last executing test programs:

5.298397979s ago: executing program 3 (id=1097):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$inet(0x2, 0x3, 0x6)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r2=>0x0}, &(0x7f0000000080)=0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r5, @ANYBLOB="10007d80", @ANYRES32=r3, @ANYRESDEC=r2], 0x2c}, 0x1, 0x0, 0x0, 0x440c0}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB], 0x84}}, 0x0)

5.21362211s ago: executing program 0 (id=1098):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000090601020000000000000000000000000900020073797a31000000000500010007000000180007800c00018008000140fffffffe05"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'wlan1\x00', &(0x7f0000000f40)=@ethtool_stats})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x5, 0x8, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001e0001f000010000000000000700"], 0x14}}, 0x0)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000180)=0x5, 0x4)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x1000, r2}, 0x38)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x30, 0x7, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0xc004085}, 0x40044)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000007068ffae769242101e8a0000000a2c000000050a03000000000000000000020000000c00024000000000000000010900010073797a300000000014000000020a030000000000000000000200000314000000110001000000"], 0x68}}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000340), 0x6, r2}, 0x38)
r5 = socket(0x840000000002, 0x3, 0x100)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)={0x6c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3, 0x0, 0x7}, [@IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xa0}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xe9}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x8}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x3}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0xf}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x900)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(r5, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_group_source_req(r5, 0x0, 0x2c, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c0000000001010488ffffffffffffff02001000240002801400018008000100e000000108000200e00000010c00028005000100000000001c001080080001"], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

4.69629255s ago: executing program 4 (id=1103):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x5dc, {0x0, 0x6, "8cb02b", 0x4, 0x2f, 0x0, @loopback, @local, [@srh={0x2b, 0x0, 0x4, 0x0, 0x0, 0x10}]}}}}}}}, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000040)="10208100", 0x4, 0x0, &(0x7f0000000340)={0x11, 0x8100, r1, 0x1, 0x0, 0x6, @local}, 0x14)
r2 = accept4(r0, &(0x7f0000000340)=@generic, &(0x7f0000000200)=0x80, 0x80400)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000400)={{{@in6=@private2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@private2}}, &(0x7f0000000500)=0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000540)={{{@in=@empty, @in6=@local, 0x4e23, 0x2, 0x4e20, 0x9, 0xa, 0x20, 0x20, 0x0, r1, r4}, {0x10, 0x9, 0x3, 0xb35, 0x314, 0x7, 0x1, 0x9}, {0x1, 0x9, 0x79, 0x10000}, 0x1306b3a1, 0x6e6bc0, 0x1, 0x0, 0x2, 0x2}, {{@in=@local, 0x4d3, 0xff}, 0x2, @in=@loopback, 0x3500, 0x0, 0x2, 0x85, 0xfffffffa, 0x101}}, 0xe8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYRES16=r1, @ANYRES64, @ANYRES64=r3], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r6, 0x0, 0x0}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r7, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet6_mtu(r7, 0x29, 0x17, &(0x7f0000000300)=0x5, 0x4)
setsockopt$inet6_tcp_int(r7, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r7, &(0x7f0000001080)='D', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000000}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
write(r7, &(0x7f00000010c0)="94a2e44804cc2a85f74168853dfec24a2ad1712c83e10a28bc1d220195b3cc1c8a8672cfe792f5f8a7667af03e3faa1a806ac2cce7d4bb2e8f21f57dc8f9bc5294e420e19c96368a286f14f85176f3c0f9f970e1ba33cdcbfe55f713d1f6b58ad6e688fbc799a8d7edd3d8afb05bc2c9bfd26a1cdc2547f087d0c7a13c5916889de4b6464d4321b182d81a9cfa3df0c07db5ed7caacd3c604dfebc7c9e7ae07a2696152a999129a2797a9c0a06062787abf3443f241be4c2638f4e5dafda08708fc9f5d49febf344401e95071182d8e6d8a2ecdd85b4895326adcd3cdcd67f502d8440db7bcdb9a45427f32aa398de21478632e83a6bbad9296a0be34d9160eb400b3e14242e4cd4d0a274b53abd989fa35d052906db97a8bb8b72f67bc90b8cd654c8dc3259b6f3677d08da8ee122066488e7cf7e0b14f6562d105f869660d271f7ae8fd9b275a14ff3215ec7844d7086519153d37ff12a1e6036e055be0b75137a4a59a68009a39e1e55d5240ca46b61f6b05fc649df0138e70684a847e1d9d75c9c0fbe1e60be553726df60e85c5a2e634a52cc7c101e0ceba603a23dd9c41c8d653ebd231f3df1d6b526fa447931f40ec0e5926c4cae96d3d5331cdae5e4699ae668a8311c6cc45edd9a92cfff774c6ea860915cf648c14de257ab4314905231e5a6a22d6cddfa40e9f9e91472c56a4f6a474be2ca927948bf851506ee586a9b903c8915f6a4a6e3ca3bcf58eb87a5ccb707e2f1eeb99345fe645422920d7c95952a60ffdaea80cdaa956332b45c13ad4f395f4d29e22172aa1da2b85b3295a6cd96970777ecb7862080f4e16df2d484bfab5adbaa158dc5b7fd070404e2136a999620fd04e96b87e673df1708364785a6ce3ab1a8c6c0c11fea89f0282ef1d3c698f1bb428668b3d744c3536161439a2884e3794defdf4ab5efd81d3af13f4f45e7e90306398e20e3f77a96fdd3bd8c6e1f718aee1d93e8ea861dafcf4f177d0a887e3b4439826f82868fdea4a4b6d4b6c28ef022a43d8cff19f3a8579c5c02b4f5a3b30d7821dbeadd949c03914640ae9074de8dbadcb7bd8774ca8f985c7f7a04d97484430d1553c58b3c8e994bafdab5586ed85934f4407a16d8c87b519ba156f3d5362fd8294d0fe72c096bb068731adeea5201984d09866ce282e1e05488ca0619f27e09159d4eb581d9a3b8c88f070251e1a156c36a6e1155cdadfd1298e4daa6af7ab8017bf1ba9fa3a83f1894a071b7a6bf74de7d613deaa3df8a0f61d928f1a51043c99baeccacf78db7d9a345a306b299b479125eda2426d358f1290136591a9ce301a87d73258dc042d0a21866da2d2499c40139b6850c104d08e6149f7b2d8d3ce8be0e92c11a3046c8dcd0d25e3d7c2088f32bcd70b87b0053e375e0efae77db646b600150038600a7558171b4d11964c7df8c1a6e601f1eab7e6bb3941c7e9091deb7ccedfb83a71c640d7125231a16e24970a07021f834311882e675db9cb8118fd24a154f14e9f9fb32b3e91ef77cba80f952fbbd5c9c950f16474bc74d428247f39bdfa8ec314b9cd4acd1ac6bc7c89ab355a3da433e4905181df8f5878421ff3ac6fddd727ab41a7bd5c85f43c0b666cf144dad1f3dd543f4a04ca1268d1e74e093f146b78cd949c12652d4c683eee63e6728de8d3384703a4c1bf26a20d5fa06404716fa57189d84dce16ea8629bfeb0817708a02bdc66c3166bc398ac8038e150bfbc5396f3d620c54841ee4e5bd247ffbaf00c040c60cd8c14e5a52ff7ccb77e2ed2fb1528d7c7ee2ddf8dc29153437d3b4142d5458e3e8477ed5f3a48bf592318411eac8ccbeff6a2b2b0677a18fb679c3d1300b1a4e348b55ea58a9868d94f4414d7ccebf3a67209191929b72a837ba1b2ac179eef9fe6c0623fd266981595568c039c4a2684f5d505a405ff0abbbd2a78046bac4f75493014b9801a8e26efe33d26f318fe5d87f5522a7cc49c15128e782f0e1b0b0d510bf8386c0dc54dfb1db85d88b1ef21dff34e3a7497a5e0c316d3270b15a450da19d0dddc203d9bc040cb9755c28c728b2dbc492d8b430b5c0df5140df0fc782a8c5b27a9dd8db94f241f47b9bf7cd87abc2b387629e175ccf49f4763f7ccff126a5885b7ea0a9ff3f648a8e5a75204d33eae9a1f4255a7dba4022bed3f2a0e2009cac28f6a0ec7690afb8413785ef519b19c87243c8175df2f298e2692a16b6a242fee982588aabd81cc83dbdd81764286327e2d7dc3354907bf142ab060d4952180f57d94182cd47e28b2536c1f6154b8dac607b2f3b383f575abae1ab6da1812539535e3b7d6a9b9ae1f21d0b9c09a6d4b2a9bca8b2e9611db71580b9be5d362920a3b0c97e62b62a36129094ebff76f0374f2ed071848b87a54f398c8376ca64090bcbb8a40bf6b030473a7ea5121878497a677d3923e9a8409e05adba96b81b5406b2dc509093a806fc9276cd1408acf1bdd10aca106fd445d1cfcb41d251ce3b857ea09746712ab2c20acb8f351e631db739d2871c7d2837b2c55e19e1fc6a8ce6f194995eef29f5a438ac306ef8fb12c5d8d1a903f71ab27607a3b7461dd4948075c1dd1359b83bf82fdb367b3ab127d4a6b6d8765ad8ed1903caa0d8b272c6276fa3442641c02d53d02784f0274ae4287d1d8956715c0fef7e2aaa3d94218150ec60b17cbc51321387a0aad7ccac2ba104dde1e72e6ccafd0c6b40276f812d6c304a3da72abe8a75d4cb10eeeed7bbbc266901388dd0ebb0018a9347f59afd5db8b029c6ed5bb169f191cbd0c724b4590c677486b37706fb1c31c3482354005b2349dc3757cc07722dfb8639ebeab32050742d79881698e8bd535bddd38c23c29a35ea8bfbe5acd0f0c1e93107356574ffdcbcc8a3a3ab642c5fc930c21c40efcb139e9b29269d93eb9c86cccdc0fd55ab225a5a3e406ad4a3f02ee924ab65b09eb476ab55eb965e6dd52b6308c15c072e9d2e9c6d4e3e6b74ffcc5d20c31ca67550a617ead557378e2407e4c3ac24ba4cba10fe76647ef1567109859cc373ead969941a06399d47755d7c35476ca3c51903ceb46f5543ab3d9e574d1abb95be098f89ba03f6aa88c523df688a8764053873aede132c01358bd20472f6fe3f950da926491b18f61271f7afdec5a20b687ce3e8692e4816a3056f335d060088029479d21011956913f6a84b6a1cd60dccf3d6333d450ed1983bdc48bc531c8e73f9ded6d393be39298d9942c2de0adb52930bba76039134e65d7438b3a51041313da3d8a388e3fae5d2c161d1a91b96a85cf437883369c4a331a6234ee811d7a031fbb2edf2454cfd4b61143796266946cb68d4e67f9bcd5629afa77d213446dab7c5d39fc710003926f434dab03e8a46890c6d233022982c959806044f4093165ed61900186c08a7ad86eff280bf995cbc826d8b34c8afa4eb2ca38a09ebfd1986f627187c9b4d63767419820e32803c64d205e492e10fae4365fc91eb40aed3a88c99f09e408fd15d00d22bbdeb16acb2870fa7a52af8743d2c2533f046f2f7c93e50a4ba506b9e43b036f00921b18ce07661008cec92758f36dfaafb3a324e07317d6debcf84a6534ccb27941ed8a4dcfb0764a47f6e3ab410d1386dcb688402ccc2a7d1c50b367829550fd859694da8a22a9c2a8fdf1727a6198535a966c9f2292b9f444aebe29ec7d01f29ab4228245f753b049b3dfa40a74ef7c3c9e9037ca5e4c0dc2c7cbe1802d0aeb296b946a7648e874372742c98f034f6f6f12e456a17979649ddb673b92c64c3c54ca63e48b93057408330bca7dc7004adf6702801333db366cb171d7a069fac4b65e31ba6a5928466ab06b26342c13a551ad9058d1af9f0b9fa288dd25b5ac03e000afb8db98b00550d41d64256966eff21c5f00646a105d132626dd1b9617c90940c0bfb87e2cffa0dfba93c9afd41bb9edfbb1c6a307507276557995e9f5a326f4f7ab1a61f9099ed05108857cfb215c3a3d65e0334127daa91e02253ff96ea6933e577fb25f0efe8781095bb765b10605bfdc78ab24c2193a3c5bf6310266b43766a90256670ae25d317ced784332ba81f3c06fb3308f93db4bb83836a1cf2af2c7c0f371be8620102ca3250c675bef3d7e6ea8018176b4e6856fdfac1de028da97b49919fdaf01e70f829ec6b5ce59cfcd829fb97329c8d808c2dbc04063b173d3b80d619bd5f341130bd2183b0e092409ad18a45599476e42db6981d8168ef616211fa3e3a135226ce25e85f9a00c12659d1a6b9a37c6db4ef6d2249271e887e828273c1d5de80e74d9a75337b588dbd930212a05f6b4761721d462d0b744bcb449d224ed36616d5a8cd95e08aaae132e7f75b96bdd119ce52115a837dad3c70566d5daad94d662ecf0c5787efeddd610d13d89fe0414b76cbc0ccbb7f8cc1ed4c74389b4f28c409230c9f1e0b60ad817dac1d93523032dc26648a0f1841f45cec271e5fe788677868dc54cbd7e86b232f48d1defdbd6d378af39760aedf28417089151c32a74a55800d0780078779579ba47520e425ebf10fbff9fb84f827c511279f369bcdda87d1236cb3d7d0141ab9e175a6e5d9cbe239439dd0364799e8e80f601188dc18937d1deb8f14828724cb79b9808807d9d5efea9abc14d6a6ff6f0301fe0a26bd2a5cbbed36f71d8eb08fb5c0372890e59e61542a218ed14ba96448949706fa6209c4b4de7082265d41586f972308cd8ea4a7f418561e8ab5dcc0a1826bfbcb12f010a8b7b982af633c86ad0e638c1bafc3f0786dc42883e9e95c95069899fe4cf4a366ce0e671e6c8d09a6b4ad92668e1ba281abf9406aa0284323bbbe2d4f4543548e244c14ebf5dabaff6b30cd821a479abccbfba6412c40ab2a6ec2ced6358ddd4669e2710f3b26090b4b614dd64b0004e31d3deb4afdd3e7c10ae5cf0a08f3bfd7342d173d0763dc1c6aa83fd982860b549d89b676fc8019e10d5e18f6dc96249a0a139f3a1f70d36817778cc7347f9167efc991a22c027e6d1984809678c1ffcc55e791b1d38f296aaa349a97a7494818cff3620e5aca4155df7d966cb2265b92d7db022111e67afe8dfe3b7dee9fb05cd26fe96197bf6342adc1465af45cca8053b256efa10fae675b25e86970026d42f1ded81b2df5cefa6ed4320cf2fd6e65bbd92ca6418ceb7f355603d15fcf01e993c982b2d9a12a2bf58803a94c36e93862269431ad881faeca698f470d9764bf11a1e9515c5c38089a347e33a0e943e244bbd983a2295473ba5f141a4cf14e99f1e97f42fc77aa31968a8a01ef7e1ca401189e88dc7b7005546d15f1d62f6849e64c7f1b99f38aea7c42309741eb626020657211aa2bc8fbbffb1b863e6789bc0aa8e2c77b9009f8845a1ec71cb47ca8e7f7411af9c7b6e38dfdaa6c978871e9b7eadfc986e4b6b8914602651f786cb4cca7c3861914abb70cb547624eeb69e9631e22ac0a09e5db1006ca54115bbdabebf6e2609653391cd325d91030d447654c78990ddf0012b065654c9593dcce4a89f8fc66cbadab8f31977527ab645188874aba684fa5c580063c5075db2473e06a15ffe0042210b14f0e55924de43af18e80b14a1e6e39a20ac624a2372e401c7894514c9dd2f9367c16502e07a161b1b66d4fc37cfebe5b1c444d610ef0580ca868f7dbcff61e5eef38f1182d81ffc89d41834eb11faf3bc381ac6b453abd9c85fb2864e644e2e61b39d45adeeca83e6bd6a69e52554637ce8ec141040badf3ae7ba81dfd849b5559c23069d721a789d6d3324efee198b1c95cf7b360576", 0x1000)

4.635987405s ago: executing program 3 (id=1104):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c) (fail_nth: 28)

3.693069985s ago: executing program 3 (id=1107):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a200000000000010900010073797a3100000000010000000900030073797a31000000000900010073797a3100000000140004800800014000000005080002401b2fd2c528000000000a05000000000000000000010000080900010073797a31000000000800024000000001140000001100010000000000000000000100000a00000000000000000000430000"], 0xb0}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, 0x0, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x35)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCGDEBUG(r5, 0x80047441, &(0x7f0000000000))
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r0, &(0x7f0000000200)={0xa0000001})
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r0, &(0x7f0000000080))

3.596871296s ago: executing program 0 (id=1109):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000020000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x0)

3.594950492s ago: executing program 4 (id=1110):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x3f}, 0xfffffffc}, 0x1c) (async)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
shutdown(r1, 0x0) (async)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}) (async)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) (async)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000040000004000000040"], 0x50) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6e37abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96775ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000264e257a0c7650000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c8475affcea6520edec29dd7f18962a4cedbc79e4ef2909d8f736afb3004a26000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10) (async, rerun: 64)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) (rerun: 64)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge0\x00'}) (async)
socket(0x15, 0x5, 0x0) (async)
r7 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'nicvf0\x00', 0x1}) (async)
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff, 0x0, 0xff000000], [], 'wg1\x00', 'gre0\x00', {}, {0xff}, 0x29}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5, 0x0, 0x78}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0) (async)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r9, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})
recvmsg(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/249, 0x1ff18}], 0x1}, 0x0) (async)
close(r3) (async)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)

3.344681496s ago: executing program 1 (id=1111):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000c00)=[{{&(0x7f0000000640)=@in={0x2, 0x4e23, @rand_addr=0x64010102}, 0x80, &(0x7f0000000780)=[{&(0x7f00000002c0)="dec88d731300025923b5fb3476fc70fcf9676588422f454ec17e74274fc0f8e2f5ea18d95e0f664320596eee", 0x2c}, {&(0x7f00000006c0)="ac3b074a0b45371734d46283c8ccc5a0a74c0e5de11a0b7d59ab986b4814e16a0e5c34a9461ac669586eb531d8be0c9df40e4586cfdf055937112a35d85d7b25a26c90b60b9d864855f4f1e9cb78faece8b86bd8c98253796f6e8b25bfc8207f5ba2a0481f0bc420d8d23d8016f83b226b2ec524f5bc8f1118233ba358931b3875d51bd3cd1b350dc45b5d3ff22dba01be820beef297a7a619508004a5acf7ca02f2f31cccebe78710bd9dfa7c8bfd6c1f4bfa50d9ef6abed800f4e39a1ff7", 0xbf}], 0x2, &(0x7f00000007c0)=[{0xa8, 0x1, 0xe205, "e9ba6801f9fc4a6f72eda37ae7f561bf75e6a66f0ee3f35d0d8297fbec143db3eb3bcfd54f5c25375ce0d8165be3ec6034a6fa1798abdb217374c0d794bf8200fbf6ba96b655da04eb74c7012c5a5ec912f44cdf7320e4d013744e8b3b06c9a2a7ed847a9fcd975809329c4c1add5599f0b841c435703bbd4843402a4b700425ffab895a6058ef00cfbd2354d0f9efad38886b66b857"}, {0x30, 0x118, 0x80000000, "c842c209e1b6e8540927f509a2e30ba05487485ddde0ea02079f"}, {0xe8, 0x117, 0x5, "b3f85ef2a4ebc5b949536947ebe476c45f7046632739f9622f62d110ec08bace263bfdfac44ec645f610db311e355b14c46b7385215d10b28c8ad631c2e769d8bdecb44a8ae39b4dd53fe0cfc6fcf27c6c2481f65609dfede29667bd5aa6f6fa9660c48ee472f8f85bfb1d825aebb8ce2eeddf42f121e96d3da1c22a19dff87700003a3ac19bfb2b78dfa6702fd8dc04e2f163d9fb2bfe37488ba7da81c0f274223df3c97082013776c69b0e530dbcce12e61988a7c49cdbd5378fdbd11b2344d77edda2b22e092d30b16006f6949f986f24d43140ec20"}, {0xe8, 0x115, 0x6, "58310ab7b911700522e84bc30f5c89723a249d86e2e502a796f2512624674db714f21438e0fc4495c152e08f63b6a61f08ed50db6f63bfa6320bd51fb567ca3eceded288e6021ae18b0571580b147feeff0d3a7bda470168613fa15614f2ea25dd8eaf2979f02beb0160f2058f029fe68147118a7c10554f94c1ebbeb8949923867401fbfbb5d6b8e4885bda2792dd81a61e618961fdf5657a4718d333da228c06edd3268c41e0354e62355327773fe861a6d863f64c29c262990f7129d4267355de0753e3215ff6be714e4a90a3e6d230c08bc55c"}, {0x80, 0x29, 0x40, "c6f29e02a7883b0ade8af26ac6fe654af29e7a46ed8b2e2ba71a9dacea799c5a989c336d477f5eab8b4626596c6694e9cd7f96f2bfdb12ac106dc562dcf4e17c6dc1eaa0bf3b9c974f34155c94a20aff57323f84500169946ddb3befbba5a6eec511a4ab69536ddebb773cd80d67"}, {0x108, 0x118, 0x8, "a5ceb31b15f535d753176171e4eae5740194299e72cfcb10e0964ef1e910113cdab70a2566b6984573ecfc4f365aa8b9dbadcf357df30a6ae99b3bf55de53989f4756494f6b8197ea1e2b04fa7f30640ac654d2e489f8d008c0e30363fcd6b0c80241dbdff342c9cac30bbfe442268a2315f0b63a5414af44b341032d103f65e7cccf5408a3a4796bfa5fdbd55f23a08e45c559c7198cfe5b1b714886fe42afd34f769ebe1c7fea085b43a7572666ad49bd7f379b1cd6a003393c832a58f0a06860c0619cd8fa488b23d02972a36a1aebb637b8231efdafa041485877b95722b72214f39a16c21e8a20a6149b180b3c99b6370da872ac97b"}], 0x430}}], 0x1, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x24, 0x2b, 0xb, 0x0, 0x0, {0x8}, [@typed={0x4, 0x3}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}]}]}, 0x24}}, 0xc00)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r6}, &(0x7f0000000040), &(0x7f0000000140)=r5}, 0x20)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r7=>0x0})
r8 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c)
sendmmsg(r8, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
bind$tipc(r8, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r8, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x4e20, @local}}, 0x0, 0x0, 0x10, 0x0, "b20fc19dcea1a2f64cd3368960179b0a3811acf296c264b1b3fb980632bb28e0fd5bdc0e3d3c15e77d4993e70a79f1256777954e7ec11252c1f5824eccf4ee5fd8450c8ad9ce5dc6f62732c5b8b06018"}, 0xd8)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000f80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095", @ANYRESHEX=r7, @ANYRES64=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
r10 = socket$unix(0x1, 0x2, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r4, 0x29, 0x41, &(0x7f0000000c40)={'nat\x00', 0x2, [{}, {}]}, 0x48)
bind$unix(r10, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r11 = socket$unix(0x1, 0x2, 0x0)
r12 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r12, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r8, &(0x7f0000000d00), 0x0, 0x3ec0)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000f40)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000d40)={0x18c, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [{{0x8}, {0x170, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r7}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x8001}}, {0x8, 0x6, r7}}}]}}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4040011}, 0x4800)
connect$unix(r11, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000380)=[{r11, 0x4}], 0x1, 0x0, 0x0, 0x0)
readv(r10, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/150, 0x96}], 0x1)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="5400000010000104000000000000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000000000002c0012800e00010069703667726574617000000018000280140007002001000000000000000000000000000208000a00", @ANYRES32=r7, @ANYBLOB="3bc8776f11124b03e2693671169ca6627789f9ee00fd0b496a8278c8fe904d8c77dcffdfe9790a436868b6d65db6d53fec348ab74f31c955ce8582908fb80a4c0901dda3deb66ee5565f2e47062585ce4bbe6acb4aec847317cc4c20000628900300000079b42e073e3a5f12f5a543fae839e839aabfef7e0eff6fc7e26fc4c74e25a24d15a92d1e0f77697c22fd7a19aec33d7fb84fd7a6ccc981e96363719e4fde457102da2fd3f770cdd1b0f7f26d5dd257ce38559946ea2d553c4d5573d5938d3b233e01a0c1990c02c75babb8e889e9b32104115ca2c453cca9300fafa0493c8b13e3e6b293d36e229d832c3a43f37d07064429fdd7c56d5b861ff666669fb7efa5f269728ae2e80f3fe0db04b49adbea596d8ca7ca706468af0924a74b99a6cf9eae1c4b31f0772a5d1b5c6f1f72245456224bda790a0c93fcc43aebe82554c809cb9064383bbd2e7f10d3c24d8c332c9aeaddff656c7a2efbd2096e6555507469e35c3f70167ce51304e4075e89722dec4dcac5d6c9f107baf2cd7493a5bf5044"], 0x54}, 0x1, 0x0, 0x0, 0x20081}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MEMBERSHIP_INTVL={0xc, 0x1f, 0x7}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x2}]}}}]}, 0x4c}}, 0x0)

3.267755869s ago: executing program 2 (id=1112):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x4, 0x0, &(0x7f0000000600)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008801000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x110)

3.267243843s ago: executing program 0 (id=1113):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x5}, 0x80)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c2b2b0304000e0580a7b6070d63e286", 0x15)

3.142461387s ago: executing program 4 (id=1114):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18002f0001000000000000000000000071122e000000000095"], &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock_addr=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10002568, @void, @value}, 0x94)

