12937]  dump_stack_lvl+0xe8/0x150
[  221.874106][T12937]  should_fail_ex+0x414/0x560
[  221.874140][T12937]  _copy_from_user+0x2d/0xb0
[  221.874164][T12937]  generic_map_update_batch+0x50f/0x810
[  221.874199][T12937]  ? __pfx_generic_map_update_batch+0x10/0x10
[  221.874221][T12937]  ? __fget_files+0x2a/0x420
[  221.874252][T12937]  ? __pfx_generic_map_update_batch+0x10/0x10
[  221.874273][T12937]  bpf_map_do_batch+0x39b/0x630
[  221.874307][T12937]  __sys_bpf+0x690/0x860
[  221.874347][T12937]  ? __pfx___sys_bpf+0x10/0x10
[  221.874389][T12937]  ? ksys_write+0x22a/0x250
[  221.874410][T12937]  ? __pfx_ksys_write+0x10/0x10
[  221.874436][T12937]  __x64_sys_bpf+0x7c/0x90
[  221.874460][T12937]  do_syscall_64+0xec/0xf80
[  221.874480][T12937]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.874499][T12937]  ? trace_irq_disable+0x37/0x100
[  221.874523][T12937]  ? clear_bhb_loop+0x60/0xb0
[  221.874546][T12937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.874564][T12937] RIP: 0033:0x7f8a9178f749
[  221.874582][T12937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.874599][T12937] RSP: 002b:00007f8a926db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  221.874619][T12937] RAX: ffffffffffffffda RBX: 00007f8a919e5fa0 RCX: 00007f8a9178f749
[  221.874634][T12937] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  221.874646][T12937] RBP: 00007f8a926db090 R08: 0000000000000000 R09: 0000000000000000
[  221.874659][T12937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  221.874670][T12937] R13: 00007f8a919e6038 R14: 00007f8a919e5fa0 R15: 00007ffc681f10d8
[  221.874702][T12937]  </TASK>
[  222.262420][T12949] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  222.407562][T12949] syzkaller0: entered promiscuous mode
[  222.413224][T12949] syzkaller0: entered allmulticast mode
[  222.419537][T12949] tipc: Resetting bearer <eth:syzkaller0>
[  222.641185][ T5978] tipc: Resetting bearer <eth:syzkaller0>
[  222.647454][T12969] SET target dimension over the limit!
[  222.667984][T12945] tipc: Resetting bearer <eth:syzkaller0>
[  223.790616][T12945] tipc: Disabling bearer <eth:syzkaller0>
[  223.802922][T12965] vcan1: entered promiscuous mode
[  223.808228][T12965] vcan1: entered allmulticast mode
[  223.997785][T12994] FAULT_INJECTION: forcing a failure.
[  223.997785][T12994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.043052][T12994] CPU: 0 UID: 0 PID: 12994 Comm: syz.0.2165 Not tainted syzkaller #0 PREEMPT(full) 
[  224.043080][T12994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  224.043091][T12994] Call Trace:
[  224.043099][T12994]  <TASK>
[  224.043107][T12994]  dump_stack_lvl+0xe8/0x150
[  224.043137][T12994]  should_fail_ex+0x414/0x560
[  224.043171][T12994]  _copy_from_user+0x2d/0xb0
[  224.043195][T12994]  generic_map_update_batch+0x566/0x810
[  224.043229][T12994]  ? __pfx_generic_map_update_batch+0x10/0x10
[  224.043250][T12994]  ? __fget_files+0x2a/0x420
[  224.043287][T12994]  ? __pfx_generic_map_update_batch+0x10/0x10
[  224.043308][T12994]  bpf_map_do_batch+0x39b/0x630
[  224.043342][T12994]  __sys_bpf+0x690/0x860
[  224.043369][T12994]  ? __pfx___sys_bpf+0x10/0x10
[  224.043408][T12994]  ? ksys_write+0x22a/0x250
[  224.043429][T12994]  ? __pfx_ksys_write+0x10/0x10
[  224.043455][T12994]  __x64_sys_bpf+0x7c/0x90
[  224.043479][T12994]  do_syscall_64+0xec/0xf80
[  224.043499][T12994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.043521][T12994]  ? trace_irq_disable+0x37/0x100
[  224.043546][T12994]  ? clear_bhb_loop+0x60/0xb0
[  224.043569][T12994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.043587][T12994] RIP: 0033:0x7f738678f749
[  224.043604][T12994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.043621][T12994] RSP: 002b:00007f73875af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.043642][T12994] RAX: ffffffffffffffda RBX: 00007f73869e5fa0 RCX: 00007f738678f749
[  224.043657][T12994] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  224.043669][T12994] RBP: 00007f73875af090 R08: 0000000000000000 R09: 0000000000000000
[  224.043682][T12994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  224.043693][T12994] R13: 00007f73869e6038 R14: 00007f73869e5fa0 R15: 00007ffd2baf5cc8
[  224.043722][T12994]  </TASK>
[  224.266402][ T5972] net_ratelimit: 6 callbacks suppressed
[  224.266420][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.403475][T13014] __nla_validate_parse: 10 callbacks suppressed
[  224.403499][T13014] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2171'.
[  224.491395][T13014] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  224.609430][T13024] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2172'.
[  224.727128][T13028] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  224.733721][T13030] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2178'.
[  224.827728][T13028] syzkaller0: entered promiscuous mode
[  224.833449][T13028] syzkaller0: entered allmulticast mode
[  224.839913][T13028] tipc: Resetting bearer <eth:syzkaller0>
[  224.911388][T13042] FAULT_INJECTION: forcing a failure.
[  224.911388][T13042] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.932218][T13027] tipc: Resetting bearer <eth:syzkaller0>
[  224.943145][T13042] CPU: 1 UID: 0 PID: 13042 Comm: syz.3.2181 Not tainted syzkaller #0 PREEMPT(full) 
[  224.943171][T13042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  224.943183][T13042] Call Trace:
[  224.943190][T13042]  <TASK>
[  224.943199][T13042]  dump_stack_lvl+0xe8/0x150
[  224.943228][T13042]  should_fail_ex+0x414/0x560
[  224.943263][T13042]  _copy_from_user+0x2d/0xb0
[  224.943288][T13042]  generic_map_update_batch+0x50f/0x810
[  224.943323][T13042]  ? __pfx_generic_map_update_batch+0x10/0x10
[  224.943345][T13042]  ? __fget_files+0x2a/0x420
[  224.943376][T13042]  ? __pfx_generic_map_update_batch+0x10/0x10
[  224.943398][T13042]  bpf_map_do_batch+0x39b/0x630
[  224.943439][T13042]  __sys_bpf+0x690/0x860
[  224.943467][T13042]  ? __pfx___sys_bpf+0x10/0x10
[  224.943527][T13042]  ? ksys_write+0x22a/0x250
[  224.943548][T13042]  ? __pfx_ksys_write+0x10/0x10
[  224.943573][T13042]  __x64_sys_bpf+0x7c/0x90
[  224.943597][T13042]  do_syscall_64+0xec/0xf80
[  224.943617][T13042]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.943635][T13042]  ? trace_irq_disable+0x37/0x100
[  224.943658][T13042]  ? clear_bhb_loop+0x60/0xb0
[  224.943678][T13042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.943696][T13042] RIP: 0033:0x7fa1d658f749
[  224.943713][T13042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.943730][T13042] RSP: 002b:00007fa1d7475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.943750][T13042] RAX: ffffffffffffffda RBX: 00007fa1d67e5fa0 RCX: 00007fa1d658f749
[  224.943764][T13042] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  224.943776][T13042] RBP: 00007fa1d7475090 R08: 0000000000000000 R09: 0000000000000000
[  224.943789][T13042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  224.943799][T13042] R13: 00007fa1d67e6038 R14: 00007fa1d67e5fa0 R15: 00007ffd2ace72b8
[  224.943830][T13042]  </TASK>
[  225.335849][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  226.365846][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  226.374799][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  226.469633][T13027] tipc: Disabling bearer <eth:syzkaller0>
[  226.481263][T13060] netlink: 'syz.0.2189': attribute type 12 has an invalid length.
[  226.545926][T13078] FAULT_INJECTION: forcing a failure.
[  226.545926][T13078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.573214][T13078] CPU: 1 UID: 0 PID: 13078 Comm: syz.0.2192 Not tainted syzkaller #0 PREEMPT(full) 
[  226.573240][T13078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  226.573259][T13078] Call Trace:
[  226.573266][T13078]  <TASK>
[  226.573274][T13078]  dump_stack_lvl+0xe8/0x150
[  226.573303][T13078]  should_fail_ex+0x414/0x560
[  226.573336][T13078]  _copy_from_user+0x2d/0xb0
[  226.573361][T13078]  generic_map_update_batch+0x566/0x810
[  226.573395][T13078]  ? __pfx_generic_map_update_batch+0x10/0x10
[  226.573416][T13078]  ? __fget_files+0x2a/0x420
[  226.573446][T13078]  ? __pfx_generic_map_update_batch+0x10/0x10
[  226.573468][T13078]  bpf_map_do_batch+0x39b/0x630
[  226.573501][T13078]  __sys_bpf+0x690/0x860
[  226.573529][T13078]  ? __pfx___sys_bpf+0x10/0x10
[  226.573570][T13078]  ? ksys_write+0x22a/0x250
[  226.573591][T13078]  ? __pfx_ksys_write+0x10/0x10
[  226.573617][T13078]  __x64_sys_bpf+0x7c/0x90
[  226.573641][T13078]  do_syscall_64+0xec/0xf80
[  226.573661][T13078]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.573679][T13078]  ? trace_irq_disable+0x37/0x100
[  226.573703][T13078]  ? clear_bhb_loop+0x60/0xb0
[  226.573726][T13078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.573745][T13078] RIP: 0033:0x7f738678f749
[  226.573762][T13078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.573779][T13078] RSP: 002b:00007f73875af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  226.573800][T13078] RAX: ffffffffffffffda RBX: 00007f73869e5fa0 RCX: 00007f738678f749
[  226.573814][T13078] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  226.573826][T13078] RBP: 00007f73875af090 R08: 0000000000000000 R09: 0000000000000000
[  226.573839][T13078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  226.573848][T13078] R13: 00007f73869e6038 R14: 00007f73869e5fa0 R15: 00007ffd2baf5cc8
[  226.573899][T13078]  </TASK>
[  226.994791][T13098] netlink: 'syz.1.2198': attribute type 13 has an invalid length.
[  227.002764][T13098] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2198'.
[  227.041642][T13097] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2200'.
[  227.105532][T13104] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2203'.
[  227.141231][T13102] netlink: 'syz.1.2201': attribute type 1 has an invalid length.
[  227.202408][T13102] 8021q: adding VLAN 0 to HW filter on device bond7
[  227.219708][T13110] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2204'.
[  227.223762][T13113] xt_TCPMSS: Only works on TCP SYN packets
[  227.238347][T13111] vlan3: entered allmulticast mode
[  227.247162][T13111] bond7: entered allmulticast mode
[  227.388665][T13128] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.2208'.
[  227.414760][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  227.485968][T13119] nbd2: detected capacity change from 0 to 63
[  227.507995][T13130] nbd: must specify an index to disconnect
[  227.517283][T13127] nbd: must specify an index to disconnect
[  227.538239][   T52] block nbd2: Receive control failed (result -104)
[  227.767020][T13143] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  227.780711][T13143] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  227.833645][T13153] sctp: [Deprecated]: syz.2.2217 (pid 13153) Use of int in max_burst socket option deprecated.
[  227.833645][T13153] Use struct sctp_assoc_value instead
[  227.848701][T13143] syzkaller0: entered promiscuous mode
[  227.859259][T13143] syzkaller0: entered allmulticast mode
[  227.868888][T13143] tipc: Resetting bearer <eth:syzkaller0>
[  227.873247][T13154] openvswitch: netlink: Unexpected mask (mask=40040, allowed=10048)
[  227.945074][T13141] tipc: Resetting bearer <eth:syzkaller0>
[  228.220074][T13177] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2220'.
[  228.453958][ T5972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  228.686984][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.286794][T13141] tipc: Disabling bearer <eth:syzkaller0>
[  229.301206][T13187] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2226'.
[  229.320689][T13188] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  229.403225][T11763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.454835][T13196] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  229.484368][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.609114][T13211] netlink: 232 bytes leftover after parsing attributes in process `syz.1.2234'.
[  229.644729][T13209] netlink: 'syz.0.2233': attribute type 29 has an invalid length.
[  229.673516][T13209] netlink: 'syz.0.2233': attribute type 29 has an invalid length.
[  229.688316][T13209] netlink: 500 bytes leftover after parsing attributes in process `syz.0.2233'.
[  229.715042][T13209] unsupported nla_type 58
[  229.911551][T13230] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  229.946441][T13235] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2243'.
[  229.960563][T13234] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2242'.
[  229.975773][T13230] syzkaller0: entered promiscuous mode
[  229.981924][T13230] syzkaller0: entered allmulticast mode
[  229.988447][T13230] tipc: Resetting bearer <eth:syzkaller0>
[  229.994726][T13231] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2240'.
[  230.173017][T13238] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  230.231282][T13229] tipc: Resetting bearer <eth:syzkaller0>
[  230.431245][T13251] ipt_REJECT: TCP_RESET invalid for non-tcp
[  230.810710][T13269] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2247'.
[  231.527932][T13229] tipc: Disabling bearer <eth:syzkaller0>
[  231.564081][T13262] : entered promiscuous mode
[  231.581293][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.776658][T13279] bridge0: port 1(syz_tun) entered blocking state
[  231.784625][T13279] bridge0: port 1(syz_tun) entered disabled state
[  231.792011][T13279] syz_tun: entered allmulticast mode
[  231.802080][T13279] syz_tun: entered promiscuous mode
[  231.808664][T13283] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2255'.
