last executing test programs:

28.087838503s ago: executing program 4 (id=1036):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$xdp(r1, &(0x7f0000000240)={0x0, 0x8d, &(0x7f0000001c00)=[{&(0x7f0000000a00)="09f7cca49a6a065d62284c1f7fa68677ed18dfb6a407fd4f50d722d1681d47e5ce6d5571580895967a9be001d9901d5053b18beff632845a3e458cedcd88c6506eda5bfd2d302ec435e456d8c33bd663393e15b1ee7b3f9f4e44ef8aef19a6dbb0fa13d3c477c2e957", 0x69}], 0x1, 0x0, 0x0, 0x8000}, 0x80c1)

27.927937958s ago: executing program 4 (id=1040):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
socket$caif_stream(0x25, 0x1, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a48000000060a0b040000000000000000020000001c00048018000180080001006c6f67000c00028008000640000000210900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x70}}, 0x20000080)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r3, 0x20, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xa628}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f00000003c0)={0x0, {0x2, 0x4e20, @multicast1}, {0x2, 0x4e24, @loopback}, {0x2, 0x4e21, @remote}, 0x280, 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000280)='pim6reg1\x00', 0xa, 0x5, 0x4})

27.563607117s ago: executing program 4 (id=1045):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
write$bt_hci(0xffffffffffffffff, 0x0, 0x138)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r4, r5, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r6, 0x2, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_perm_addr})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000004, 0x13, r3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r7, 0x0, 0x0}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000d00), 0x4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000240)={'wpan0\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r9)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r9, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000280)={0x1c, r11, 0x1, 0x3, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x1c}}, 0xc0)
setsockopt$inet_mreqn(r8, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a05fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed00000f030000000000001d44000000000000730a04fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef77997e344e61482808c02b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000006a008313"], 0x28}}, 0x0)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r12, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$netlink(0x10, 0x3, 0x0)

25.979648473s ago: executing program 4 (id=1061):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x12, 0x12, r2, 0x0) (async)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r3, 0x104, 0x4, &(0x7f0000000000)=0xffff7ffd, 0x4) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000001c0)={'wpan3\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r1, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000400)={&(0x7f00000002c0)={0x5c, r0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x3}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x80}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000800}, 