3.037599345s ago: executing program 0 (id=1115):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)=ANY=[], 0x14}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = openat$cgroup(r4, &(0x7f00000004c0)='syz1\x00', 0x200002, 0x0)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$sock_linger(r7, 0x1, 0xd, &(0x7f0000000100)={0x1}, 0x8)
close(r7)
openat$cgroup_ro(r6, &(0x7f0000000500)='cpuset.effective_cpus\x00', 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x19, &(0x7f0000000240)=[@in6={0xa, 0x2, 0x0, @local, 0x2}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r8, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r9=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1b, &(0x7f0000000040)={r9}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000000400)={r9, 0xa6, "d991576276606961239592e6137e12532897c32d5959c35b2c8a7631ec8b80601fedae95382a777f6ea783edfd3d75f27994d265e39c227994e6c7d225678088563a47892fde20adcf18a4c7e3e76f6f21621a87cba9bd075e85391440ec682acdb400d1da19f9d4ef1e02929daf79c04aea3cd934fae8997504dcd26435170ad37f066b53dcb846a06316d8ece4d7b0605f60144bb121d9840f214f5dff87913d660da74880"}, &(0x7f0000000040)=0xae)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)={@val={0x0, 0x8864}, @val={0x0, 0x0, 0x11, 0x800}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "ec9700", 0x28, 0x2c, 0x0, @local, @mcast2, {[], @ndisc_redir={0x89, 0x2, 0x0, '\x00', @private0, @remote}}}}}, 0x5e)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r10, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x0, 0x20, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller1\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x32}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'gretap0\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x1)

2.955955446s ago: executing program 2 (id=1116):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000380)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f0000000a0000000d0085a168d0bf46d32345653600648d040015000209000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32e218d1ddf66ed538f252325000"/120, 0x78, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000380)=ANY=[], 0x8)

2.890585376s ago: executing program 4 (id=1117):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'}) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x34}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x2c}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52) (async)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000005ec0)={0x0, 0x0, &(0x7f0000005e80)={&(0x7f0000005e00)=ANY=[@ANYBLOB="1c000000020301020000000000000000020000050800010400000000"], 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x48010) (async)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r2, 0x1) (async)
recvmmsg(r2, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001d40)=""/4078, 0xfee}, {&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000002d40)=""/4116, 0x1005}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/231, 0xe7}], 0x5}}], 0x3ffffbd, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)
recvmsg(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x10000) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000400)={'lo\x00', <r6=>0x0})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x4, &(0x7f00000001c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xffffffffffffff19, 0x2, {0x1, 0x7ffffffd}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8}, 0x3000c81c) (async, rerun: 32)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000007100100027bd7000ffdbdf2507000000", @ANYRES32=r6, @ANYBLOB="0c0001800800010034000c00100001800c00048008000200130000000c00018005000300020000000c00018005000300020000000c00018005000600f10000000c000180060002000e000000"], 0x64}, 0x1, 0x0, 0x0, 0x6048000}, 0x0) (rerun: 32)

2.740388628s ago: executing program 2 (id=1118):
unshare(0x8040600)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000100)=[{0x44, 0x0, 0x0, 0xfffff024}, {0x80000006}]}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="14000000ed03010000000000000000070000000a14000000fa03030000000000000000000000000a5839bf5f6f8efc7f510472e9b0b0944b01abc0b56726400817c6e521884d2a8bb36c772a6780d806bfc8cc7cff44b77c71131dd97f4be23be46376e2592a5ffc172af0968462d55fbd5def45923033377bc73d7b89cb6a6e1f48bb0ea3f260e1a4cf4fe76a93f6d75ac6a123dbe3545b198a01d350610b37cde0dfcb2b7031fd89ae68c4f937673d56bcf93613aa240d2d767613faa8e4d5c088c2ad0280ba4339b9a8997dce2d5f8b40e7f485eddb184a71b2dc84fcba070834935b4e120ba02a41"], 0x28}}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}}, 0x84)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
unshare(0x20000400)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3fc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000500)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(r5)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
getpeername$packet(r5, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x14, 0x38, 0x701, 0x0, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x4000000)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0xd, &(0x7f0000000700)=@assoc_value={<r9=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x85, &(0x7f00000001c0)={r9, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)
r10 = socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r4, 0x40049366, &(0x7f0000000680)=0x2)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x801, 0x0, 0xfffffffc, {0x0, 0x0, 0x4c, 0x0, 0xc3}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}]}, 0x30}, 0x1, 0xffffa888}, 0x8810)
ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0)

2.491956118s ago: executing program 3 (id=1119):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="01000000000000001c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x20000005}, 0x0)

2.336121491s ago: executing program 1 (id=1120):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="500100001000130429bd700000000000acd8b438140000002001000065c9b84ea9cd3e8c59859b4c4608f10000000000000000001400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000100000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000800000000000000000008000000000081000000000000000000000000000000000000000000000005000000000000000400000000000000060000040000000000000000f9ffffff000008000000000000000000020004816800000000000000600012"], 0x150}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x0)

2.124450071s ago: executing program 0 (id=1121):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r0=>0x0})
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x8c, 0x8c, 0x4, [@restrict={0xe, 0x0, 0x0, 0xb, 0x3}, @enum={0x2, 0x4, 0x0, 0x6, 0x4, [{0x0, 0x6}, {0x7, 0x5}, {0xe, 0x7}, {0x1}]}, @enum64={0xf, 0x6, 0x0, 0x13, 0x0, 0xc, [{0x4, 0x5f, 0x200}, {0xf, 0x7a, 0x7}, {0x10, 0x5, 0x6977}, {0x2, 0x0, 0x1}, {0x8, 0x4, 0xfffffff8}, {0xd, 0x100, 0x7a6}]}]}, {0x0, [0x2e, 0x61]}}, &(0x7f0000000280)=""/161, 0xa8, 0xa1, 0x0, 0xffff, 0x10000, @value}, 0x28)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000400)={0x1ff, <r2=>0x0}, 0x8)
r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@o_path={&(0x7f0000000440)='./file0\x00', 0x0, 0x18}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1a, 0x8, &(0x7f0000000000)=@raw=[@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000040)='GPL\x00', 0x401, 0xc3, &(0x7f0000000080)=""/195, 0x41000, 0x0, '\x00', r0, @fallback=0xd, r1, 0x8, &(0x7f0000000380)={0x3, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0x5, 0x9, 0x7}, 0x10, r2, r3, 0x2, 0x0, &(0x7f00000004c0)=[{0x0, 0x1, 0xa, 0xb}, {0x1, 0x2, 0x6, 0x7}], 0x10, 0x5, @void, @value}, 0x94)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89f8, &(0x7f00000005c0)="cc8a1fa2be7722281b5a50ff3f909da8072acf39a86e066a8265cea5969da8c2c3cce034d12c49cb95f786634bd8aaf67f55cb2cdaca5352009b269cada1f45af105e40ec9ad3af879f4cc87f4cae69e441551d7408742310b7ef3f2de871bc0c3e75c7b45cfabc9c49e98915e52209d04ed4afaf48f74d4eebd0f826945f2a3e0731967ad42a28409ab342eb8b98f144842cecfe3be29f4e5ce7a9bd95680300dded55ac3801baa48dfca2044737dd6c26da89a70f5e540b8ff74273ba76056b39c6689e2bd53efa71b8a4b4096e06474cdc96969fb67cbe2ffa8e68d53305e098dc8ee15e51166e80c2b5c912de42c8be8b719e0dd18195faeb44eaf292a")
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x44094008}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)=@getnetconf={0x14, 0x52, 0x10, 0x70bd2c, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040040}, 0x24000000)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$BTRFS_IOC_GET_DEV_STATS(r5, 0xc4089434, &(0x7f00000007c0)={0x0, 0xdde, 0x0, [0x0, 0x3, 0x2, 0x9, 0x7], [0x9, 0x7fffffffffffffff, 0x9, 0x1, 0xffffffffffffffff, 0x8, 0x6, 0x1, 0x8000, 0x9, 0x9, 0x4, 0x85, 0x0, 0x9, 0x1, 0x2, 0xc040000000000000, 0x9, 0x5, 0x5, 0x219, 0x1, 0x3c, 0x1, 0x8, 0x7, 0x7fff, 0x9, 0x3, 0x7ff, 0x3, 0x5, 0x1d9, 0x3d1, 0x3, 0x1, 0x1200000, 0xfffffffffffffffd, 0x3, 0x5, 0x5, 0x98, 0x0, 0x0, 0x58f8, 0x6, 0x1, 0xb1, 0x5, 0xb9c7, 0x8, 0x9, 0x100000001, 0xfffffffffffffff8, 0xfffffffffffffffd, 0x2, 0x2, 0x5, 0x200, 0x10, 0x4, 0x8001, 0xeb, 0x5, 0x1, 0xb, 0xfff, 0x8000, 0x3, 0x5ed, 0x8, 0x0, 0x7fffffff, 0x7, 0x3, 0x200, 0x1, 0x1, 0x3d93, 0x800, 0x3, 0xd, 0x8cb, 0x100000000, 0x100000000, 0x0, 0xfffffffffffff0c3, 0x6, 0xfffffffffffffe01, 0x8, 0x10001, 0xffff, 0x5, 0x79, 0x6fd3, 0x3, 0x0, 0x0, 0xfc, 0x7, 0x65da, 0x5, 0x7fff, 0xdb70, 0x7, 0x23cc, 0xfff, 0x1, 0x81, 0x2, 0xfffffffffffffff7, 0x9, 0x1, 0x7, 0x3, 0x6, 0x80000000800000, 0xff, 0x8000000000000001, 0x8]})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000c00)={@ifindex=r0, r4, 0x1b, 0x0, 0x0, @void, @value=r4}, 0x20)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_DONE(r7, 0x0, 0xc9, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(0xffffffffffffffff, 0x110, 0x3)
bind$inet(r7, &(0x7f0000000c40)={0x2, 0x4e24, @empty}, 0x10)
r9 = accept4(r6, &(0x7f0000000c80)=@un=@abs, &(0x7f0000000d00)=0x80, 0x80000)
connect$vsock_stream(r9, &(0x7f0000000d40)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r10 = socket$inet_smc(0x2b, 0x1, 0x0)
sendmmsg$inet(r9, &(0x7f0000002280)=[{{0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000d80)="3ac71b0642c174ace65cdf471079418d8501f3422ae11d83ab2740da4b41716e2f", 0x21}, {&(0x7f0000000e40)="50414c3d607ccac33aa16db070dcae890b4015482ba309a1ceb7fd5f4a70538553960b", 0x23}, {&(0x7f0000000e80)='T', 0x1}, {&(0x7f0000000ec0)="08970485baf54b318a4bf83da0024b4cd61a405fffc3f10564e51efbdbd1031ba1a4db55f9016bb2da4a2ca58a03e50f7ca642b4e87e5dd8563d189aee14606dfe23ccf1407ef8f1ff26097378ed34dd749ac3b542efdb00db0ad426f10f151a5f73ae8fa534a1392f864d9945893de80e96bee971048bf322963b9f0eec138c0ab6cbde5185b5a0abf5e9a263a1afc1311865fae21701d240e7", 0x9a}], 0x4, &(0x7f0000001040)=[@ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x81}}], 0x30}}, {{&(0x7f0000001080)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000001240)=[{0x0}, {&(0x7f0000001180)="5ced32c37ab97195fb69178474e5704cb52464a1ee5da9ab7433848a651060fad717f11bf7128e02b857e6a1f0aa90dcf8f0089ada2710d87928b6b3847512ac0a4bf5d39a57ab7f828b86e12c29113acdb9c76e7c7403f1cdb06f12b4d83bf7636d5bc23ecb95554e75473572ae960b7d8e75716a29ca3f95c3e24f93f8577c07f405e28f2fe92f2bb827f196d4ebad2f6ce7afafde43b7a463", 0x9a}], 0x2, &(0x7f0000001280)=[@ip_ttl={{0x14, 0x0, 0x2, 0x8}}], 0x18}}, {{&(0x7f00000012c0)={0x2, 0x4e23, @private=0xa010102}, 0x10, &(0x7f0000001780)=[{&(0x7f0000001300)="b2fa90f322ea34edd3372666051440c3cd115e8042ace8eb91fc020ba1d140adbdd055eb088f4a30bf06ae18018a25f27abbbc510cb1b20a192a1324f3af55a3bf02444b1df47ca97b47d3b0a2808f55", 0x50}, {&(0x7f0000001380)="8714466e83df41d99518e5438b0e4b26ae14f69a4f6aee", 0x17}, {&(0x7f00000013c0)="40695da589155932f7357726dd2e831d44cd96a86b57915586c59b54aa499b58283d740bcdb556b6f99b0c51025ed373cc868dbddecc78ebf3748d8aa06dffa85c2a16a411433f82eb24c8369f9eb18d486296e09f54c0ca917a3da002ae71740df74ce4abd7b2554e4fe8", 0x6b}, {&(0x7f0000001440)="97245e4f7aadd8c15b2d38d613f8da389e7ad39c83969a221ff5e285f86d5d7607af1db0381302e23802508eab16a8c9057a0eed6f4175162c980d18846d1262c5470cba0d0861b1cf4f32c8d35fced2083f28d21be1065c89b38477ae77b2784aa53f605bf247bf9a16196ebcfd3391b331bea65be8819ae387cd27b1859576cdb0054edcc2caa7de5104fc9982cf4106fa70a9137548796ccc9f2b9e187372c3baa9d1a6bd1e3f89f3a3224c2addd2ba0dcec352e3028a25048c891f3a27d83067f83517b09305f2f113e7cecfccbbcf686e359e1232c43cc4a017d92f79", 0xdf}, {&(0x7f0000001540)="1d90afa00a22a439590315e32db12db4459f4838d14ae59cc38282d77b2abe49ee36adff6821e95e5f9a44bcccef8a16a6e9d55cda01d396fbf19d82744f3b9048840b964b725d16594fe0baab290c5dfd92f86e85b0794380de031d80d294440fd1d0bfd56e6ea99f011e67fd424cf572c5e1fe9f359d7c7f9fb0820fac16bfe48b827f1f90fd05a7a369b38d5be8467dee8a1647", 0x95}, {&(0x7f0000001600)="fc7ce1f0c81cee204bea8a39f08d9584dbe2d83b1e66e3ca3481fb17cfeba4c68b734ddf9c4b61796f4b3ba6ae3c763e02c66962728254284da819803505660dd87ab1f64d86e0c71b1a385f96c710a961d3b5acfa44ea38e0d8335ff081c70f516957147b3538b664549b6ed029f311b1cf7282dc48b38f639f6b625ed62c211782e68762417bb5bfd8e3fa6beb461a9f62569d33a7b32852edc70b887c3eef74f897bb5e291dd98af549", 0xab}, {&(0x7f00000016c0)="7f595db654bf937397c3457b0abdbd7f06cbf246a23c5bb57c9687c3bdf88732b7469466aa44ec72b9c0fb63d55392978abaad27ea5c67221ca23e86df8aa010c729950a05f7b6018df97fae1f97b73e285eb2770ed7b250ce6ca50dc9e740290e4b7143899bfdd17d9fef9b1d530d505b688d1a0bab56ff6c4053e70573c5469d1d1131b2", 0x85}], 0x7, &(0x7f0000001800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_ttl={{0x14, 0x0, 0x2, 0xcfd}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x84a0}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@timestamp={0x44, 0x8, 0x13, 0x0, 0x8, [0xcad]}, @timestamp_prespec={0x44, 0x14, 0xa, 0x3, 0x3, [{@loopback, 0x2ca}, {@loopback, 0x7}]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xdc}}], 0x90}}, {{&(0x7f0000001900)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000001b00)=[{&(0x7f0000001940)="f53d061f15286aff333f7ec34f4d5005b3318712fcf307cc44e2a8e23e8d4094fa308a3b34d8ea5b1e9d80e522573d44ffa6d0ab0c9319484cbb93915ec6f1140bdaf63d6f6e68fe6d8fff55df2f6a5abcf036f20898ef24863d72c32efe9ad4befaf3f787dfa772253cda4eaccb05a826509766b64e7cfc71b33c6c1abc03905f087f4dfe962dd61ffc3e588ea9dc79d3f90558afa03952d640f01d918c29f8586c08db76926713d379abda90313c1b67985abc79491cc1", 0xb8}, {&(0x7f0000001a00)}, {&(0x7f0000001a40)="c28f9e7235889762c4a33ac1e5a0", 0xe}, {&(0x7f0000001a80)="a2cf81ad20ebaf751cb2c3c37bffa6fa3139098c342110b828e798e6cee861fbe8a6d77f0275c8a27edbf09be0108292d9e41ad5a0b5ccd0267eba5098757e60acc746a65e33905da2b5", 0x4a}], 0x4}}, {{0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000001b40)="176500f994d83cbb5ba88114459d646cb512b371c2971a6510dd7664df8d43845f9e092748403acd719ea85a9ce742300480d28ef8ce9785d7f884499001b4eab41aa78a", 0x44}, {&(0x7f0000001bc0)="87e7ccb97d81eb7da19fb0", 0xb}, {0xfffffffffffffffe}, {&(0x7f0000001c00)="2309ad00984634febceebbb642aaa2c036bc6c1611bfad548e4b0c2f6aa966b849785e821ee32ebaa3a368040b4f65a1c64b56ef0fb549cb52570ae417b229e23680788675c2d15a4a66d8dbe357761b9a611f389084b35e1df72b8c4034ee6131e38da8eb138a8de8bfe1b260cf263e093dc649282562526a392b3c1044df6bbc17f46d5c0f1a1c96c58160000249d8f306815cb9", 0x95}, {&(0x7f0000001cc0)="292b957619fe753b5d8a2367c8f8728655e69a52ba87edc9b01af5f18cd8ed1b7e0ae3239e2e689887fa110fad09c636637107912e8d60abefe7b88e632fa8c8fb8649a7dbb384851444d6b43739819f386d0b9fe7b662cdcbc556bcd496e107681b3b2da37eba68506990aff70ac18078d229ec756e1e3eb3c18a9222ef8378fd63bf66c3d6c3eb0cf250fd75d7b0c25f68414a9ed8116426d978b3", 0x9c}, {&(0x7f0000001d80)="897794d95b0ca33e8a2803bd191e0e501d894c4a016bf7599b08725bc63340c779809afe3e9231d4738c4d9d8c534d8744be2677788bd661c5802e22e63794f00461e1c5396201087815492de4", 0x4d}, {&(0x7f0000001e00)="5baad64206b3a3abf33e35c3cefe8e4c35842e1f3ed94a1f0a089079b102c8d7983a9b601e0d7bc319751f70c42c0f421455d694bb3d6afc097b73dd70f032d21f5587961745afe7918020e1dff80f", 0x4f}], 0x7, &(0x7f0000001f00)=[@ip_retopts={{0x28, 0x0, 0x7, {[@timestamp={0x44, 0x18, 0x70, 0x0, 0x4, [0x8, 0x11d3216e, 0x3, 0xc09, 0x3559]}]}}}], 0x28}}, {{0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000001f40)="ba76c4f8eba4f4956f2e368a859baf0d88844f9138ee72b03308d79b6de7af0311905cab9bab9a5c1ae1c6df3acf426c70963c1e5ec1446402383e913b630ea8aec572f4bc3a9a0a8cf1bd398de0354d8c7da5b572f30d673e84673c5141e934f20b2ff964af4c00a1168fca56e121f28eaa3ddeb140ca664e94a7ca", 0x7c}, {&(0x7f0000001fc0)="c8a3cec46b383d992480a1b2b5bb5ab9dc86e273b7bc3890cfe8969c5c0a03955066b96b27c80a36b627f5906528a052fcdcf4fd03c75bd7b79d2bd43689f48b64a9054741bd059553843d5981c4a75c241aa3a8748d3def122c9b755f9bf20d4fcf24e5073c3cada881ebad428c74e8d2e3e23528365d679d3bf01302d0cef0c041c3207955e548", 0x88}, {&(0x7f0000002080)="3001f1bb6329144270d50898aebbccd2a03e1bb42810b8786b071f9b1e1a792e8e2143499a348925d53260d2e41bfb524ed27f2285a53a3b5c92db3258256c6a547abedee2c810fe2f03a3b4445c8a04c3e626034e538b403e2f4895e291e03be827a21418ad1ffffd80f7d987fdc2017ed015f5ba3356b484b692138d17f0c5288026f173c752cbd28185", 0x8b}, {&(0x7f0000002140)="4109edfcb7265112788f54ce7df079584869319b9b9c356ac3f30609b41b58bdfbe51b08deb377b3c15d231feafff0c8bbff0c9970ebf693ddbe4f742698bbe4ae2e149c87774b071759d96b438ccb3c48b0ca959d743c2c5ad7b45fb93f048541bc870d609af0abeb5901a5ec636daab291c6a7bd", 0x75}], 0x4}}], 0x6, 0x40800)
bind$alg(r9, &(0x7f0000002400)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58)
getsockopt$IP_VS_SO_GET_TIMEOUT(r10, 0x0, 0x486, &(0x7f0000002480), &(0x7f00000024c0)=0xc)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r9, 0x84, 0x1a, &(0x7f0000002500)={<r11=>0x0, 0xb1, "bfbd3b8660e4cff64054d1ea8b1096a4d45bb4d3e50cd49833c5a3e5c6ff7d69eff62c7ad221b0aeb296cca0e85dc901c31a0bd586c8509c4873e2f311fef4037f999c5856e6d66e755b85ee6409f08fa412d44edf08a88455727b7ed54694294e6603cc4969d05ef372d50115b62bc80928c36e5d64a1302c12dc5ccc37f49b4ba837f17b8d292c13aa6fdfafa9ffb2575316862affabfdabe5c94f43e2f0123cd5be4527d81a9fa986a14f13af0a6b0f"}, &(0x7f00000025c0)=0xb9)
setsockopt$inet_sctp6_SCTP_MAXSEG(r9, 0x84, 0xd, &(0x7f0000002600)=@assoc_id=r11, 0x4)
ioctl$sock_SIOCOUTQ(r8, 0x5411, &(0x7f0000002640))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000029c0)={0xffffffffffffffff, 0x0, 0xc6, 0x67, &(0x7f0000002680)="fdaa21bcc96444007cebdc9ee5697e2b40ff1ecf4c8d5da41c37f3c4d84897f531f1267274e3443ffddefb535bc567a433fcbae2b5cde8edcc560584e3f0e4dec006653422afdffda9ff44735d9bf54753cd603e598e861d2ca41e0480a771cd9d8996eccfb398c1adf11296dbff642565572ac30747c9f28cd60ae220383c92dc51a04285248dbf6448cb6df26e4eb97d73dec8cf4c7c5be15b851975a61dc181cc52333400d32ed3a8bf5457c96b4e9f5d2e03bba28e36b3da55350522b06919dc9994ca21", &(0x7f0000002780)=""/103, 0x8, 0x0, 0x96, 0xd5, &(0x7f0000002800)="5e650441015e005a0abec093bc47cea904d508a63182ae931d72e58911e4bb90c9662f447e5195f28ef793c58e97b277bea95a05db287a3c35466f321558979d633c7f19d671fc8eb406ac6ce8673f8e0218daf0466a48a2bab5efcb1ae79aaf1e6f6dd10b9f757ae1db68dd0cfb1dc9cffd8f8ec52da4617d1c855ce8c8257e014dcc25c3decf40d584fd88ee3a876926e4eaa5061b", &(0x7f00000028c0)="0954c4875d2c42f5127d835788b4b4bb827cc208c5000a2bc356659867fb2f31e839d4d48b31f02c3ef2caca37e44afaeaa8af3ce8afa28b67feef5e7420d80fb44091ed0dd9e264679252b09ef0c95b4e7be004057c011b40458bcdbd66a94189611d86a26b234b0cee9888cea0d44fbffb83dab01cbb1b4dc90d319103122f599dc93c409d402482ab4f3b5bd11596eabb4e5a70d82d66cb7be56f475abeb6fd54f867bfc3c4531a7692fa7674237326c1fc5b416b410c43ec291888c84fa53a31ac18e5122558515cbde158a61e61ffddc8e6b9", 0x4, 0x0, 0x7}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000002a40)={0x1, <r12=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002b00)={{r1, <r13=>0xffffffffffffffff}, &(0x7f0000002a80), &(0x7f0000002ac0)=r4}, 0x20)
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0xc020f509, &(0x7f0000002c80)={<r14=>r4, 0x100000002000000, 0x100, 0x4ab9})
bpf$PROG_LOAD(0x5, &(0x7f0000002f00)={0x1d, 0x16, &(0x7f0000002b40)=@raw=[@ldst={0x3, 0x2, 0x2, 0x9, 0x4, 0xffffffffffffffe0, 0x8}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2a74}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r12}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r13}}, @exit], &(0x7f0000002c00)='syzkaller\x00', 0x0, 0x0, &(0x7f0000002c40), 0x41100, 0x11, '\x00', 0x0, @fallback=0x1, r14, 0x8, &(0x7f0000002cc0)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000002d00)={0x2, 0xa, 0x7, 0xfac0}, 0x10, r2, r3, 0x0, &(0x7f0000002ec0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x9, @void, @value}, 0x94)