[  231.852205][T13289] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  231.895875][T13281] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2253'.
[  231.917865][T13281] 8021q: VLANs not supported on ip6_vti0
[  231.958845][T13294] gre0: entered promiscuous mode
[  232.003586][T13294] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2256'.
[  232.177549][T13303] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.186075][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.203506][T13303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2260'.
[  232.339939][T13309] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  232.443220][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.474421][T13309] syzkaller0: entered promiscuous mode
[  232.480109][T13309] syzkaller0: entered allmulticast mode
[  232.486596][T13309] tipc: Resetting bearer <eth:syzkaller0>
[  232.508357][T13308] tipc: Resetting bearer <eth:syzkaller0>
[  232.626179][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.645754][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.518744][T13308] tipc: Disabling bearer <eth:syzkaller0>
[  234.585943][T13336] vcan2: entered promiscuous mode
[  234.633105][T13336] vcan2: entered allmulticast mode
[  234.684208][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.896140][T13357] __nla_validate_parse: 2 callbacks suppressed
[  234.896161][T13357] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2275'.
[  234.974933][T13366] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2278'.
[  235.012752][T13366] netlink: 'syz.0.2278': attribute type 2 has an invalid length.
[  235.090994][T13371] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2280'.
[  235.110164][T13371] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2280'.
[  235.141601][T13371] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2280'.
[  235.183157][T13371] netlink: 'syz.2.2280': attribute type 2 has an invalid length.
[  235.194232][T13377] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2281'.
[  235.204867][T13375] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2279'.
[  235.205317][T13377] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2281'.
[  235.222782][T13371] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2280'.
[  235.243752][T13375] 8021q: VLANs not supported on ip6_vti0
[  235.399083][T13388] FAULT_INJECTION: forcing a failure.
[  235.399083][T13388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.426361][T13388] CPU: 0 UID: 0 PID: 13388 Comm: syz.2.2286 Not tainted syzkaller #0 PREEMPT(full) 
[  235.426387][T13388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  235.426398][T13388] Call Trace:
[  235.426406][T13388]  <TASK>
[  235.426414][T13388]  dump_stack_lvl+0xe8/0x150
[  235.426454][T13388]  should_fail_ex+0x414/0x560
[  235.426489][T13388]  _copy_from_user+0x2d/0xb0
[  235.426513][T13388]  generic_map_update_batch+0x566/0x810
[  235.426545][T13388]  ? __pfx_generic_map_update_batch+0x10/0x10
[  235.426568][T13388]  ? __fget_files+0x2a/0x420
[  235.426597][T13388]  ? __pfx_generic_map_update_batch+0x10/0x10
[  235.426617][T13388]  bpf_map_do_batch+0x39b/0x630
[  235.426651][T13388]  __sys_bpf+0x690/0x860
[  235.426679][T13388]  ? __pfx___sys_bpf+0x10/0x10
[  235.426717][T13388]  ? ksys_write+0x22a/0x250
[  235.426739][T13388]  ? __pfx_ksys_write+0x10/0x10
[  235.426764][T13388]  __x64_sys_bpf+0x7c/0x90
[  235.426788][T13388]  do_syscall_64+0xec/0xf80
[  235.426808][T13388]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.426826][T13388]  ? trace_irq_disable+0x37/0x100
[  235.426850][T13388]  ? clear_bhb_loop+0x60/0xb0
[  235.426873][T13388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.426891][T13388] RIP: 0033:0x7f2aa718f749
[  235.426907][T13388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.426923][T13388] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  235.426942][T13388] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  235.426956][T13388] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  235.426968][T13388] RBP: 00007f2aa7fbb090 R08: 0000000000000000 R09: 0000000000000000
[  235.426980][T13388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  235.426992][T13388] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  235.427025][T13388]  </TASK>
[  235.627216][T13384] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  235.635044][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.689761][T13384] syzkaller0: entered promiscuous mode
[  235.695327][T13384] syzkaller0: entered allmulticast mode
[  235.702269][T13384] tipc: Resetting bearer <eth:syzkaller0>
[  235.728411][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.792867][T13397] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2289'.
[  235.814932][T13382] tipc: Resetting bearer <eth:syzkaller0>
[  236.225907][T13418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.234582][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.776110][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  237.056829][T13382] tipc: Disabling bearer <eth:syzkaller0>
[  237.077990][T13407] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  237.098800][T13418] 8021q: VLANs not supported on ip6_vti0
[  237.277694][T13425] FAULT_INJECTION: forcing a failure.
[  237.277694][T13425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.323047][T13425] CPU: 1 UID: 0 PID: 13425 Comm: syz.0.2298 Not tainted syzkaller #0 PREEMPT(full) 
[  237.323073][T13425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  237.323084][T13425] Call Trace:
[  237.323093][T13425]  <TASK>
[  237.323101][T13425]  dump_stack_lvl+0xe8/0x150
[  237.323131][T13425]  should_fail_ex+0x414/0x560
[  237.323166][T13425]  _copy_from_user+0x2d/0xb0
[  237.323192][T13425]  generic_map_update_batch+0x50f/0x810
[  237.323224][T13425]  ? __pfx_generic_map_update_batch+0x10/0x10
[  237.323246][T13425]  ? __fget_files+0x2a/0x420
[  237.323275][T13425]  ? __pfx_generic_map_update_batch+0x10/0x10
[  237.323297][T13425]  bpf_map_do_batch+0x39b/0x630
[  237.323331][T13425]  __sys_bpf+0x690/0x860
[  237.323358][T13425]  ? __pfx___sys_bpf+0x10/0x10
[  237.323403][T13425]  ? ksys_write+0x22a/0x250
[  237.323425][T13425]  ? __pfx_ksys_write+0x10/0x10
[  237.323452][T13425]  __x64_sys_bpf+0x7c/0x90
[  237.323476][T13425]  do_syscall_64+0xec/0xf80
[  237.323495][T13425]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.323513][T13425]  ? trace_irq_disable+0x37/0x100
[  237.323537][T13425]  ? clear_bhb_loop+0x60/0xb0
[  237.323561][T13425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.323580][T13425] RIP: 0033:0x7f738678f749
[  237.323597][T13425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.323615][T13425] RSP: 002b:00007f73875af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  237.323636][T13425] RAX: ffffffffffffffda RBX: 00007f73869e5fa0 RCX: 00007f738678f749
[  237.323651][T13425] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  237.323663][T13425] RBP: 00007f73875af090 R08: 0000000000000000 R09: 0000000000000000
[  237.323675][T13425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.323686][T13425] R13: 00007f73869e6038 R14: 00007f73869e5fa0 R15: 00007ffd2baf5cc8
[  237.323715][T13425]  </TASK>
[  237.804206][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  237.819455][T13461] netlink: 'syz.1.2307': attribute type 9 has an invalid length.
[  237.886630][T13459] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  237.987078][T13459] syzkaller0: entered promiscuous mode
[  238.003086][T13459] syzkaller0: entered allmulticast mode
[  238.015392][T13459] tipc: Resetting bearer <eth:syzkaller0>
[  238.041736][T13476] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  238.233196][T13457] tipc: Resetting bearer <eth:syzkaller0>
[  238.300537][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  238.467629][T13495] netlink: 'syz.4.2317': attribute type 6 has an invalid length.
[  238.477693][T13495] netlink: 'syz.4.2317': attribute type 5 has an invalid length.
[  238.486546][T13500] sctp: [Deprecated]: syz.1.2318 (pid 13500) Use of struct sctp_assoc_value in delayed_ack socket option.
[  238.486546][T13500] Use struct sctp_sack_info instead
[  238.683577][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  238.853534][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.555168][T13457] tipc: Disabling bearer <eth:syzkaller0>
[  239.901384][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.936087][T13541] FAULT_INJECTION: forcing a failure.
[  239.936087][T13541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.971267][T13541] CPU: 1 UID: 0 PID: 13541 Comm: syz.2.2329 Not tainted syzkaller #0 PREEMPT(full) 
[  239.971294][T13541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  239.971305][T13541] Call Trace:
[  239.971314][T13541]  <TASK>
[  239.971321][T13541]  dump_stack_lvl+0xe8/0x150
[  239.971352][T13541]  should_fail_ex+0x414/0x560
[  239.971388][T13541]  _copy_from_user+0x2d/0xb0
[  239.971413][T13541]  generic_map_update_batch+0x50f/0x810
[  239.971444][T13541]  ? __pfx_generic_map_update_batch+0x10/0x10
[  239.971466][T13541]  ? __fget_files+0x2a/0x420
[  239.971497][T13541]  ? __pfx_generic_map_update_batch+0x10/0x10
[  239.971516][T13541]  bpf_map_do_batch+0x39b/0x630
[  239.971547][T13541]  __sys_bpf+0x690/0x860
[  239.971575][T13541]  ? __pfx___sys_bpf+0x10/0x10
[  239.971625][T13541]  ? trace_sys_enter+0x5e/0xf0
[  239.971649][T13541]  ? rcu_is_watching+0x15/0xb0
[  239.971677][T13541]  __x64_sys_bpf+0x7c/0x90
[  239.971702][T13541]  do_syscall_64+0xec/0xf80
[  239.971720][T13541]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.971737][T13541]  ? trace_irq_disable+0x37/0x100
[  239.971762][T13541]  ? clear_bhb_loop+0x60/0xb0
[  239.971785][T13541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.971803][T13541] RIP: 0033:0x7f2aa718f749
[  239.971820][T13541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.971837][T13541] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  239.971857][T13541] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  239.971872][T13541] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  239.971884][T13541] RBP: 00007f2aa7fbb090 R08: 0000000000000000 R09: 0000000000000000
[  239.971896][T13541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  239.971908][T13541] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  239.971939][T13541]  </TASK>
[  240.264206][T13547] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  240.271201][T13547] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  240.280042][T11780] IPVS: starting estimator thread 0...
[  240.287413][T13544] IPVS: dh: SCTP 172.20.20.187:0 - no destination available
[  240.304430][T13548] syzkaller0: entered promiscuous mode
[  240.310601][T13548] syzkaller0: entered allmulticast mode
[  240.317878][T13547] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  240.336911][T13544] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.403025][T13554] tipc: Resetting bearer <eth:syzkaller0>
[  240.414475][T13549] IPVS: using max 30 ests per chain, 72000 per kthread
[  240.493154][T13554] tipc: Disabling bearer <eth:syzkaller0>
[  240.642513][T13561] __nla_validate_parse: 12 callbacks suppressed
[  240.642530][T13561] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2335'.
[  240.808229][T13575] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2341'.
[  240.819565][T13575] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  240.924276][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.991455][T13581] FAULT_INJECTION: forcing a failure.
[  240.991455][T13581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.018040][T13581] CPU: 1 UID: 0 PID: 13581 Comm: syz.2.2344 Not tainted syzkaller #0 PREEMPT(full) 
[  241.018068][T13581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  241.018081][T13581] Call Trace:
[  241.018089][T13581]  <TASK>
[  241.018097][T13581]  dump_stack_lvl+0xe8/0x150
[  241.018128][T13581]  should_fail_ex+0x414/0x560
[  241.018163][T13581]  _copy_from_user+0x2d/0xb0
[  241.018188][T13581]  generic_map_update_batch+0x566/0x810
[  241.018223][T13581]  ? __pfx_generic_map_update_batch+0x10/0x10
[  241.018247][T13581]  ? __fget_files+0x2a/0x420
[  241.018277][T13581]  ? __pfx_generic_map_update_batch+0x10/0x10
[  241.018299][T13581]  bpf_map_do_batch+0x39b/0x630
[  241.018332][T13581]  __sys_bpf+0x690/0x860
[  241.018360][T13581]  ? __pfx___sys_bpf+0x10/0x10
[  241.018402][T13581]  ? ksys_write+0x22a/0x250
[  241.018424][T13581]  ? __pfx_ksys_write+0x10/0x10
[  241.018449][T13581]  __x64_sys_bpf+0x7c/0x90
[  241.018474][T13581]  do_syscall_64+0xec/0xf80
[  241.018494][T13581]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.018513][T13581]  ? trace_irq_disable+0x37/0x100
[  241.018537][T13581]  ? clear_bhb_loop+0x60/0xb0
[  241.018561][T13581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.018580][T13581] RIP: 0033:0x7f2aa718f749
[  241.018597][T13581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.018612][T13581] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  241.018633][T13581] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  241.018648][T13581] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  241.018660][T13581] RBP: 00007f2aa7fbb090 R08: 0000000000000000 R09: 0000000000000000
[  241.018672][T13581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  241.018683][T13581] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  241.018715][T13581]  </TASK>
[  241.455145][T13598] macvtap1: entered promiscuous mode
[  241.460783][T13598] macvtap1: entered allmulticast mode
[  241.469423][T13598] veth1_vlan: entered allmulticast mode
[  241.487897][T13596] macvtap2: entered promiscuous mode
[  241.493363][T13596] macvtap2: entered allmulticast mode
[  241.596896][T13606] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2353'.
[  241.657891][T13608] blkio.reset_stats is deprecated
[  241.717680][T13616] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2357'.
[  241.725275][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.735426][T13617] x_tables: unsorted entry at hook 2
[  241.764389][T13616] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  241.837289][ T5834] IPVS: starting estimator thread 0...
[  241.864498][T13622] IPVS: dh: SCTP 172.20.20.187:0 - no destination available
[  241.953088][T13625] IPVS: using max 31 ests per chain, 74400 per kthread
[  241.968202][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.006384][T13632] netlink: 'syz.4.2361': attribute type 3 has an invalid length.
[  242.092927][T13630] bond4 (unregistering): Released all slaves
[  242.331139][T13649] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2365'.
[  242.366017][T13651] netlink: 'syz.3.2366': attribute type 18 has an invalid length.