0x24000000) (async, rerun: 64)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r1) (rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) (async, rerun: 32)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r6) (async)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r8=>0x0}) (async, rerun: 64)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 64)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x60}}, 0x0) (async)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r8, @ANYBLOB="10007d8005", @ANYRES8=0x0, @ANYRES32=r6], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="6d9312000000f8dbdf03014b000000"], 0x14}, 0x1, 0x0, 0x0, 0x48891}, 0x880)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000200), r10) (async)
r11 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000004c0), r1)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r1, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x60, r11, 0x300, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x80)
r12 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r12, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r12, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000004, @mcast2, 0x5}, 0x1c) (async)
setsockopt$SO_BINDTODEVICE(r12, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) (async)
write(r12, &(0x7f00000000c0)="8f2a0a65bd8c00000000000000f4a7b6cefe000000000000", 0x18)

22.420124714s ago: executing program 4 (id=1121):
r0 = socket$netlink(0x10, 0x3, 0xf)
writev(r0, &(0x7f0000000640)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f3100000017250017000000000400370009000300", 0x28}, {&(0x7f0000000100)="ef894fdcbcdabcaf90e7b7bd070042628d1de763acdbe34ab066973b7a7959dc4816bcdeaea41f54b70df7c54652940cc4119dc1d88adad3737e526e1904fd07ff0890c5d72e7694514b6b993ee0a7c79141433a049fa39cbd846912cda53d567ee40aa6779cfc605291c454b68bbd689b2a1b019ea90f9dc3d10060cbe6a092c555840d7597cc556aa7005b31c5386d8525cf49d3626978f016c343ff1c53c7c707000000a7fca1731dc0c6a0e626375fe2e08d46029445fe9cecc0d6b362935fcd6d93c56b0ab3831085782832020d0837bd204eaca2a3e37ffd46a087726c36a858495e4c7d202856f36cb14febd9523a0a8dac168d05464ae7859c9c65b49705af9390889da5eba02558c66db8fd743df03074c7a8f37fe74f9d4c0db16a2bb5905d88ae87ff2a30a97b5f791184a73e293aec92da7efc1b6bf61b785adce3859d1a8a55e3bb48cb0fc627685f8e0ce4b7df660943a32a9c08c32f1b60c78e7000"/374, 0x176}, {&(0x7f0000000440)="fd84da8e2cedbfc5ea67173834ac3526e115ea78bcf48452e00a16e9a80756bb4b60262eceb7879ad73808749756d8f2f142b13e1f26e31506a162fa8331433d49faad75c15feb9f16120d9b91895533abaf17305500"/96, 0x60}, {&(0x7f0000000100)}], 0x4)
r1 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000000)={'ipvs\x00'}, &(0x7f0000000040)=0x1e)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SCALLUSERDATA(r2, 0x89e5, &(0x7f0000000b40)={0x13, "dd6e4eaaff9e7199f5b246fb0144c42ce5a861c065a1424a20e8705c8a6d70b593a9c20eddcb4bf2a10b606ce6b400e06c17dc5c2ad6c632a3aa2d50f01ef1293ad45749226b7af96e58d1a92ac1d2ecd704a63548983cf9b60da2d6ce07bb02a3b3e9b1bb016997bff8ff78f44f6371b5c0f58260bf2d27ebbdba58224b0129"})