2.032732036s ago: executing program 1 (id=1122):
bpf$MAP_CREATE(0x2000000000000000, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="aaec6901bb82c6b9e895a6df35ec26948d8a615b58cb14b68199a6e0dca0a90801887b17d61a48f51effdc2dc6dabe28fbffd2d0235dc02b281e58b5a83f7ed6ce00734199b0d0540bddf2b41fd0ebb0d5d8fc644725883398ad0d3bb0064aa5cd45341d27533747466bbe3cc8769edd5ae9121f7d8be9d08b613930e1cb080148daf5417976ec1b521cbde4f6e9fde5c7850426792a27532a75b20ebd2e21b2b89c2c889bbac69b2709ca1571a6fb82b0f1a5323b10b780b2478879dd9b4493fb450ec88fadf1e112a8d65d9970138a081e1f34d9b1b7c6de1d4ff6d4b2d59ac390d437b55f87c88eb24abbebb57f41cea0ac7abaa7bc86addfe7bcc276082aaa4ddf35799dee6d004ce81cbf3f36d56847ddbe6afd143200c9d33684678380a5dedc58cd81ccb70812923750179c7deb76a4c6693d143b02ca5fca4e5cfb6bd8fb9a73e59b22b215d25a03fdccb65aeffc1b24417e5be7fdea88a1522a9463eb156553a9fdbf8c6992b4c90db7e95031c63d002ab887615ff2e76d449849d4ff4f29b68289596b6c4ea3b41db7ba128d7ad91b8b410235833d8103c6b6668b465d2091a4d5bcfe909cce1806bb1dd3514f7f7b3ed3c45cfd3201f8ce8a2481faf5eb92c9e8c2df6cbb9724302fd42c4f7afc6a70ba2081f8fddc6937edc4ee1fdfc3fc969e8654ce9c9fba346331b0fb77b1c9065bceca09ff966aea0ce595a9633b0c712a1653397cd7dfc675bf4d9a390060e9c8e2461999d7cb4775bb57eeeb62a81a4d280595928c65c880be53171d0781387d0404d9d8b8d5a9f6354de85ac70743b72431bf327388e40fc46871dff51c3fb77f9b7e0d397c1e2fb1614658fed6a70738437da4c9bd8e78bf22ee4c71bd1ebeb341260f729069b6c0ebd9acdd141a73aea5613c20ae4802c045d3d1204c1443b58289c5034cf39c8d891301bc72cc5b950e1276f1a0d4b1663b6443c167b62c0855ac9ed77f1f5161ea18856ca7cf751a0ac7bb6ec96f6d677e6a0c15681eb2b84d40a6eb79f039301c0644bc76e15cd5739db5e1d35335d38c7423063d27bdf1b0ca80aa5de95515e94c27ff4d84ccf7f6d4d3140811e58f95874e96771c29aac99ac1f6b57b0a08bb93a8028f0ddaa9f5eeeff7703c5a00c4750d1f3b59d2140623e58961189e1b81e3ec54bce0c04593b62493a48a293804ee94d582af003dd111a7ef36feed3a6eb551156fba2e247fe86729f9bb550519a9231769d4bc3a380d51db4e2412f96401caa43f3feb76bb54b847c3a80634ab627d7347512faeb170c1076e0a446d98416e4505e736f5cb54e4c90018a9f67d862e25fdf1284293f89a1844cb68155151c9966b6576b971e76167e53609a192b15685976056d77afdaf29b262b94167ce94c398f1771e259ce45a0830ab4bbe97e06047b7e49159b01fb9a789bac01aea94b4aa12e4bc824c9999b11906286638cca33d204929f429d6cce39235668a8b72e15f5fde08168432e627e44f3758368f1373492e5ca2f2cb592f5e01491fa4390ab5d9df26e2a2c39fbdc54a4e17f895b65b18af8b4e924d8e7db170bfe1682aa046acc553774ee886b5abbe3ad4a8b6b1ff379c753d18bf33716e76acf3040bcc31b6fdc1cfcb9ab6a4cfe3651182084bddbc44ef4f940c8ef1b9dd541c052a85b7fe76616de3e449eb7dceacdf78368b85bd67d274d88e60e730c90a3dd58405cd05296bbf38c258a6bc8a8b039ec387b52919b8df815af2d19cf7f57b3f8e6ba00a0efc38b71d5d71b522fe1538eee0d7dba6f9a7eb9f304ea5bd345fc053532da34df2a4d0a2c08d59f0f6255dabfc6bd71a3968202418b9027af141eca57372b33b54f0af979f3b50f9b3d196a1dbff12182c48bc6fabd760156c3d9df206f4cf1fa1f958d39eac64318ebd43aa763273cb90f1634c218812da339a3ff7e23a270fa55f21a7559f634006462fffa1bc70578fee39449d01c0b479ce7cab45bfd9e191632d10306fcc6e3b220124472503cb03e5b554fccf42ea6449fed7c52c9d01d7a67327b1181af1e242b1dbac34b73c487215d31a48d8b73d62308da646b3e1e6badb02881c3d35e3b361edeeda893f62791013107db8b6ef8cce4302c7a19fd50c98c91d9ad7d0a357f9b2d6bdd0b8bf6cf9be8c68b522bb3f847ef4c80dd1714e8cb4a049f79c3abb8de6504455e6e0ea3fe8e68bf66f4247eef41661e2908c21ca87094fc3a30da298723cd4c98ab5519fd94a02f4926082655a39cc76303ec82c1778db82abd4031efd3abdd861795119117b2866244b7851f85588162f4ddd8afdfd3a8f3b416c67e23502835004ce35ee8ae7d4caca91b9115f019b786d1420206c8150f70caf5d8f1e8fee3683842f863f8f71158edf5b0bda21052aada6a85412c11990025ddeb432dedb284f6af301a56289d9d24b6d512159fa0bb3965a9b89c606138be618e18cdde2291fff7a0e73f693e928e7bf2d1ea5d74b0f2d13c7b7e0601ec771951920be0c91ee691926bad7782ceda8817e69d4333126a35043aa0936620133760f03b12fe0464adced9bd01202da104093b3566ec1a619ad978fa3168173e00b76a9407b9a700e7bbc58a546b81e4d31031347e2c5c36d6ffd4aff24f2a799704631157370d829675c651e99b70a9457712bdd0acb064af3d99fd4185c49a9244d642ca350986e01a2b600b5807c2d12db55e93ed741b466d529dbe1889b613294107119c7c02a84ccf7cc97bc35a9a26384eeaf8f2fdb57cd33a3c100d3d289d23e4ded951c11f3c9dd259b4d2b4154c1ef5aed8187711149a008a38f20024a0f0e91b08af9ecdbf79c497a80e108915ea166bf748c4d0fab7e4065ce0b290c07532270db30c4820f97facac467c5495b45bdc0e4376291ca3fd5c95b6f9e832eb221107ba33b776b8b82c173c432c01c56b793169a214d6409d906f5b63bfe2e6d3d95d03ab72dbd144859060e41230d3e4bdf50a708d799563076e910180007c0e300a232bc2bfb650022e0322c17640e3fe6e5be65dd08a55dbbd472987aa7b580c4ebb64532da6595435aa4389d3baf47bc307162f50bf27aa3c22314a04faf1f73f429e18db1d71d6d420a01bb6b6087a2578fed42fda87a786bc053a7dc215d5029e149edd2f599c70d7824cbdf5b557d3b72a60ef1046c60dcba93238ac473abf24fbd5f9c3075d26e20d913a910a90a1e9e1a0c4779ec4086303f98b0ee8f9c43f9bcd34e3af055f4ae6735e628584d1e82d91895d0b18bcc21467a7b3921e60f4e2b64362cc8af9ca6dcefa588ac2cc412fed6003191964d5add144dfa38e0b2151530c15b9dc22edd76691cd34488a4fe4d7fe49d75672178a45b44cc4addcebac02f9270cf5c639292966adcf314274683ffd5049b632413a83c1b163e1f2c2f9b5279d9b85f95e5b22c2dfe24416a0463ddc27d7c17b63aafaf477b2ae22c3eed1e4eb13833c20f5518b39691e4376198ded8b0fc1014dc7b47ed81d4f87a80f74aa71c4132830017c4d2ba2b285673d5228ca70df611b69d722f0bffa515a97449c5f1b9eddc0acc6e7973024beca6b693897712fe6ecf536e241a2a70cb4923e7041411a97530d3a21d9e9d1fcc1e508906f1fbf028c6383a743415ed692f75a2f6ba6cfeb70e760869d627a26d815f75053ed058cf9ef0ebfe37393726b0edf67349ab127756eb3bb5b3b9ad6c0024c0af01c16bce58e97dbc3f4420b969815d16df6839cfe6c100a0018c2e15314b8b6e68392acb0116c1488bed6fb862bdee8b58c60f2856d4c492d2a954ba4e7d005c52dfae16d0e3e1996b93f47c213121f20bd68226f75ebdee925a7b89351686757f272243da105dd897973416f38c9344d8d3dc4240f4e0562c67b9b6e05efff004d716a41b7abf79527e17de9ca6b08722eb689a4a53d82177c82f17779f7f3b3f957c10f1ab1c1d98e7f674ce33676aa6e454096f8bbfceabbd8200b88b208f7e8c7d69c8d7afc47aefc601150c237fa0b908694d911796c9b1505f103e67a7621a49b94a3101ccdc8119f12be1fca57a113e78a8b29afba74157d541bd356f608a3242b7ee9c29454ffca628d372fba056b51a368dd0a5148d62a29282162dc86a355b15603d39c1e79c7c409581b83717d6d0a8f1bc49f5b8b181b639bd201cee1369056a21becbb25c69d07f3e5cf9140d8c8c3900b4def438f3c9a116be6772f7facb53a28a386f29354964a9f745dc8bb5d6717a39ccabbe7a99f36298e03bf7f0eb7d0ff6954c94e95232d7d8a9646cfb5747a8bd9d94e91b4179682d043aa1a34af99a534c59f56e0496ed307472588c66095fb2af7d1e570dac0b1867b7f93184b77840a3a33803f702333cd1b00f7d808caa6af0a34539d73798cb8d96cabe06c0c122956fc6fad3590458604ff75485b8ab75cf276ebfa7be6a73b8787f0ecc16d7b426180da1f828c2498109ff63155a0c3bc7651b1bf7b2da63f7917f7c52700104bb01f792173578d099c62143d21eca136163551edcb59ac08890e675c193f0f4822cde616facad07cb2f6669554120d578781f5c8e912f3f1d65e3667609f640f9feada17426b7f527a141debccbf3a41667845a81d5d311316fa88dcb97ba05263c642037887eba5eef644ec4af0fe1a0ea06e366538e29b7577b3ddf38e1145092100b4d626b73048661990108e82daec7e22a858b0c6d5897b6339cc3e2f649e39312e4a1f1e4eb43f93a25650ea5a75c5a1861f6f23813e8552bf84006fde90782e1e087bfbbb6f5311512dfe138ebc5863e99539543eedc60e8ffa1d5435dc59c3cf30f2911580d82ef998be58372a818c52d19b840d5fe73c83bc51e872a8e6630271b327b1cfffacd0e6906cbb50c6107d07fdddaeae3806b75d4eba6957a5581ffd85b15d1c6098f285b8f9735da02201fa41c0d91fe711d58f26b6624751f4830008ccf96d37f19f346af0acd5ba040248a547f605dfc573ff905b58bb3e4c5ef028d0b280740507f87e1afbdd8bd1a5af4a89ba9725969b9e66eda93fc54d662a4af873dc5e30776dfedc0088985daac6421d3e5fc812deca492209dd7fd2c8f2e825249e34c8da416fdafa2085d2d064639d120e333e4b7345ca4f13c46ad4a38ce9c9c80e4ad73a1fda491d223c45b48b5c3f658987c0fac322d92e0338bd587840ab64668c7f25e5485c07b1da9e9ff2791c8523e06a712cb8927aaab10c861568af1e47cf455e5300e2a6fc83e68c0e6bf12e7be018dd08c9b3a7c063561d4d73d2ae13705242049bace033afd406a4c148e51d5d5a6ff10b6b0437bfb49e1ed9d1791628777642d33cb409117fa0b648360154fd189f54b6b0bc4edb8769c5aee4682a1cf75090d6619e1d1c17b8ac3159b0f7c02e46f7b63dc9c392cc707fc74ca10dbafabdabbe752b259e26791e3ccec202b59116c1fe6beb62bfa01635a497427da3df9e048a98822317e01623fb4c2f17017255e1c24eb062895b6850198c18431f894c615fc8ef81fac00d96186f318bdc3e554b54e37a2dd7027c7bcb94a58f19a84f7dae1f5740ab816e2f4dca16d79058bd4559e68548e024adbe312d4c18d636cb5b873e682c20c06bb996972470f74345ce31915ad51a8c6287c9db444fdd0e16f097761c0ba9f88f618c61a8bca36a7fa64a6806a402d0c697ba52110406f608c82825ec908a9140122c39c8b599d4d95eb58c13271b8332c8681835be35d3b90c000776dccbe37537745d1c6ee16a360b0a2e16f62d19ad7a094dca49ea45d74"], 0x0, 0x54, 0x0, 0xfffffffe, 0x0, 0x0, @void, @value}, 0x28)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c000000000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000000)=0x42, 0x4)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r3, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback, 0x8}, 0x1c)
setsockopt$inet6_int(r3, 0x29, 0x3, 0x0, 0x0)
sendmsg$inet(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRESDEC=r2], 0x10}, 0x20000000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r4=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x800, r4, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
syz_emit_ethernet(0x6a, &(0x7f0000000280)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x2, 0x1, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x1, "a483f184f0334b90f7455389810a695fc32c36677d0b0816", "89a1a2e06cb164e9140c6f4df2c09fa2b0d4fac08c4d603fb6907c2a6aabe251"}}}}}}, 0x0)

2.031933763s ago: executing program 2 (id=1123):
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8) (async)
r0 = socket$nl_rdma(0x10, 0x3, 0x14) (async, rerun: 32)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (rerun: 32)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB="20000000181401"], 0x20}}, 0x0)

1.884877423s ago: executing program 3 (id=1124):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="e4000000100009"], 0xe4}], 0x1}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, 0x0, 0x0)
r5 = accept$netrom(0xffffffffffffffff, &(0x7f0000000140)={{}, [@rose, @netrom, @null, @bcast, @null, @bcast, @null, @default]}, &(0x7f0000000000)=0x48)
ioctl$SIOCNRDECOBS(r5, 0x89e2)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="fa00000000000000000003000000240001800d0001007564703a73797a32000000000d000100c9a520f673737a3200000000"], 0x38}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
ppoll(&(0x7f0000000340)=[{r0, 0x3000}], 0x1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
socket$inet6(0xa, 0x3, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)=ANY=[@ANYRES32=r6, @ANYRES32, @ANYRES64=r6], 0x10)

1.819074364s ago: executing program 0 (id=1125):
unshare(0x62040200)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000c00000000000000000000000067bd047a549741f54d2b4e3500"/40], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa4000000000000070000000800ffffb70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000046000000760000006d00ffff00000000bf"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007673e16e000000000400028008000a00", @ANYRES32=r5, @ANYBLOB], 0x3c}}, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000540), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e001d00060000682eb26d40000000", @ANYRES32=r1, @ANYBLOB="0400"/20, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="0200000003000000050000000c00"/28], 0x50)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000740)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af9cc9e5ef6bda9df2c3af36effff9af2551ce935b0f327cb3f011a2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10738d3c9f7a98eccb26f7e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084075ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcb1a47a87baf63e4edf11c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b71e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f0800000000ea46c07adee10d0f2bc85cf37182256e4fd8f56942726efc07180eaa5421d697665c8bacd39cdb392e6153af80bc1a69e3bfab032e78c9a96eab13be845a0d44ef2a4ab414ac2e4802a3b5d3aa2a4a4fc259206d97d0cc1602d6b45ff414c53fc9f5f68438f0423e168a97923ca0464b40b2f797841fb2bb2e5ad9feff37220ab7c34f4c382c247e7735adb55c209f7c0f8880733dbd3f5a095cc6a2"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1d, 0x12, &(0x7f0000000100)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x5, 0x5, 0x0, 0x40, 0xfffffffffffffffc}, @alu={0x7, 0x0, 0x8, 0xb, 0x8, 0x100, 0x10}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='GPL\x00', 0xa7a, 0xcf, &(0x7f0000000280)=""/207, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040)={0x5, 0x7, 0xc, 0x3ff}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff], &(0x7f0000000200)=[{0x4, 0x1, 0x9, 0xa}, {0x1, 0x3, 0xa, 0xb}], 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000500)='snd_soc_dapm_connected\x00', r8}, 0x18)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000600)=ANY=[@ANYRES8, @ANYRES16=r7, @ANYBLOB="0100e8ffffff00000000260000002000018008000100", @ANYRES32, @ANYBLOB='5\x00g1\x00\x00\x00'], 0x34}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB='\n\x00\x00', @ANYRES16=0x0, @ANYRES64, @ANYRESDEC, @ANYRESOCT, @ANYRES32, @ANYBLOB="bcf429bf5137e52920adc77c7aff9748b9781076892e51adca999fe6451dfdb689a3607ea8184a8827e38b6a8744d333c2bb803269060a600001c2197c28df5109e1991f03ddd0a140552dbdc464c09f02a313fcdc22dfce564dedc6968ae78ddc59442d84fe25c28a37f57011d06896e9c16867b788cf89686ede6b913c6cfe009d80b6d6e733d070e871352bef97835350da959c44", @ANYRES32, @ANYRES32], 0x48)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r10}, 0x10)
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r11, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r11, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
sendmsg$sock(r11, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
shutdown(r11, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x18c, 0x203, 0x300, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

1.551546995s ago: executing program 2 (id=1126):
unshare(0x62040200)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000c00000000000000000000000067bd047a549741f54d2b4e3500"/40], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa4000000000000070000000800ffffb70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000046000000760000006d00ffff00000000bf"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007673e16e000000000400028008000a00", @ANYRES32=r5, @ANYBLOB], 0x3c}}, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000540), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e001d00060000682eb26d40000000", @ANYRES32=r1, @ANYBLOB="0400"/20, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="0200000003000000050000000c00"/28], 0x50)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000740)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af9cc9e5ef6bda9df2c3af36effff9af2551ce935b0f327cb3f011a2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10738d3c9f7a98eccb26f7e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084075ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcb1a47a87baf63e4edf11c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b71e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f0800000000ea46c07adee10d0f2bc85cf37182256e4fd8f56942726efc07180eaa5421d697665c8bacd39cdb392e6153af80bc1a69e3bfab032e78c9a96eab13be845a0d44ef2a4ab414ac2e4802a3b5d3aa2a4a4fc259206d97d0cc1602d6b45ff414c53fc9f5f68438f0423e168a97923ca0464b40b2f797841fb2bb2e5ad9feff37220ab7c34f4c382c247e7735adb55c209f7c0f8880733dbd3f5a095cc6a2"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1d, 0x12, &(0x7f0000000100)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x5, 0x5, 0x0, 0x40, 0xfffffffffffffffc}, @alu={0x7, 0x0, 0x8, 0xb, 0x8, 0x100, 0x10}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='GPL\x00', 0xa7a, 0xcf, &(0x7f0000000280)=""/207, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040)={0x5, 0x7, 0xc, 0x3ff}, 0x10, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff], &(0x7f0000000200)=[{0x4, 0x1, 0x9, 0xa}, {0x1, 0x3, 0xa, 0xb}], 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000500)='snd_soc_dapm_connected\x00', r8}, 0x18)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000600)=ANY=[@ANYRES8, @ANYRES16=r7, @ANYBLOB="0100e8ffffff00000000260000002000018008000100", @ANYRES32, @ANYBLOB='5\x00g1\x00\x00\x00'], 0x34}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB='\n\x00\x00', @ANYRES16=0x0, @ANYRES64, @ANYRESDEC, @ANYRESOCT, @ANYRES32, @ANYBLOB="bcf429bf5137e52920adc77c7aff9748b9781076892e51adca999fe6451dfdb689a3607ea8184a8827e38b6a8744d333c2bb803269060a600001c2197c28df5109e1991f03ddd0a140552dbdc464c09f02a313fcdc22dfce564dedc6968ae78ddc59442d84fe25c28a37f57011d06896e9c16867b788cf89686ede6b913c6cfe009d80b6d6e733d070e871352bef97835350da959c44", @ANYRES32, @ANYRES32], 0x48)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r10}, 0x10)
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r11, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r11, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
sendmsg$sock(r11, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
shutdown(r11, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x18c, 0x203, 0x300, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

1.005836509s ago: executing program 1 (id=1127):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x7}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x1c}}, 0x2000004)

985.740558ms ago: executing program 4 (id=1128):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000380)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f0000000a0000000d0085a168d0bf46d32345653600648d040015000209000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32e218d1ddf66ed538f252325000"/120, 0x78, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x8)

755.769443ms ago: executing program 3 (id=1129):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000068000000060a010400000000000000000100000008000b40000000000900010073797a3000000000400004803c0001800a0001006c696d69740000002c0002800c000240000000008000000108000440000000010c0001"], 0xf0}}, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000240)=<r3=>0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x4d, 0x0, 0x0)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x18, r8, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x0)
syz_open_procfs$namespace(r3, &(0x7f0000000040)='ns/ipc\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000e00)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa000000000000007000000080000002d1501000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000003000000160302000ee60060bf350000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dc725f431bcab0ef59b8f0e431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa0100000000000000b93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4ffcae1a8a793a7795a9214a92f66e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc3086936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154baa8e51489a614e69722bac30000000000000000000000000000a006b178438e930b2494db1bf624a70a19a45b8b71869afb13cb2ac1d2f3ec0d93a3e4fd0ad076c7d826f218aa6ba8ec5e58b7c64dc8616127087901dc65418a4b25bfa7ae8b5ad9642815f319230425e8bd89c6983d816d97d81a739917eecd26f9a3aecaf0acdaf6cffab38eae3b10b122b4bf521a46bf01a0c136f745113b589459fbe1666087a7c554a55e2b42ab7e405a77f405a348a64e356b7fb61e48ea9c87bf13f97052c51fdd49f3dbccf9874cf61807ae4b1665ccdd026d4580a068395e8cb851eeadb1da6d1009513ca73a685c66fb15f27eb74a7a4eb5966e3ef4be3ca8ba81b2d17d797265390ce616c3d7b566fe956fb93c6a43f4dc6bfc194daeb7b998d550773bc14aca"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)

715.718508ms ago: executing program 1 (id=1130):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = socket(0xa, 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="400000002000ffff2abd7000000000000200200003000000000000001400110076657468305f6d616376746170"], 0x40}, 0x1, 0x0, 0x0, 0x4844}, 0x0)
splice(r2, 0x0, r1, 0x0, 0xfea8, 0xa)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500001205000300fd00000008000200", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r6], 0x90}}, 0x0)

665.710327ms ago: executing program 4 (id=1131):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000200)=0x1c)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x4e23, 0x5, @empty, 0x9}, 0x1c)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001180)=@getnexthop={0x1c, 0x6a, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NHA_FDB={0x4}]}, 0x1c}, 0x1, 0xba01}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000002c0)={'veth0\x00', 0xe00})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)={0x1c, r6, 0x1, 0x400, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)

131.612466ms ago: executing program 2 (id=1132):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x5}, 0x80)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c2b2b0304000e0580a7b6070d63e286a5ce", 0x17)

0s ago: executing program 1 (id=1133):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="500100001000130429bd700000000000acd8b438140000002001000065c9b84ea9cd3e8c59859b4c4608f10000000000000000001a00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000100000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000800000000000000000008000000000081000000000000000000000000000000000000000000000005000000000000000400000000000000060000040000000000000000f9ffffff000008000000000000000000020004816800000000000000600012"], 0x150}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x0)

kernel console output (not intermixed with test programs):