[  242.441628][T13658] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2369'.
[  242.568471][T13664] rdma_rxe: rxe_newlink: failed to add lo
[  242.652031][T13667] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.884504][T13689] netlink: 'syz.0.2379': attribute type 10 has an invalid length.
[  243.012155][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  243.021082][T11095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  243.038748][T13702] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2384'.
[  243.142574][T13713] rdma_rxe: rxe_newlink: failed to add lo
[  244.166110][T13718] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  244.262293][T13723] netlink: 'syz.0.2388': attribute type 58 has an invalid length.
[  244.288560][T13723] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2388'.
[  244.290042][T13729] netlink: 'syz.3.2392': attribute type 1 has an invalid length.
[  244.340051][T13731] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2392'.
[  244.380273][T13729] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  244.414483][T13735] nbd: couldn't find device at index 1
[  244.564169][T13742] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2394'.
[  244.904539][T13765] syzkaller0: entered promiscuous mode
[  244.916812][T13765] syzkaller0: entered allmulticast mode
[  245.084812][ T5834] net_ratelimit: 9 callbacks suppressed
[  245.084829][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  246.127395][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  246.362457][T13770] __nla_validate_parse: 4 callbacks suppressed
[  246.362476][T13770] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2403'.
[  246.380703][T13774] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  246.524537][T13806] netlink: 'syz.1.2415': attribute type 1 has an invalid length.
[  246.532298][T13806] netlink: 'syz.1.2415': attribute type 3 has an invalid length.
[  246.553132][T13806] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2415'.
[  246.767430][T13829] netlink: 'syz.2.2422': attribute type 1 has an invalid length.
[  246.833880][T13829] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2422'.
[  247.007209][T13841] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  247.035508][T13844] netlink: 'syz.4.2425': attribute type 9 has an invalid length.
[  247.043834][T13844] netlink: 'syz.4.2425': attribute type 11 has an invalid length.
[  247.051779][T13844] netlink: 'syz.4.2425': attribute type 12 has an invalid length.
[  247.073779][T13844] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.2425'.
[  247.084528][T13845] x_tables: duplicate underflow at hook 4
[  247.094211][T13844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2425'.
[  247.119861][T13844] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2425'.
[  247.163517][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.199109][T13854] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2429'.
[  247.227716][T13854] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  247.415496][T13867] veth0: entered promiscuous mode
[  247.441118][T13866] veth0: left promiscuous mode
[  247.546883][T13871] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2435'.
[  247.591955][T13871] geneve2: entered promiscuous mode
[  247.661074][T13876] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2438'.
[  247.737753][T13882] netlink: 'syz.2.2436': attribute type 4 has an invalid length.
[  247.805086][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.837646][T13887] netlink: 'syz.4.2439': attribute type 1 has an invalid length.
[  247.852660][T13887] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2439'.
[  247.886547][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.920376][T13890] ip6gre1: entered allmulticast mode
[  248.100451][T13902] netlink: 'syz.4.2445': attribute type 15 has an invalid length.
[  248.121005][T13902] netlink: 'syz.4.2445': attribute type 1 has an invalid length.
[  248.138469][T13902] netlink: 'syz.4.2445': attribute type 1 has an invalid length.
[  248.161402][T13902] netlink: 'syz.4.2445': attribute type 1 has an invalid length.
[  248.204563][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.214221][T13902] netlink: 'syz.4.2445': attribute type 2 has an invalid length.
[  248.255900][T13910] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  248.528064][ T1142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.537954][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.546697][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.603658][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.750848][T13932] syzkaller0: entered promiscuous mode
[  248.757005][T13932] syzkaller0: entered allmulticast mode
[  250.275162][T13973] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  250.296493][T13977] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  250.686671][ T5834] net_ratelimit: 1 callbacks suppressed
[  250.686690][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.777713][T14002] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  250.806281][T14002] syzkaller0: entered promiscuous mode
[  250.822180][T14001] tipc: Disabling bearer <eth:syzkaller0>
[  250.855757][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.092654][T14022] syzkaller1: entered promiscuous mode
[  251.098187][T14022] syzkaller1: entered allmulticast mode
[  251.288206][T14037] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  251.370415][T14047] netlink: 'syz.3.2494': attribute type 11 has an invalid length.
[  251.407479][T14047] __nla_validate_parse: 12 callbacks suppressed
[  251.407497][T14047] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2494'.
[  251.728657][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.752365][T14065] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2497'.
[  251.817912][T14067] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  252.050564][T14093] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2505'.
[  252.078905][T14095] syzkaller0: entered promiscuous mode
[  252.085801][T14095] syzkaller0: entered allmulticast mode
[  252.102850][T14089] TC_ACT_REPEAT abuse ?
[  252.107708][T14095] TC_ACT_REPEAT abuse ?
[  252.308977][T14109] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  252.334780][T14113] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  252.536360][T14109] syzkaller0: entered promiscuous mode
[  252.542006][T14109] syzkaller0: entered allmulticast mode
[  252.550402][T14109] tipc: Resetting bearer <eth:syzkaller0>
[  252.556463][T14123] tap0: tun_chr_ioctl cmd 2148553947
[  252.573587][T14109] tap0: tun_chr_ioctl cmd 2147767517
[  252.709401][T14133] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  252.722477][T14134] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  252.731958][T14132] syzkaller0: entered promiscuous mode
[  252.738026][T14132] syzkaller0: entered allmulticast mode
[  252.756642][T14136] xt_l2tp: v2 doesn't support IP mode
[  252.759748][T14132] tipc: Resetting bearer <eth:syzkaller0>
[  252.762347][T14136] IPVS: set_ctl: invalid protocol: 135 0.0.0.0:20001
[  252.777085][T14131] tipc: Resetting bearer <eth:syzkaller0>
[  252.783335][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  252.801869][T14131] tipc: Disabling bearer <eth:syzkaller0>
[  252.829984][T14138] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2516'.
[  252.888183][T14140] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2517'.
[  252.950605][T14145] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2519'.
[  252.985955][T14147] FAULT_INJECTION: forcing a failure.
[  252.985955][T14147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.000542][T14147] CPU: 1 UID: 0 PID: 14147 Comm: syz.4.2520 Not tainted syzkaller #0 PREEMPT(full) 
[  253.000567][T14147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  253.000579][T14147] Call Trace:
[  253.000591][T14147]  <TASK>
[  253.000599][T14147]  dump_stack_lvl+0xe8/0x150
[  253.000629][T14147]  should_fail_ex+0x414/0x560
[  253.000662][T14147]  _copy_from_user+0x2d/0xb0
[  253.000693][T14147]  generic_map_update_batch+0x566/0x810
[  253.000726][T14147]  ? __pfx_generic_map_update_batch+0x10/0x10
[  253.000747][T14147]  ? __fget_files+0x2a/0x420
[  253.000774][T14147]  ? __pfx_generic_map_update_batch+0x10/0x10
[  253.000794][T14147]  bpf_map_do_batch+0x39b/0x630
[  253.000827][T14147]  __sys_bpf+0x690/0x860
[  253.000855][T14147]  ? __pfx___sys_bpf+0x10/0x10
[  253.000897][T14147]  ? ksys_write+0x22a/0x250
[  253.000919][T14147]  ? __pfx_ksys_write+0x10/0x10
[  253.000945][T14147]  __x64_sys_bpf+0x7c/0x90
[  253.000969][T14147]  do_syscall_64+0xec/0xf80
[  253.000990][T14147]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.001008][T14147]  ? trace_irq_disable+0x37/0x100
[  253.001032][T14147]  ? clear_bhb_loop+0x60/0xb0
[  253.001055][T14147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.001074][T14147] RIP: 0033:0x7f8a9178f749
[  253.001092][T14147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.001110][T14147] RSP: 002b:00007f8a926db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  253.001131][T14147] RAX: ffffffffffffffda RBX: 00007f8a919e5fa0 RCX: 00007f8a9178f749
[  253.001147][T14147] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  253.001160][T14147] RBP: 00007f8a926db090 R08: 0000000000000000 R09: 0000000000000000
[  253.001173][T14147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  253.001185][T14147] R13: 00007f8a919e6038 R14: 00007f8a919e5fa0 R15: 00007ffc681f10d8
[  253.001218][T14147]  </TASK>
[  253.374010][  T320] tipc: Resetting bearer <eth:syzkaller0>
[  253.394966][T14103] tipc: Resetting bearer <eth:syzkaller0>
[  253.481854][T14161] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.2526'.
[  253.503802][T14162] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2525'.
[  253.641923][T14176] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2531'.
[  253.803617][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  253.884579][T11763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.293425][  T320] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.477603][T14189] FAULT_INJECTION: forcing a failure.
[  254.477603][T14189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.497119][T14189] CPU: 0 UID: 0 PID: 14189 Comm: syz.1.2533 Not tainted syzkaller #0 PREEMPT(full) 
[  254.497145][T14189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  254.497157][T14189] Call Trace:
[  254.497164][T14189]  <TASK>
[  254.497172][T14189]  dump_stack_lvl+0xe8/0x150
[  254.497200][T14189]  should_fail_ex+0x414/0x560
[  254.497232][T14189]  _copy_from_user+0x2d/0xb0
[  254.497255][T14189]  generic_map_update_batch+0x50f/0x810
[  254.497288][T14189]  ? __pfx_generic_map_update_batch+0x10/0x10
[  254.497309][T14189]  ? __fget_files+0x2a/0x420
[  254.497338][T14189]  ? __pfx_generic_map_update_batch+0x10/0x10
[  254.497368][T14189]  bpf_map_do_batch+0x39b/0x630
[  254.497398][T14189]  __sys_bpf+0x690/0x860
[  254.497424][T14189]  ? __pfx___sys_bpf+0x10/0x10
[  254.497463][T14189]  ? ksys_write+0x22a/0x250
[  254.497483][T14189]  ? __pfx_ksys_write+0x10/0x10
[  254.497507][T14189]  __x64_sys_bpf+0x7c/0x90
[  254.497529][T14189]  do_syscall_64+0xec/0xf80
[  254.497548][T14189]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.497565][T14189]  ? trace_irq_disable+0x37/0x100
[  254.497589][T14189]  ? clear_bhb_loop+0x60/0xb0
[  254.497610][T14189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.497627][T14189] RIP: 0033:0x7fdfe238f749
[  254.497644][T14189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.497660][T14189] RSP: 002b:00007fdfe31b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  254.497680][T14189] RAX: ffffffffffffffda RBX: 00007fdfe25e5fa0 RCX: 00007fdfe238f749
[  254.497694][T14189] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  254.497706][T14189] RBP: 00007fdfe31b6090 R08: 0000000000000000 R09: 0000000000000000
[  254.497718][T14189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  254.497728][T14189] R13: 00007fdfe25e6038 R14: 00007fdfe25e5fa0 R15: 00007ffcf8682e28
[  254.497757][T14189]  </TASK>
[  254.868773][T14103] tipc: Disabling bearer <eth:syzkaller0>
[  254.941094][T14193] bond8: option resend_igmp: invalid value (32767)
[  254.950181][T14193] bond8: option resend_igmp: allowed values 0 - 255
[  254.959074][T14193] bond8 (unregistering): Released all slaves
[  255.304850][T14229] FAULT_INJECTION: forcing a failure.
[  255.304850][T14229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.353266][T14229] CPU: 0 UID: 0 PID: 14229 Comm: syz.1.2544 Not tainted syzkaller #0 PREEMPT(full) 
[  255.353298][T14229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  255.353310][T14229] Call Trace:
[  255.353318][T14229]  <TASK>
[  255.353326][T14229]  dump_stack_lvl+0xe8/0x150
[  255.353357][T14229]  should_fail_ex+0x414/0x560
[  255.353391][T14229]  _copy_from_user+0x2d/0xb0
[  255.353416][T14229]  generic_map_update_batch+0x566/0x810
[  255.353450][T14229]  ? __pfx_generic_map_update_batch+0x10/0x10
[  255.353472][T14229]  ? __fget_files+0x2a/0x420
[  255.353500][T14229]  ? __pfx_generic_map_update_batch+0x10/0x10
[  255.353521][T14229]  bpf_map_do_batch+0x39b/0x630
[  255.353554][T14229]  __sys_bpf+0x690/0x860
[  255.353582][T14229]  ? __pfx___sys_bpf+0x10/0x10
[  255.353621][T14229]  ? ksys_write+0x22a/0x250
[  255.353643][T14229]  ? __pfx_ksys_write+0x10/0x10
[  255.353670][T14229]  __x64_sys_bpf+0x7c/0x90
[  255.353695][T14229]  do_syscall_64+0xec/0xf80
[  255.353714][T14229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.353733][T14229]  ? trace_irq_disable+0x37/0x100
[  255.353758][T14229]  ? clear_bhb_loop+0x60/0xb0
[  255.353780][T14229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.353798][T14229] RIP: 0033:0x7fdfe238f749
[  255.353814][T14229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.353832][T14229] RSP: 002b:00007fdfe31b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  255.353854][T14229] RAX: ffffffffffffffda RBX: 00007fdfe25e5fa0 RCX: 00007fdfe238f749
[  255.353869][T14229] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  255.353881][T14229] RBP: 00007fdfe31b6090 R08: 0000000000000000 R09: 0000000000000000
[  255.353893][T14229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  255.353904][T14229] R13: 00007fdfe25e6038 R14: 00007fdfe25e5fa0 R15: 00007ffcf8682e28
[  255.353935][T14229]  </TASK>
[  255.583729][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  255.604093][T14238] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2547'.
[  255.688655][T14232] vlan2: entered promiscuous mode
[  255.696922][T14232] geneve1: entered promiscuous mode
[  255.702316][T14232] vlan2: entered allmulticast mode
[  255.707615][T14232] geneve1: entered allmulticast mode
[  256.192632][T14267] net_ratelimit: 3 callbacks suppressed
[  256.192651][T14267] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  256.199406][T14269] SET target dimension over the limit!