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_TABLE(r3, 0x0, 0xcf, &(0x7f0000000080)=0xff, 0x4)

13.165787896s ago: executing program 4 (id=1121):
r0 = socket$netlink(0x10, 0x3, 0xf)
writev(r0, &(0x7f0000000640)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f3100000017250017000000000400370009000300", 0x28}, {&(0x7f0000000100)="ef894fdcbcdabcaf90e7b7bd070042628d1de763acdbe34ab066973b7a7959dc4816bcdeaea41f54b70df7c54652940cc4119dc1d88adad3737e526e1904fd07ff0890c5d72e7694514b6b993ee0a7c79141433a049fa39cbd846912cda53d567ee40aa6779cfc605291c454b68bbd689b2a1b019ea90f9dc3d10060cbe6a092c555840d7597cc556aa7005b31c5386d8525cf49d3626978f016c343ff1c53c7c707000000a7fca1731dc0c6a0e626375fe2e08d46029445fe9cecc0d6b362935fcd6d93c56b0ab3831085782832020d0837bd204eaca2a3e37ffd46a087726c36a858495e4c7d202856f36cb14febd9523a0a8dac168d05464ae7859c9c65b49705af9390889da5eba02558c66db8fd743df03074c7a8f37fe74f9d4c0db16a2bb5905d88ae87ff2a30a97b5f791184a73e293aec92da7efc1b6bf61b785adce3859d1a8a55e3bb48cb0fc627685f8e0ce4b7df660943a32a9c08c32f1b60c78e7000"/374, 0x176}, {&(0x7f0000000440)="fd84da8e2cedbfc5ea67173834ac3526e115ea78bcf48452e00a16e9a80756bb4b60262eceb7879ad73808749756d8f2f142b13e1f26e31506a162fa8331433d49faad75c15feb9f16120d9b91895533abaf17305500"/96, 0x60}, {&(0x7f0000000100)}], 0x4)
r1 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000000)={'ipvs\x00'}, &(0x7f0000000040)=0x1e)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SCALLUSERDATA(r2, 0x89e5, &(0x7f0000000b40)={0x13, "dd6e4eaaff9e7199f5b246fb0144c42ce5a861c065a1424a20e8705c8a6d70b593a9c20eddcb4bf2a10b606ce6b400e06c17dc5c2ad6c632a3aa2d50f01ef1293ad45749226b7af96e58d1a92ac1d2ecd704a63548983cf9b60da2d6ce07bb02a3b3e9b1bb016997bff8ff78f44f6371b5c0f58260bf2d27ebbdba58224b0129"})
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_TABLE(r3, 0x0, 0xcf, &(0x7f0000000080)=0xff, 0x4)

2.145299019s ago: executing program 3 (id=1360):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}}, 0x14}}, 0x8081)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900442b8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000200)="c67f0d7df9", 0x49}], 0x2)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r3 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$xdp(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000a00)="09f7cca49a6a065d62284c1f7fa68677ed18dfb6a407fd4f50d722d1681d47e5ce6d5571580895967a9be001d9901d5053b18beff632845a3e458cedcd88c6506eda5bfd2d302ec435e456d8c33bd663393e15b1ee7b3f9f4e44ef8aef19a6dbb0fa13d3c477c2e957", 0x69}], 0x1, 0x0, 0x0, 0x8000}, 0x80c1)

1.707788523s ago: executing program 1 (id=1365):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000001008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