ute has 20 unknown bytes.
[  105.354657][ T6228] __nla_validate_parse: 4 callbacks suppressed
[  105.354679][ T6228] netlink: 20 bytes leftover after parsing attributes in process `syz.3.103'.
[  105.465430][ T6228] delete_channel: no stack
[  105.566511][ T6234] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.613267][ T6239] netlink: 208 bytes leftover after parsing attributes in process `syz.4.107'.
[  105.622652][ T6239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.107'.
[  105.661803][ T6240] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.760790][ T6240] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.968119][   T12] wlan1: Trigger new scan to find an IBSS to join
[  106.457709][    C0] hrtimer: interrupt took 110853 ns
[  106.757594][ T6257] bridge_slave_0: left allmulticast mode
[  106.782603][ T6261] netlink: 8 bytes leftover after parsing attributes in process `syz.0.114'.
[  106.796941][ T6257] bridge_slave_0: left promiscuous mode
[  106.839219][ T6257] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.923381][ T6257] bridge_slave_1: left allmulticast mode
[  106.944809][ T6257] bridge_slave_1: left promiscuous mode
[  106.963183][ T6257] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.085109][ T6265] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  107.085697][ T6257] bond0: (slave bond_slave_0): Releasing backup interface
[  107.130880][ T6267] netlink: 'syz.0.116': attribute type 3 has an invalid length.
[  107.218932][ T6257] bond0: (slave bond_slave_1): Releasing backup interface
[  107.294169][ T6257] team0: Port device team_slave_0 removed
[  107.365802][ T6257] team0: Port device team_slave_1 removed
[  107.389438][ T6257] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.478943][ T6257] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.533897][ T6257] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  107.559457][ T6257] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.821933][ T6289] FAULT_INJECTION: forcing a failure.
[  107.821933][ T6289] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  107.842355][ T6289] CPU: 0 UID: 0 PID: 6289 Comm: syz.1.123 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  107.842386][ T6289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  107.842403][ T6289] Call Trace:
[  107.842411][ T6289]  <TASK>
[  107.842421][ T6289]  dump_stack_lvl+0x241/0x360
[  107.842472][ T6289]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.842520][ T6289]  ? __pfx__printk+0x10/0x10
[  107.842563][ T6289]  should_fail_ex+0x424/0x570
[  107.842592][ T6289]  _copy_from_iter+0x211/0x1c70
[  107.842628][ T6289]  ? __build_skb_around+0x247/0x3d0
[  107.842655][ T6289]  ? __alloc_skb+0x298/0x480
[  107.842675][ T6289]  ? __pfx__copy_from_iter+0x10/0x10
[  107.842706][ T6289]  ? __pfx___alloc_skb+0x10/0x10
[  107.842730][ T6289]  ? skb_put+0x114/0x1f0
[  107.842755][ T6289]  netlink_sendmsg+0x73c/0xcd0
[  107.842801][ T6289]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.842837][ T6289]  ? aa_sock_msg_perm+0x91/0x160
[  107.842879][ T6289]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.842907][ T6289]  __sock_sendmsg+0x221/0x270
[  107.842939][ T6289]  ____sys_sendmsg+0x523/0x860
[  107.842970][ T6289]  ? __pfx_____sys_sendmsg+0x10/0x10
[  107.842990][ T6289]  ? __fget_files+0x2a/0x420
[  107.843012][ T6289]  ? __fget_files+0x2a/0x420
[  107.843039][ T6289]  __sys_sendmsg+0x271/0x360
[  107.843067][ T6289]  ? __pfx___sys_sendmsg+0x10/0x10
[  107.843145][ T6289]  ? do_syscall_64+0xb6/0x210
[  107.843168][ T6289]  do_syscall_64+0xf3/0x210
[  107.843187][ T6289]  ? clear_bhb_loop+0x45/0xa0
[  107.843210][ T6289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.843229][ T6289] RIP: 0033:0x7f35f4b8e169
[  107.843252][ T6289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.843268][ T6289] RSP: 002b:00007f35f59de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.843289][ T6289] RAX: ffffffffffffffda RBX: 00007f35f4db5fa0 RCX: 00007f35f4b8e169
[  107.843303][ T6289] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  107.843315][ T6289] RBP: 00007f35f59de090 R08: 0000000000000000 R09: 0000000000000000
[  107.843327][ T6289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.843338][ T6289] R13: 0000000000000000 R14: 00007f35f4db5fa0 R15: 00007fff6f8ce598
[  107.843367][ T6289]  </TASK>
[  107.876876][ T6290] netlink: 20 bytes leftover after parsing attributes in process `syz.1.123'.
[  108.279372][ T6281] team0 (unregistering): Port device team_slave_0 removed
[  108.293681][ T6281] team0 (unregistering): Port device team_slave_1 removed
[  108.647078][ T6300] netlink: 8 bytes leftover after parsing attributes in process `syz.2.127'.
[  108.792724][ T6302] netlink: 24 bytes leftover after parsing attributes in process `syz.1.128'.
[  108.831190][ T6302] Bluetooth: MGMT ver 1.23
[  108.855355][ T6304] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  108.930108][   T13] wlan1: Creating new IBSS network, BSSID ce:24:57:2d:54:f4
[  110.025724][ T6295] bond0: entered promiscuous mode
[  110.034372][ T6295] bond_slave_0: entered promiscuous mode
[  110.041849][ T6295] bond_slave_1: entered promiscuous mode
[  110.050414][ T6295] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  110.061146][ T6295] bond0: left promiscuous mode
[  110.065956][ T6295] bond_slave_0: left promiscuous mode
[  110.088291][ T6295] bond_slave_1: left promiscuous mode
[  110.346799][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.134'.
[  110.651051][ T6330] veth0_to_bridge: entered promiscuous mode
[  110.674019][ T6327] veth0_to_bridge: left promiscuous mode
[  111.246822][ T6349] netlink: 52 bytes leftover after parsing attributes in process `syz.3.144'.
[  111.263068][ T6349] netlink: 14 bytes leftover after parsing attributes in process `syz.3.144'.
[  111.273112][ T6349] netlink: 52 bytes leftover after parsing attributes in process `syz.3.144'.
[  111.283217][ T6349] netlink: 14 bytes leftover after parsing attributes in process `syz.3.144'.
[  111.294818][ T6349] netlink: 52 bytes leftover after parsing attributes in process `syz.3.144'.
[  111.496618][ T6355] netlink: 'syz.1.146': attribute type 21 has an invalid length.
[  111.929456][ T6370] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  111.976185][ T6365] veth0_to_bridge: entered promiscuous mode
[  112.119393][ T6363] veth0_to_bridge: left promiscuous mode
[  112.663503][ T6387] sctp: [Deprecated]: syz.4.154 (pid 6387) Use of struct sctp_assoc_value in delayed_ack socket option.
[  112.663503][ T6387] Use struct sctp_sack_info instead
[  112.758239][ T6391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.156'.
[  113.095241][ T6399] netlink: 68 bytes leftover after parsing attributes in process `syz.2.157'.
[  113.216896][ T6405] netlink: 8 bytes leftover after parsing attributes in process `syz.2.157'.
[  113.276864][ T6405] netlink: 4 bytes leftover after parsing attributes in process `syz.2.157'.
[  113.373893][ T6405] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  113.383098][ T6405] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  113.392590][ T6405] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  113.401705][ T6405] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  113.465022][ T6409] netlink: 'syz.3.160': attribute type 23 has an invalid length.
[  113.638021][ T6412] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  113.771787][ T6420] netlink: 44 bytes leftover after parsing attributes in process `syz.1.161'.
[  114.091888][ T6413] trusted_key: syz.1.161 sent an empty control message without MSG_MORE.
[  114.790389][ T6454] netlink: 'syz.4.178': attribute type 23 has an invalid length.
[  114.937766][ T6459] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  114.983467][   T30] audit: type=1804 audit(1745397448.591:2): pid=6462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.180" name="/newroot/28/cgroup.controllers" dev="tmpfs" ino=159 res=1 errno=0
[  115.012209][   T30] audit: type=1800 audit(1745397448.591:3): pid=6462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.180" name="cgroup.controllers" dev="tmpfs" ino=159 res=0 errno=0
[  115.474637][ T6479] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  115.605258][ T6481] ip6_vti0: entered promiscuous mode
[  115.623325][ T6480] ip6_vti0: left promiscuous mode
[  116.144846][ T6501] netlink: 'syz.1.194': attribute type 23 has an invalid length.
[  116.264352][ T6501] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.277019][ T6507] FAULT_INJECTION: forcing a failure.
[  116.277019][ T6507] name failslab, interval 1, probability 0, space 0, times 0
[  116.345949][ T6507] CPU: 0 UID: 0 PID: 6507 Comm: syz.0.195 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  116.345991][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  116.346004][ T6507] Call Trace:
[  116.346012][ T6507]  <TASK>
[  116.346021][ T6507]  dump_stack_lvl+0x241/0x360
[  116.346059][ T6507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.346089][ T6507]  ? __pfx__printk+0x10/0x10
[  116.346116][ T6507]  ? process_measurement+0x1b33/0x1fe0
[  116.346157][ T6507]  should_fail_ex+0x424/0x570
[  116.346186][ T6507]  should_failslab+0xac/0x100
[  116.346209][ T6507]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  116.346232][ T6507]  ? __alloc_skb+0x1c2/0x480
[  116.346259][ T6507]  __alloc_skb+0x1c2/0x480
[  116.346286][ T6507]  ? __pfx___alloc_skb+0x10/0x10
[  116.346308][ T6507]  ? __resched_curr+0x20c/0x450
[  116.346345][ T6507]  _sctp_make_chunk+0x58/0x460
[  116.346376][ T6507]  sctp_make_heartbeat+0xc5/0x580
[  116.346399][ T6507]  ? __pfx___switch_to+0x10/0x10
[  116.346432][ T6507]  ? __pfx_sctp_make_heartbeat+0x10/0x10
[  116.346458][ T6507]  ? __lock_acquire+0xad5/0xd80
[  116.346516][ T6507]  sctp_sf_do_prm_requestheartbeat+0x2d/0x280
[  116.346549][ T6507]  ? __pfx_sctp_pname+0x10/0x10
[  116.346583][ T6507]  sctp_do_sm+0x1f3/0x60e0
[  116.346613][ T6507]  ? finish_task_switch+0x1e5/0x870
[  116.346644][ T6507]  ? rcu_is_watching+0x15/0xb0
[  116.346665][ T6507]  ? trace_sched_exit_tp+0x3c/0x120
[  116.346692][ T6507]  ? register_lock_class+0x54/0x330
[  116.346725][ T6507]  ? __pfx_sctp_do_sm+0x10/0x10
[  116.346753][ T6507]  ? __lock_acquire+0xad5/0xd80
[  116.346821][ T6507]  ? irqentry_exit+0x63/0x90
[  116.346837][ T6507]  ? lockdep_hardirqs_on+0x9d/0x150
[  116.346884][ T6507]  sctp_primitive_REQUESTHEARTBEAT+0x98/0xc0
[  116.346919][ T6507]  sctp_apply_peer_addr_params+0xd5/0x1670
[  116.346954][ T6507]  sctp_setsockopt_peer_addr_params+0x6ad/0x960
[  116.347005][ T6507]  sctp_setsockopt+0x6e9/0x11e0
[  116.347034][ T6507]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  116.347065][ T6507]  do_sock_setsockopt+0x3b1/0x710
[  116.347095][ T6507]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  116.347115][ T6507]  ? __fget_files+0x2a/0x420
[  116.347136][ T6507]  ? __fget_files+0x39d/0x420
[  116.347153][ T6507]  ? __fget_files+0x2a/0x420
[  116.347182][ T6507]  __x64_sys_setsockopt+0x187/0x210
[  116.347212][ T6507]  do_syscall_64+0xf3/0x210
[  116.347233][ T6507]  ? clear_bhb_loop+0x45/0xa0
[  116.347259][ T6507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.347279][ T6507] RIP: 0033:0x7f7ff0f8e169
[  116.347297][ T6507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.347314][ T6507] RSP: 002b:00007f7ff1e18038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  116.347336][ T6507] RAX: ffffffffffffffda RBX: 00007f7ff11b6080 RCX: 00007f7ff0f8e169
[  116.347352][ T6507] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[  116.347364][ T6507] RBP: 00007f7ff1e18090 R08: 000000000000009c R09: 0000000000000000
[  116.347377][ T6507] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[  116.347390][ T6507] R13: 0000000000000001 R14: 00007f7ff11b6080 R15: 00007ffc1a03cae8
[  116.347424][ T6507]  </TASK>
[  117.489548][ T6530] bond0: entered promiscuous mode
[  117.517157][ T6530] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  117.557188][ T6530] bond0: left promiscuous mode
[  117.870481][ T6539] netlink: 'syz.0.206': attribute type 23 has an invalid length.
[  117.890475][ T6541] netlink: 'syz.1.208': attribute type 1 has an invalid length.
[  118.214030][ T6550] __nla_validate_parse: 9 callbacks suppressed
[  118.214050][ T6550] netlink: 28 bytes leftover after parsing attributes in process `syz.3.210'.
[  118.237038][ T6550] netlink: 60 bytes leftover after parsing attributes in process `syz.3.210'.
[  118.486033][ T6544] 8021q: adding VLAN 0 to HW filter on device bond2
[  118.514567][ T6544] bond1: (slave bond2): making interface the new active one
[  118.530255][ T6544] bond1: (slave bond2): Enslaving as an active interface with an up link
[  118.555159][ T6545] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  118.593570][ T6547] team_slave_0: entered promiscuous mode
[  118.599863][ T6547] team_slave_1: entered promiscuous mode
[  118.653513][ T6547] vlan2: entered promiscuous mode
[  118.659617][ T6547] team0: entered promiscuous mode
[  119.089100][ T6565] netlink: 52 bytes leftover after parsing attributes in process `syz.0.213'.
[  119.119137][ T6565] netlink: 14 bytes leftover after parsing attributes in process `syz.0.213'.
[  119.170031][ T6565] netlink: 52 bytes leftover after parsing attributes in process `syz.0.213'.
[  119.198140][ T6565] netlink: 14 bytes leftover after parsing attributes in process `syz.0.213'.
[  119.225623][ T6565] netlink: 52 bytes leftover after parsing attributes in process `syz.0.213'.
[  119.644559][ T6585] netlink: 12 bytes leftover after parsing attributes in process `syz.2.220'.
[  120.099657][ T6592] !
: renamed from dummy0 (while UP)
[  120.221112][ T6597] netlink: 'syz.1.223': attribute type 23 has an invalid length.
[  120.304822][ T6592] Driver unsupported XDP return value 0 on prog  (id 75) dev N/A, expect packet loss!
[  120.408017][ T6598] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  120.427267][ T6601] netlink: 20 bytes leftover after parsing attributes in process `syz.3.226'.
[  120.458514][ T6601] netlink: 32 bytes leftover after parsing attributes in process `syz.3.226'.
[  120.836362][ T6611] netlink: 'syz.0.229': attribute type 10 has an invalid length.
[  121.052991][ T6611] bond0: (slave wlan1): Enslaving as an active interface with a down link
[  121.260320][ T6622] geneve2: entered promiscuous mode
[  121.266084][ T6622] geneve2: entered allmulticast mode
[  121.307946][ T6628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  121.398000][ T6628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  121.411483][ T6611] syz.0.229 (6611) used greatest stack depth: 19344 bytes left
[  121.536422][ T6628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  121.616752][ T6634] bond0: entered promiscuous mode
[  121.633002][ T6634] bond_slave_0: entered promiscuous mode
[  121.649655][ T6634] bond_slave_1: entered promiscuous mode
[  121.659990][ T6634] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  121.670992][ T6634] bond0: left promiscuous mode
[  121.676498][ T6634] bond_slave_0: left promiscuous mode
[  121.688526][ T6634] bond_slave_1: left promiscuous mode
[  121.981905][ T6645] can: request_module (can-proto-3) failed.
[  122.739786][ T6666] netlink: 'syz.0.246': attribute type 12 has an invalid length.
[  122.855420][ T6671] netlink: 'syz.0.246': attribute type 12 has an invalid length.
[  122.887435][ T6672] FAULT_INJECTION: forcing a failure.
[  122.887435][ T6672] name failslab, interval 1, probability 0, space 0, times 0
[  122.958909][ T6672] CPU: 0 UID: 0 PID: 6672 Comm: syz.3.247 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  122.958943][ T6672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  122.958956][ T6672] Call Trace:
[  122.958964][ T6672]  <TASK>
[  122.958972][ T6672]  dump_stack_lvl+0x241/0x360
[  122.959018][ T6672]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.959044][ T6672]  ? __pfx__printk+0x10/0x10
[  122.959075][ T6672]  ? __pfx___might_resched+0x10/0x10
[  122.959110][ T6672]  should_fail_ex+0x424/0x570
[  122.959137][ T6672]  should_failslab+0xac/0x100
[  122.959158][ T6672]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  122.959178][ T6672]  ? __alloc_skb+0x1c2/0x480
[  122.959200][ T6672]  __alloc_skb+0x1c2/0x480
[  122.959225][ T6672]  ? __pfx___alloc_skb+0x10/0x10
[  122.959244][ T6672]  ? netlink_autobind+0xd6/0x2f0
[  122.959262][ T6672]  ? netlink_autobind+0x2b0/0x2f0
[  122.959284][ T6672]  netlink_sendmsg+0x638/0xcd0
[  122.959322][ T6672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.959355][ T6672]  ? aa_sock_msg_perm+0x91/0x160
[  122.959386][ T6672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.959413][ T6672]  __sock_sendmsg+0x221/0x270
[  122.959445][ T6672]  ____sys_sendmsg+0x523/0x860
[  122.959477][ T6672]  ? __pfx_____sys_sendmsg+0x10/0x10
[  122.959497][ T6672]  ? __fget_files+0x2a/0x420
[  122.959518][ T6672]  ? __fget_files+0x2a/0x420
[  122.959545][ T6672]  __sys_sendmsg+0x271/0x360
[  122.959574][ T6672]  ? __pfx___sys_sendmsg+0x10/0x10
[  122.959608][ T6672]  ? lockdep_softirqs_on+0x144/0x1d0
[  122.959650][ T6672]  ? __irq_exit_rcu+0xfb/0x220
[  122.959703][ T6672]  ? do_syscall_64+0xb6/0x210
[  122.959728][ T6672]  do_syscall_64+0xf3/0x210
[  122.959747][ T6672]  ? clear_bhb_loop+0x45/0xa0
[  122.959775][ T6672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.959795][ T6672] RIP: 0033:0x7f1e6f98e169
[  122.959812][ T6672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.959829][ T6672] RSP: 002b:00007f1e70753038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.959851][ T6672] RAX: ffffffffffffffda RBX: 00007f1e6fbb5fa0 RCX: 00007f1e6f98e169
[  122.959865][ T6672] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  122.959878][ T6672] RBP: 00007f1e70753090 R08: 0000000000000000 R09: 0000000000000000
[  122.959890][ T6672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.959902][ T6672] R13: 0000000000000000 R14: 00007f1e6fbb5fa0 R15: 00007ffd262dbab8
[  122.959932][ T6672]  </TASK>
[  123.845458][ T6681] tipc: Trying to set illegal importance in message
[  124.114418][ T6695] netlink: 'syz.1.255': attribute type 1 has an invalid length.
[  124.275761][ T6701] __nla_validate_parse: 6 callbacks suppressed
[  124.275805][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.257'.
[  124.436309][ T6695] 8021q: adding VLAN 0 to HW filter on device bond3
[  125.595957][ T6738] netlink: 20 bytes leftover after parsing attributes in process `syz.3.271'.
[  125.738431][ T6739] netlink: 72 bytes leftover after parsing attributes in process `syz.4.267'.
[  125.964118][ T6746] netlink: 'syz.0.273': attribute type 4 has an invalid length.
[  126.022299][ T6749] tun0: tun_chr_ioctl cmd 1074025675
[  126.038797][ T6746] netlink: 152 bytes leftover after parsing attributes in process `syz.0.273'.
[  126.054237][ T6749] tun0: persist disabled
[  126.090743][ T6754] tun0: tun_chr_ioctl cmd 1074025675
[  126.096536][ T6754] tun0: persist disabled
[  126.149589][ T6746] wlan1: mtu less than device minimum
[  126.552462][ T6762] netlink: 24 bytes leftover after parsing attributes in process `syz.2.277'.
[  126.726260][ T6768] netlink: 'syz.4.281': attribute type 1 has an invalid length.
[  126.926840][ T6774] netlink: 108 bytes leftover after parsing attributes in process `syz.3.283'.
[  127.030246][ T6772] 8021q: adding VLAN 0 to HW filter on device bond2
[  127.042198][ T6772] bond1: (slave bond2): making interface the new active one
[  127.051584][ T6772] bond1: (slave bond2): Enslaving as an active interface with an up link
[  127.155064][ T6779] netlink: 28 bytes leftover after parsing attributes in process `syz.0.285'.
[  127.179734][ T6779] netlink: 28 bytes leftover after parsing attributes in process `syz.0.285'.
[  127.332026][ T6779] bridge0: entered promiscuous mode
[  127.360572][ T6782] netlink: 4 bytes leftover after parsing attributes in process `syz.4.287'.
[  127.374383][ T6779] batadv_slave_1: entered promiscuous mode
[  127.400552][ T6779] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  127.513413][ T6791] netlink: 'syz.2.288': attribute type 1 has an invalid length.
[  127.793689][ T6791] 8021q: adding VLAN 0 to HW filter on device bond1
[  128.693161][ T6822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.771031][ T6817] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.847280][ T6817] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.223660][ T6828] netlink: 12 bytes leftover after parsing attributes in process `syz.0.300'.
[  129.303718][ T6828] vlan2: entered promiscuous mode
[  129.315350][ T6828] hsr0: entered promiscuous mode
[  129.780976][ T6839] netlink: 4 bytes leftover after parsing attributes in process `syz.0.304'.
[  131.199430][ T6880] netlink: 24 bytes leftover after parsing attributes in process `syz.2.317'.
[  131.218139][ T6876] team_slave_0: entered promiscuous mode
[  131.224496][ T6876] team_slave_1: entered promiscuous mode
[  131.266326][ T6876] vlan2: entered promiscuous mode
[  131.274054][ T6876] team0: entered promiscuous mode
[  131.307150][ T6881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.316'.
[  131.422966][ T6884] FAULT_INJECTION: forcing a failure.
[  131.422966][ T6884] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.473105][ T6884] CPU: 0 UID: 0 PID: 6884 Comm: syz.0.318 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  131.473138][ T6884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  131.473150][ T6884] Call Trace:
[  131.473157][ T6884]  <TASK>
[  131.473165][ T6884]  dump_stack_lvl+0x241/0x360
[  131.473199][ T6884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.473226][ T6884]  ? __pfx__printk+0x10/0x10
[  131.473270][ T6884]  should_fail_ex+0x424/0x570
[  131.473296][ T6884]  _copy_from_iter+0x211/0x1c70
[  131.473329][ T6884]  ? __build_skb_around+0x247/0x3d0
[  131.473353][ T6884]  ? __alloc_skb+0x298/0x480
[  131.473372][ T6884]  ? __pfx__copy_from_iter+0x10/0x10
[  131.473400][ T6884]  ? __pfx___alloc_skb+0x10/0x10
[  131.473421][ T6884]  ? skb_put+0x114/0x1f0
[  131.473463][ T6884]  netlink_sendmsg+0x73c/0xcd0
[  131.473508][ T6884]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.473543][ T6884]  ? aa_sock_msg_perm+0x91/0x160
[  131.473575][ T6884]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.473603][ T6884]  __sock_sendmsg+0x221/0x270
[  131.473635][ T6884]  ____sys_sendmsg+0x523/0x860
[  131.473669][ T6884]  ? __pfx_____sys_sendmsg+0x10/0x10
[  131.473689][ T6884]  ? __fget_files+0x2a/0x420
[  131.473711][ T6884]  ? __fget_files+0x2a/0x420
[  131.473739][ T6884]  __sys_sendmsg+0x271/0x360
[  131.473768][ T6884]  ? __pfx___sys_sendmsg+0x10/0x10
[  131.473848][ T6884]  ? do_syscall_64+0xb6/0x210
[  131.473873][ T6884]  do_syscall_64+0xf3/0x210
[  131.473893][ T6884]  ? clear_bhb_loop+0x45/0xa0
[  131.473917][ T6884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.473936][ T6884] RIP: 0033:0x7f7ff0f8e169
[  131.473954][ T6884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.473971][ T6884] RSP: 002b:00007f7ff1e39038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.473993][ T6884] RAX: ffffffffffffffda RBX: 00007f7ff11b5fa0 RCX: 00007f7ff0f8e169
[  131.474007][ T6884] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  131.474019][ T6884] RBP: 00007f7ff1e39090 R08: 0000000000000000 R09: 0000000000000000
[  131.474032][ T6884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.474043][ T6884] R13: 0000000000000000 R14: 00007f7ff11b5fa0 R15: 00007ffc1a03cae8
[  131.474072][ T6884]  </TASK>
[  132.326565][ T6906] netlink: 'syz.4.324': attribute type 10 has an invalid length.
[  132.803875][ T6919] netlink: 4 bytes leftover after parsing attributes in process `syz.1.330'.
[  132.942180][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  132.949537][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  133.702450][ T6939] ipvlan2: entered promiscuous mode
[  133.746879][ T6939] ipvlan2: entered allmulticast mode
[  133.773180][ T6939] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  134.142493][ T6950] netlink: 20 bytes leftover after parsing attributes in process `syz.2.339'.
[  134.222560][ T6953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.340'.
[  134.237636][ T6955] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  134.415636][ T6959] FAULT_INJECTION: forcing a failure.
[  134.415636][ T6959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.455793][ T6959] CPU: 0 UID: 0 PID: 6959 Comm: syz.4.342 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  134.455826][ T6959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  134.455838][ T6959] Call Trace:
[  134.455847][ T6959]  <TASK>
[  134.455856][ T6959]  dump_stack_lvl+0x241/0x360
[  134.455896][ T6959]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.455934][ T6959]  ? __pfx__printk+0x10/0x10
[  134.455976][ T6959]  should_fail_ex+0x424/0x570
[  134.456006][ T6959]  _copy_to_user+0x31/0xb0
[  134.456041][ T6959]  simple_read_from_buffer+0xc4/0x170
[  134.456076][ T6959]  proc_fail_nth_read+0x1ef/0x260
[  134.456112][ T6959]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.456149][ T6959]  ? rw_verify_area+0x246/0x630
[  134.456175][ T6959]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.456209][ T6959]  vfs_read+0x21f/0xb90
[  134.456243][ T6959]  ? __pfx___mutex_lock+0x10/0x10