[  256.359363][T14279] openvswitch: netlink: IP tunnel dst address not specified
[  256.374505][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.391284][T14285] validate_nla: 3 callbacks suppressed
[  256.391302][T14285] netlink: 'syz.1.2562': attribute type 1 has an invalid length.
[  256.431873][T14285] __nla_validate_parse: 4 callbacks suppressed
[  256.431889][T14285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2562'.
[  256.451607][T14285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2562'.
[  256.504897][T14290] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2563'.
[  256.630152][T14300] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2567'.
[  256.659889][T14300] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2567'.
[  256.673427][T14302] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2568'.
[  256.699411][T14302] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  256.734357][T14302] gretap2: default qdisc (pfifo_fast) fail, fallback to noqueue
[  256.742067][T14302] gretap2: entered promiscuous mode
[  256.755227][T14302] gretap2: entered allmulticast mode
[  256.921635][T14320] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2571'.
[  256.932100][ T5941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.983395][T14320] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2571'.
[  257.059633][T14327] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2573'.
[  257.106811][T14327] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2573'.
[  257.407507][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.414135][T14347] netlink: 'syz.4.2576': attribute type 7 has an invalid length.
[  257.437991][T14347] netlink: 'syz.4.2576': attribute type 8 has an invalid length.
[  257.489826][T11763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.497979][T11763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.508560][T14347] batadv_slave_1: entered promiscuous mode
[  257.527355][T14347] batadv_slave_1: left promiscuous mode
[  257.906013][T14383] ipt_REJECT: TCP_RESET invalid for non-tcp
[  258.048504][T14394] FAULT_INJECTION: forcing a failure.
[  258.048504][T14394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.054538][T14389] syzkaller0: entered promiscuous mode
[  258.062815][T14394] CPU: 1 UID: 0 PID: 14394 Comm: syz.3.2592 Not tainted syzkaller #0 PREEMPT(full) 
[  258.062839][T14394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  258.062851][T14394] Call Trace:
[  258.062859][T14394]  <TASK>
[  258.062867][T14394]  dump_stack_lvl+0xe8/0x150
[  258.062897][T14394]  should_fail_ex+0x414/0x560
[  258.062936][T14394]  _copy_from_user+0x2d/0xb0
[  258.062971][T14394]  generic_map_update_batch+0x50f/0x810
[  258.063006][T14394]  ? __pfx_generic_map_update_batch+0x10/0x10
[  258.063027][T14394]  ? __fget_files+0x2a/0x420
[  258.063057][T14394]  ? __pfx_generic_map_update_batch+0x10/0x10
[  258.063077][T14394]  bpf_map_do_batch+0x39b/0x630
[  258.063109][T14394]  __sys_bpf+0x690/0x860
[  258.063136][T14394]  ? __pfx___sys_bpf+0x10/0x10
[  258.063176][T14394]  ? ksys_write+0x22a/0x250
[  258.063196][T14394]  ? __pfx_ksys_write+0x10/0x10
[  258.063221][T14394]  __x64_sys_bpf+0x7c/0x90
[  258.063244][T14394]  do_syscall_64+0xec/0xf80
[  258.063264][T14394]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.063281][T14394]  ? clear_bhb_loop+0x60/0xb0
[  258.063304][T14394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.063322][T14394] RIP: 0033:0x7fa1d658f749
[  258.063338][T14394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.063354][T14394] RSP: 002b:00007fa1d7475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  258.063373][T14394] RAX: ffffffffffffffda RBX: 00007fa1d67e5fa0 RCX: 00007fa1d658f749
[  258.063388][T14394] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  258.063400][T14394] RBP: 00007fa1d7475090 R08: 0000000000000000 R09: 0000000000000000
[  258.063412][T14394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  258.063422][T14394] R13: 00007fa1d67e6038 R14: 00007fa1d67e5fa0 R15: 00007ffd2ace72b8
[  258.063453][T14394]  </TASK>
[  258.273927][   T25] block nbd2: Possible stuck request ffff888025920000: control (read@0,1024B). Runtime 30 seconds
[  258.281905][T14389] syzkaller0: entered allmulticast mode
[  258.303981][   T25] block nbd2: Possible stuck request ffff888025920200: control (read@1024,1024B). Runtime 30 seconds
[  258.316266][   T25] block nbd2: Possible stuck request ffff888025920400: control (read@2048,1024B). Runtime 30 seconds
[  258.327906][   T25] block nbd2: Possible stuck request ffff888025920600: control (read@3072,1024B). Runtime 30 seconds
[  258.378749][T14407] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  258.455257][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  259.415904][   T49] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  259.455104][T14403] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  259.646310][T14425] netlink: 'syz.2.2600': attribute type 2 has an invalid length.
[  259.712144][T14425] netlink: 'syz.2.2600': attribute type 8 has an invalid length.
[  259.906483][T14452] syz.2.2605: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  259.994460][T14448] syzkaller0: create flow: hash 2435134185 index 1
[  260.011360][T14452] CPU: 1 UID: 0 PID: 14452 Comm: syz.2.2605 Not tainted syzkaller #0 PREEMPT(full) 
[  260.011386][T14452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  260.011398][T14452] Call Trace:
[  260.011406][T14452]  <TASK>
[  260.011414][T14452]  dump_stack_lvl+0xe8/0x150
[  260.011443][T14452]  warn_alloc+0x214/0x310
[  260.011463][T14452]  ? stack_trace_save+0x9c/0xe0
[  260.011495][T14452]  ? __pfx_warn_alloc+0x10/0x10
[  260.011522][T14452]  ? kasan_save_track+0x4f/0x80
[  260.011540][T14452]  ? kasan_save_track+0x3e/0x80
[  260.011558][T14452]  ? __kasan_kmalloc+0x93/0xb0
[  260.011576][T14452]  ? __kmalloc_cache_noprof+0x3e2/0x700
[  260.011592][T14452]  ? xskq_create+0x56/0x170
[  260.011618][T14452]  ? xsk_setsockopt+0x4dc/0x8d0
[  260.011640][T14452]  ? do_sock_setsockopt+0x17c/0x1b0
[  260.011660][T14452]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  260.011678][T14452]  ? do_syscall_64+0xec/0xf80
[  260.011699][T14452]  __vmalloc_node_range_noprof+0x134/0x16a0
[  260.011759][T14452]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  260.011785][T14452]  ? __kasan_kmalloc+0x93/0xb0
[  260.011812][T14452]  vmalloc_user_noprof+0xad/0xf0
[  260.011831][T14452]  ? xskq_create+0xbf/0x170
[  260.011859][T14452]  xskq_create+0xbf/0x170
[  260.011889][T14452]  xsk_init_queue+0xb0/0x110
[  260.011917][T14452]  xsk_setsockopt+0x4dc/0x8d0
[  260.011945][T14452]  ? __pfx_xsk_setsockopt+0x10/0x10
[  260.011972][T14452]  ? __pfx_aa_sk_perm+0x10/0x10
[  260.011998][T14452]  ? aa_sock_opt_perm+0xff/0x1a0
[  260.012026][T14452]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  260.012044][T14452]  ? __pfx_xsk_setsockopt+0x10/0x10
[  260.012071][T14452]  do_sock_setsockopt+0x17c/0x1b0
[  260.012096][T14452]  __x64_sys_setsockopt+0x13f/0x1b0
[  260.012127][T14452]  do_syscall_64+0xec/0xf80
[  260.012146][T14452]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.012165][T14452]  ? trace_irq_disable+0x37/0x100
[  260.012189][T14452]  ? clear_bhb_loop+0x60/0xb0
[  260.012213][T14452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.012232][T14452] RIP: 0033:0x7f2aa718f749
[  260.012248][T14452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.012265][T14452] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  260.012285][T14452] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  260.012298][T14452] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  260.012309][T14452] RBP: 00007f2aa7213f91 R08: 0000000000000004 R09: 0000000000000000
[  260.012319][T14452] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  260.012330][T14452] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  260.012360][T14452]  </TASK>
[  260.012368][T14452] Mem-Info:
[  260.290165][T14452] active_anon:5897 inactive_anon:6 isolated_anon:0
[  260.290165][T14452]  active_file:3147 inactive_file:40270 isolated_file:0
[  260.290165][T14452]  unevictable:768 dirty:132 writeback:0
[  260.290165][T14452]  slab_reclaimable:11388 slab_unreclaimable:110346
[  260.290165][T14452]  mapped:30743 shmem:1353 pagetables:1590
[  260.290165][T14452]  sec_pagetables:0 bounce:0
[  260.290165][T14452]  kernel_misc_reclaimable:0
[  260.290165][T14452]  free:1313733 free_pcp:12518 free_cma:0
[  260.338025][T14452] Node 0 active_anon:23588kB inactive_anon:24kB active_file:12588kB inactive_file:160876kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122972kB dirty:528kB writeback:0kB shmem:3876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14420kB pagetables:6216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  260.372846][T14452] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  260.404785][T14452] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  260.448559][T14452] lowmem_reserve[]: 0 2499 2501 2501 2501
[  260.455765][T14452] Node 0 DMA32 free:1353384kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23488kB inactive_anon:24kB active_file:12588kB inactive_file:160876kB unevictable:1536kB writepending:528kB zspages:0kB present:3129332kB managed:2559512kB mlocked:0kB bounce:0kB free_pcp:35164kB local_pcp:17444kB free_cma:0kB
[  260.489701][T14435] syzkaller0: delete flow: hash 2435134185 index 1
[  260.498221][T14452] lowmem_reserve[]: 0 0 1 1 1
[  260.503915][T14452] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  260.534559][T14452] lowmem_reserve[]: 0 0 0 0 0
[  260.539293][T14452] Node 1 Normal free:3886188kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:15968kB local_pcp:10432kB free_cma:0kB
[  260.583430][T14452] lowmem_reserve[]: 0 0 0 0 0
[  260.589009][T14452] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  260.610969][T14452] Node 0 DMA32: 3622*4kB (UME) 2500*8kB (UME) 1215*16kB (UME) 130*32kB (UM) 267*64kB (UME) 473*128kB (UM) 428*256kB (UM) 358*512kB (UM) 271*1024kB (UE) 32*2048kB (UM) 142*4096kB (UM) = 1353256kB
[  260.632700][T14452] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  260.644360][T14452] Node 1 Normal: 167*4kB (UE) 60*8kB (UME) 39*16kB (UME) 86*32kB (UME) 23*64kB (UME) 6*128kB (UME) 4*256kB (UME) 3*512kB (UM) 4*1024kB (UME) 1*2048kB (E) 945*4096kB (M) = 3886188kB
[  260.665482][T14452] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.675511][T14452] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  260.685383][T14452] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  260.697552][T14452] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  260.706944][T14452] 44766 total pagecache pages
[  260.711645][T14452] 0 pages in swap cache
[  260.716170][T14452] Free swap  = 124996kB
[  260.720356][T14452] Total swap = 124996kB
[  260.725311][T14452] 2097051 pages RAM
[  260.729153][T14452] 0 pages HighMem/MovableOnly
[  260.734191][T14452] 425083 pages reserved
[  260.738347][T14452] 0 pages cma reserved
[  261.493862][ T5834] net_ratelimit: 5 callbacks suppressed
[  261.493878][ T5834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  261.696718][T14472] gtp1: entered promiscuous mode
[  261.723271][T14472] gtp1: entered allmulticast mode
[  261.954902][T14489] __nla_validate_parse: 42 callbacks suppressed
[  261.954922][T14489] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2616'.
[  262.022742][T14486] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  262.064474][T14486] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.100854][T14496] netlink: 284 bytes leftover after parsing attributes in process `syz.2.2618'.
[  262.186838][T14486] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  262.197562][T14486] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.221826][T14509] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2621'.
[  262.231395][T14511] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  262.411214][T14514] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.419738][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.442658][T14486] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  262.485583][T14486] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.540378][T14520] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  262.543114][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.646090][T14486] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  262.688649][T14536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.701418][T14486] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.714797][T14536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.727682][T14536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.737786][T14536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.789362][T14536] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.883418][   T60] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  262.906899][   T60] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.923295][T14546] netlink: 'syz.2.2630': attribute type 3 has an invalid length.
[  262.964111][   T60] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  262.988493][   T60] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.045283][  T320] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  263.053769][  T320] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.098941][  T320] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  263.129725][  T320] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.220831][T14564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2635'.
[  263.273989][T14572] netlink: 'syz.1.2639': attribute type 9 has an invalid length.
[  263.288487][T14572] netlink: 'syz.1.2639': attribute type 11 has an invalid length.
[  263.308499][T14572] netlink: 'syz.1.2639': attribute type 12 has an invalid length.
[  263.317842][T14572] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2639'.
[  263.330386][T14572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2639'.
[  263.341810][T14577] xt_l2tp: v2 tid > 0xffff: 1114244
[  263.348559][T14574] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2640'.
[  263.364761][T14577] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2639'.
[  263.374742][T14574] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2640'.
[  263.392783][T14580] netlink: 'syz.0.2641': attribute type 10 has an invalid length.
[  263.411437][T14574] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2640'.
[  263.424777][T14574] netlink: 'syz.3.2640': attribute type 12 has an invalid length.
[  263.453120][T14574] netlink: 'syz.3.2640': attribute type 11 has an invalid length.
[  263.641447][T14595] netlink: 'syz.2.2650': attribute type 1 has an invalid length.