1.579530357s ago: executing program 1 (id=1367):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc", 0xe)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$xdp(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000a00)="09f7cca49a6a065d62284c1f7fa68677ed18dfb6a407fd4f50d722d1681d47e5ce6d5571580895967a9be001d9901d5053b18beff632845a3e458cedcd88c6506eda5bfd2d302ec435e456d8c33bd663393e15b1ee7b3f9f4e44ef8aef19a6dbb0fa13d3c477c2e9576f58ae4e2f205fdd2cac8aeb0150ba3525f133536bd4eee6785e48c80b5e97f35c9c9fcd01e025578e79c59fda79b64b0a7a022a25f983a764d4643493ef2c165eb39abf57b0706f9db7a3a12ab0b4e9df8b79cff44f52139b0a55fac6f118dc368e3cb52f87b95442c5d5bcc0bcbc19c4f1ec3336af24b370105be54585af81fde3bb6a48501805d167fa7a54700207fc933dc8d146c4843ee286b75f5c16c279e6450a9f1dd2fca2a17875a13d460a7b", 0x11a}, {&(0x7f0000000300)="1d58abd4e1c5609f80ac578a46c5ccb3be7dc9fd65c3b305b6693a4b07ad08af54cdbb4ed814a8b5129adb8724dce77b541d7f7fa368220d349cd395e84adea7d015989a25f014c553e00baa3f1ab917c9b7c6b2bae0d77b2eef3edbbf835d29609e7f79267ed15861e844deeff1e520b5e643c729595d96dc040ffde6bbbf3ff60a3e1b3ebc912c41b03e35b4aa5af40dece5eb5fbb61ee6cea03e267870e1d2590726defdc85c9e1f784ccbd6494d5fffe68f1dadda66f32963ef785a5fe072517594e28397cdcceadae0fc9b181441247b3155f697010431f5a516b4af1e89d83511682c99ad9ca30a7c4f082", 0xee}], 0x2, 0x0, 0x0, 0x8000}, 0x80c1)

1.455633621s ago: executing program 3 (id=1368):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011"], 0x7c}}, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x8, 0xc, 0x0, 0x1, [{0x4, 0x7}]}]}, 0x34}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'wpan4\x00'})
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000480)={0x0, 0x7, 0x5, 0x55, 0x3, 0x80, 0xb, 0x40, 0x40, 0x8, 0x7, 0x9, 0x9, 0x73}, 0xe)
shutdown(r4, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x38, r5, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x4}]}, 0x38}}, 0x800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={<r8=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f0000000300)={r8, 0x2}, &(0x7f0000000500)=0x8)
setsockopt$inet6_int(r4, 0x29, 0x49, &(0x7f00000002c0), 0x4)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r9, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r10, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000600)={r8, 0x7fff}, 0x8)

1.455397613s ago: executing program 1 (id=1369):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2d}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r0, 0x9, 0x0, 0xfffffffe, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
bind$netlink(r1, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfc, 0x40000000}, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2d}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040) (async)
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r0, 0x9, 0x0, 0xfffffffe, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) (async)
bind$netlink(r1, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfc, 0x40000000}, 0xc) (async)