[  134.456265][ T6959]  ? __pfx_vfs_read+0x10/0x10
[  134.456295][ T6959]  ? __fget_files+0x2a/0x420
[  134.456317][ T6959]  ? __fget_files+0x39d/0x420
[  134.456333][ T6959]  ? __fget_files+0x2a/0x420
[  134.456363][ T6959]  ksys_read+0x19d/0x2d0
[  134.456394][ T6959]  ? __pfx_ksys_read+0x10/0x10
[  134.456429][ T6959]  ? do_syscall_64+0xb6/0x210
[  134.456453][ T6959]  do_syscall_64+0xf3/0x210
[  134.456474][ T6959]  ? clear_bhb_loop+0x45/0xa0
[  134.456498][ T6959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.456519][ T6959] RIP: 0033:0x7f986678cb7c
[  134.456537][ T6959] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  134.456553][ T6959] RSP: 002b:00007f986769f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  134.456577][ T6959] RAX: ffffffffffffffda RBX: 00007f98669b5fa0 RCX: 00007f986678cb7c
[  134.456592][ T6959] RDX: 000000000000000f RSI: 00007f986769f0a0 RDI: 0000000000000004
[  134.456605][ T6959] RBP: 00007f986769f090 R08: 0000000000000000 R09: 0000000000000000
[  134.456617][ T6959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  134.456629][ T6959] R13: 0000000000000000 R14: 00007f98669b5fa0 R15: 00007ffd81fdf468
[  134.456662][ T6959]  </TASK>
[  134.760453][ T6965] netlink: 'syz.2.343': attribute type 8 has an invalid length.
[  134.920781][ T6966] netlink: 'syz.4.345': attribute type 1 has an invalid length.
[  134.998735][ T6963] vlan2: entered promiscuous mode
[  135.251902][ T6977] netlink: 12 bytes leftover after parsing attributes in process `syz.1.348'.
[  135.269135][ T6979] netlink: 20 bytes leftover after parsing attributes in process `syz.2.347'.
[  135.673094][ T6966] 8021q: adding VLAN 0 to HW filter on device bond3
[  135.759831][ T6977] vlan2: entered promiscuous mode
[  135.765583][ T6977] hsr0: entered promiscuous mode
[  135.894470][ T6975] syzkaller1: entered promiscuous mode
[  135.912285][ T6975] syzkaller1: entered allmulticast mode
[  136.414670][ T6997] netlink: 'syz.0.354': attribute type 3 has an invalid length.
[  137.541220][ T7014] veth0_to_bridge: entered promiscuous mode
[  137.603842][ T7012] veth0_to_bridge: left promiscuous mode
[  137.809006][ T7028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.899147][ T7028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.911119][ T7030] netlink: 'syz.2.364': attribute type 8 has an invalid length.
[  138.013034][ T7031] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  138.435887][ T7041] netlink: 'syz.1.368': attribute type 1 has an invalid length.
[  138.637749][ T7041] 8021q: adding VLAN 0 to HW filter on device bond4
[  138.820935][ T7056] bond0: entered promiscuous mode
[  138.826476][ T7056] bond_slave_0: entered promiscuous mode
[  138.872249][ T7056] bond_slave_1: entered promiscuous mode
[  138.910026][ T7056] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  138.982000][ T7056] bond0: left promiscuous mode
[  139.007258][ T7056] bond_slave_0: left promiscuous mode
[  139.094384][ T7056] bond_slave_1: left promiscuous mode
[  139.256851][ T7063] netlink: 20 bytes leftover after parsing attributes in process `syz.0.375'.
[  139.577105][ T7069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  139.677277][ T7069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  139.805156][ T7067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  139.817804][ T7075] netlink: 28 bytes leftover after parsing attributes in process `syz.4.379'.
[  139.835292][ T7075] netlink: 28 bytes leftover after parsing attributes in process `syz.4.379'.
[  139.978966][   T62] wlan1: Trigger new scan to find an IBSS to join
[  140.382469][ T7087] FAULT_INJECTION: forcing a failure.
[  140.382469][ T7087] name failslab, interval 1, probability 0, space 0, times 0
[  140.400692][ T7087] CPU: 0 UID: 0 PID: 7087 Comm: syz.3.384 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  140.400727][ T7087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  140.400740][ T7087] Call Trace:
[  140.400748][ T7087]  <TASK>
[  140.400756][ T7087]  dump_stack_lvl+0x241/0x360
[  140.400806][ T7087]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.400836][ T7087]  ? __pfx__printk+0x10/0x10
[  140.400876][ T7087]  should_fail_ex+0x424/0x570
[  140.400905][ T7087]  should_failslab+0xac/0x100
[  140.400928][ T7087]  __kmalloc_cache_noprof+0x73/0x370
[  140.400948][ T7087]  ? sctp_add_bind_addr+0x89/0x3a0
[  140.400974][ T7087]  sctp_add_bind_addr+0x89/0x3a0
[  140.401000][ T7087]  sctp_copy_local_addr_list+0x313/0x500
[  140.401024][ T7087]  ? sctp_copy_local_addr_list+0xad/0x500
[  140.401047][ T7087]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  140.401071][ T7087]  ? sctp_v6_is_any+0x60/0x70
[  140.401096][ T7087]  ? sctp_copy_one_addr+0x94/0x360
[  140.401122][ T7087]  sctp_bind_addr_copy+0xad/0x3b0
[  140.401143][ T7087]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  140.401178][ T7087]  sctp_connect_new_asoc+0x337/0x700
[  140.401209][ T7087]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  140.401236][ T7087]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  140.401267][ T7087]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  140.401291][ T7087]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  140.401315][ T7087]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  140.401351][ T7087]  __sctp_connect+0x6ab/0xe60
[  140.401408][ T7087]  ? __local_bh_enable_ip+0x168/0x200
[  140.401439][ T7087]  ? __pfx___sctp_connect+0x10/0x10
[  140.401464][ T7087]  ? sctp_inet_connect+0xa7/0x1f0
[  140.401486][ T7087]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  140.401517][ T7087]  ? do_raw_spin_unlock+0x13c/0x8b0
[  140.401551][ T7087]  sctp_inet_connect+0x149/0x1f0
[  140.401578][ T7087]  __sys_connect+0x28c/0x2d0
[  140.401600][ T7087]  ? __fget_files+0x2a/0x420
[  140.401619][ T7087]  ? __pfx___sys_connect+0x10/0x10
[  140.401667][ T7087]  __x64_sys_connect+0x7a/0x90
[  140.401689][ T7087]  do_syscall_64+0xf3/0x210
[  140.401712][ T7087]  ? clear_bhb_loop+0x45/0xa0
[  140.401736][ T7087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.401756][ T7087] RIP: 0033:0x7f1e6f98e169
[  140.401775][ T7087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.401791][ T7087] RSP: 002b:00007f1e70753038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  140.401813][ T7087] RAX: ffffffffffffffda RBX: 00007f1e6fbb5fa0 RCX: 00007f1e6f98e169
[  140.401828][ T7087] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  140.401841][ T7087] RBP: 00007f1e70753090 R08: 0000000000000000 R09: 0000000000000000
[  140.401853][ T7087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  140.401865][ T7087] R13: 0000000000000000 R14: 00007f1e6fbb5fa0 R15: 00007ffd262dbab8
[  140.401899][ T7087]  </TASK>
[  140.761740][ T7091] netlink: 'syz.0.385': attribute type 8 has an invalid length.
[  141.077074][ T7102] netlink: 'syz.0.388': attribute type 1 has an invalid length.
[  141.212510][ T7103] netlink: 'syz.1.390': attribute type 1 has an invalid length.
[  141.239442][ T7112] sctp: [Deprecated]: syz.2.389 (pid 7112) Use of int in maxseg socket option.
[  141.239442][ T7112] Use struct sctp_assoc_value instead
[  141.295546][ T7103] netlink: 224 bytes leftover after parsing attributes in process `syz.1.390'.
[  141.453174][ T7103] netlink: 8 bytes leftover after parsing attributes in process `syz.1.390'.
[  141.682774][ T7102] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.978030][ T7119] FAULT_INJECTION: forcing a failure.
[  141.978030][ T7119] name failslab, interval 1, probability 0, space 0, times 0
[  142.009659][ T7119] CPU: 0 UID: 0 PID: 7119 Comm: syz.2.391 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  142.009690][ T7119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  142.009703][ T7119] Call Trace:
[  142.009711][ T7119]  <TASK>
[  142.009721][ T7119]  dump_stack_lvl+0x241/0x360
[  142.009758][ T7119]  ? __pfx_dump_stack_lvl+0x10/0x10
[  142.009788][ T7119]  ? __pfx__printk+0x10/0x10
[  142.009820][ T7119]  ? __pfx___might_resched+0x10/0x10
[  142.009858][ T7119]  should_fail_ex+0x424/0x570
[  142.009888][ T7119]  should_failslab+0xac/0x100
[  142.009911][ T7119]  __kmalloc_cache_noprof+0x73/0x370
[  142.009930][ T7119]  ? alloc_netdev_mqs+0xc1a/0x1210
[  142.009955][ T7119]  ? __xdp_rxq_info_reg+0x186/0x290
[  142.009980][ T7119]  alloc_netdev_mqs+0xc1a/0x1210
[  142.010015][ T7119]  ieee802154_if_add+0x11c/0x1160
[  142.010047][ T7119]  ? __pfx_ieee802154_if_add+0x10/0x10
[  142.010069][ T7119]  ? __pfx___mutex_lock+0x10/0x10
[  142.010100][ T7119]  ? genlmsg_put+0x145/0x2e0
[  142.010129][ T7119]  ieee802154_add_iface_deprecated+0x44/0x70
[  142.010158][ T7119]  ieee802154_add_iface+0x462/0x830
[  142.010192][ T7119]  ? __pfx_ieee802154_add_iface+0x10/0x10
[  142.010220][ T7119]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  142.010254][ T7119]  genl_rcv_msg+0xb38/0xf00
[  142.010288][ T7119]  ? __pfx_genl_rcv_msg+0x10/0x10
[  142.010309][ T7119]  ? stack_trace_save+0x11a/0x1d0
[  142.010334][ T7119]  ? __pfx_stack_trace_save+0x10/0x10
[  142.010360][ T7119]  ? stack_depot_save_flags+0x44/0x940
[  142.010381][ T7119]  ? __pfx_stack_trace_save+0x1/0x10
[  142.010419][ T7119]  ? __lock_acquire+0xad5/0xd80
[  142.010456][ T7119]  ? __pfx_ieee802154_add_iface+0x10/0x10
[  142.010499][ T7119]  netlink_rcv_skb+0x208/0x480
[  142.010530][ T7119]  ? __pfx_genl_rcv_msg+0x10/0x10
[  142.010556][ T7119]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  142.010610][ T7119]  ? netlink_deliver_tap+0x2e/0x1b0
[  142.010647][ T7119]  genl_rcv+0x28/0x40
[  142.010668][ T7119]  netlink_unicast+0x7f8/0x9a0
[  142.010706][ T7119]  ? __pfx_netlink_unicast+0x10/0x10
[  142.010737][ T7119]  ? skb_put+0x114/0x1f0
[  142.010764][ T7119]  netlink_sendmsg+0x8c3/0xcd0
[  142.010809][ T7119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.010846][ T7119]  ? aa_sock_msg_perm+0x91/0x160
[  142.010879][ T7119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.010908][ T7119]  __sock_sendmsg+0x221/0x270
[  142.010948][ T7119]  ____sys_sendmsg+0x523/0x860
[  142.010983][ T7119]  ? __pfx_____sys_sendmsg+0x10/0x10
[  142.011004][ T7119]  ? __fget_files+0x2a/0x420
[  142.011026][ T7119]  ? __fget_files+0x2a/0x420
[  142.011056][ T7119]  __sys_sendmsg+0x271/0x360
[  142.011086][ T7119]  ? __pfx___sys_sendmsg+0x10/0x10
[  142.011146][ T7119]  ? __pfx_bpf_trace_run2+0x10/0x10
[  142.011180][ T7119]  ? trace_sys_enter+0x74/0x120
[  142.011209][ T7119]  ? rcu_is_watching+0x15/0xb0
[  142.011229][ T7119]  ? trace_sys_enter+0x25/0x120
[  142.011263][ T7119]  do_syscall_64+0xf3/0x210
[  142.011284][ T7119]  ? clear_bhb_loop+0x45/0xa0
[  142.011308][ T7119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.011328][ T7119] RIP: 0033:0x7fdd45b8e169
[  142.011346][ T7119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.011363][ T7119] RSP: 002b:00007fdd46a22038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.011385][ T7119] RAX: ffffffffffffffda RBX: 00007fdd45db5fa0 RCX: 00007fdd45b8e169
[  142.011399][ T7119] RDX: 00000000000040c4 RSI: 00002000000032c0 RDI: 0000000000000006
[  142.011412][ T7119] RBP: 00007fdd46a22090 R08: 0000000000000000 R09: 0000000000000000
[  142.011425][ T7119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  142.011442][ T7119] R13: 0000000000000000 R14: 00007fdd45db5fa0 R15: 00007ffd4b4b8f68
[  142.011486][ T7119]  </TASK>
[  143.456977][ T7147] netlink: 'syz.3.401': attribute type 1 has an invalid length.
[  143.788687][ T7151] 8021q: adding VLAN 0 to HW filter on device bond2
[  143.870046][ T7151] bond1: (slave bond2): making interface the new active one
[  143.904032][ T7151] bond1: (slave bond2): Enslaving as an active interface with an up link
[  143.979877][ T1119] wlan1: Trigger new scan to find an IBSS to join
[  144.296542][ T7167] batadv0: entered promiscuous mode
[  144.306136][ T7167] vlan2: entered promiscuous mode
[  144.549341][ T5889] IPVS: starting estimator thread 0...
[  144.690174][ T7175] IPVS: using max 28 ests per chain, 67200 per kthread
[  144.906225][ T7181] netlink: 'syz.4.412': attribute type 3 has an invalid length.
[  145.147128][ T7189] netlink: 8 bytes leftover after parsing attributes in process `syz.0.415'.
[  145.800988][ T7208] netlink: 28 bytes leftover after parsing attributes in process `syz.0.420'.
[  145.893970][ T7210] vlan2: entered promiscuous mode
[  145.917778][ T7211] netlink: 52 bytes leftover after parsing attributes in process `syz.1.422'.
[  146.008065][ T7211] netlink: 14 bytes leftover after parsing attributes in process `syz.1.422'.
[  146.088390][ T7211] netlink: 52 bytes leftover after parsing attributes in process `syz.1.422'.
[  146.121084][ T7211] netlink: 14 bytes leftover after parsing attributes in process `syz.1.422'.
[  146.131751][ T7211] netlink: 52 bytes leftover after parsing attributes in process `syz.1.422'.
[  146.825064][ T7223] netlink: 20 bytes leftover after parsing attributes in process `syz.0.427'.
[  146.961822][ T7225] netlink: 'syz.3.429': attribute type 1 has an invalid length.
[  147.127258][ T7228] netlink: 'syz.2.428': attribute type 8 has an invalid length.
[  147.290493][ T7235] x_tables: duplicate underflow at hook 2
[  147.302483][ T7231] 8021q: adding VLAN 0 to HW filter on device bond4
[  147.323640][ T7231] bond3: (slave bond4): making interface the new active one
[  147.334251][ T7231] bond3: (slave bond4): Enslaving as an active interface with an up link
[  147.767201][ T7247] netlink: 'syz.2.437': attribute type 3 has an invalid length.
[  148.254310][ T7259] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.297475][ T7261] netlink: 12 bytes leftover after parsing attributes in process `syz.2.442'.
[  148.335805][ T7263] netlink: 'syz.3.443': attribute type 10 has an invalid length.
[  148.360763][ T7263] netlink: 40 bytes leftover after parsing attributes in process `syz.3.443'.
[  148.382433][ T7259] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.415573][ T7261] vlan2: entered promiscuous mode
[  148.441692][ T7261] hsr0: entered promiscuous mode
[  148.447153][ T7259] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.581500][ T7263] bridge0: port 3(dummy0) entered blocking state
[  148.597945][ T7263] bridge0: port 3(dummy0) entered disabled state
[  148.635767][ T7263] dummy0: entered allmulticast mode
[  148.674412][ T7263] dummy0: entered promiscuous mode
[  148.942919][ T7272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.445'.
[  149.028208][   T36] wlan1: Trigger new scan to find an IBSS to join
[  149.485755][ T7278] netlink: 20 bytes leftover after parsing attributes in process `syz.2.448'.
[  149.999194][   T36] wlan1: Creating new IBSS network, BSSID 32:e5:8c:96:0e:b8
[  150.276789][ T7299] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  150.342492][ T7300] bond0: entered promiscuous mode
[  150.378889][ T7300] bond_slave_0: entered promiscuous mode
[  150.385637][ T7300] bond_slave_1: entered promiscuous mode
[  150.400837][ T7300] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  150.418631][ T7300] bond0: left promiscuous mode
[  150.423882][ T7300] bond_slave_0: left promiscuous mode
[  150.458186][ T7300] bond_slave_1: left promiscuous mode
[  150.624875][ T7302] vlan2: entered promiscuous mode
[  151.163469][ T7311] veth0_macvtap: left promiscuous mode
[  151.196971][ T7311] macvtap0: entered promiscuous mode
[  151.227070][ T7311] macvtap0: entered allmulticast mode
[  151.248297][ T7315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  151.368490][ T7313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  151.483377][ T7313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  152.196526][ T7339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.471'.
[  152.231820][ T7341] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  152.389857][ T7348] netlink: 16 bytes leftover after parsing attributes in process `syz.0.471'.
[  152.439813][ T7347] batadv0: entered promiscuous mode
[  152.475811][ T7347] vlan2: entered promiscuous mode
[  153.287294][ T7367] netlink: 'syz.1.481': attribute type 3 has an invalid length.
[  153.655702][ T7380] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  153.715948][ T7381] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.781819][ T7381] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.869602][ T7381] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  154.252587][ T7400] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  154.483169][ T7406] FAULT_INJECTION: forcing a failure.
[  154.483169][ T7406] name failslab, interval 1, probability 0, space 0, times 0
[  154.519271][ T7406] CPU: 1 UID: 0 PID: 7406 Comm: syz.1.495 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  154.519302][ T7406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  154.519315][ T7406] Call Trace:
[  154.519323][ T7406]  <TASK>
[  154.519331][ T7406]  dump_stack_lvl+0x241/0x360
[  154.519368][ T7406]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.519396][ T7406]  ? __pfx__printk+0x10/0x10
[  154.519436][ T7406]  should_fail_ex+0x424/0x570
[  154.519465][ T7406]  should_failslab+0xac/0x100
[  154.519488][ T7406]  __kmalloc_cache_noprof+0x73/0x370
[  154.519508][ T7406]  ? sctp_add_bind_addr+0x89/0x3a0
[  154.519535][ T7406]  sctp_add_bind_addr+0x89/0x3a0
[  154.519561][ T7406]  sctp_copy_local_addr_list+0x313/0x500
[  154.519585][ T7406]  ? sctp_copy_local_addr_list+0xad/0x500
[  154.519607][ T7406]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  154.519632][ T7406]  ? sctp_v6_is_any+0x60/0x70
[  154.519656][ T7406]  ? sctp_copy_one_addr+0x94/0x360
[  154.519683][ T7406]  sctp_bind_addr_copy+0xad/0x3b0
[  154.519712][ T7406]  sctp_connect_new_asoc+0x337/0x700
[  154.519742][ T7406]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  154.519768][ T7406]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  154.519800][ T7406]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  154.519824][ T7406]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  154.519849][ T7406]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  154.519878][ T7406]  __sctp_connect+0x6ab/0xe60
[  154.519915][ T7406]  ? __local_bh_enable_ip+0x168/0x200
[  154.519945][ T7406]  ? __pfx___sctp_connect+0x10/0x10
[  154.519969][ T7406]  ? sctp_inet_connect+0xa7/0x1f0
[  154.519990][ T7406]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  154.520028][ T7406]  ? do_raw_spin_unlock+0x13c/0x8b0
[  154.520062][ T7406]  sctp_inet_connect+0x149/0x1f0
[  154.520098][ T7406]  __sys_connect+0x28c/0x2d0
[  154.520120][ T7406]  ? __pfx___sys_connect+0x10/0x10
[  154.520183][ T7406]  __x64_sys_connect+0x7a/0x90
[  154.520205][ T7406]  do_syscall_64+0xf3/0x210
[  154.520226][ T7406]  ? clear_bhb_loop+0x45/0xa0
[  154.520250][ T7406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.520270][ T7406] RIP: 0033:0x7f35f4b8e169
[  154.520288][ T7406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.520304][ T7406] RSP: 002b:00007f35f59de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  154.520326][ T7406] RAX: ffffffffffffffda RBX: 00007f35f4db5fa0 RCX: 00007f35f4b8e169
[  154.520341][ T7406] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  154.520354][ T7406] RBP: 00007f35f59de090 R08: 0000000000000000 R09: 0000000000000000
[  154.520366][ T7406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.520378][ T7406] R13: 0000000000000000 R14: 00007f35f4db5fa0 R15: 00007fff6f8ce598
[  154.520410][ T7406]  </TASK>
[  155.247663][ T7414] netlink: 8 bytes leftover after parsing attributes in process `syz.4.498'.
[  155.612110][ T7425] netlink: 'syz.1.501': attribute type 27 has an invalid length.
[  155.628384][ T7427] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  155.798607][ T7429] syzkaller1: entered promiscuous mode
[  155.812628][ T7429] syzkaller1: entered allmulticast mode
[  155.891727][ T7432] netlink: 'syz.2.504': attribute type 1 has an invalid length.
[  156.197332][ T7437] 8021q: adding VLAN 0 to HW filter on device bond3
[  156.209648][ T7437] bond2: (slave bond3): making interface the new active one
[  156.230333][ T7437] bond2: (slave bond3): Enslaving as an active interface with an up link
[  156.843669][ T7444] netlink: 252 bytes leftover after parsing attributes in process `syz.2.505'.
[  157.326056][ T7459] netlink: 'syz.4.510': attribute type 1 has an invalid length.
[  157.333621][ T7453] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.366199][ T7464] netlink: 8 bytes leftover after parsing attributes in process `syz.2.512'.
[  157.410608][ T7465] netlink: 12 bytes leftover after parsing attributes in process `syz.3.511'.
[  157.571908][ T7471] xt_hashlimit: size too large, truncated to 1048576
[  157.609575][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.513'.
[  157.721526][ T7472] netlink: 88 bytes leftover after parsing attributes in process `syz.0.513'.
[  158.037990][ T7459] 8021q: adding VLAN 0 to HW filter on device bond4
[  158.683868][ T7453] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.379906][ T7453] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.581896][ T7510] netlink: 28 bytes leftover after parsing attributes in process `syz.0.515'.
[  159.619117][ T7510] netlink: 28 bytes leftover after parsing attributes in process `syz.0.515'.
[  159.716134][ T7453] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.152530][ T7516] netlink: 20 bytes leftover after parsing attributes in process `syz.0.516'.
[  160.295344][ T7516] netlink: 8 bytes leftover after parsing attributes in process `syz.0.516'.
[  160.501674][ T7523] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  160.549400][ T7453] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.710400][ T7453] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.800134][ T7453] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.935685][ T7453] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.470516][ T7539] x_tables: ip_tables: ah match: only valid for protocol 51
[  161.794591][ T7546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.524'.
[  162.033513][ T7551] netlink: 20 bytes leftover after parsing attributes in process `syz.0.527'.
[  163.106597][ T7577] FAULT_INJECTION: forcing a failure.
[  163.106597][ T7577] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.164331][ T7553] syz.4.529 (7553) used greatest stack depth: 19216 bytes left
[  163.173237][ T7577] CPU: 0 UID: 0 PID: 7577 Comm: syz.1.536 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  163.173270][ T7577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  163.173283][ T7577] Call Trace:
[  163.173291][ T7577]  <TASK>
[  163.173300][ T7577]  dump_stack_lvl+0x241/0x360
[  163.173338][ T7577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.173366][ T7577]  ? __pfx__printk+0x10/0x10
[  163.173414][ T7577]  should_fail_ex+0x424/0x570
[  163.173443][ T7577]  _copy_from_user+0x2d/0xb0
[  163.173474][ T7577]  __sys_bpf+0x1c5/0x8b0
[  163.173503][ T7577]  ? __pfx___sys_bpf+0x10/0x10
[  163.173542][ T7577]  ? ksys_write+0x275/0x2d0
[  163.173584][ T7577]  __x64_sys_bpf+0x7c/0x90
[  163.173608][ T7577]  do_syscall_64+0xf3/0x210
[  163.173630][ T7577]  ? clear_bhb_loop+0x45/0xa0
[  163.173654][ T7577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.173682][ T7577] RIP: 0033:0x7f35f4b8e169
[  163.173701][ T7577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.173718][ T7577] RSP: 002b:00007f35f59de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  163.173740][ T7577] RAX: ffffffffffffffda RBX: 00007f35f4db5fa0 RCX: 00007f35f4b8e169
[  163.173754][ T7577] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000005
[  163.173768][ T7577] RBP: 00007f35f59de090 R08: 0000000000000000 R09: 0000000000000000
[  163.173781][ T7577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.173792][ T7577] R13: 0000000000000001 R14: 00007f35f4db5fa0 R15: 00007fff6f8ce598
[  163.173824][ T7577]  </TASK>
[  163.411670][ T7582] netlink: 8 bytes leftover after parsing attributes in process `syz.0.538'.
[  163.431791][ T7585] bond0: entered promiscuous mode
[  163.436898][ T7585] bond_slave_0: entered promiscuous mode
[  163.442790][ T7585] bond_slave_1: entered promiscuous mode
[  163.461279][ T7585] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  163.486970][ T7585] bond0: left promiscuous mode
[  163.493405][ T7585] bond_slave_0: left promiscuous mode
[  163.499897][ T7585] bond_slave_1: left promiscuous mode
[  163.595081][ T7587] tipc: Started in network mode
[  163.615205][ T7587] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[  163.669694][ T7587] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  163.696405][ T7595] FAULT_INJECTION: forcing a failure.
[  163.696405][ T7595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.744324][ T7595] CPU: 0 UID: 0 PID: 7595 Comm: syz.1.541 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  163.744361][ T7595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  163.744374][ T7595] Call Trace:
[  163.744382][ T7595]  <TASK>
[  163.744391][ T7595]  dump_stack_lvl+0x241/0x360
[  163.744428][ T7595]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.744457][ T7595]  ? __pfx__printk+0x10/0x10
[  163.744501][ T7595]  should_fail_ex+0x424/0x570
[  163.744530][ T7595]  _copy_to_user+0x31/0xb0
[  163.744593][ T7595]  simple_read_from_buffer+0xc4/0x170