[  263.757082][T14595] 8021q: adding VLAN 0 to HW filter on device bond12
[  263.777267][T14600] bond12: (slave geneve2): making interface the new active one
[  263.786333][T14600] bond12: (slave geneve2): Enslaving as an active interface with an up link
[  263.829502][T14605] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  263.987095][T14616] syzkaller0: entered promiscuous mode
[  263.994955][T14616] syzkaller0: entered allmulticast mode
[  264.170188][T14623] netlink: 'syz.3.2658': attribute type 1 has an invalid length.
[  264.418215][T14644] FAULT_INJECTION: forcing a failure.
[  264.418215][T14644] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.434133][T14644] CPU: 1 UID: 0 PID: 14644 Comm: syz.3.2662 Not tainted syzkaller #0 PREEMPT(full) 
[  264.434160][T14644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  264.434173][T14644] Call Trace:
[  264.434180][T14644]  <TASK>
[  264.434189][T14644]  dump_stack_lvl+0xe8/0x150
[  264.434218][T14644]  should_fail_ex+0x414/0x560
[  264.434254][T14644]  _copy_from_user+0x2d/0xb0
[  264.434279][T14644]  generic_map_update_batch+0x566/0x810
[  264.434314][T14644]  ? __pfx_generic_map_update_batch+0x10/0x10
[  264.434345][T14644]  ? __fget_files+0x2a/0x420
[  264.434375][T14644]  ? __pfx_generic_map_update_batch+0x10/0x10
[  264.434397][T14644]  bpf_map_do_batch+0x39b/0x630
[  264.434431][T14644]  __sys_bpf+0x690/0x860
[  264.434459][T14644]  ? __pfx___sys_bpf+0x10/0x10
[  264.434501][T14644]  ? ksys_write+0x22a/0x250
[  264.434522][T14644]  ? __pfx_ksys_write+0x10/0x10
[  264.434549][T14644]  __x64_sys_bpf+0x7c/0x90
[  264.434574][T14644]  do_syscall_64+0xec/0xf80
[  264.434593][T14644]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.434611][T14644]  ? trace_irq_disable+0x37/0x100
[  264.434636][T14644]  ? clear_bhb_loop+0x60/0xb0
[  264.434660][T14644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.434679][T14644] RIP: 0033:0x7fa1d658f749
[  264.434696][T14644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.434713][T14644] RSP: 002b:00007fa1d7475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  264.434735][T14644] RAX: ffffffffffffffda RBX: 00007fa1d67e5fa0 RCX: 00007fa1d658f749
[  264.434750][T14644] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  264.434763][T14644] RBP: 00007fa1d7475090 R08: 0000000000000000 R09: 0000000000000000
[  264.434775][T14644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  264.434787][T14644] R13: 00007fa1d67e6038 R14: 00007fa1d67e5fa0 R15: 00007ffd2ace72b8
[  264.434819][T14644]  </TASK>
[  264.819319][T14656] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  265.629639][T14705] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  266.340890][T14716] infiniband syû: set down
[  266.353400][T14716] infiniband syû: added bond_slave_0
[  266.382339][T14729] veth0: entered promiscuous mode
[  266.546921][T14739] vxcan0: tx address claim with dlc 0
[  266.573548][T14716] RDS/IB: syû: added
[  266.578289][T14716] smc: adding ib device syû with port count 1
[  266.611917][T14716] smc:    ib device syû port 1 has no pnetid
[  266.677524][T14734] veth0: left promiscuous mode
[  266.773154][   T24] net_ratelimit: 12 callbacks suppressed
[  266.773172][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.967618][T14756] netlink: 'syz.2.2694': attribute type 1 has an invalid length.
[  267.057264][T14761] __nla_validate_parse: 15 callbacks suppressed
[  267.057282][T14761] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2696'.
[  267.093316][T11763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  267.168900][T14762] vlan3: entered allmulticast mode
[  267.215622][T14762] veth1: entered allmulticast mode
[  267.270439][T14761] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  267.380768][T14771] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  267.389394][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  267.654273][T14779] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2699'.
[  267.806659][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  268.247264][T14805] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2708'.
[  268.277624][T14805] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  268.471135][T14819] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2713'.
[  268.689924][T14828] openvswitch: netlink: nsh attribute has 2 unknown bytes.
[  268.700350][T14828] nbd: must specify an index to disconnect
[  268.843260][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.001770][T14845] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2723'.
[  269.083932][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.117619][T14849] FAULT_INJECTION: forcing a failure.
[  269.117619][T14849] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.145536][T14849] CPU: 1 UID: 0 PID: 14849 Comm: syz.0.2724 Not tainted syzkaller #0 PREEMPT(full) 
[  269.145563][T14849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  269.145575][T14849] Call Trace:
[  269.145583][T14849]  <TASK>
[  269.145591][T14849]  dump_stack_lvl+0xe8/0x150
[  269.145620][T14849]  should_fail_ex+0x414/0x560
[  269.145653][T14849]  _copy_from_user+0x2d/0xb0
[  269.145676][T14849]  generic_map_update_batch+0x50f/0x810
[  269.145708][T14849]  ? __pfx_generic_map_update_batch+0x10/0x10
[  269.145731][T14849]  ? __fget_files+0x2a/0x420
[  269.145761][T14849]  ? __pfx_generic_map_update_batch+0x10/0x10
[  269.145783][T14849]  bpf_map_do_batch+0x39b/0x630
[  269.145815][T14849]  __sys_bpf+0x690/0x860
[  269.145844][T14849]  ? __pfx___sys_bpf+0x10/0x10
[  269.145892][T14849]  ? ksys_write+0x22a/0x250
[  269.145914][T14849]  ? __pfx_ksys_write+0x10/0x10
[  269.145944][T14849]  __x64_sys_bpf+0x7c/0x90
[  269.145968][T14849]  do_syscall_64+0xec/0xf80
[  269.145987][T14849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.146006][T14849]  ? trace_irq_disable+0x37/0x100
[  269.146031][T14849]  ? clear_bhb_loop+0x60/0xb0
[  269.146054][T14849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.146073][T14849] RIP: 0033:0x7f738678f749
[  269.146090][T14849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.146107][T14849] RSP: 002b:00007f73875af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  269.146126][T14849] RAX: ffffffffffffffda RBX: 00007f73869e5fa0 RCX: 00007f738678f749
[  269.146142][T14849] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  269.146153][T14849] RBP: 00007f73875af090 R08: 0000000000000000 R09: 0000000000000000
[  269.146165][T14849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  269.146176][T14849] R13: 00007f73869e6038 R14: 00007f73869e5fa0 R15: 00007ffd2baf5cc8
[  269.146208][T14849]  </TASK>
[  269.460401][T14852] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.469509][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.565984][T14856] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2726'.
[  269.598754][T14859] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2727'.
[  269.604653][T14856] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  269.616221][T14861] netlink: 'syz.2.2729': attribute type 2 has an invalid length.
[  269.624625][T14861] netlink: 'syz.2.2729': attribute type 8 has an invalid length.
[  269.632538][T14861] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2729'.
[  269.880959][T14878] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  270.000417][T14884] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2734'.
[  270.018687][T14884] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2734'.
[  270.036565][T14885] x_tables: unsorted underflow at hook 1
[  270.109305][T14889] netlink: 'syz.4.2734': attribute type 2 has an invalid length.
[  270.246239][T14895] FAULT_INJECTION: forcing a failure.
[  270.246239][T14895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.285466][T14895] CPU: 1 UID: 0 PID: 14895 Comm: syz.4.2736 Not tainted syzkaller #0 PREEMPT(full) 
[  270.285491][T14895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  270.285503][T14895] Call Trace:
[  270.285511][T14895]  <TASK>
[  270.285519][T14895]  dump_stack_lvl+0xe8/0x150
[  270.285548][T14895]  should_fail_ex+0x414/0x560
[  270.285580][T14895]  _copy_from_user+0x2d/0xb0
[  270.285603][T14895]  generic_map_update_batch+0x566/0x810
[  270.285638][T14895]  ? __pfx_generic_map_update_batch+0x10/0x10
[  270.285659][T14895]  ? __fget_files+0x2a/0x420
[  270.285689][T14895]  ? __pfx_generic_map_update_batch+0x10/0x10
[  270.285710][T14895]  bpf_map_do_batch+0x39b/0x630
[  270.285741][T14895]  __sys_bpf+0x690/0x860
[  270.285770][T14895]  ? __pfx___sys_bpf+0x10/0x10
[  270.285816][T14895]  ? ksys_write+0x22a/0x250
[  270.285835][T14895]  ? __pfx_ksys_write+0x10/0x10
[  270.285859][T14895]  __x64_sys_bpf+0x7c/0x90
[  270.285882][T14895]  do_syscall_64+0xec/0xf80
[  270.285901][T14895]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.285920][T14895]  ? clear_bhb_loop+0x60/0xb0
[  270.285941][T14895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.285959][T14895] RIP: 0033:0x7f8a9178f749
[  270.285976][T14895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.285993][T14895] RSP: 002b:00007f8a926db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  270.286013][T14895] RAX: ffffffffffffffda RBX: 00007f8a919e5fa0 RCX: 00007f8a9178f749
[  270.286028][T14895] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  270.286039][T14895] RBP: 00007f8a926db090 R08: 0000000000000000 R09: 0000000000000000
[  270.286051][T14895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  270.286062][T14895] R13: 00007f8a919e6038 R14: 00007f8a919e5fa0 R15: 00007ffc681f10d8
[  270.286091][T14895]  </TASK>
[  270.891751][T14931] netlink: 'syz.1.2746': attribute type 1 has an invalid length.
[  270.963291][T14930] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  271.543437][T14973] netlink: 'syz.2.2757': attribute type 2 has an invalid length.
[  271.689030][T14978] syzkaller0: entered promiscuous mode
[  271.701870][T14978] syzkaller0: entered allmulticast mode
[  271.813989][  T320] netdevsim netdevsim2 eth0: set [0, 1] type 1 family 0 port 8472 - 0
[  271.822464][  T320] netdevsim netdevsim2 eth1: set [0, 1] type 1 family 0 port 8472 - 0
[  271.842603][  T320] netdevsim netdevsim2 eth2: set [0, 1] type 1 family 0 port 8472 - 0
[  271.866413][  T320] netdevsim netdevsim2 eth3: set [0, 1] type 1 family 0 port 8472 - 0
[  271.917648][T14985] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  271.963355][   T24] net_ratelimit: 2 callbacks suppressed
[  271.963371][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.058916][T14997] openvswitch: netlink: IPv6 tunnel dst address is zero
[  272.124919][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.196138][T14999] openvswitch: netlink: IPv6 tunnel dst address is zero
[  272.299882][T15009] pim6reg: entered allmulticast mode
[  272.303980][T15010] __nla_validate_parse: 20 callbacks suppressed
[  272.303996][T15010] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2770'.
[  272.336985][T15009] pim6reg: left allmulticast mode
[  272.678487][T15037] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2779'.
[  272.688629][T15037] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2779'.
[  272.774111][T15039] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2780'.
[  272.809805][T15044] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  273.005282][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  273.309070][T15065] FAULT_INJECTION: forcing a failure.
[  273.309070][T15065] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  273.322334][T15065] CPU: 1 UID: 0 PID: 15065 Comm: syz.1.2788 Not tainted syzkaller #0 PREEMPT(full) 
[  273.322359][T15065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  273.322371][T15065] Call Trace:
[  273.322378][T15065]  <TASK>
[  273.322386][T15065]  dump_stack_lvl+0xe8/0x150
[  273.322415][T15065]  should_fail_ex+0x414/0x560
[  273.322449][T15065]  _copy_from_user+0x2d/0xb0
[  273.322481][T15065]  generic_map_update_batch+0x50f/0x810
[  273.322515][T15065]  ? __pfx_generic_map_update_batch+0x10/0x10
[  273.322537][T15065]  ? __fget_files+0x2a/0x420
[  273.322567][T15065]  ? __pfx_generic_map_update_batch+0x10/0x10
[  273.322589][T15065]  bpf_map_do_batch+0x39b/0x630
[  273.322622][T15065]  __sys_bpf+0x690/0x860
[  273.322649][T15065]  ? __pfx___sys_bpf+0x10/0x10
[  273.322691][T15065]  ? ksys_write+0x22a/0x250
[  273.322711][T15065]  ? __pfx_ksys_write+0x10/0x10
[  273.322736][T15065]  __x64_sys_bpf+0x7c/0x90
[  273.322761][T15065]  do_syscall_64+0xec/0xf80
[  273.322781][T15065]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.322799][T15065]  ? trace_irq_disable+0x37/0x100
[  273.322823][T15065]  ? clear_bhb_loop+0x60/0xb0
[  273.322845][T15065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.322863][T15065] RIP: 0033:0x7fdfe238f749
[  273.322880][T15065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.322897][T15065] RSP: 002b:00007fdfe31b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  273.322918][T15065] RAX: ffffffffffffffda RBX: 00007fdfe25e5fa0 RCX: 00007fdfe238f749
[  273.322936][T15065] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  273.322947][T15065] RBP: 00007fdfe31b6090 R08: 0000000000000000 R09: 0000000000000000
[  273.322959][T15065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  273.322969][T15065] R13: 00007fdfe25e6038 R14: 00007fdfe25e5fa0 R15: 00007ffcf8682e28
[  273.322998][T15065]  </TASK>
[  273.788416][T15083] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  273.857660][T15087] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  273.880089][T15089] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2797'.
[  273.896281][T15089] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  274.043249][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  274.142036][T15109] FAULT_INJECTION: forcing a failure.