1.427372595s ago: executing program 2 (id=1370):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000500080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.286885733s ago: executing program 0 (id=1371):
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000004e00)=[{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)="607be25f2e", 0x5}], 0x1}], 0x1, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000400)="001d71d52a3879c9c7649475728f8a25a071a59c20c131e0364e8828e50cfb69d0561b1bf87522000e42847c81695082fb23c905f5713aa8cadb181f50020730a3af1cb5a2ec28f6a78f19956ad27fa369f8adf71664f8eaff", 0x59, 0x4044000, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000740)={'vcan0\x00'})
recvfrom$inet(0xffffffffffffffff, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
socket$caif_seqpacket(0x25, 0x5, 0x3)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r3, 0x400442c8, &(0x7f0000000540)=ANY=[@ANYRES32=r2])

1.231915083s ago: executing program 3 (id=1372):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000180)="17a6c17d841938e6e65b494b9789a0a536ab9888be706fded307c548734f154caf5eff7fa05daef67fd1186c7f98b2dcd2f53772d1091ff7cd4f80e72f5d9e6f5cf8b23b8d7fb09e7bce44ca393590afce9c7bc48e49adff658348711f12ae92cfd84af4c03dfd7f2f64f9bfb4c1d1f07d3fb16b43a6526e21e39a5e9208c2788460f8183eb41371c01e845d9ab77bcbc723113f0b2ca67c0d462db1210b813ef701f56963527b3968686ac65ea180", 0xaf}, {&(0x7f0000000300)="a80beb59c328e05025240df1e2daca2e4bffe1f6f43cbdb1ab9a82148a853b818289f01b5f1897cfa15cafe67d83806353a3a40f7f981215bdb79ff98200d132cfdc720ae9617d7567a1b797611d0523b08f62e3cbc2e01d", 0x58}, {&(0x7f0000000100)="ccf086f46bb50f9d0016f7a087ab5b798b55ba02648fc0076aa811f07dd6a57c15ff0cc97f23b63de3c0b3", 0x2b}, {&(0x7f0000000380)="43133863ab7d3c19ed07f3837d294b9a", 0x10}, {&(0x7f00000003c0)="a78d26df6e12ec6f375ceb3c9062fea0275c80d4e2bce376c89ba352e2de0c540390372209430ce18a319bcdd41db3bd6f6404c8f4f0124c636d34db67cc115c37a3f2c0b499da6b5b98f19251bd11950bfd114ee741c0e2bb2d765786a4b0b38e34bfe7fdaa925ac25574c62cdbb1f420e8fcdfa74132953e147c5b4563145f935029e431fbcf0cc26d22a579f0ea158c5ce7079ae4c777c346e8d754d94b082c46868a52e8c5a6eff5", 0xaa}, {&(0x7f0000000480)="7baa5f367f1fb95e82d81d17250a93539f335bf68ed12755642800b92c89b6517c6acb419576e6bc5c29c5acf22a21d43a374927f6a90bbdabc91f29eef43cbff5fa72c0d9c6958b2e5aa263802e194c94606e541e41ddcccbf7c383f62caa4875d2aa59bf", 0x65}, {&(0x7f0000001b00)="f22b25561db7358727eb9e455e07185da02c53542e22a1b2ee36a1aaa1bad70902b33a53b5659942593c3ac6f9324431bdb5c3972ab0cc949ca5fb42198a0ad667355c8af2a245d9998c12758b6ee121b0bfc8a6b75e46734300db7a08260c0067c5a48da29544e0af508959011a52687b797c801dafa6b168fc8cb35f8b90083669a9172adf0b6179134abfbd0140ee4d4dfb90857ba0a36de792019fcf10afc98a30b5e1269fb3a50a1651ed1dfbb0fed80a0573108ec4a53f9b5176dd8161a368bb9a00000000000000057b015c750f6526d0bcfd8fa4ac85f65651190db0db93d7c29be31ab81ebb3c609a61ac9a1910caf001", 