[  163.744631][ T7595]  proc_fail_nth_read+0x1ef/0x260
[  163.744668][ T7595]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.744705][ T7595]  ? rw_verify_area+0x246/0x630
[  163.744731][ T7595]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.744765][ T7595]  vfs_read+0x21f/0xb90
[  163.744799][ T7595]  ? __pfx___mutex_lock+0x10/0x10
[  163.744821][ T7595]  ? __pfx_vfs_read+0x10/0x10
[  163.744852][ T7595]  ? __fget_files+0x2a/0x420
[  163.744873][ T7595]  ? __fget_files+0x39d/0x420
[  163.744890][ T7595]  ? __fget_files+0x2a/0x420
[  163.744919][ T7595]  ksys_read+0x19d/0x2d0
[  163.744949][ T7595]  ? __pfx_ksys_read+0x10/0x10
[  163.744984][ T7595]  ? do_syscall_64+0xb6/0x210
[  163.745008][ T7595]  do_syscall_64+0xf3/0x210
[  163.745029][ T7595]  ? clear_bhb_loop+0x45/0xa0
[  163.745054][ T7595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.745074][ T7595] RIP: 0033:0x7f35f4b8cb7c
[  163.745099][ T7595] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  163.745116][ T7595] RSP: 002b:00007f35f59bd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  163.745137][ T7595] RAX: ffffffffffffffda RBX: 00007f35f4db6080 RCX: 00007f35f4b8cb7c
[  163.745152][ T7595] RDX: 000000000000000f RSI: 00007f35f59bd0a0 RDI: 0000000000000005
[  163.745165][ T7595] RBP: 00007f35f59bd090 R08: 0000000000000000 R09: 0000000000000000
[  163.745178][ T7595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.745190][ T7595] R13: 0000000000000001 R14: 00007f35f4db6080 R15: 00007fff6f8ce598
[  163.745223][ T7595]  </TASK>
[  164.161670][ T7604] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  164.549642][ T7612] netlink: 20 bytes leftover after parsing attributes in process `syz.2.549'.
[  164.948047][ T7621] netlink: 'syz.1.553': attribute type 23 has an invalid length.
[  165.198528][ T7622] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  165.488985][ T7636] bond0: entered promiscuous mode
[  165.494520][ T7636] bond_slave_0: entered promiscuous mode
[  165.526105][ T7638] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  165.530334][ T7636] bond_slave_1: entered promiscuous mode
[  165.545245][ T7636] mac80211_hwsim hwsim4 wlan1: entered promiscuous mode
[  165.566914][ T7643] FAULT_INJECTION: forcing a failure.
[  165.566914][ T7643] name failslab, interval 1, probability 0, space 0, times 0
[  165.577960][ T7636] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  165.600687][ T7643] CPU: 0 UID: 0 PID: 7643 Comm: syz.1.561 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  165.600719][ T7643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  165.600731][ T7643] Call Trace:
[  165.600739][ T7643]  <TASK>
[  165.600747][ T7643]  dump_stack_lvl+0x241/0x360
[  165.600785][ T7643]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.600814][ T7643]  ? __pfx__printk+0x10/0x10
[  165.600854][ T7643]  should_fail_ex+0x424/0x570
[  165.600883][ T7643]  should_failslab+0xac/0x100
[  165.600906][ T7643]  __kmalloc_cache_noprof+0x73/0x370
[  165.600925][ T7643]  ? sctp_add_bind_addr+0x89/0x3a0
[  165.600952][ T7643]  sctp_add_bind_addr+0x89/0x3a0
[  165.600978][ T7643]  sctp_copy_local_addr_list+0x313/0x500
[  165.601002][ T7643]  ? sctp_copy_local_addr_list+0xad/0x500
[  165.601025][ T7643]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  165.601049][ T7643]  ? sctp_v6_is_any+0x60/0x70
[  165.601074][ T7643]  ? sctp_copy_one_addr+0x94/0x360
[  165.601100][ T7643]  sctp_bind_addr_copy+0xad/0x3b0
[  165.601122][ T7643]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  165.601156][ T7643]  sctp_connect_new_asoc+0x337/0x700
[  165.601193][ T7643]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  165.601220][ T7643]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  165.601250][ T7643]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  165.601274][ T7643]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  165.601298][ T7643]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  165.601328][ T7643]  __sctp_connect+0x6ab/0xe60
[  165.601366][ T7643]  ? __local_bh_enable_ip+0x168/0x200
[  165.601396][ T7643]  ? __pfx___sctp_connect+0x10/0x10
[  165.601420][ T7643]  ? sctp_inet_connect+0xa7/0x1f0
[  165.601442][ T7643]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  165.601472][ T7643]  ? do_raw_spin_unlock+0x13c/0x8b0
[  165.601504][ T7643]  sctp_inet_connect+0x149/0x1f0
[  165.601530][ T7643]  __sys_connect+0x28c/0x2d0
[  165.601551][ T7643]  ? __fget_files+0x2a/0x420
[  165.601569][ T7643]  ? __pfx___sys_connect+0x10/0x10
[  165.601614][ T7643]  __x64_sys_connect+0x7a/0x90
[  165.601636][ T7643]  do_syscall_64+0xf3/0x210
[  165.601656][ T7643]  ? clear_bhb_loop+0x45/0xa0
[  165.601681][ T7643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.601701][ T7643] RIP: 0033:0x7f35f4b8e169
[  165.601720][ T7643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.601737][ T7643] RSP: 002b:00007f35f59de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  165.601759][ T7643] RAX: ffffffffffffffda RBX: 00007f35f4db5fa0 RCX: 00007f35f4b8e169
[  165.601791][ T7643] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  165.601804][ T7643] RBP: 00007f35f59de090 R08: 0000000000000000 R09: 0000000000000000
[  165.601834][ T7643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  165.601845][ T7643] R13: 0000000000000000 R14: 00007f35f4db5fa0 R15: 00007fff6f8ce598
[  165.601878][ T7643]  </TASK>
[  165.930732][ T7636] bond0: left promiscuous mode
[  165.936448][ T7636] bond_slave_0: left promiscuous mode
[  165.946876][ T7636] bond_slave_1: left promiscuous mode
[  165.953715][ T7636] mac80211_hwsim hwsim4 wlan1: left promiscuous mode
[  166.215626][ T7656] netlink: 'syz.0.565': attribute type 1 has an invalid length.
[  166.310575][ T7656] 8021q: adding VLAN 0 to HW filter on device bond3
[  166.321261][ T7656] bond2: (slave bond3): making interface the new active one
[  166.330369][ T7656] bond2: (slave bond3): Enslaving as an active interface with an up link
[  166.532902][ T7662] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  166.846858][ T7672] netlink: 20 bytes leftover after parsing attributes in process `syz.3.570'.
[  166.941205][ T7674] netlink: 'syz.1.571': attribute type 23 has an invalid length.
[  167.031451][ T7674] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  167.112629][ T7680] netlink: 28 bytes leftover after parsing attributes in process `syz.3.573'.
[  167.148096][ T7680] netlink: 28 bytes leftover after parsing attributes in process `syz.3.573'.
[  167.203347][ T7680] bridge0: entered promiscuous mode
[  167.222096][ T7680] batadv_slave_1: entered promiscuous mode
[  167.234074][ T7680] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  167.254810][ T7680] Cannot create hsr debugfs directory
[  167.266788][ T7680] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  167.294635][ T7685] netlink: 136 bytes leftover after parsing attributes in process `syz.1.575'.
[  167.315565][ T7685] A link change request failed with some changes committed already. Interface vxcan0 may have been left with an inconsistent configuration, please check.
[  167.915684][ T7699] netlink: 'syz.2.580': attribute type 1 has an invalid length.
[  168.053111][ T7701] netlink: 20 bytes leftover after parsing attributes in process `syz.1.581'.
[  168.228149][ T7702] 8021q: adding VLAN 0 to HW filter on device bond5
[  168.242014][ T7702] bond4: (slave bond5): making interface the new active one
[  168.253209][ T7702] bond4: (slave bond5): Enslaving as an active interface with an up link
[  168.621381][ T7712] netlink: 'syz.1.585': attribute type 23 has an invalid length.
[  168.680335][ T7693] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  168.727456][ T7715] netlink: 24 bytes leftover after parsing attributes in process `syz.3.583'.
[  168.803005][ T7712] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  169.024291][ T7722] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  169.502384][ T7729] bond0: entered promiscuous mode
[  169.508100][ T7729] bond_slave_0: entered promiscuous mode
[  169.514864][ T7729] bond_slave_1: entered promiscuous mode
[  169.522722][ T7729] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  169.559162][ T7729] bond0: left promiscuous mode
[  169.617138][ T7729] bond_slave_0: left promiscuous mode
[  169.627073][ T7729] bond_slave_1: left promiscuous mode
[  169.678211][ T7738] netlink: 8 bytes leftover after parsing attributes in process `syz.1.591'.
[  170.019055][ T7743] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  170.310928][ T7754] netlink: 20 bytes leftover after parsing attributes in process `syz.0.599'.
[  170.325939][ T7753] netlink: 'syz.3.598': attribute type 23 has an invalid length.
[  170.371597][ T7756] FAULT_INJECTION: forcing a failure.
[  170.371597][ T7756] name failslab, interval 1, probability 0, space 0, times 0
[  170.416207][ T7756] CPU: 1 UID: 0 PID: 7756 Comm: syz.2.600 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  170.416239][ T7756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  170.416252][ T7756] Call Trace:
[  170.416260][ T7756]  <TASK>
[  170.416268][ T7756]  dump_stack_lvl+0x241/0x360
[  170.416305][ T7756]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.416334][ T7756]  ? __pfx__printk+0x10/0x10
[  170.416385][ T7756]  ? __pfx___might_resched+0x10/0x10
[  170.416422][ T7756]  should_fail_ex+0x424/0x570
[  170.416451][ T7756]  should_failslab+0xac/0x100
[  170.416473][ T7756]  __kmalloc_node_track_caller_noprof+0xe2/0x4d0
[  170.416509][ T7756]  ? ip6_setup_cork+0x6a7/0x11c0
[  170.416542][ T7756]  kmemdup_noprof+0x2b/0x70
[  170.416575][ T7756]  ip6_setup_cork+0x6a7/0x11c0
[  170.416615][ T7756]  ip6_append_data+0x210/0x380
[  170.416647][ T7756]  ? __pfx_raw6_getfrag+0x10/0x10
[  170.416671][ T7756]  rawv6_sendmsg+0x1855/0x23c0
[  170.416713][ T7756]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  170.416780][ T7756]  ? sock_rps_record_flow+0x1a/0x410
[  170.416809][ T7756]  ? inet_sendmsg+0x330/0x390
[  170.416839][ T7756]  __sock_sendmsg+0x1a6/0x270
[  170.416872][ T7756]  sock_write_iter+0x2d9/0x3f0
[  170.416902][ T7756]  ? __pfx_sock_write_iter+0x10/0x10
[  170.416942][ T7756]  ? bpf_lsm_file_permission+0x9/0x10
[  170.416980][ T7756]  vfs_write+0x70f/0xd10
[  170.417016][ T7756]  ? __pfx_sock_write_iter+0x10/0x10
[  170.417044][ T7756]  ? __pfx_vfs_write+0x10/0x10
[  170.417076][ T7756]  ? __fget_files+0x2a/0x420
[  170.417099][ T7756]  ? __fget_files+0x2a/0x420
[  170.417128][ T7756]  ksys_write+0x19d/0x2d0
[  170.417158][ T7756]  ? __pfx_ksys_write+0x10/0x10
[  170.417191][ T7756]  ? do_syscall_64+0xb6/0x210
[  170.417215][ T7756]  do_syscall_64+0xf3/0x210
[  170.417235][ T7756]  ? clear_bhb_loop+0x45/0xa0
[  170.417259][ T7756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.417278][ T7756] RIP: 0033:0x7fdd45b8e169
[  170.417296][ T7756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.417311][ T7756] RSP: 002b:00007fdd46a22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  170.417333][ T7756] RAX: ffffffffffffffda RBX: 00007fdd45db5fa0 RCX: 00007fdd45b8e169
[  170.417347][ T7756] RDX: 00000000000005ac RSI: 00002000000000c0 RDI: 0000000000000003
[  170.417378][ T7756] RBP: 00007fdd46a22090 R08: 0000000000000000 R09: 0000000000000000
[  170.417390][ T7756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.417403][ T7756] R13: 0000000000000000 R14: 00007fdd45db5fa0 R15: 00007ffd4b4b8f68
[  170.417435][ T7756]  </TASK>
[  170.695273][ T7753] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  170.787324][ T7766] bridge0: port 1(hsr0) entered blocking state
[  170.797558][ T7766] bridge0: port 1(hsr0) entered disabled state
[  170.809781][ T7766] hsr0: entered allmulticast mode
[  170.815429][ T7766] hsr_slave_0: entered allmulticast mode
[  170.823407][ T7766] hsr_slave_1: entered allmulticast mode
[  170.931682][ T7766] bridge0: port 1(hsr0) entered blocking state
[  170.938861][ T7766] bridge0: port 1(hsr0) entered forwarding state
[  170.989844][ T7774] netlink: 'syz.3.606': attribute type 3 has an invalid length.
[  171.290240][ T7781] netlink: 'syz.2.610': attribute type 1 has an invalid length.
[  171.443060][ T7787] FAULT_INJECTION: forcing a failure.
[  171.443060][ T7787] name failslab, interval 1, probability 0, space 0, times 0
[  171.469533][ T7787] CPU: 1 UID: 0 PID: 7787 Comm: syz.1.613 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  171.469565][ T7787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  171.469577][ T7787] Call Trace:
[  171.469585][ T7787]  <TASK>
[  171.469593][ T7787]  dump_stack_lvl+0x241/0x360
[  171.469629][ T7787]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.469655][ T7787]  ? __pfx__printk+0x10/0x10
[  171.469693][ T7787]  should_fail_ex+0x424/0x570
[  171.469719][ T7787]  should_failslab+0xac/0x100
[  171.469740][ T7787]  __kmalloc_cache_noprof+0x73/0x370
[  171.469759][ T7787]  ? sctp_add_bind_addr+0x89/0x3a0
[  171.469784][ T7787]  sctp_add_bind_addr+0x89/0x3a0
[  171.469808][ T7787]  sctp_copy_local_addr_list+0x313/0x500
[  171.469831][ T7787]  ? sctp_copy_local_addr_list+0xad/0x500
[  171.469851][ T7787]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  171.469874][ T7787]  ? sctp_v6_is_any+0x60/0x70
[  171.469897][ T7787]  ? sctp_copy_one_addr+0x94/0x360
[  171.469921][ T7787]  sctp_bind_addr_copy+0xad/0x3b0
[  171.469941][ T7787]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  171.469974][ T7787]  sctp_connect_new_asoc+0x337/0x700
[  171.470004][ T7787]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  171.470030][ T7787]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  171.470059][ T7787]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  171.470082][ T7787]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  171.470104][ T7787]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  171.470132][ T7787]  __sctp_connect+0x6ab/0xe60
[  171.470167][ T7787]  ? __local_bh_enable_ip+0x168/0x200
[  171.470196][ T7787]  ? __pfx___sctp_connect+0x10/0x10
[  171.470218][ T7787]  ? sctp_inet_connect+0xa7/0x1f0
[  171.470239][ T7787]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  171.470266][ T7787]  ? do_raw_spin_unlock+0x13c/0x8b0
[  171.470298][ T7787]  sctp_inet_connect+0x149/0x1f0
[  171.470322][ T7787]  __sys_connect+0x28c/0x2d0
[  171.470342][ T7787]  ? __fget_files+0x2a/0x420
[  171.470367][ T7787]  ? __pfx___sys_connect+0x10/0x10
[  171.470410][ T7787]  __x64_sys_connect+0x7a/0x90
[  171.470430][ T7787]  do_syscall_64+0xf3/0x210
[  171.470450][ T7787]  ? clear_bhb_loop+0x45/0xa0
[  171.470472][ T7787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.470490][ T7787] RIP: 0033:0x7f35f4b8e169
[  171.470507][ T7787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.470522][ T7787] RSP: 002b:00007f35f59de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  171.470542][ T7787] RAX: ffffffffffffffda RBX: 00007f35f4db5fa0 RCX: 00007f35f4b8e169
[  171.470557][ T7787] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  171.470568][ T7787] RBP: 00007f35f59de090 R08: 0000000000000000 R09: 0000000000000000
[  171.470579][ T7787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  171.470598][ T7787] R13: 0000000000000000 R14: 00007f35f4db5fa0 R15: 00007fff6f8ce598
[  171.470629][ T7787]  </TASK>
[  171.857135][ T7788] 8021q: adding VLAN 0 to HW filter on device bond7
[  171.865919][ T7788] bond6: (slave bond7): making interface the new active one
[  171.874188][ T7788] bond6: (slave bond7): Enslaving as an active interface with an up link
[  171.886413][ T7792] netlink: 'syz.0.612': attribute type 1 has an invalid length.
[  171.912506][ T7796] netlink: 'syz.4.616': attribute type 23 has an invalid length.
[  172.006284][ T7792] 8021q: adding VLAN 0 to HW filter on device bond4
[  172.097841][ T7796] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  172.219768][ T7809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.617'.
[  172.244975][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.617'.
[  172.268816][ T7809] netlink: 'syz.2.617': attribute type 1 has an invalid length.
[  172.286690][ T7809] netlink: 10 bytes leftover after parsing attributes in process `syz.2.617'.
[  172.437464][ T7813] netlink: 8 bytes leftover after parsing attributes in process `syz.1.619'.
[  173.124044][ T7826] netlink: 28 bytes leftover after parsing attributes in process `syz.2.623'.
[  173.154481][ T7826] netlink: 28 bytes leftover after parsing attributes in process `syz.2.623'.
[  173.220196][ T7835] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  173.298500][ T7834] syzkaller1: entered promiscuous mode
[  173.304573][ T7834] syzkaller1: entered allmulticast mode
[  173.355140][ T7834] netlink: 20 bytes leftover after parsing attributes in process `syz.4.627'.
[  173.393145][ T7839] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  173.678640][ T7846] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  174.122351][ T7867] netlink: 'syz.2.636': attribute type 1 has an invalid length.
[  174.475000][ T7867] 8021q: adding VLAN 0 to HW filter on device bond8
[  174.507945][ T7869] __nla_validate_parse: 2 callbacks suppressed
[  174.507989][ T7869] netlink: 8 bytes leftover after parsing attributes in process `syz.4.638'.
[  174.622325][ T7888] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  174.840725][ T7895] netlink: 'syz.4.645': attribute type 8 has an invalid length.
[  175.741213][ T7920] netlink: 4 bytes leftover after parsing attributes in process `syz.3.651'.
[  175.768516][ T7920] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  175.822651][ T7920] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (1)
[  175.966558][ T7927] netlink: 'syz.1.652': attribute type 3 has an invalid length.
[  176.245915][ T7932] netlink: 8 bytes leftover after parsing attributes in process `syz.0.655'.
[  176.264101][ T5889] IPVS: starting estimator thread 0...
[  176.368564][ T7936] IPVS: using max 28 ests per chain, 67200 per kthread
[  176.382434][ T7942] netlink: 'syz.1.657': attribute type 1 has an invalid length.
[  176.830939][ T7933] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  176.995319][ T7942] 8021q: adding VLAN 0 to HW filter on device bond5
[  177.314348][ T7960] sctp: [Deprecated]: syz.3.661 (pid 7960) Use of struct sctp_assoc_value in delayed_ack socket option.
[  177.314348][ T7960] Use struct sctp_sack_info instead
[  177.435061][ T7961] vlan2: entered promiscuous mode
[  178.115400][ T7982] netlink: 20 bytes leftover after parsing attributes in process `syz.4.669'.
[  178.293662][ T7985] netlink: 'syz.1.670': attribute type 23 has an invalid length.
[  178.608267][ T7985] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  178.956886][ T8009] netlink: 'syz.3.676': attribute type 11 has an invalid length.
[  179.006794][ T8012] netlink: 'syz.1.679': attribute type 1 has an invalid length.
[  179.008584][ T8009] netlink: 'syz.3.676': attribute type 4 has an invalid length.
[  179.027914][ T8009] netlink: 224 bytes leftover after parsing attributes in process `syz.3.676'.
[  179.113808][ T8012] 8021q: adding VLAN 0 to HW filter on device bond6
[  179.405124][ T8026] netlink: 20 bytes leftover after parsing attributes in process `syz.0.680'.
[  179.471908][ T8028] netlink: 'syz.2.682': attribute type 21 has an invalid length.
[  179.545363][ T8033] netlink: 8 bytes leftover after parsing attributes in process `syz.3.683'.
[  179.904092][ T8038] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.685'.
[  180.153586][ T8048] netlink: 'syz.4.689': attribute type 23 has an invalid length.
[  180.188752][ T8046] vlan2: entered promiscuous mode
[  180.383343][ T8058] xt_recent: Unsupported userspace flags (00000048)
[  180.446316][ T8056] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  180.508652][ T8064] netlink: 96 bytes leftover after parsing attributes in process `syz.1.692'.
[  180.569828][ T8067] netlink: 14 bytes leftover after parsing attributes in process `syz.1.692'.
[  180.603910][ T8066] tun0: tun_chr_ioctl cmd 1074025673
[  180.667409][ T8072] netlink: 'syz.2.695': attribute type 1 has an invalid length.
[  180.687392][ T8070] tun0: tun_chr_ioctl cmd 1074025677
[  180.712927][ T8070] tun0: linktype set to 825
[  180.748532][ T8066] tun0: tun_chr_ioctl cmd 1074025677
[  180.754519][ T8066] tun0: linktype set to 825
[  180.850372][ T8077] netlink: 8 bytes leftover after parsing attributes in process `syz.4.696'.
[  180.851909][ T8074] bond9 (unregistering): Released all slaves
[  181.275012][ T8082] netlink: 8 bytes leftover after parsing attributes in process `syz.3.697'.
[  181.549062][ T8089] netlink: 'syz.0.698': attribute type 1 has an invalid length.
[  181.668741][ T8089] 8021q: adding VLAN 0 to HW filter on device bond5
[  182.109485][ T8106] netlink: 'syz.1.706': attribute type 23 has an invalid length.
[  182.190418][ T8108] netlink: 16 bytes leftover after parsing attributes in process `syz.2.705'.
[  182.218046][ T7496] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  182.455640][ T8111] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  183.087680][ T8122] netlink: 'syz.1.708': attribute type 39 has an invalid length.
[  183.137801][ T8123] FAULT_INJECTION: forcing a failure.
[  183.137801][ T8123] name failslab, interval 1, probability 0, space 0, times 0
[  183.207910][ T8123] CPU: 0 UID: 0 PID: 8123 Comm: syz.3.709 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  183.207947][ T8123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  183.207960][ T8123] Call Trace:
[  183.207968][ T8123]  <TASK>
[  183.207978][ T8123]  dump_stack_lvl+0x241/0x360
[  183.208026][ T8123]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.208056][ T8123]  ? __pfx__printk+0x10/0x10
[  183.208086][ T8123]  ? __lock_acquire+0xad5/0xd80
[  183.208123][ T8123]  should_fail_ex+0x424/0x570
[  183.208153][ T8123]  should_failslab+0xac/0x100
[  183.208176][ T8123]  kmem_cache_alloc_noprof+0x78/0x390
[  183.208196][ T8123]  ? skb_clone+0x20c/0x390
[  183.208220][ T8123]  ? ipv6_chk_mcast_addr+0x2e/0x860
[  183.208259][ T8123]  skb_clone+0x20c/0x390
[  183.208284][ T8123]  ? ip6_finish_output2+0x3d7/0x1750
[  183.208320][ T8123]  ip6_finish_output2+0x3eb/0x1750
[  183.208352][ T8123]  ? __lock_acquire+0xad5/0xd80
[  183.208395][ T8123]  ? __pfx_ip6_finish_output2+0x10/0x10
[  183.208430][ T8123]  ? ip6_mtu+0x81/0x3f0
[  183.208460][ T8123]  ? ip6_mtu+0x81/0x3f0
[  183.208492][ T8123]  ip6_finish_output+0x421/0x840
[  183.208528][ T8123]  ip6_send_skb+0x1b1/0x3b0
[  183.208558][ T8123]  ? ip6_send_skb+0xfd/0x3b0
[  183.208592][ T8123]  rawv6_push_pending_frames+0x7e8/0xa50
[  183.208624][ T8123]  ? ip6_append_data+0x25f/0x380
[  183.208654][ T8123]  ? __pfx_rawv6_push_pending_frames+0x10/0x10
[  183.208681][ T8123]  ? __pfx_raw6_getfrag+0x10/0x10
[  183.208708][ T8123]  rawv6_sendmsg+0x191c/0x23c0
[  183.208751][ T8123]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  183.208810][ T8123]  ? sock_rps_record_flow+0x1a/0x410
[  183.208842][ T8123]  ? inet_sendmsg+0x330/0x390
[  183.208872][ T8123]  __sock_sendmsg+0x1a6/0x270
[  183.208905][ T8123]  sock_write_iter+0x2d9/0x3f0
[  183.208937][ T8123]  ? __pfx_sock_write_iter+0x10/0x10
[  183.208978][ T8123]  ? bpf_lsm_file_permission+0x9/0x10
[  183.209017][ T8123]  vfs_write+0x70f/0xd10
[  183.209053][ T8123]  ? __pfx_sock_write_iter+0x10/0x10
[  183.209082][ T8123]  ? __pfx_vfs_write+0x10/0x10
[  183.209126][ T8123]  ? __fget_files+0x2a/0x420
[  183.209148][ T8123]  ? __fget_files+0x2a/0x420
[  183.209176][ T8123]  ksys_write+0x19d/0x2d0
[  183.209207][ T8123]  ? __pfx_ksys_write+0x10/0x10
[  183.209240][ T8123]  ? do_syscall_64+0xb6/0x210
[  183.209270][ T8123]  do_syscall_64+0xf3/0x210
[  183.209290][ T8123]  ? clear_bhb_loop+0x45/0xa0
[  183.209314][ T8123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.209334][ T8123] RIP: 0033:0x7f1e6f98e169
[  183.209357][ T8123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.209374][ T8123] RSP: 002b:00007f1e70753038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  183.209400][ T8123] RAX: ffffffffffffffda RBX: 00007f1e6fbb5fa0 RCX: 00007f1e6f98e169
[  183.209414][ T8123] RDX: 00000000000005ac RSI: 00002000000000c0 RDI: 0000000000000003
[  183.209427][ T8123] RBP: 00007f1e70753090 R08: 0000000000000000 R09: 0000000000000000
[  183.209439][ T8123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.209451][ T8123] R13: 0000000000000000 R14: 00007f1e6fbb5fa0 R15: 00007ffd262dbab8
[  183.209483][ T8123]  </TASK>
[  183.635489][ T8126] sch_fq: defrate 4 ignored.
[  184.219130][ T8134] FAULT_INJECTION: forcing a failure.
[  184.219130][ T8134] name failslab, interval 1, probability 0, space 0, times 0
[  184.233037][ T8134] CPU: 0 UID: 0 PID: 8134 Comm: syz.1.714 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  184.233069][ T8134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  184.233082][ T8134] Call Trace:
[  184.233090][ T8134]  <TASK>
[  184.233099][ T8134]  dump_stack_lvl+0x241/0x360
[  184.233136][ T8134]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.233164][ T8134]  ? __pfx__printk+0x10/0x10
[  184.233205][ T8134]  should_fail_ex+0x424/0x570
[  184.233234][ T8134]  should_failslab+0xac/0x100
[  184.233256][ T8134]  kmem_cache_alloc_noprof+0x78/0x390
[  184.233276][ T8134]  ? dst_alloc+0x12b/0x190
[  184.233298][ T8134]  ? fib_lookup+0x81/0x450