[  274.142036][T15109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  274.156067][T15109] CPU: 0 UID: 0 PID: 15109 Comm: syz.3.2803 Not tainted syzkaller #0 PREEMPT(full) 
[  274.156093][T15109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  274.156106][T15109] Call Trace:
[  274.156114][T15109]  <TASK>
[  274.156122][T15109]  dump_stack_lvl+0xe8/0x150
[  274.156151][T15109]  should_fail_ex+0x414/0x560
[  274.156186][T15109]  _copy_from_user+0x2d/0xb0
[  274.156210][T15109]  generic_map_update_batch+0x566/0x810
[  274.156246][T15109]  ? __pfx_generic_map_update_batch+0x10/0x10
[  274.156269][T15109]  ? __fget_files+0x2a/0x420
[  274.156300][T15109]  ? __pfx_generic_map_update_batch+0x10/0x10
[  274.156321][T15109]  bpf_map_do_batch+0x39b/0x630
[  274.156359][T15109]  __sys_bpf+0x690/0x860
[  274.156387][T15109]  ? __pfx___sys_bpf+0x10/0x10
[  274.156427][T15109]  ? ksys_write+0x22a/0x250
[  274.156449][T15109]  ? __pfx_ksys_write+0x10/0x10
[  274.156475][T15109]  __x64_sys_bpf+0x7c/0x90
[  274.156500][T15109]  do_syscall_64+0xec/0xf80
[  274.156520][T15109]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.156538][T15109]  ? trace_irq_disable+0x37/0x100
[  274.156563][T15109]  ? clear_bhb_loop+0x60/0xb0
[  274.156586][T15109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.156604][T15109] RIP: 0033:0x7fa1d658f749
[  274.156621][T15109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.156638][T15109] RSP: 002b:00007fa1d7475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  274.156665][T15109] RAX: ffffffffffffffda RBX: 00007fa1d67e5fa0 RCX: 00007fa1d658f749
[  274.156679][T15109] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  274.156692][T15109] RBP: 00007fa1d7475090 R08: 0000000000000000 R09: 0000000000000000
[  274.156705][T15109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  274.156717][T15109] R13: 00007fa1d67e6038 R14: 00007fa1d67e5fa0 R15: 00007ffd2ace72b8
[  274.156749][T15109]  </TASK>
[  274.358987][T15112] netlink: 'syz.4.2804': attribute type 4 has an invalid length.
[  274.370253][T15112] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2804'.
[  274.429473][T15112] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2804'.
[  274.450681][T15115] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.2805'.
[  274.460583][T15116] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  274.462077][T15112] netlink: 'syz.4.2804': attribute type 2 has an invalid length.
[  274.484709][T15112] netlink: 188 bytes leftover after parsing attributes in process `syz.4.2804'.
[  274.764736][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  274.881905][T15139] syzkaller0: create flow: hash 2435134185 index 1
[  275.059861][T15147] netlink: 'syz.1.2812': attribute type 2 has an invalid length.
[  275.067780][T15139] syzkaller0: delete flow: hash 2435134185 index 1
[  275.083448][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.163192][T11763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.748167][T15172] vxcan1: tx drop: invalid da for name 0x0000000000000016
[  276.443851][T15178] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2818'.
[  276.461745][T15178] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  276.806901][T15200] netlink: 'syz.0.2827': attribute type 22 has an invalid length.
[  276.832869][T15204] netlink: 'syz.3.2828': attribute type 5 has an invalid length.
[  276.914552][T15200] netlink: 'syz.0.2827': attribute type 22 has an invalid length.
[  276.979194][T15208] 8021q: VLANs not supported on wg2
[  277.176288][ T5907] net_ratelimit: 3 callbacks suppressed
[  277.176305][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  277.283433][T15231] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  277.421235][T15237] syzkaller0: entered promiscuous mode
[  277.430431][T15237] syzkaller0: entered allmulticast mode
[  277.514189][T15239] __nla_validate_parse: 3 callbacks suppressed
[  277.514209][T15239] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2842'.
[  277.607620][T15246] pim6reg1: entered promiscuous mode
[  277.623152][T15246] pim6reg1: entered allmulticast mode
[  277.793711][T15256] syzkaller0: entered promiscuous mode
[  277.800601][T15256] syzkaller0: entered allmulticast mode
[  277.988768][T15263] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  277.989348][ T5151] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  278.013961][ T5151] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  278.022897][ T5151] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  278.054785][ T5151] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  278.062464][ T5151] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  278.106250][   T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  278.113872][   T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  278.121279][   T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  278.130598][   T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  278.139726][   T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  278.203373][T11780] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  278.223154][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  278.275478][T15284] netlink: 'syz.2.2853': attribute type 39 has an invalid length.
[  278.286524][T15263] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  278.406586][T15263] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  278.445128][T15290] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2855'.
[  278.550802][T15294] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  278.575617][T15263] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  278.598728][T15298] netlink: 'syz.1.2856': attribute type 1 has an invalid length.
[  278.622748][T15267] wg1 speed is unknown, defaulting to 1000
[  278.919556][T15312] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2859'.
[  278.938703][ T6000] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  279.021316][ T6000] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  279.064181][   T60] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  279.096420][   T60] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.169155][ T6000] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  279.189811][T15327] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.2863'.
[  279.206225][   T60] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  279.216410][T15331] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2862'.
[  279.223055][   T60] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.285865][ T3497] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  279.337145][   T60] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  279.359746][   T60] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.416799][T15339] netlink: 'syz.4.2865': attribute type 22 has an invalid length.
[  279.436322][T15339] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2865'.
[  279.514701][T15339] netlink: 'syz.4.2865': attribute type 22 has an invalid length.
[  279.525116][T15339] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2865'.
[  279.547258][   T60] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  279.557494][   T60] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.603875][T15349] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2869'.
[  279.625064][ T5907] wg1 speed is unknown, defaulting to 1000
[  279.642154][ T5907] syz2: Port: 1 Link DOWN
[  279.654768][T15349] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  279.756824][T15353] FAULT_INJECTION: forcing a failure.
[  279.756824][T15353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.788736][T15353] CPU: 0 UID: 0 PID: 15353 Comm: syz.1.2870 Not tainted syzkaller #0 PREEMPT(full) 
[  279.788761][T15353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  279.788772][T15353] Call Trace:
[  279.788779][T15353]  <TASK>
[  279.788787][T15353]  dump_stack_lvl+0xe8/0x150
[  279.788816][T15353]  should_fail_ex+0x414/0x560
[  279.788863][T15353]  _copy_from_user+0x2d/0xb0
[  279.788887][T15353]  generic_map_update_batch+0x50f/0x810
[  279.788920][T15353]  ? __pfx_generic_map_update_batch+0x10/0x10
[  279.788942][T15353]  ? __fget_files+0x2a/0x420
[  279.788972][T15353]  ? __pfx_generic_map_update_batch+0x10/0x10
[  279.788993][T15353]  bpf_map_do_batch+0x39b/0x630
[  279.789027][T15353]  __sys_bpf+0x690/0x860
[  279.789055][T15353]  ? __pfx___sys_bpf+0x10/0x10
[  279.789094][T15353]  ? ksys_write+0x22a/0x250
[  279.789111][T15353]  ? __pfx_ksys_write+0x10/0x10
[  279.789136][T15353]  __x64_sys_bpf+0x7c/0x90
[  279.789159][T15353]  do_syscall_64+0xec/0xf80
[  279.789178][T15353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.789196][T15353]  ? trace_irq_disable+0x37/0x100
[  279.789221][T15353]  ? clear_bhb_loop+0x60/0xb0
[  279.789243][T15353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.789259][T15353] RIP: 0033:0x7fdfe238f749
[  279.789276][T15353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.789300][T15353] RSP: 002b:00007fdfe31b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  279.789323][T15353] RAX: ffffffffffffffda RBX: 00007fdfe25e5fa0 RCX: 00007fdfe238f749
[  279.789337][T15353] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  279.789350][T15353] RBP: 00007fdfe31b6090 R08: 0000000000000000 R09: 0000000000000000
[  279.789361][T15353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  279.789373][T15353] R13: 00007fdfe25e6038 R14: 00007fdfe25e5fa0 R15: 00007ffcf8682e28
[  279.789402][T15353]  </TASK>
[  280.181574][T15267] chnl_net:caif_netlink_parms(): no params data found
[  280.203219][   T52] Bluetooth: hci5: command tx timeout
[  280.243264][T15370] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2875'.
[  280.378008][   T60] macsec0: left allmulticast mode
[  280.384152][   T60] veth1_macvtap: left allmulticast mode
[  280.389835][   T60] macsec0: left promiscuous mode
[  280.400168][   T60] bridge0: port 3(macsec0) entered disabled state
[  280.436184][   T60] bridge_slave_1: left allmulticast mode
[  280.452043][   T60] bridge_slave_1: left promiscuous mode
[  280.467589][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.499869][   T60] bridge_slave_0: left allmulticast mode
[  280.505843][   T60] bridge_slave_0: left promiscuous mode
[  280.521548][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.041395][   T60] team0: Port device geneve0 removed
[  281.741853][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.752891][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.762896][   T60] bond0 (unregistering): Released all slaves
[  281.848245][   T60] bond1 (unregistering): Released all slaves
[  281.927352][   T60] bond2 (unregistering): Released all slaves
[  281.939448][   T60] bond3 (unregistering): Released all slaves
[  281.951521][   T60] bond4 (unregistering): Released all slaves
[  282.048612][T15415] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2886'.
[  282.207613][T15267] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.225451][T15267] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.283721][   T52] Bluetooth: hci5: command tx timeout
[  282.311460][T15267] bridge_slave_0: entered allmulticast mode
[  282.345165][T15267] bridge_slave_0: entered promiscuous mode
[  282.354643][T15431] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  282.380671][T15267] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.419710][T15267] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.464694][T15267] bridge_slave_1: entered allmulticast mode
[  282.471739][T15267] bridge_slave_1: entered promiscuous mode
[  282.679680][T15453] IPVS: set_ctl: invalid protocol: 2 100.1.1.1:20001
[  282.689084][T15454] sctp: [Deprecated]: syz.4.2895 (pid 15454) Use of struct sctp_assoc_value in delayed_ack socket option.
[  282.689084][T15454] Use struct sctp_sack_info instead
[  282.917814][T15472] __nla_validate_parse: 2 callbacks suppressed
[  282.917832][T15472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2899'.
[  282.964835][T15267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.997241][T15472] vlan4: entered allmulticast mode
[  283.009530][T15472] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  283.047883][T15267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.203952][T15267] team0: Port device team_slave_0 added
[  283.215724][T15267] team0: Port device team_slave_1 added
[  283.260160][T15497] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2905'.
[  283.327328][ T3497] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.330238][T15267] batman_adv: batadv0: Adding interface: batadv_slave_0
[  283.348077][T15501] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2905'.
[  283.357005][T15267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  283.358396][ T3497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.391169][T15267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  283.456653][T15267] batman_adv: batadv0: Adding interface: batadv_slave_1
[  283.473544][T15267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  283.524164][T15267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  283.627180][T15513] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2910'.
[  283.636927][T15507] xt_CT: No such helper "pptp"
[  283.699357][T15513] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  283.700270][   T60] tipc: Left network mode
[  283.747727][T15267] hsr_slave_0: entered promiscuous mode
[  283.764340][T15267] hsr_slave_1: entered promiscuous mode
[  283.787480][T15267] debugfs: 'hsr0' already exists in 'hsr'
[  283.804299][T15267] Cannot create hsr debugfs directory
[  284.063548][T15535] FAULT_INJECTION: forcing a failure.
[  284.063548][T15535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.079401][T15535] CPU: 0 UID: 0 PID: 15535 Comm: syz.2.2914 Not tainted syzkaller #0 PREEMPT(full) 
[  284.079428][T15535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  284.079441][T15535] Call Trace:
[  284.079448][T15535]  <TASK>
[  284.079456][T15535]  dump_stack_lvl+0xe8/0x150
[  284.079495][T15535]  should_fail_ex+0x414/0x560
[  284.079530][T15535]  _copy_from_user+0x2d/0xb0
[  284.079555][T15535]  generic_map_update_batch+0x50f/0x810
[  284.079590][T15535]  ? __pfx_generic_map_update_batch+0x10/0x10
[  284.079613][T15535]  ? __fget_files+0x2a/0x420
[  284.079644][T15535]  ? __pfx_generic_map_update_batch+0x10/0x10
[  284.079666][T15535]  bpf_map_do_batch+0x39b/0x630
[  284.079699][T15535]  __sys_bpf+0x690/0x860
[  284.079726][T15535]  ? __pfx___sys_bpf+0x10/0x10
[  284.079766][T15535]  ? ksys_write+0x22a/0x250
[  284.079788][T15535]  ? __pfx_ksys_write+0x10/0x10
[  284.079814][T15535]  __x64_sys_bpf+0x7c/0x90
[  284.079838][T15535]  do_syscall_64+0xec/0xf80
[  284.079858][T15535]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.079876][T15535]  ? trace_irq_disable+0x37/0x100
[  284.079900][T15535]  ? clear_bhb_loop+0x60/0xb0
[  284.079923][T15535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.079942][T15535] RIP: 0033:0x7f2aa718f749
[  284.079958][T15535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.079975][T15535] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  284.079994][T15535] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  284.080008][T15535] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  284.080020][T15535] RBP: 00007f2aa7fbb090 R08: 0000000000000000 R09: 0000000000000000
[  284.080031][T15535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  284.080043][T15535] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  284.080075][T15535]  </TASK>
[  284.329101][T15521] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  284.343757][T15521] gretap2: default qdisc (pfifo_fast) fail, fallback to noqueue
[  284.351883][T15521] gretap2: entered promiscuous mode
[  284.357164][T15521] gretap2: entered allmulticast mode
[  284.373271][   T52] Bluetooth: hci5: command tx timeout
[  284.792190][T15551] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2917'.
[  285.109067][T15581] FAULT_INJECTION: forcing a failure.