0xf5}, {&(0x7f0000000580)="bde890daf1ba6d86e19c83e59e27ae4bebe784035ff717bad76bd7d718b121fc6fafe37e838ba70314a765e0547ff947a5116ef3d18d158876e4cc4723477cf4b53a41e0575dbd64c41d2aa87bd8c8c449db9b46f8752fb761901536c0bd1c27375b1c3c76de3550d390f5517c16f870ad7888dd43c1cb7d8321b4cca85afdaf61ba48b83c04b1f35eef7c73910c9671fe394403e0f695ba032cc18c5941f16d2eafc28663149b067341c3314d2be9f7fbf3421cf6a4629001b3415847c297d9650ad5654519790e176b2d2f6a3211eddf8d616ee90c13f74d8c18", 0xdb}, {&(0x7f0000000a80)="732a42b97caf6d7d581ed241d13df3730bb8e8b250e6f613f7975b2b1affc5ae7b48f5ec53098573929ed5fabaef7d80154de89e72c175be8e8b399e0ce7ea671b9e5d384bf2383b5fe3cb34a37bcad865bad6db0a7b6f15dd6415aab363f1a2673b0887cc9b6a2914ba382a7201070a45278610fd97541e899916b83d13a55b7f09f7df1ab0c254ba93ccc024665fa5ee18f7441d8a5e1c58253ae81c513884b0dd38243ccfc61a16a4c98c4efa5332ace67408aa3e0bdb6a2d9ebe25fb934a6a184a1c51690e734a34ed5f22505d819756962e68ef0f1a6517713f8258a833e74620c0a0354617799dc74bda3702537f42a28434c45981d86e08892b06f500be404881f1e29d0358a857bce03752f54b3f21053c73dc17c5cdf17d9a9171dbd1fde40d086e9e2b9b1f83fa707806de0b1c754941efadef0ee8ccf89b6cddb322c0eea2767bc428f8e2409f384f4127a1e298907c7dafedfef60d7b00371770d4a8d461e5e1e3a5726757b7f08dfd7db4ddc67669ee4c29f1ba719770d00d11e6020f16eaee51c2a46a36999edc3a54a66bf17be37aa8d90e92ffa3983c1780a25ec8dac2a016061f6ccda0c870d132cb56efa6180d5cdba38d8896d47242d0266220b6e8019bc93f2e4ac967a1d35b0fb4f4e66249df3d2babc50395e30d7aa8cfb1b36bdfcd446b38a76690fe6fa1a395bea89ee3f61295fdbf7c188292ff02e1fdeb3d70c90b75375d85fdbc128c72bd798c85d1d932bd5cd518483a7944637aeee48ca087781e390eb4afe7bd5ad3ccf12629ff1301bc9dd2c453b83b9eb771274aae860826fd2653f927069fefa1014e50105f87d81f466e59b04fcfb451e49b1540eafa080cd137dfb8f4ab2328bc5a2448dcf5db3ccd9372b6b53b79c6aac91a80ef62dec7c7b42b86ee50235fcfa181d85fade04ddd094380894356f304a33d6e1bb607bcd9c7a21e63147d3b7839d35632b6f36b34178104ba13386dd4debc4283367095dcb7fb97db7d87f8ad721e4d3c20256356e788dc0dfc536507930f96259d9ad1f76ce96af489fc92a013cf3dcafb256aa621c4b8c983207fdcbafb7764fe0db75e890d776bb53ee577e9a729484c333914f5838191077da5bcd9caf693452367abbbf769a6bb109afaa956d49bbbed8f8f79910c571ba5a0f48d915b70178c9f84e8adfc550bbbe05af55b0e0808e19506b07e001d065e2fe9833f32ae63e08077034f9103451bf473e9d7891d02c0d5fd4ed17129cf7d200dca6393e70790fac0c703ebbd9347953bf30b092dde71c794c0509864a273e34e7118fd9c88a6c28e7c4192c2b0e5388c9520ba1e09b5fdca55c7da36d3e9260fda1fb439d7285bc2ec070e0137c716344a48aa8eac282a067428cca4ed638a07c45d0c9ffec49099ef85651761a3be578277893efeac2dd09b052682752b5a5a7bd57054d01a923847ea3589fc4f766e82d208d440a29a40f55d7fb93cdca1062dd1a9c5128c6184dd5c2454ec173299a23c14d5d171cf2daf51db772064df4cad1435a2e0262636f50a907bf9bf3a5f9d2b755282ad895e0000308e550e9ddd4532ccd8137e18f38bad3b13a9791ba97608110be0203c55904c890a47a995e2587578119520fae4b1fdb92e84a34a1233f463a6e8c32ecd851abb265b4bb8bc86a2911254dc971b8de75737544374319e82788474a8ed30e82d90627602c9d4a1d50ab426158635a90ebb8659fca6803422fbaa1414f5ee35a3bd4a7afe72df4fcb370d6d74f0df32fb161cc74d332c899cbdba7f4ca299dd700ea86e54a86294f1923f45bb86f473ba683b00b0a4932dd10826473b4faab94ba448c26923552ac5563f44d67e513b8c