[  184.233321][ T8134]  dst_alloc+0x12b/0x190
[  184.233350][ T8134]  ip_route_input_rcu+0x22b3/0x3930
[  184.233394][ T8134]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  184.233417][ T8134]  ? lockdep_hardirqs_on+0x9d/0x150
[  184.233483][ T8134]  ? ip_route_input_noref+0xaf/0x250
[  184.233504][ T8134]  ip_route_input_noref+0x169/0x250
[  184.233530][ T8134]  ? __pfx_ip_route_input_noref+0x10/0x10
[  184.233571][ T8134]  ? ipt_do_table+0x314/0x1870
[  184.233603][ T8134]  ip_rcv_finish_core+0x5b4/0x1b60
[  184.233662][ T8134]  ip_rcv_finish+0x14a/0x560
[  184.233688][ T8134]  ? NF_HOOK+0x38c/0x450
[  184.233717][ T8134]  NF_HOOK+0x3a0/0x450
[  184.233747][ T8134]  ? __pfx_ip_rcv_finish+0x10/0x10
[  184.233773][ T8134]  ? NF_HOOK+0x9e/0x450
[  184.233799][ T8134]  ? __pfx_NF_HOOK+0x10/0x10
[  184.233823][ T8134]  ? ip_rcv_core+0x80c/0xd20
[  184.233852][ T8134]  ? __pfx_ip_rcv_finish+0x10/0x10
[  184.233888][ T8134]  ? __pfx_ip_rcv+0x10/0x10
[  184.233916][ T8134]  __netif_receive_skb+0x2c9/0x670
[  184.233952][ T8134]  ? __pfx___netif_receive_skb+0x10/0x10
[  184.234003][ T8134]  ? netif_receive_skb+0x133/0x890
[  184.234030][ T8134]  ? netif_receive_skb+0x133/0x890
[  184.234057][ T8134]  netif_receive_skb+0x1ea/0x890
[  184.234085][ T8134]  ? tun_rx_batched+0x14b/0x8d0
[  184.234106][ T8134]  ? __pfx_netif_receive_skb+0x10/0x10
[  184.234145][ T8134]  ? tun_rx_batched+0x14b/0x8d0
[  184.234165][ T8134]  tun_rx_batched+0x1a4/0x8d0
[  184.234190][ T8134]  ? __lock_acquire+0xad5/0xd80
[  184.234252][ T8134]  ? __pfx_tun_rx_batched+0x10/0x10
[  184.234291][ T8134]  ? tun_get_user+0x2a99/0x47c0
[  184.234311][ T8134]  ? tun_get_user+0x2a99/0x47c0
[  184.234333][ T8134]  tun_get_user+0x2fec/0x47c0
[  184.234357][ T8134]  ? tun_get_user+0x852/0x47c0
[  184.234406][ T8134]  ? aa_file_perm+0x139/0xf60
[  184.234435][ T8134]  ? aa_file_perm+0x3f1/0xf60
[  184.234462][ T8134]  ? __pfx_tun_get_user+0x10/0x10
[  184.234505][ T8134]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  184.234551][ T8134]  ? tun_get+0x1e/0x2f0
[  184.234573][ T8134]  ? tun_get+0x1e/0x2f0
[  184.234591][ T8134]  ? tun_get+0x27d/0x2f0
[  184.234614][ T8134]  tun_chr_write_iter+0x10d/0x1f0
[  184.234640][ T8134]  vfs_write+0x70f/0xd10
[  184.234677][ T8134]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  184.234701][ T8134]  ? __pfx_vfs_write+0x10/0x10
[  184.234733][ T8134]  ? __fget_files+0x2a/0x420
[  184.234756][ T8134]  ? __fget_files+0x2a/0x420
[  184.234786][ T8134]  ksys_write+0x19d/0x2d0
[  184.234818][ T8134]  ? __pfx_ksys_write+0x10/0x10
[  184.234854][ T8134]  ? do_syscall_64+0xb6/0x210
[  184.234879][ T8134]  do_syscall_64+0xf3/0x210
[  184.234901][ T8134]  ? clear_bhb_loop+0x45/0xa0
[  184.234925][ T8134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.234946][ T8134] RIP: 0033:0x7f35f4b8cc1f
[  184.234964][ T8134] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  184.234983][ T8134] RSP: 002b:00007f35f59de000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  184.235005][ T8134] RAX: ffffffffffffffda RBX: 00007f35f4db5fa0 RCX: 00007f35f4b8cc1f
[  184.235021][ T8134] RDX: 000000000000002a RSI: 00002000000005c0 RDI: 00000000000000c8
[  184.235034][ T8134] RBP: 00007f35f59de090 R08: 0000000000000000 R09: 0000000000000000
[  184.235048][ T8134] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[  184.235061][ T8134] R13: 0000000000000001 R14: 00007f35f4db5fa0 R15: 00007fff6f8ce598
[  184.235095][ T8134]  </TASK>
[  184.654131][ T8135] netlink: 'syz.0.713': attribute type 3 has an invalid length.
[  185.375615][ T8142] veth0_macvtap: entered allmulticast mode
[  185.432038][ T8142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.717'.
[  185.558417][ T8151] netlink: 28 bytes leftover after parsing attributes in process `syz.0.720'.
[  185.631911][ T8151] netlink: 24 bytes leftover after parsing attributes in process `syz.0.720'.
[  186.079873][ T8162] netlink: 'syz.0.723': attribute type 1 has an invalid length.
[  186.253364][ T8162] 8021q: adding VLAN 0 to HW filter on device bond6
[  186.555136][ T8175] netlink: 72 bytes leftover after parsing attributes in process `syz.1.728'.
[  186.584622][ T8175] netlink: 12 bytes leftover after parsing attributes in process `syz.1.728'.
[  186.613584][ T8175] netlink: 8 bytes leftover after parsing attributes in process `syz.1.728'.
[  188.002137][ T8208] Cannot find map_set index 0 as target
[  188.383082][ T8214] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  188.556136][ T8214] pim6reg: entered allmulticast mode
[  188.592692][ T8214] pim6reg: left allmulticast mode
[  188.950904][ T8222] netlink: 18 bytes leftover after parsing attributes in process `syz.3.744'.
[  189.303646][ T8224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.414582][ T8224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.539027][ T8224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  190.789876][ T8260] veth0: entered promiscuous mode
[  190.999010][ T8259] veth0: left promiscuous mode
[  191.192127][ T8271] netlink: 8 bytes leftover after parsing attributes in process `syz.0.761'.
[  191.235176][ T8276] netlink: 'syz.4.764': attribute type 23 has an invalid length.
[  191.460863][ T8280] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.504675][ T8285] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.538546][ T8280] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.568068][ T8276] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  191.627546][ T8280] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.658102][ T8285] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.744949][ T8285] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  192.074972][ T8300] 8021q: VLANs not supported on nlmon0
[  192.625612][ T8314] netlink: 52 bytes leftover after parsing attributes in process `syz.3.778'.
[  192.656546][ T8314] netlink: 14 bytes leftover after parsing attributes in process `syz.3.778'.
[  192.691475][ T8314] netlink: 52 bytes leftover after parsing attributes in process `syz.3.778'.
[  192.739534][ T8314] netlink: 14 bytes leftover after parsing attributes in process `syz.3.778'.
[  192.763795][ T8314] netlink: 52 bytes leftover after parsing attributes in process `syz.3.778'.
[  192.821789][ T8318] netlink: 4 bytes leftover after parsing attributes in process `syz.2.780'.
[  192.939486][ T8320] netlink: 8 bytes leftover after parsing attributes in process `syz.1.781'.
[  194.040504][ T8343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  194.150755][ T8343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  194.220071][ T8343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  194.383739][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  194.615829][ T8354] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  195.579335][ T8365] netlink: 12 bytes leftover after parsing attributes in process `syz.2.795'.
[  195.642524][ T8365] vlan2: entered promiscuous mode
[  196.056326][ T8377] syz.3.799 uses old SIOCAX25GETINFO
[  196.145956][ T8383] netlink: 8 bytes leftover after parsing attributes in process `syz.3.799'.
[  196.172227][   T30] audit: type=1800 audit(1745397529.781:4): pid=8382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.802" name="1" dev="tmpfs" ino=840 res=0 errno=0
[  196.306245][ T8386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.803'.
[  196.316410][ T8386] netlink: 14 bytes leftover after parsing attributes in process `syz.4.803'.
[  196.327011][ T8386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.803'.
[  196.351006][ T8386] netlink: 14 bytes leftover after parsing attributes in process `syz.4.803'.
[  196.393342][ T8388] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.409847][ T8386] netlink: 52 bytes leftover after parsing attributes in process `syz.4.803'.
[  196.481099][ T8391] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.563039][ T8388] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.622152][ T8394] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  197.065590][ T8399] netlink: 'syz.3.808': attribute type 1 has an invalid length.
[  197.169970][ T8399] 8021q: adding VLAN 0 to HW filter on device bond5
[  197.542299][ T8405] netlink: 4 bytes leftover after parsing attributes in process `syz.2.809'.
[  197.774857][ T8405] bond0: (slave bond_slave_0): Releasing backup interface
[  198.139545][ T8417] bond0: entered promiscuous mode
[  198.173144][ T8417] bond_slave_0: entered promiscuous mode
[  198.219894][ T8417] bond_slave_1: entered promiscuous mode
[  198.226436][ T8417] mac80211_hwsim hwsim4 wlan1: entered promiscuous mode
[  198.300191][ T8417] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  198.354185][ T8417] bond0: left promiscuous mode
[  198.367756][ T8417] bond_slave_0: left promiscuous mode
[  198.373989][ T8417] bond_slave_1: left promiscuous mode
[  198.390100][ T8417] mac80211_hwsim hwsim4 wlan1: left promiscuous mode
[  199.023785][ T8433] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  199.072301][ T8429] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.106732][ T8434] vlan2: entered promiscuous mode
[  199.173911][ T8436] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  199.190916][ T8429] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.263014][ T8432] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.634743][ T8443] netlink: 12 bytes leftover after parsing attributes in process `syz.2.824'.
[  199.681049][ T8443] vlan2: entered promiscuous mode
[  200.244936][ T8455] netlink: 'syz.4.829': attribute type 1 has an invalid length.
[  200.580831][ T8455] 8021q: adding VLAN 0 to HW filter on device bond5
[  200.650214][ T8469] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  201.518395][ T8477] syz.4.834: vmalloc error: size 33558528, failed to allocated page array size 65544, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  201.588094][ T8477] CPU: 1 UID: 0 PID: 8477 Comm: syz.4.834 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  201.588130][ T8477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  201.588142][ T8477] Call Trace:
[  201.588150][ T8477]  <TASK>
[  201.588158][ T8477]  dump_stack_lvl+0x241/0x360
[  201.588196][ T8477]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.588224][ T8477]  ? __pfx__printk+0x10/0x10
[  201.588250][ T8477]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  201.588274][ T8477]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  201.588296][ T8477]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  201.588320][ T8477]  warn_alloc+0x27c/0x410
[  201.588352][ T8477]  ? __pfx_warn_alloc+0x10/0x10
[  201.588384][ T8477]  ? xskq_create+0xb6/0x170
[  201.588412][ T8477]  ? __get_vm_area_node+0x1c8/0x2d0
[  201.588432][ T8477]  ? __get_vm_area_node+0x25c/0x2d0
[  201.588461][ T8477]  __vmalloc_node_range_noprof+0x634/0x1390
[  201.588517][ T8477]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  201.588547][ T8477]  ? __kasan_kmalloc+0x9d/0xb0
[  201.588581][ T8477]  vmalloc_user_noprof+0x74/0x80
[  201.588605][ T8477]  ? xskq_create+0xb6/0x170
[  201.588633][ T8477]  xskq_create+0xb6/0x170
[  201.588663][ T8477]  xsk_init_queue+0xa1/0x100
[  201.588695][ T8477]  xsk_setsockopt+0x4f9/0x840
[  201.588726][ T8477]  ? __pfx_xsk_setsockopt+0x10/0x10
[  201.588754][ T8477]  ? __pfx_aa_sk_perm+0x10/0x10
[  201.588784][ T8477]  ? __lock_acquire+0xad5/0xd80
[  201.588813][ T8477]  ? aa_sock_opt_perm+0x79/0x120
[  201.588845][ T8477]  ? __pfx_xsk_setsockopt+0x10/0x10
[  201.588870][ T8477]  do_sock_setsockopt+0x3b1/0x710
[  201.588900][ T8477]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  201.588920][ T8477]  ? __fget_files+0x2a/0x420
[  201.588941][ T8477]  ? __fget_files+0x39d/0x420
[  201.588958][ T8477]  ? __fget_files+0x2a/0x420
[  201.588986][ T8477]  __x64_sys_setsockopt+0x187/0x210
[  201.589027][ T8477]  do_syscall_64+0xf3/0x210
[  201.589046][ T8477]  ? clear_bhb_loop+0x45/0xa0
[  201.589068][ T8477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.589087][ T8477] RIP: 0033:0x7f986678e169
[  201.589103][ T8477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.589119][ T8477] RSP: 002b:00007f986767e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  201.589140][ T8477] RAX: ffffffffffffffda RBX: 00007f98669b6080 RCX: 00007f986678e169
[  201.589154][ T8477] RDX: 0000000000000002 RSI: 000000000000011b RDI: 000000000000000b
[  201.589166][ T8477] RBP: 00007f9866810a68 R08: 0000000000000004 R09: 0000000000000000
[  201.589177][ T8477] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[  201.589188][ T8477] R13: 0000000000000000 R14: 00007f98669b6080 R15: 00007ffd81fdf468
[  201.589217][ T8477]  </TASK>
[  201.589331][ T8477] Mem-Info:
[  201.928045][ T8477] active_anon:7662 inactive_anon:0 isolated_anon:0
[  201.928045][ T8477]  active_file:1670 inactive_file:38352 isolated_file:0
[  201.928045][ T8477]  unevictable:768 dirty:270 writeback:0
[  201.928045][ T8477]  slab_reclaimable:9919 slab_unreclaimable:108222
[  201.928045][ T8477]  mapped:28673 shmem:1400 pagetables:737
[  201.928045][ T8477]  sec_pagetables:0 bounce:0
[  201.928045][ T8477]  kernel_misc_reclaimable:0
[  201.928045][ T8477]  free:1331217 free_pcp:1277 free_cma:0
[  202.073606][ T8477] Node 0 active_anon:31272kB inactive_anon:0kB active_file:6680kB inactive_file:153340kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114668kB dirty:1080kB writeback:0kB shmem:4064kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11760kB pagetables:3024kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  202.167843][ T8477] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  202.247742][ T8477] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  202.298001][ T8477] lowmem_reserve[]: 0 2487 2487 2487 2487
[  202.307785][ T8477] Node 0 DMA32 free:1401092kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:32164kB inactive_anon:0kB active_file:6680kB inactive_file:153248kB unevictable:1536kB writepending:1080kB present:3129332kB managed:2547444kB mlocked:0kB bounce:0kB free_pcp:1604kB local_pcp:964kB free_cma:0kB
[  202.370935][ T8487] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  202.387801][ T8477] lowmem_reserve[]: 0 0 0 0 0
[  202.393052][ T8477] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  202.460213][ T8477] lowmem_reserve[]: 0 0 0 0 0
[  202.462990][ T8487] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  202.465442][ T8477] Node 1 Normal free:3909836kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  202.545418][ T8488] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  202.577783][ T8477] lowmem_reserve[]: 0 0 0 0 0
[  202.587905][ T8477] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  202.623055][ T8477] Node 0 DMA32: 10*4kB (UM) 542*8kB (UME) 38*16kB (UME) 540*32kB (UE) 270*64kB (UME) 21*128kB (UME) 0*256kB 1*512kB (M) 6*1024kB (UM) 3*2048kB (UM) 328*4096kB (ME) = 1398520kB
[  202.667852][ T8477] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  202.708013][ T8477] Node 1 Normal: 251*4kB (UME) 62*8kB (UME) 43*16kB (UME) 214*32kB (UME) 80*64kB (UME) 33*128kB (UME) 17*256kB (UME) 10*512kB (UME) 7*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3909836kB
[  202.766814][ T8477] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  202.793519][ T8477] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  202.819685][ T8477] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  202.845925][ T8477] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  202.872557][ T8477] 41424 total pagecache pages
[  202.885643][ T8477] 0 pages in swap cache
[  202.897445][ T8477] Free swap  = 124996kB
[  202.915760][ T8477] Total swap = 124996kB
[  202.936368][ T8477] 2097051 pages RAM
[  202.955095][ T8477] 0 pages HighMem/MovableOnly
[  202.974989][ T8477] 428532 pages reserved
[  202.986383][ T8477] 0 pages cma reserved
[  203.563327][ T8498] netlink: 72 bytes leftover after parsing attributes in process `syz.2.841'.
[  203.855754][ T8502] netlink: 20 bytes leftover after parsing attributes in process `syz.2.843'.
[  204.040475][ T8507] netlink: 'syz.4.845': attribute type 1 has an invalid length.
[  204.202692][ T8511] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  204.274026][ T8507] 8021q: adding VLAN 0 to HW filter on device bond6
[  204.602956][ T8520] netlink: 'syz.1.848': attribute type 23 has an invalid length.
[  204.753250][ T8527] geneve2: entered promiscuous mode
[  205.118332][ T8533] netlink: 100 bytes leftover after parsing attributes in process `syz.1.853'.
[  205.161316][ T8532] bond0: entered promiscuous mode
[  205.172222][ T8532] bond_slave_0: entered promiscuous mode
[  205.181641][ T8532] bond_slave_1: entered promiscuous mode
[  205.202400][ T8535] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.214029][ T8532] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  205.233273][ T8532] bond0: left promiscuous mode
[  205.241074][ T8532] bond_slave_0: left promiscuous mode
[  205.247323][ T8532] bond_slave_1: left promiscuous mode
[  205.293536][ T8535] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.446279][ T8534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.593176][ T8541] netlink: 12 bytes leftover after parsing attributes in process `syz.4.857'.
[  205.632751][ T8541] vlan2: entered promiscuous mode
[  205.846189][ T8545] netlink: 'syz.1.859': attribute type 1 has an invalid length.
[  205.979644][ T8549] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  206.127847][ T8550] 8021q: adding VLAN 0 to HW filter on device bond8
[  206.139885][ T8550] bond7: (slave bond8): making interface the new active one
[  206.148780][ T8550] bond7: (slave bond8): Enslaving as an active interface with an up link
[  206.465683][ T8558] netlink: 'syz.3.863': attribute type 23 has an invalid length.
[  206.505165][ T8561] sctp: [Deprecated]: syz.1.864 (pid 8561) Use of int in max_burst socket option.
[  206.505165][ T8561] Use struct sctp_assoc_value instead
[  206.680887][ T8563] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  206.827489][ T8568] netlink: 100 bytes leftover after parsing attributes in process `syz.2.866'.
[  207.385672][ T8583] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  207.468433][ T8587] netlink: 8 bytes leftover after parsing attributes in process `syz.4.874'.
[  207.491870][ T8583] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  207.632629][ T8583] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  207.908281][ T8598] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  208.013839][ T8602] netlink: 'syz.4.879': attribute type 23 has an invalid length.
[  208.221906][ T8602] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.541462][ T8613] netlink: 8 bytes leftover after parsing attributes in process `syz.1.884'.
[  208.665607][ T8616] bond0: entered promiscuous mode
[  208.681616][ T8616] bond_slave_0: entered promiscuous mode
[  208.720323][ T8616] bond_slave_1: entered promiscuous mode
[  208.776004][ T8616] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  208.817411][ T8616] bond0: left promiscuous mode
[  208.833680][ T8616] bond_slave_0: left promiscuous mode
[  208.841674][ T8616] bond_slave_1: left promiscuous mode
[  209.269359][ T8629] netlink: 'syz.4.888': attribute type 1 has an invalid length.
[  209.298718][ T8630] netlink: 12 bytes leftover after parsing attributes in process `syz.2.890'.
[  209.355254][ T8629] 8021q: adding VLAN 0 to HW filter on device bond7
[  209.406549][ T8635] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  209.434393][ T8630] vlan2: entered promiscuous mode
[  210.087013][ T8649] netlink: 52 bytes leftover after parsing attributes in process `syz.3.896'.
[  210.120219][ T8646] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  210.219080][ T8650] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  210.357943][ T8646] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  211.297510][ T8671] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  211.512288][ T8675] FAULT_INJECTION: forcing a failure.
[  211.512288][ T8675] name failslab, interval 1, probability 0, space 0, times 0
[  211.548973][ T8675] CPU: 0 UID: 0 PID: 8675 Comm: syz.4.906 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  211.549012][ T8675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  211.549024][ T8675] Call Trace:
[  211.549032][ T8675]  <TASK>
[  211.549040][ T8675]  dump_stack_lvl+0x241/0x360
[  211.549075][ T8675]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.549102][ T8675]  ? __pfx__printk+0x10/0x10
[  211.549140][ T8675]  should_fail_ex+0x424/0x570
[  211.549168][ T8675]  should_failslab+0xac/0x100
[  211.549189][ T8675]  __kmalloc_cache_noprof+0x73/0x370
[  211.549208][ T8675]  ? sctp_add_bind_addr+0x89/0x3a0
[  211.549233][ T8675]  sctp_add_bind_addr+0x89/0x3a0
[  211.549258][ T8675]  sctp_copy_local_addr_list+0x313/0x500
[  211.549281][ T8675]  ? sctp_copy_local_addr_list+0xad/0x500
[  211.549303][ T8675]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  211.549326][ T8675]  ? sctp_v6_is_any+0x60/0x70
[  211.549350][ T8675]  ? sctp_copy_one_addr+0x94/0x360
[  211.549373][ T8675]  sctp_bind_addr_copy+0xad/0x3b0
[  211.549395][ T8675]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  211.549427][ T8675]  sctp_connect_new_asoc+0x337/0x700
[  211.549462][ T8675]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  211.549488][ T8675]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  211.549542][ T8675]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  211.549567][ T8675]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  211.549591][ T8675]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  211.549621][ T8675]  __sctp_connect+0x6ab/0xe60
[  211.549658][ T8675]  ? __local_bh_enable_ip+0x168/0x200
[  211.549689][ T8675]  ? __pfx___sctp_connect+0x10/0x10
[  211.549714][ T8675]  ? sctp_inet_connect+0xa7/0x1f0
[  211.549736][ T8675]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  211.549765][ T8675]  ? do_raw_spin_unlock+0x13c/0x8b0
[  211.549804][ T8675]  sctp_inet_connect+0x149/0x1f0
[  211.549832][ T8675]  __sys_connect+0x28c/0x2d0
[  211.549853][ T8675]  ? __fget_files+0x2a/0x420
[  211.549871][ T8675]  ? __pfx___sys_connect+0x10/0x10
[  211.549917][ T8675]  __x64_sys_connect+0x7a/0x90
[  211.549939][ T8675]  do_syscall_64+0xf3/0x210
[  211.549959][ T8675]  ? clear_bhb_loop+0x45/0xa0
[  211.549984][ T8675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.550004][ T8675] RIP: 0033:0x7f986678e169
[  211.550022][ T8675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.550040][ T8675] RSP: 002b:00007f986769f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  211.550063][ T8675] RAX: ffffffffffffffda RBX: 00007f98669b5fa0 RCX: 00007f986678e169
[  211.550078][ T8675] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  211.550091][ T8675] RBP: 00007f986769f090 R08: 0000000000000000 R09: 0000000000000000
[  211.550104][ T8675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  211.550116][ T8675] R13: 0000000000000000 R14: 00007f98669b5fa0 R15: 00007ffd81fdf468
[  211.550148][ T8675]  </TASK>
[  211.928544][ T5150] Bluetooth: hci3: command 0x0406 tx timeout
[  211.934756][ T5150] Bluetooth: hci2: command 0x0406 tx timeout
[  211.940825][ T5150] Bluetooth: hci1: command 0x0406 tx timeout
[  212.084847][ T8682] netlink: 52 bytes leftover after parsing attributes in process `syz.1.910'.
[  212.097490][ T8684] netlink: 'syz.4.909': attribute type 1 has an invalid length.
[  212.351494][ T8684] 8021q: adding VLAN 0 to HW filter on device bond8
[  212.632506][ T8703] netlink: 'syz.2.916': attribute type 1 has an invalid length.
[  212.692927][ T8704] netlink: 28 bytes leftover after parsing attributes in process `syz.2.916'.
[  212.852625][ T8700] bond0: entered promiscuous mode
[  212.880554][ T8700] bond_slave_0: entered promiscuous mode
[  212.887134][ T8700] bond_slave_1: entered promiscuous mode
[  212.924912][ T8700] mac80211_hwsim hwsim4 wlan1: entered promiscuous mode
[  212.946329][ T8700] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  212.974588][ T8700] bond0: left promiscuous mode
[  213.003293][ T8700] bond_slave_0: left promiscuous mode
[  213.036985][ T8700] bond_slave_1: left promiscuous mode
[  213.051501][ T8700] mac80211_hwsim hwsim4 wlan1: left promiscuous mode
[  213.228253][ T8713] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  213.306981][ T8709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  213.373633][ T8718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.921'.
[  213.418744][ T8709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  213.519978][ T8720] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  213.642503][ T8723] netlink: 52 bytes leftover after parsing attributes in process `syz.2.923'.
[  214.228590][ T8737] netlink: 'syz.1.928': attribute type 1 has an invalid length.
[  214.428918][ T8737] 8021q: adding VLAN 0 to HW filter on device bond9
[  214.502915][ T8744] netlink: 28 bytes leftover after parsing attributes in process `syz.2.931'.
[  214.600860][ T8744] netlink: 28 bytes leftover after parsing attributes in process `syz.2.931'.
[  214.624272][ T8744] bridge0: entered promiscuous mode
[  214.632090][ T8744] batadv_slave_1: entered promiscuous mode
[  214.640049][ T8744] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  214.648654][ T8744] Cannot create hsr debugfs directory