[  285.109067][T15581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.136580][T15581] CPU: 1 UID: 0 PID: 15581 Comm: syz.1.2924 Not tainted syzkaller #0 PREEMPT(full) 
[  285.136601][T15581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  285.136610][T15581] Call Trace:
[  285.136616][T15581]  <TASK>
[  285.136622][T15581]  dump_stack_lvl+0xe8/0x150
[  285.136648][T15581]  should_fail_ex+0x414/0x560
[  285.136678][T15581]  _copy_from_user+0x2d/0xb0
[  285.136698][T15581]  generic_map_update_batch+0x566/0x810
[  285.136728][T15581]  ? __pfx_generic_map_update_batch+0x10/0x10
[  285.136747][T15581]  ? __fget_files+0x2a/0x420
[  285.136770][T15581]  ? __pfx_generic_map_update_batch+0x10/0x10
[  285.136785][T15581]  bpf_map_do_batch+0x39b/0x630
[  285.136811][T15581]  __sys_bpf+0x690/0x860
[  285.136834][T15581]  ? __pfx___sys_bpf+0x10/0x10
[  285.136869][T15581]  ? ksys_write+0x22a/0x250
[  285.136887][T15581]  ? __pfx_ksys_write+0x10/0x10
[  285.136907][T15581]  __x64_sys_bpf+0x7c/0x90
[  285.136929][T15581]  do_syscall_64+0xec/0xf80
[  285.136946][T15581]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.136961][T15581]  ? trace_irq_disable+0x37/0x100
[  285.136982][T15581]  ? clear_bhb_loop+0x60/0xb0
[  285.137002][T15581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.137018][T15581] RIP: 0033:0x7fdfe238f749
[  285.137032][T15581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.137045][T15581] RSP: 002b:00007fdfe31b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  285.137062][T15581] RAX: ffffffffffffffda RBX: 00007fdfe25e5fa0 RCX: 00007fdfe238f749
[  285.137075][T15581] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  285.137086][T15581] RBP: 00007fdfe31b6090 R08: 0000000000000000 R09: 0000000000000000
[  285.137096][T15581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  285.137104][T15581] R13: 00007fdfe25e6038 R14: 00007fdfe25e5fa0 R15: 00007ffcf8682e28
[  285.137129][T15581]  </TASK>
[  285.620372][   T60] hsr_slave_0: left promiscuous mode
[  285.642054][T15595] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2927'.
[  285.652395][   T60] hsr_slave_1: left promiscuous mode
[  285.703834][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.721233][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.760214][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.792751][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.846751][   T60] batman_adv: batadv0: Interface deactivated: ipvlan2
[  285.880604][   T60] batman_adv: batadv0: Removing interface: ipvlan2
[  286.168702][   T60] veth0_macvtap: left promiscuous mode
[  286.392840][   T60] pimreg (unregistering): left allmulticast mode
[  286.444391][ T5151] Bluetooth: hci5: command tx timeout
[  286.637597][   T60] team0 (unregistering): Port device team_slave_1 removed
[  286.675663][   T60] team0 (unregistering): Port device C removed
[  286.905655][   T60] team0 (unregistering): Port device dummy0 removed
[  286.950076][T15596] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2926'.
[  286.959885][T15599] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  287.051337][T15648] FAULT_INJECTION: forcing a failure.
[  287.051337][T15648] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.072069][T15648] CPU: 1 UID: 0 PID: 15648 Comm: syz.2.2935 Not tainted syzkaller #0 PREEMPT(full) 
[  287.072093][T15648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  287.072103][T15648] Call Trace:
[  287.072109][T15648]  <TASK>
[  287.072116][T15648]  dump_stack_lvl+0xe8/0x150
[  287.072141][T15648]  should_fail_ex+0x414/0x560
[  287.072170][T15648]  _copy_from_user+0x2d/0xb0
[  287.072190][T15648]  generic_map_update_batch+0x50f/0x810
[  287.072220][T15648]  ? __pfx_generic_map_update_batch+0x10/0x10
[  287.072248][T15648]  ? __fget_files+0x2a/0x420
[  287.072274][T15648]  ? __pfx_generic_map_update_batch+0x10/0x10
[  287.072292][T15648]  bpf_map_do_batch+0x39b/0x630
[  287.072320][T15648]  __sys_bpf+0x690/0x860
[  287.072343][T15648]  ? __pfx___sys_bpf+0x10/0x10
[  287.072378][T15648]  ? ksys_write+0x22a/0x250
[  287.072396][T15648]  ? __pfx_ksys_write+0x10/0x10
[  287.072418][T15648]  __x64_sys_bpf+0x7c/0x90
[  287.072438][T15648]  do_syscall_64+0xec/0xf80
[  287.072455][T15648]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.072470][T15648]  ? trace_irq_disable+0x37/0x100
[  287.072491][T15648]  ? clear_bhb_loop+0x60/0xb0
[  287.072510][T15648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.072526][T15648] RIP: 0033:0x7f2aa718f749
[  287.072541][T15648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.072555][T15648] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  287.072573][T15648] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  287.072585][T15648] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  287.072595][T15648] RBP: 00007f2aa7fbb090 R08: 0000000000000000 R09: 0000000000000000
[  287.072606][T15648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  287.072615][T15648] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  287.072643][T15648]  </TASK>
[  287.475315][T15650] netlink: 'syz.4.2936': attribute type 3 has an invalid length.
[  287.515013][T15663] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  287.924211][T15689] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2947'.
[  287.985012][   T60] IPVS: stop unused estimator thread 0...
[  288.002392][T15689] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  288.058954][T15267] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  288.091707][T15267] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  288.134917][T15267] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  288.168132][T15699] netlink: 401 bytes leftover after parsing attributes in process `syz.4.2950'.
[  288.183798][T15267] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  288.523363][ T5151] Bluetooth: hci5: command 0x0405 tx timeout
[  288.707690][T15267] 8021q: adding VLAN 0 to HW filter on device bond0
[  288.822007][T15267] 8021q: adding VLAN 0 to HW filter on device team0
[  288.843857][   T25] block nbd2: Possible stuck request ffff888025920000: control (read@0,1024B). Runtime 60 seconds
[  288.863093][   T25] block nbd2: Possible stuck request ffff888025920200: control (read@1024,1024B). Runtime 60 seconds
[  288.874161][   T25] block nbd2: Possible stuck request ffff888025920400: control (read@2048,1024B). Runtime 60 seconds
[  288.885438][   T25] block nbd2: Possible stuck request ffff888025920600: control (read@3072,1024B). Runtime 60 seconds
[  288.932064][T11095] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.939242][T11095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.016942][ T5978] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.024168][ T5978] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.397322][T15763] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2962'.
[  289.487256][T15763] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  289.530937][T15267] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.675202][T15267] veth0_vlan: entered promiscuous mode
[  289.727713][T15267] veth1_vlan: entered promiscuous mode
[  289.897994][T15759] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2961'.
[  289.916041][T15267] veth0_macvtap: entered promiscuous mode
[  289.948249][T15267] veth1_macvtap: entered promiscuous mode
[  290.087671][T15792] FAULT_INJECTION: forcing a failure.
[  290.087671][T15792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.121423][T15267] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.129491][T15792] CPU: 0 UID: 0 PID: 15792 Comm: syz.2.2966 Not tainted syzkaller #0 PREEMPT(full) 
[  290.129515][T15792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  290.129526][T15792] Call Trace:
[  290.129534][T15792]  <TASK>
[  290.129542][T15792]  dump_stack_lvl+0xe8/0x150
[  290.129571][T15792]  should_fail_ex+0x414/0x560
[  290.129605][T15792]  _copy_from_user+0x2d/0xb0
[  290.129629][T15792]  generic_map_update_batch+0x566/0x810
[  290.129663][T15792]  ? __pfx_generic_map_update_batch+0x10/0x10
[  290.129686][T15792]  ? __fget_files+0x2a/0x420
[  290.129716][T15792]  ? __pfx_generic_map_update_batch+0x10/0x10
[  290.129737][T15792]  bpf_map_do_batch+0x39b/0x630
[  290.129769][T15792]  __sys_bpf+0x690/0x860
[  290.129813][T15792]  ? __pfx___sys_bpf+0x10/0x10
[  290.129860][T15792]  ? ksys_write+0x22a/0x250
[  290.129882][T15792]  ? __pfx_ksys_write+0x10/0x10
[  290.129908][T15792]  __x64_sys_bpf+0x7c/0x90
[  290.129933][T15792]  do_syscall_64+0xec/0xf80
[  290.129952][T15792]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.129971][T15792]  ? trace_irq_disable+0x37/0x100
[  290.129995][T15792]  ? clear_bhb_loop+0x60/0xb0
[  290.130018][T15792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.130037][T15792] RIP: 0033:0x7f2aa718f749
[  290.130053][T15792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.130072][T15792] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  290.130092][T15792] RAX: ffffffffffffffda RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  290.130107][T15792] RDX: 0000000000000038 RSI: 0000200000000300 RDI: 000000000000001a
[  290.130120][T15792] RBP: 00007f2aa7fbb090 R08: 0000000000000000 R09: 0000000000000000
[  290.130132][T15792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  290.130144][T15792] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  290.130176][T15792]  </TASK>
[  290.338152][T15267] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.382119][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.416386][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.421219][T15794] netlink: 'syz.1.2967': attribute type 1 has an invalid length.
[  290.425155][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.442119][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.485370][T15794] netlink: 'syz.1.2967': attribute type 2 has an invalid length.
[  290.511534][T15794] netlink: 'syz.1.2967': attribute type 1 has an invalid length.
[  290.520824][T15806] netlink: 'syz.4.2970': attribute type 58 has an invalid length.
[  290.553760][T15806] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2970'.
[  290.569440][T15794] veth0_to_team: left promiscuous mode
[  290.624967][T15810] netlink: 'syz.4.2970': attribute type 39 has an invalid length.
[  290.782853][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.813057][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.892819][T15821] IPv6: sit1: Disabled Multicast RS
[  290.926909][T15821] sit1: entered allmulticast mode
[  291.025077][ T1114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.039999][ T1114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.085739][T15834] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2976'.
[  291.125807][T15834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2976'.
[  291.403435][    C0] ==================================================================
[  291.411537][    C0] BUG: KASAN: slab-use-after-free in rose_send_frame+0x73/0x220
[  291.419198][    C0] Read of size 8 at addr ffff888057663020 by task syz.2.2978/15846
[  291.427095][    C0] 
[  291.429433][    C0] CPU: 0 UID: 0 PID: 15846 Comm: syz.2.2978 Not tainted syzkaller #0 PREEMPT(full) 
[  291.429460][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  291.429474][    C0] Call Trace:
[  291.429483][    C0]  <IRQ>
[  291.429491][    C0]  dump_stack_lvl+0xe8/0x150
[  291.429522][    C0]  print_report+0xca/0x240
[  291.429543][    C0]  ? rose_send_frame+0x73/0x220
[  291.429572][    C0]  kasan_report+0x118/0x150
[  291.429597][    C0]  ? rose_send_frame+0x73/0x220
[  291.429630][    C0]  rose_send_frame+0x73/0x220
[  291.429661][    C0]  rose_t0timer_expiry+0x143/0x350
[  291.429682][    C0]  call_timer_fn+0x16e/0x590
[  291.429705][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  291.429722][    C0]  ? call_timer_fn+0xbe/0x590
[  291.429743][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  291.429769][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.429799][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  291.429818][    C0]  __run_timer_base+0x61a/0x860
[  291.429846][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  291.429865][    C0]  ? clockevents_program_event+0x247/0x350
[  291.429893][    C0]  ? sched_clock_cpu+0x74/0x430
[  291.429917][    C0]  run_timer_softirq+0xb7/0x180
[  291.429938][    C0]  handle_softirqs+0x22b/0x7c0
[  291.429961][    C0]  ? __irq_exit_rcu+0x60/0x150
[  291.429985][    C0]  __irq_exit_rcu+0x60/0x150
[  291.430005][    C0]  irq_exit_rcu+0x9/0x30
[  291.430024][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  291.430051][    C0]  </IRQ>
[  291.430058][    C0]  <TASK>
[  291.430066][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  291.430088][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x70
[  291.430116][    C0] Code: 08 f0 7f 92 65 8b 15 58 f8 be 10 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 6c 16 00 00 00 74 2c 8b 91 48 16 00 00 <83> fa 02 75 21 48 8b 91 50 16 00 00 48 8b 32 48 8d 7e 01 8b 89 4c
[  291.430134][    C0] RSP: 0018:ffffc900035f73c0 EFLAGS: 00000246
[  291.430154][    C0] RAX: ffffffff82145efe RBX: ffffea0001a013c0 RCX: ffff888096780000
[  291.430171][    C0] RDX: 0000000000000000 RSI: ffffea0001a013c0 RDI: ffffea0001a013c0
[  291.430187][    C0] RBP: 0000000000000001 R08: ffffea0001a013c7 R09: 1ffffd4000340278
[  291.430202][    C0] R10: dffffc0000000000 R11: fffff94000340279 R12: dffffc0000000000
[  291.430217][    C0] R13: dffffc0000000000 R14: ffff888096780000 R15: ffffea0001a013c0
[  291.430238][    C0]  ? folio_remove_rmap_ptes+0x2e/0x1060
[  291.430266][    C0]  folio_remove_rmap_ptes+0x2e/0x1060
[  291.430291][    C0]  ? page_table_check_clear+0x4b8/0x5f0
[  291.430311][    C0]  ? page_table_check_clear+0x144/0x5f0
[  291.430333][    C0]  unmap_page_range+0x1e1b/0x4170
[  291.430372][    C0]  ? mas_next_slot+0xc20/0xcf0
[  291.430395][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  291.430421][    C0]  ? mas_find+0xb0e/0xd30
[  291.430439][    C0]  ? unmap_vmas+0x144/0x580
[  291.430461][    C0]  unmap_vmas+0x399/0x580
[  291.430487][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  291.430522][    C0]  exit_mmap+0x239/0xb10
[  291.430540][    C0]  ? uprobe_clear_state+0x20f/0x290
[  291.430562][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  291.430579][    C0]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  291.430607][    C0]  ? __pfx_exit_aio+0x10/0x10
[  291.430639][    C0]  ? uprobe_clear_state+0x27c/0x290
[  291.430662][    C0]  __mmput+0x118/0x430
[  291.430682][    C0]  exit_mm+0x169/0x230
[  291.430710][    C0]  do_exit+0x627/0x22f0
[  291.430740][    C0]  ? __pfx_do_exit+0x10/0x10
[  291.430773][    C0]  do_group_exit+0x21c/0x2d0
[  291.430798][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  291.430829][    C0]  get_signal+0x1285/0x1340
[  291.430859][    C0]  arch_do_signal_or_restart+0x9a/0x7a0
[  291.430889][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  291.430921][    C0]  ? __fget_files+0x2a/0x420
[  291.430945][    C0]  ? __fget_files+0x3a0/0x420
[  291.430973][    C0]  exit_to_user_mode_loop+0x87/0x4e0
[  291.430994][    C0]  ? rcu_is_watching+0x15/0xb0
[  291.431020][    C0]  do_syscall_64+0x2b7/0xf80
[  291.431041][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.431054][    C0]  ? trace_irq_disable+0x37/0x100
[  291.431078][    C0]  ? clear_bhb_loop+0x60/0xb0
[  291.431100][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.431119][    C0] RIP: 0033:0x7f2aa718f749
[  291.431135][    C0] Code: Unable to access opcode bytes at 0x7f2aa718f71f.