39fc41348914247b0ec9ea75e2480dba6921a8521ec6a83861b270a2693b171a466573b204f21bebde31c84bcc47fbaed3139b789bf45a158f735f390c136b776ce6cd3a8687856f7b180b4d920e770c3e43904f35f5746c9c572f48ccf84df9f2441ae2a33e392c1133fe24af7375be55d5d32597d7a38f647a328747167b8170c7e23ca5ae1895aa9af3eae2479a8e045e95832df771d130db64f51ff07f7931d67d6b76b3ab2bf20c75fb12d4061a378b037a0970e4c709023a0fd4bdf120605092103965eb58f9167f3508b030ca60b890ab9ba5448638456041da1fda6f32bf8ea7e13d824f0f9bf54385dbbc4df03c2426c07eb3e10be04ea2fe3bb1c74cdc10d89e6e9dd55402686fddf37a07302660cb3c4d71311a0d8e7a0fd2ce72d1cbc567a9a13d3277605e9d7204413d9cbb90ce0c7fc88b3fae4b5b8313313138cf6212e61ec763e9d015fa790170ea31a9c26e41b4592e348ea56cd1706a9b612b5ac2e8d73188426dc8fe767c49297113a9fa2e50526fcff259245ba57d05394e940e84340219e2e628bce64817ab10c5d68019ebe1e56dbe190cde6ef5d5a1aed7b12da30082dd11fba14baf3c0983797f124dce29243c882c6fdfc4d2c049bc2f4d8c3d65476df2c669dd59d8ad47bc9c4bcdbf087c6a4ef2165096988701b4fc04dc3a27bc0aaded4e72c24c6bd1a9c1577b82138c0335b07b782fe978d44a39caa7f4a1ae8c20f4449133de6e12c7da82b8ed39d5e2c277594e0fee9024f87393f8c5ea2eec99593014ec42dd1a3f206dc93e92cf72bd1be491e5beaa789d6c34623951d1b287ea9b053d5fd579fa39866711e41da32ea6944cb58da9e772de4c82662f67f81e0487b5de2ad4bd0a7d79889110933ab210313a8d968f8ee5c5aded4a3c31a0973d266b56535118d5c62f02df49928c422034cf51c08492de005c079f5a5dfe780cac1a557b341931fd0ca6a20f9cd90c5ac89999a82f4e9e5b225187fb3b573aacdce2558227951ce1c62430cdc9c1a07a0e8058db487529f842fae555b3175e38d55eeb249ce5973829fc4e0c58976fa20c3ef23b7e414f15370a26ad05987831c3507f492104d8c4433b8bbbabb1c62fc90283533fbfa4d814e8a34633eb61f77f097fd94f49b4a30f383c4b22734ddb344fee5c759ca8e601aa4b8da16a6700a1c04e33afe69cc32cb3151b5cb10129e8d6b705acb189d3d7f404e638200b9d8387c6bdbed0473e1a9af4984975879913598450fc9f8271271bc6c388f3995082357bca334b1fb3d22db6d67be0ecf2c13a9d878b207be7ad4ec9433362a23c9a35403cf12d544c411061ce8feba3e5dd1c85f1dd5f74f4e6e4d82a5209a20ad045e2c31a43f7988a73a4f7ca2db15e0781605abc752a2a66fb2749afb0ea5c60569704ec0d4baa122ddbcbc271306a174453c0c54bbc4965ccfcd0e96a9310eebb7bfbbff7c1626306344bea8dc5e81188234092dd33265181a0d2299d78300d22da309afc5befa5d4f020b181dd784815a106db0345b9804a60f956cf619b4ef69c592e1f5e006284bdd791d71be379d0a9c608f920676a2154c4a77ca546bb1bb52517738c0c8cc52dd9c9fb9765ec937657e1b743db36df842284e2ceb7ad009c616b3cc0ef3b66ae9536450f7de268f42542d0b853150c7e878802ca88f8ff997201865a014fbe32e6e7610836894fc3ea24640ba1cfa73fc9c6aeef2a9bbc4759afe8dded7d77f56b650519d3455ddb7251ff09a586d4afd598626bd7ca5ed5b173913c592d4544b9d6f1d01e2cb2171b96ca0ea8b2b28838c93a7ddc846cbf87daf749c9ef08dc98aaf5c55ca98764ab495d52e4b3ea016fa2243aa1ca660a4ad5afbff94b824e6a94ca1886b065fe23a6c4f49de98a29a3370fbab3d6343a3eec733b6fb5ce56b991c6726dda40321a9b7d34950b8932c3700a08df33f91acbcae0be63a3f6dcff756eac6f483e6ff5e5bb4ba0f42f0b61c52bf3166e6b6cc5a0965a5213732ba796d1be02079c5d11fe1423c19a86f350009d46b13d309ca40cdf93e5062b28db388a2cb35faf0445248b5a32f553a56b06f3fe8cbe4f0d82ba6ba2253bc33f893e4e4703