[  214.654763][ T8744] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  214.688671][ T8749] tipc: New replicast peer: 255.255.255.255
[  214.777978][ T8749] tipc: Enabled bearer <udp:syz2>, priority 10
[  214.832513][ T8758] x_tables: duplicate underflow at hook 3
[  214.890336][ T8752] netlink: 12 bytes leftover after parsing attributes in process `syz.4.932'.
[  214.913461][ T8752] tipc: Disabling bearer <udp:syz2>
[  214.949994][ T8760] netlink: 5 bytes leftover after parsing attributes in process `syz.4.932'.
[  215.016304][ T8763] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  215.201740][ T8749] vxcan3: entered allmulticast mode
[  215.680323][ T8775] netlink: 'syz.2.938': attribute type 1 has an invalid length.
[  215.764500][ T8778] netlink: 'syz.3.939': attribute type 3 has an invalid length.
[  216.011028][ T8775] 8021q: adding VLAN 0 to HW filter on device bond11
[  216.570718][ T8797] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  216.705277][ T8797] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  216.816526][ T8808] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  216.819389][ T8806] netlink: 'syz.3.946': attribute type 1 has an invalid length.
[  217.193093][ T8806] 8021q: adding VLAN 0 to HW filter on device bond6
[  217.882037][ T8830] xt_socket: unknown flags 0x8
[  217.944913][ T8832] netlink: 'syz.1.954': attribute type 23 has an invalid length.
[  218.119117][ T8837] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  218.249117][ T8835] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  218.757996][ T8853] netlink: 100 bytes leftover after parsing attributes in process `syz.0.960'.
[  218.973668][ T8859] netlink: 'syz.1.964': attribute type 1 has an invalid length.
[  219.303611][ T8859] 8021q: adding VLAN 0 to HW filter on device bond10
[  219.472760][ T8868] netlink: 16 bytes leftover after parsing attributes in process `syz.3.967'.
[  219.684447][ T8872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  219.716039][ T8879] netlink: 'syz.4.969': attribute type 23 has an invalid length.
[  220.094250][ T8882] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  220.169978][ T8888] bond0: entered promiscuous mode
[  220.182516][ T8888] bond_slave_1: entered promiscuous mode
[  220.193064][ T8888] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  220.209120][ T8888] bond0: left promiscuous mode
[  220.216718][ T8888] bond_slave_1: left promiscuous mode
[  220.479292][ T8899] netlink: 'syz.1.975': attribute type 1 has an invalid length.
[  220.568159][ T8903] netlink: 16 bytes leftover after parsing attributes in process `syz.1.975'.
[  220.570419][ T8905] netlink: 100 bytes leftover after parsing attributes in process `syz.4.977'.
[  220.767809][ T8909] netlink: 8 bytes leftover after parsing attributes in process `syz.4.979'.
[  221.624579][ T8934] netlink: 'syz.1.987': attribute type 23 has an invalid length.
[  221.641130][ T8936] netlink: 52 bytes leftover after parsing attributes in process `syz.4.988'.
[  221.703867][ T8939] netlink: 100 bytes leftover after parsing attributes in process `syz.3.989'.
[  221.800102][ T8940] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  222.537404][ T8958] netlink: 'syz.1.993': attribute type 1 has an invalid length.
[  222.752306][ T8958] 8021q: adding VLAN 0 to HW filter on device bond12
[  223.175190][ T8979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.996'.
[  223.891586][ T8995] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1002'.
[  223.908955][ T8995] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1002'.
[  224.431954][ T9007] netlink: 'syz.1.1006': attribute type 1 has an invalid length.
[  224.696451][ T9007] 8021q: adding VLAN 0 to HW filter on device bond13
[  225.527897][ T9033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.587521][ T9035] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.642241][ T9027] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.683250][ T9035] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.814954][ T9027] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.816936][ T9040] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  226.256535][ T9042] netlink: 'syz.1.1017': attribute type 23 has an invalid length.
[  226.314494][ T9046] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1019'.
[  226.342599][ T9044] netlink: 'syz.3.1018': attribute type 23 has an invalid length.
[  226.445202][ T9042] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  226.545172][ T9044] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  226.632096][ T9052] netlink: 'syz.2.1021': attribute type 4 has an invalid length.
[  226.675283][ T9054] netlink: 'syz.2.1021': attribute type 4 has an invalid length.
[  227.125911][ T9066] veth0_macvtap: entered allmulticast mode
[  227.219555][ T9068] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  227.692256][ T9081] netlink: 'syz.2.1032': attribute type 23 has an invalid length.
[  227.786070][ T9081] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.200611][ T9092] FAULT_INJECTION: forcing a failure.
[  228.200611][ T9092] name failslab, interval 1, probability 0, space 0, times 0
[  228.259109][ T9092] CPU: 1 UID: 0 PID: 9092 Comm: syz.4.1036 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  228.259148][ T9092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  228.259161][ T9092] Call Trace:
[  228.259170][ T9092]  <TASK>
[  228.259179][ T9092]  dump_stack_lvl+0x241/0x360
[  228.259218][ T9092]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.259257][ T9092]  ? __pfx__printk+0x10/0x10
[  228.259302][ T9092]  should_fail_ex+0x424/0x570
[  228.259332][ T9092]  should_failslab+0xac/0x100
[  228.259354][ T9092]  __kmalloc_cache_noprof+0x73/0x370
[  228.259373][ T9092]  ? sctp_add_bind_addr+0x89/0x3a0
[  228.259400][ T9092]  sctp_add_bind_addr+0x89/0x3a0
[  228.259428][ T9092]  sctp_copy_local_addr_list+0x313/0x500
[  228.259453][ T9092]  ? sctp_copy_local_addr_list+0xad/0x500
[  228.259476][ T9092]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  228.259502][ T9092]  ? sctp_v6_is_any+0x60/0x70
[  228.259528][ T9092]  ? sctp_copy_one_addr+0x94/0x360
[  228.259554][ T9092]  sctp_bind_addr_copy+0xad/0x3b0
[  228.259578][ T9092]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  228.259614][ T9092]  sctp_connect_new_asoc+0x337/0x700
[  228.259647][ T9092]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  228.259676][ T9092]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  228.259709][ T9092]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  228.259733][ T9092]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  228.259759][ T9092]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  228.259790][ T9092]  __sctp_connect+0x6ab/0xe60
[  228.259830][ T9092]  ? __local_bh_enable_ip+0x168/0x200
[  228.259862][ T9092]  ? __pfx___sctp_connect+0x10/0x10
[  228.259886][ T9092]  ? sctp_inet_connect+0xa7/0x1f0
[  228.259921][ T9092]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  228.259950][ T9092]  ? do_raw_spin_unlock+0x13c/0x8b0
[  228.259984][ T9092]  sctp_inet_connect+0x149/0x1f0
[  228.260011][ T9092]  __sys_connect+0x28c/0x2d0
[  228.260032][ T9092]  ? __fget_files+0x2a/0x420
[  228.260050][ T9092]  ? __pfx___sys_connect+0x10/0x10
[  228.260096][ T9092]  __x64_sys_connect+0x7a/0x90
[  228.260118][ T9092]  do_syscall_64+0xf3/0x210
[  228.260139][ T9092]  ? clear_bhb_loop+0x45/0xa0
[  228.260163][ T9092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.260183][ T9092] RIP: 0033:0x7f986678e169
[  228.260202][ T9092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.260219][ T9092] RSP: 002b:00007f986769f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  228.260243][ T9092] RAX: ffffffffffffffda RBX: 00007f98669b5fa0 RCX: 00007f986678e169
[  228.260264][ T9092] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  228.260278][ T9092] RBP: 00007f986769f090 R08: 0000000000000000 R09: 0000000000000000
[  228.260291][ T9092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  228.260303][ T9092] R13: 0000000000000000 R14: 00007f98669b5fa0 R15: 00007ffd81fdf468
[  228.260336][ T9092]  </TASK>
[  229.318385][ T9109] netlink: 'syz.3.1042': attribute type 1 has an invalid length.
[  229.468397][ T9114] netlink: 'syz.1.1045': attribute type 23 has an invalid length.
[  229.479499][ T9121] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1047'.
[  229.630722][ T9109] 8021q: adding VLAN 0 to HW filter on device bond7
[  229.842442][ T9127] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  230.955649][ T9153] netlink: 'syz.0.1058': attribute type 8 has an invalid length.
[  231.224998][ T9164] netlink: 'syz.0.1063': attribute type 23 has an invalid length.
[  231.433514][ T9164] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  231.700714][ T9177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1066'.
[  231.795341][ T9177] vlan2: entered promiscuous mode
[  232.372242][ T9193] netlink: 'syz.0.1071': attribute type 1 has an invalid length.
[  232.409979][ T9187] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1070'.
[  232.903064][ T9193] 8021q: adding VLAN 0 to HW filter on device bond7
[  232.975141][ T9214] netlink: 'syz.2.1077': attribute type 23 has an invalid length.
[  233.276511][ T9218] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  234.513541][ T9247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.620074][ T9247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.631948][ T9251] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  234.722003][ T9253] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.990646][ T9263] netlink: 'syz.0.1093': attribute type 23 has an invalid length.
[  235.050153][ T9265] netlink: 'syz.2.1092': attribute type 1 has an invalid length.
[  235.125631][ T9265] 8021q: adding VLAN 0 to HW filter on device bond12
[  235.212133][ T9263] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  235.899958][ T9278] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1098'.
[  235.991040][ T9278] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1098'.
[  236.409371][ T9297] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  236.446663][ T9299] FAULT_INJECTION: forcing a failure.
[  236.446663][ T9299] name failslab, interval 1, probability 0, space 0, times 0
[  236.517053][ T9302] netlink: 'syz.1.1105': attribute type 23 has an invalid length.
[  236.554783][ T9299] CPU: 1 UID: 0 PID: 9299 Comm: syz.3.1104 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  236.554821][ T9299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  236.554835][ T9299] Call Trace:
[  236.554844][ T9299]  <TASK>
[  236.554853][ T9299]  dump_stack_lvl+0x241/0x360
[  236.554894][ T9299]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.554925][ T9299]  ? __pfx__printk+0x10/0x10
[  236.554967][ T9299]  should_fail_ex+0x424/0x570
[  236.555015][ T9299]  should_failslab+0xac/0x100
[  236.555040][ T9299]  __kmalloc_cache_noprof+0x73/0x370
[  236.555060][ T9299]  ? sctp_add_bind_addr+0x89/0x3a0
[  236.555088][ T9299]  sctp_add_bind_addr+0x89/0x3a0
[  236.555117][ T9299]  sctp_copy_local_addr_list+0x313/0x500
[  236.555150][ T9299]  ? sctp_copy_local_addr_list+0xad/0x500
[  236.555174][ T9299]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  236.555200][ T9299]  ? sctp_v6_is_any+0x60/0x70
[  236.555226][ T9299]  ? sctp_copy_one_addr+0x94/0x360
[  236.555254][ T9299]  sctp_bind_addr_copy+0xad/0x3b0
[  236.555277][ T9299]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  236.555313][ T9299]  sctp_connect_new_asoc+0x337/0x700
[  236.555345][ T9299]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  236.555374][ T9299]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  236.555407][ T9299]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  236.555433][ T9299]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  236.555459][ T9299]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  236.555491][ T9299]  __sctp_connect+0x6ab/0xe60
[  236.555530][ T9299]  ? __local_bh_enable_ip+0x168/0x200
[  236.555561][ T9299]  ? __pfx___sctp_connect+0x10/0x10
[  236.555586][ T9299]  ? sctp_inet_connect+0xa7/0x1f0
[  236.555609][ T9299]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  236.555640][ T9299]  ? do_raw_spin_unlock+0x13c/0x8b0
[  236.555675][ T9299]  sctp_inet_connect+0x149/0x1f0
[  236.555703][ T9299]  __sys_connect+0x28c/0x2d0
[  236.555725][ T9299]  ? __fget_files+0x2a/0x420
[  236.555744][ T9299]  ? __pfx___sys_connect+0x10/0x10
[  236.555792][ T9299]  __x64_sys_connect+0x7a/0x90
[  236.555816][ T9299]  do_syscall_64+0xf3/0x210
[  236.555837][ T9299]  ? clear_bhb_loop+0x45/0xa0
[  236.555863][ T9299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.555884][ T9299] RIP: 0033:0x7f1e6f98e169
[  236.555902][ T9299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.555921][ T9299] RSP: 002b:00007f1e70753038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  236.555944][ T9299] RAX: ffffffffffffffda RBX: 00007f1e6fbb5fa0 RCX: 00007f1e6f98e169
[  236.555960][ T9299] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  236.555974][ T9299] RBP: 00007f1e70753090 R08: 0000000000000000 R09: 0000000000000000
[  236.555988][ T9299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  236.556000][ T9299] R13: 0000000000000000 R14: 00007f1e6fbb5fa0 R15: 00007ffd262dbab8
[  236.556035][ T9299]  </TASK>
[  236.966571][ T9302] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.114736][ T9304] bond0: entered promiscuous mode
[  237.135025][ T9304] bond_slave_1: entered promiscuous mode
[  237.152239][ T9304] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  237.216206][ T9304] bond0: left promiscuous mode
[  237.235707][ T9304] bond_slave_1: left promiscuous mode
[  237.381763][ T9308] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.462072][ T9316] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.564728][ T9308] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.579017][ T9319] netlink: 'syz.1.1111': attribute type 1 has an invalid length.
[  237.814068][ T9325] batman_adv: batadv0: Adding interface: ip6gretap1
[  237.898309][ T9325] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  237.980218][ T9333] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1115'.
[  238.006060][ T9325] batman_adv: batadv0: Interface activated: ip6gretap1
[  238.223480][ T9341] netlink: 'syz.2.1118': attribute type 23 has an invalid length.
[  238.575667][ T9341] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  239.130662][ T9358] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1124'.
[  239.304650][ T9364] netlink: 'syz.0.1125': attribute type 1 has an invalid length.
[  239.595986][ T9372] netlink: 'syz.2.1126': attribute type 1 has an invalid length.
[  239.618151][ T9364] 8021q: adding VLAN 0 to HW filter on device bond8
[  239.993588][ T9372] 8021q: adding VLAN 0 to HW filter on device bond13
[  240.194958][ T9384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1129'.
[  240.357401][ T9387] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1130'.
[  240.377308][ T9387] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1130'.
[  240.594398][ T9387] bridge0: entered promiscuous mode
[  240.604299][ T9387] batadv_slave_1: entered promiscuous mode
[  240.612871][ T9387] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  240.622939][ T9387] Cannot create hsr debugfs directory
[  240.631580][ T9387] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[  241.008596][ T5923] 
[  241.010991][ T5923] ============================================
[  241.017160][ T5923] WARNING: possible recursive locking detected
[  241.023334][ T5923] 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 Not tainted
[  241.030457][ T5923] --------------------------------------------
[  241.036632][ T5923] kworker/0:5/5923 is trying to acquire lock:
[  241.042804][ T5923] ffff88805d252f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x18a/0x210
[  241.051904][ T5923] 
[  241.051904][ T5923] but task is already holding lock:
[  241.059352][ T5923] ffff888059d18f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x18a/0x210
[  241.068457][ T5923] 
[  241.068457][ T5923] other info that might help us debug this:
[  241.076536][ T5923]  Possible unsafe locking scenario:
[  241.076536][ T5923] 
[  241.084008][ T5923]        CPU0
[  241.087309][ T5923]        ----
[  241.090606][ T5923]   lock(&hsr->seqnr_lock);
[  241.095151][ T5923]   lock(&hsr->seqnr_lock);
[  241.099698][ T5923] 
[  241.099698][ T5923]  *** DEADLOCK ***
[  241.099698][ T5923] 
[  241.107955][ T5923]  May be due to missing lock nesting notation
[  241.107955][ T5923] 
[  241.116296][ T5923] 11 locks held by kworker/0:5/5923:
[  241.121593][ T5923]  #0: ffff888030599148 ((wq_completion)mld){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0
[  241.132371][ T5923]  #1: ffffc9000440fc60 ((work_completion)(&(&idev->mc_ifc_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0
[  241.145548][ T5923]  #2: ffff88805a350538 (&idev->mc_lock){+.+.}-{4:4}, at: mld_ifc_work+0x2d/0xd90
[  241.154805][ T5923]  #3: ffffffff8ed3df20 (rcu_read_lock){....}-{1:3}, at: mld_sendpack+0x1ea/0xdc0
[  241.164059][ T5923]  #4: ffffffff8ed3df20 (rcu_read_lock){....}-{1:3}, at: ip6_finish_output2+0x701/0x1750
[  241.173945][ T5923]  #5: ffffffff8ed3df80 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f9/0x3f60
[  241.183894][ T5923]  #6: ffff888059d18f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x18a/0x210
[  241.193405][ T5923]  #7: ffffffff8ed3df20 (rcu_read_lock){....}-{1:3}, at: hsr_forward_skb+0xb8/0x2d20
[  241.202928][ T5923]  #8: ffffffff8ed3df80 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f9/0x3f60
[  241.212888][ T5923]  #9: ffffffff8ed3df20 (rcu_read_lock){....}-{1:3}, at: br_dev_xmit+0x220/0x1c00
[  241.222149][ T5923]  #10: ffffffff8ed3df80 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f9/0x3f60
[  241.232170][ T5923] 
[  241.232170][ T5923] stack backtrace:
[  241.238060][ T5923] CPU: 0 UID: 0 PID: 5923 Comm: kworker/0:5 Not tainted 6.15.0-rc2-syzkaller-00657-g0e0a7e3719bc #0 PREEMPT(full) 
[  241.238083][ T5923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  241.238096][ T5923] Workqueue: mld mld_ifc_work
[  241.238119][ T5923] Call Trace:
[  241.238127][ T5923]  <TASK>
[  241.238136][ T5923]  dump_stack_lvl+0x241/0x360
[  241.238161][ T5923]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.238182][ T5923]  ? __pfx__printk+0x10/0x10
[  241.238206][ T5923]  ? print_lock+0x171/0x1a0
[  241.238230][ T5923]  print_deadlock_bug+0x2be/0x2d0
[  241.238248][ T5923]  validate_chain+0x928/0x24e0
[  241.238264][ T5923]  ? __lock_acquire+0xad5/0xd80
[  241.238293][ T5923]  __lock_acquire+0xad5/0xd80
[  241.238319][ T5923]  lock_acquire+0x116/0x2f0
[  241.238338][ T5923]  ? hsr_dev_xmit+0x18a/0x210
[  241.238363][ T5923]  ? hsr_dev_xmit+0x18a/0x210
[  241.238382][ T5923]  _raw_spin_lock_bh+0x35/0x50
[  241.238403][ T5923]  ? hsr_dev_xmit+0x18a/0x210
[  241.238424][ T5923]  hsr_dev_xmit+0x18a/0x210
[  241.238462][ T5923]  dev_hard_start_xmit+0x2d9/0x830
[  241.238490][ T5923]  __dev_queue_xmit+0x1b80/0x3f60
[  241.238516][ T5923]  ? __dev_queue_xmit+0x2f9/0x3f60
[  241.238539][ T5923]  ? __pfx___dev_queue_xmit+0x10/0x10
[  241.238558][ T5923]  ? __local_bh_enable_ip+0x168/0x200
[  241.238584][ T5923]  ? lockdep_hardirqs_on+0x9d/0x150
[  241.238609][ T5923]  ? __local_bh_enable_ip+0x168/0x200
[  241.238634][ T5923]  ? ebt_do_table+0x2858/0x2a60
[  241.238666][ T5923]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  241.238694][ T5923]  ? ebt_do_table+0x2858/0x2a60
[  241.238720][ T5923]  ? ebt_do_table+0x2858/0x2a60
[  241.238749][ T5923]  ? lockdep_hardirqs_on+0x9d/0x150
[  241.238774][ T5923]  ? __local_bh_enable_ip+0x168/0x200
[  241.238800][ T5923]  ? skb_push+0x97/0x100
[  241.238823][ T5923]  br_dev_queue_push_xmit+0x771/0x950
[  241.238843][ T5923]  ? br_nf_post_routing+0x1ef/0xe80
[  241.238869][ T5923]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  241.238889][ T5923]  ? NF_HOOK+0xa1/0x460
[  241.238909][ T5923]  NF_HOOK+0x3ac/0x460
[  241.238930][ T5923]  ? NF_HOOK+0xa1/0x460
[  241.238946][ T5923]  ? __pfx_NF_HOOK+0x10/0x10
[  241.238968][ T5923]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  241.238990][ T5923]  br_forward_finish+0xd8/0x130
[  241.239007][ T5923]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  241.239031][ T5923]  NF_HOOK+0x3ac/0x460
[  241.239049][ T5923]  ? NF_HOOK+0xa1/0x460
[  241.239065][ T5923]  ? __pfx_NF_HOOK+0x10/0x10
[  241.239084][ T5923]  ? br_multicast_count+0xfc/0xd00
[  241.239104][ T5923]  ? __pfx_br_forward_finish+0x10/0x10
[  241.239128][ T5923]  __br_forward+0x46a/0x640
[  241.239146][ T5923]  ? __pfx_br_forward_finish+0x10/0x10
[  241.239165][ T5923]  ? __pfx___br_forward+0x10/0x10
[  241.239184][ T5923]  ? br_flood+0x41a/0x680
[  241.239205][ T5923]  br_dev_xmit+0x12ac/0x1c00
[  241.239228][ T5923]  ? br_dev_xmit+0x220/0x1c00
[  241.239256][ T5923]  ? __pfx_br_dev_xmit+0x10/0x10
[  241.239292][ T5923]  ? hsr_forward_skb+0x1238/0x2d20
[  241.239316][ T5923]  ? dev_hard_start_xmit+0x2d9/0x830
[  241.239333][ T5923]  ? __dev_queue_xmit+0x1b80/0x3f60
[  241.239358][ T5923]  ? ip6_finish_output2+0x1296/0x1750
[  241.239382][ T5923]  ? __pfx_validate_xmit_xfrm+0x10/0x10
[  241.239400][ T5923]  ? mld_ifc_work+0x7d9/0xd90
[  241.239424][ T5923]  ? netif_skb_features+0x8be/0xca0
[  241.239449][ T5923]  dev_hard_start_xmit+0x2d9/0x830
[  241.239475][ T5923]  __dev_queue_xmit+0x1b80/0x3f60
[  241.239500][ T5923]  ? __dev_queue_xmit+0x2f9/0x3f60
[  241.239524][ T5923]  ? __pfx___dev_queue_xmit+0x10/0x10
[  241.239545][ T5923]  ? __copy_skb_header+0xa7/0x5a0
[  241.239564][ T5923]  ? __asan_memcpy+0x40/0x70
[  241.239586][ T5923]  ? __pskb_copy_fclone+0x9fb/0x10e0
[  241.239606][ T5923]  ? __asan_memcpy+0x40/0x70
[  241.239629][ T5923]  ? __pskb_copy_fclone+0x9fb/0x10e0
[  241.239652][ T5923]  ? hsr_create_tagged_frame+0x4de/0xef0
[  241.239686][ T5923]  ? __asan_memmove+0x40/0x70
[  241.239704][ T5923]  ? hsr_addr_subst_dest+0x30d/0xac0
[  241.239729][ T5923]  hsr_forward_skb+0x184c/0x2d20
[  241.239757][ T5923]  ? hsr_forward_skb+0xb8/0x2d20
[  241.239786][ T5923]  ? __pfx_hsr_forward_skb+0x10/0x10
[  241.239811][ T5923]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  241.239828][ T5923]  ? lockdep_hardirqs_on+0x9d/0x150
[  241.239855][ T5923]  ? hsr_dev_xmit+0x18a/0x210
[  241.239876][ T5923]  hsr_dev_xmit+0x195/0x210
[  241.239898][ T5923]  dev_hard_start_xmit+0x2d9/0x830
[  241.239925][ T5923]  __dev_queue_xmit+0x1b80/0x3f60
[  241.239943][ T5923]  ? register_lock_class+0x54/0x330
[  241.239969][ T5923]  ? __lock_acquire+0xad5/0xd80
[  241.239991][ T5923]  ? __dev_queue_xmit+0x2f9/0x3f60
[  241.240016][ T5923]  ? __pfx___dev_queue_xmit+0x10/0x10
[  241.240036][ T5923]  ? neigh_connected_output+0x1d5/0x450
[  241.240060][ T5923]  ? read_seqbegin+0x15c/0x2c0
[  241.240083][ T5923]  ? lockdep_hardirqs_on+0x9d/0x150
[  241.240107][ T5923]  ? read_seqbegin+0x202/0x2c0
[  241.240133][ T5923]  ? __pfx_read_seqbegin+0x10/0x10
[  241.240154][ T5923]  ? eth_header+0x11c/0x1f0
[  241.240173][ T5923]  ? __asan_memcpy+0x40/0x70
[  241.240193][ T5923]  ? eth_header+0x11c/0x1f0
[  241.240210][ T5923]  ? __pfx_eth_header+0x10/0x10
[  241.240226][ T5923]  ? neigh_connected_output+0x3a7/0x450
[  241.240256][ T5923]  ip6_finish_output2+0x1296/0x1750
[  241.240284][ T5923]  ? ip6_finish_output2+0x701/0x1750
[  241.240313][ T5923]  ? __pfx_ip6_finish_output2+0x10/0x10
[  241.240341][ T5923]  ? ip6_mtu+0x81/0x3f0
[  241.240363][ T5923]  ? ip6_mtu+0x81/0x3f0
[  241.240384][ T5923]  ip6_finish_output+0x421/0x840
[  241.240411][ T5923]  NF_HOOK+0xa0/0x440
[  241.240433][ T5923]  ? NF_HOOK+0xfe/0x440
[  241.240456][ T5923]  ? __pfx_NF_HOOK+0x10/0x10
[  241.240478][ T5923]  ? __pfx_dst_output+0x10/0x10
[  241.240504][ T5923]  ? icmp6_dst_alloc+0x3aa/0x420
[  241.240528][ T5923]  mld_sendpack+0x84a/0xdc0
[  241.240550][ T5923]  ? __pfx_mld_newpack+0x10/0x10
[  241.240580][ T5923]  ? mld_sendpack+0x1ea/0xdc0
[  241.240602][ T5923]  ? __pfx_mld_sendpack+0x10/0x10
[  241.240636][ T5923]  mld_ifc_work+0x7d9/0xd90
[  241.240667][ T5923]  ? process_scheduled_works+0x9cb/0x18e0
[  241.240692][ T5923]  process_scheduled_works+0xac3/0x18e0
[  241.240730][ T5923]  ? __pfx_process_scheduled_works+0x10/0x10
[  241.240757][ T5923]  ? assign_work+0x367/0x3d0
[  241.240784][ T5923]  worker_thread+0x870/0xd50
[  241.240814][ T5923]  ? __kthread_parkme+0x1a8/0x200
[  241.240831][ T5923]  ? __pfx_worker_thread+0x10/0x10
[  241.240857][ T5923]  kthread+0x7b7/0x940
[  241.240874][ T5923]  ? __pfx_worker_thread+0x10/0x10
[  241.240902][ T5923]  ? __pfx_kthread+0x10/0x10
[  241.240918][ T5923]  ? __pfx_kthread+0x10/0x10
[  241.240935][ T5923]  ? __pfx_kthread+0x10/0x10
[  241.240955][ T5923]  ? __pfx_kthread+0x10/0x10
[  241.240971][ T5923]  ? _raw_spin_unlock_irq+0x23/0x50
[  241.240992][ T5923]  ? lockdep_hardirqs_on+0x9d/0x150
[  241.241017][ T5923]  ? __pfx_kthread+0x10/0x10
[  241.241034][ T5923]  ret_from_fork+0x4b/0x80
[  241.241050][ T5923]  ? __pfx_kthread+0x10/0x10
[  241.241068][ T5923]  ret_from_fork_asm+0x1a/0x30
[  241.241089][ T5923]  </TASK>
[  246.209439][ T7503] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)