[  291.431146][    C0] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  291.431167][    C0] RAX: 0000000000000000 RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  291.431182][    C0] RDX: 00002000000000c0 RSI: 00000000400454ca RDI: 0000000000000003
[  291.431196][    C0] RBP: 00007f2aa7213f91 R08: 0000000000000000 R09: 0000000000000000
[  291.431209][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  291.431221][    C0] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  291.431245][    C0]  </TASK>
[  291.431252][    C0] 
[  291.890082][    C0] Allocated by task 7378:
[  291.894396][    C0]  kasan_save_track+0x3e/0x80
[  291.899063][    C0]  __kasan_kmalloc+0x93/0xb0
[  291.903641][    C0]  __kmalloc_cache_noprof+0x3e2/0x700
[  291.909005][    C0]  rose_add_node+0x23a/0xeb0
[  291.913581][    C0]  rose_rt_ioctl+0xce2/0x1240
[  291.918242][    C0]  rose_ioctl+0x3ce/0x8b0
[  291.922562][    C0]  sock_do_ioctl+0xdc/0x300
[  291.927060][    C0]  sock_ioctl+0x576/0x790
[  291.931378][    C0]  __se_sys_ioctl+0xfc/0x170
[  291.935953][    C0]  do_syscall_64+0xec/0xf80
[  291.940445][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.946320][    C0] 
[  291.948627][    C0] Freed by task 15839:
[  291.952684][    C0]  kasan_save_track+0x3e/0x80
[  291.957345][    C0]  kasan_save_free_info+0x46/0x50
[  291.962361][    C0]  __kasan_slab_free+0x5c/0x80
[  291.967112][    C0]  kfree+0x1c0/0x660
[  291.971000][    C0]  rose_timer_expiry+0x4cb/0x600
[  291.975924][    C0]  call_timer_fn+0x16e/0x590
[  291.980503][    C0]  __run_timer_base+0x61a/0x860
[  291.985335][    C0]  run_timer_softirq+0xb7/0x180
[  291.990177][    C0]  handle_softirqs+0x22b/0x7c0
[  291.994933][    C0]  __irq_exit_rcu+0x60/0x150
[  291.999506][    C0]  irq_exit_rcu+0x9/0x30
[  292.003734][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  292.009349][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  292.015313][    C0] 
[  292.017622][    C0] The buggy address belongs to the object at ffff888057663000
[  292.017622][    C0]  which belongs to the cache kmalloc-512 of size 512
[  292.031659][    C0] The buggy address is located 32 bytes inside of
[  292.031659][    C0]  freed 512-byte region [ffff888057663000, ffff888057663200)
[  292.045354][    C0] 
[  292.047662][    C0] The buggy address belongs to the physical page:
[  292.054062][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57660
[  292.062822][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  292.071410][    C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  292.079487][    C0] page_type: f5(slab)
[  292.083472][    C0] raw: 00fff00000000040 ffff88813ffa6c80 0000000000000000 dead000000000001
[  292.092050][    C0] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  292.100643][    C0] head: 00fff00000000040 ffff88813ffa6c80 0000000000000000 dead000000000001
[  292.109306][    C0] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  292.117962][    C0] head: 00fff00000000002 ffffea00015d9801 00000000ffffffff 00000000ffffffff
[  292.126618][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  292.135272][    C0] page dumped because: kasan: bad access detected
[  292.141684][    C0] page_owner tracks the page as allocated
[  292.147379][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5823, tgid 5823 (syz-executor), ts 74771817875, free_ts 21363441050
[  292.168819][    C0]  post_alloc_hook+0x234/0x290
[  292.173578][    C0]  get_page_from_freelist+0x24e0/0x2580
[  292.179114][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  292.184907][    C0]  alloc_pages_mpol+0x232/0x4a0
[  292.189753][    C0]  allocate_slab+0x86/0x3b0
[  292.194336][    C0]  ___slab_alloc+0xe53/0x1820
[  292.199005][    C0]  __slab_alloc+0x65/0x100
[  292.203411][    C0]  __kmalloc_cache_noprof+0x41e/0x700
[  292.208770][    C0]  __ipv6_dev_mc_inc+0x44f/0xa50
[  292.213698][    C0]  ipv6_add_dev+0xe43/0x13a0
[  292.218284][    C0]  ipv6_find_idev+0xb1/0x1c0
[  292.222859][    C0]  inet6_rtm_newaddr+0x734/0xd20
[  292.227785][    C0]  rtnetlink_rcv_msg+0x7cf/0xb70
[  292.232710][    C0]  netlink_rcv_skb+0x208/0x470
[  292.237458][    C0]  netlink_unicast+0x82f/0x9e0
[  292.242205][    C0]  netlink_sendmsg+0x805/0xb30
[  292.246957][    C0] page last free pid 1 tgid 1 stack trace:
[  292.252746][    C0]  __free_frozen_pages+0xbc8/0xd30
[  292.257845][    C0]  free_contig_range+0x1bd/0x490
[  292.262770][    C0]  destroy_args+0x69/0x660
[  292.267171][    C0]  debug_vm_pgtable+0x38f/0x3a0
[  292.272016][    C0]  do_one_initcall+0x1f1/0x800
[  292.276770][    C0]  do_initcall_level+0x104/0x190
[  292.281694][    C0]  do_initcalls+0x59/0xa0
[  292.286005][    C0]  kernel_init_freeable+0x2a7/0x3d0
[  292.291186][    C0]  kernel_init+0x1d/0x1d0
[  292.295505][    C0]  ret_from_fork+0x510/0xa50
[  292.300084][    C0]  ret_from_fork_asm+0x1a/0x30
[  292.304837][    C0] 
[  292.307148][    C0] Memory state around the buggy address:
[  292.312759][    C0]  ffff888057662f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  292.320804][    C0]  ffff888057662f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  292.328858][    C0] >ffff888057663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  292.336903][    C0]                                ^
[  292.341993][    C0]  ffff888057663080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  292.350034][    C0]  ffff888057663100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  292.358076][    C0] ==================================================================
[  292.366302][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  292.373501][    C0] CPU: 0 UID: 0 PID: 15846 Comm: syz.2.2978 Not tainted syzkaller #0 PREEMPT(full) 
[  292.382877][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  292.392930][    C0] Call Trace:
[  292.396208][    C0]  <IRQ>
[  292.399046][    C0]  vpanic+0x1e0/0x670
[  292.403023][    C0]  panic+0xb9/0xc0
[  292.406735][    C0]  ? __pfx_panic+0x10/0x10
[  292.411151][    C0]  ? rose_send_frame+0x73/0x220
[  292.416002][    C0]  ? rose_send_frame+0x73/0x220
[  292.420856][    C0]  check_panic_on_warn+0x89/0xb0
[  292.425802][    C0]  ? rose_send_frame+0x73/0x220
[  292.430649][    C0]  end_report+0x6f/0x140
[  292.434884][    C0]  kasan_report+0x129/0x150
[  292.439379][    C0]  ? rose_send_frame+0x73/0x220
[  292.444229][    C0]  rose_send_frame+0x73/0x220
[  292.448970][    C0]  rose_t0timer_expiry+0x143/0x350
[  292.454093][    C0]  call_timer_fn+0x16e/0x590
[  292.458685][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  292.464302][    C0]  ? call_timer_fn+0xbe/0x590
[  292.468970][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  292.474163][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.479359][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  292.484978][    C0]  __run_timer_base+0x61a/0x860
[  292.489825][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  292.495185][    C0]  ? clockevents_program_event+0x247/0x350
[  292.500985][    C0]  ? sched_clock_cpu+0x74/0x430
[  292.505827][    C0]  run_timer_softirq+0xb7/0x180
[  292.510669][    C0]  handle_softirqs+0x22b/0x7c0
[  292.515420][    C0]  ? __irq_exit_rcu+0x60/0x150
[  292.520175][    C0]  __irq_exit_rcu+0x60/0x150
[  292.524752][    C0]  irq_exit_rcu+0x9/0x30
[  292.528979][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  292.534602][    C0]  </IRQ>
[  292.537525][    C0]  <TASK>
[  292.540439][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  292.546404][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x70
[  292.552549][    C0] Code: 08 f0 7f 92 65 8b 15 58 f8 be 10 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 6c 16 00 00 00 74 2c 8b 91 48 16 00 00 <83> fa 02 75 21 48 8b 91 50 16 00 00 48 8b 32 48 8d 7e 01 8b 89 4c
[  292.572141][    C0] RSP: 0018:ffffc900035f73c0 EFLAGS: 00000246
[  292.578199][    C0] RAX: ffffffff82145efe RBX: ffffea0001a013c0 RCX: ffff888096780000
[  292.586159][    C0] RDX: 0000000000000000 RSI: ffffea0001a013c0 RDI: ffffea0001a013c0
[  292.594114][    C0] RBP: 0000000000000001 R08: ffffea0001a013c7 R09: 1ffffd4000340278
[  292.602071][    C0] R10: dffffc0000000000 R11: fffff94000340279 R12: dffffc0000000000
[  292.610033][    C0] R13: dffffc0000000000 R14: ffff888096780000 R15: ffffea0001a013c0
[  292.617997][    C0]  ? folio_remove_rmap_ptes+0x2e/0x1060
[  292.623545][    C0]  folio_remove_rmap_ptes+0x2e/0x1060
[  292.628906][    C0]  ? page_table_check_clear+0x4b8/0x5f0
[  292.634434][    C0]  ? page_table_check_clear+0x144/0x5f0
[  292.639966][    C0]  unmap_page_range+0x1e1b/0x4170
[  292.645002][    C0]  ? mas_next_slot+0xc20/0xcf0
[  292.649754][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  292.655118][    C0]  ? mas_find+0xb0e/0xd30
[  292.659431][    C0]  ? unmap_vmas+0x144/0x580
[  292.663923][    C0]  unmap_vmas+0x399/0x580
[  292.668244][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  292.673188][    C0]  exit_mmap+0x239/0xb10
[  292.677416][    C0]  ? uprobe_clear_state+0x20f/0x290
[  292.682606][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  292.687352][    C0]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  292.692984][    C0]  ? __pfx_exit_aio+0x10/0x10
[  292.697667][    C0]  ? uprobe_clear_state+0x27c/0x290
[  292.702852][    C0]  __mmput+0x118/0x430
[  292.706910][    C0]  exit_mm+0x169/0x230
[  292.710972][    C0]  do_exit+0x627/0x22f0
[  292.715121][    C0]  ? __pfx_do_exit+0x10/0x10
[  292.719718][    C0]  do_group_exit+0x21c/0x2d0
[  292.724315][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.729520][    C0]  get_signal+0x1285/0x1340
[  292.734023][    C0]  arch_do_signal_or_restart+0x9a/0x7a0
[  292.739574][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  292.745728][    C0]  ? __fget_files+0x2a/0x420
[  292.750314][    C0]  ? __fget_files+0x3a0/0x420
[  292.754988][    C0]  exit_to_user_mode_loop+0x87/0x4e0
[  292.760264][    C0]  ? rcu_is_watching+0x15/0xb0
[  292.765018][    C0]  do_syscall_64+0x2b7/0xf80
[  292.769599][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.775653][    C0]  ? trace_irq_disable+0x37/0x100
[  292.780671][    C0]  ? clear_bhb_loop+0x60/0xb0
[  292.785348][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.791234][    C0] RIP: 0033:0x7f2aa718f749
[  292.795667][    C0] Code: Unable to access opcode bytes at 0x7f2aa718f71f.
[  292.802685][    C0] RSP: 002b:00007f2aa7fbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  292.811103][    C0] RAX: 0000000000000000 RBX: 00007f2aa73e5fa0 RCX: 00007f2aa718f749
[  292.819067][    C0] RDX: 00002000000000c0 RSI: 00000000400454ca RDI: 0000000000000003
[  292.827031][    C0] RBP: 00007f2aa7213f91 R08: 0000000000000000 R09: 0000000000000000
[  292.835001][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  292.842958][    C0] R13: 00007f2aa73e6038 R14: 00007f2aa73e5fa0 R15: 00007ffd12a1eab8
[  292.850932][    C0]  </TASK>
[  292.854385][    C0] Kernel Offset: disabled
[  292.858698][    C0] Rebooting in 86400 seconds..