841f0c43f931590509433b7d5ffe569c09c0270ebe71b2dbd23cab2bb684552d1167e660d2ef79e9a8f789781c782e6b546cef0849eb174fb9138017246d1f5bf9095e9de74eeb30adc8322fa24c0095a18c4a7eee41f6dd5857e1cc9d538342232bc1c6c0ffda25f472ccfe1b7e2679dd476aea31f26f07cbc556eb15687ad1f72af5ff8aa8bca13bb19f402324d76029553cf2125ddf979c3fd41c5136f219675739ada9fd0610e444c8069ded9eb992236f09f141abf074e450bce2a3a43b2c107248c9e64fdb9c736c8276f76d0cf9a4f68b315c158545585e84271c80c081e7f7a49d2c46fe065befd058ded0e7ce14d41bb8b097e6f7232d6f669e58eb1f35a6ee39fd46d905c0e6c46c0d05f50420817880ba21946bb7d971c36f7c3805fde66adf77c4c8e851c3342d810c4d2caadae8e72df1c8a8dade70d925afb7bb1856146c548ce7f7f8dc47c51498bb1740630d85c43c69a7a2349834bc2045f37cff9c7ef7e67cb2072d7a2e082b4da0f8dc3458fc59086b392ca2f0ec9d522cf46300b43f9a21b953fe1f269344fe3eb7b2cff7d371aca9184a4a35e98080e88e01864f644193829daf76408bd8bc8072a10f5c68f7519233af5dd0b6744f1f904715cee6de957b9d8888cc9c567b70664e5ebb055505a9f32dfd49e965474c2cbf910965f2200e781ccf8f30fbb4b99bb2c1855c90eaf4e35b653f044d19263d0abad704518b160384f29a59b4c6568cfb478594505a4d31677d952a0f0d9161317f8da37bbc1b5e07d90f0a20b969a1a1f349725ccbf4112cfcbe5a346bfc30f0ff73415fe71b4e46e563d8b16e07c89a107f0f7ac8ab37811a950d171cda24845d3fdfc945ace32093978b5929061b8bbe0d30d3b8b85d32e4fe83363db58759af24d1e502fff4b1481b1e57f1bf1bfdaceccc8f5334396b238d45ef3e089d54991de3031f74dc48ed96367e220d330df0c7454199eb64694ccac4cdfbe84139610f378decc45e31cadbf72f5296897b78073deeaa5ad1899df0466d4da56566d90678a791b749335122204a8e9d891ed1efe9fc8e60e2946e058149630bf3485bbe8b6c752ebde9f953debee03d9547fbfb82f5c57066bf67953f95e0d7c9d4c42dd56fedcebab4de74033609b188ed62dca228c1157ae32ff690caa1a060463f2090716226e3e184da8f420280d14ba8b00b28570a49bdac83bbc3d1a3aeb7d40ec6e9808991fbee279b031c3c5b9d0417617434fd8555e40213c35e27ed856b35d2f9bc097c9160650bd062e8906f40dc15998edddd658b6dcbd6120a152f6a0179b3864c108131372500067e6caad95d5a4cabc1a8757da9b77c729f0dcf8be7adc1f3a118de9854f5116ef3c476915d693ff825f00121b6794a5b46fa8a2fb8a25ea7fe59f1af313545ab0457345dac782450aa0293693aa3a1321d9e0f6e36317c7f2c0f59d5f9de3ecad6ad02a5c3b6ddffa8dd1ab9afc82ddd7084aa16e2da187163f8ef8c03ecba0547252790ca82da19e0fbb8fdc7da4a83367019f7c8cec3363a3249725ff245843d5321cb9bb07a66458249208928a868408a8b23ad01963e5a8f3c580537821a5d9ef53c685f2136b2f10e911837a8957d6eda2aa8931d8f93045f64ee23cc2c00c9e0cede919dedcd367850ba9977cd93d88fe2823bfcb5dc23c2c9631f39dddaa426af7a7c425ebdce2b163f4f41db2b03caeab9279ff98fe23c0c0803e0838d2bcbddbcbb667a51d4fddd1b8a33c7f54c749a62436b3eedd7381d400d6a097743a777fc47f693e1", 0x1000}, {&(0x7f0000000680)="f420744d4859f15140b097982df2ef2a9fb9c5ae652a8ed6b377cb67e3955b2399c7d9260b0f0f12dd50a2a15edaa8f6b1de1ac466ebfdb254d0847242ec96e0d27139606aadff2e0871149262144cda1d1269e80c554209e0c55d2318cea04ff4a955517786aee0570825a9232f7b9dff4708e5fd888686a5a3c707a51a", 0x7e}], 0xa, &(0x7f00000007c0)=ANY=[@ANYBLOB="70000000000000001701000002000000aa000000e332632312d84ceff166cf83a84f415a1d6bd1b7cdd0553309773355f5b9c46d8d4708005f4ff4c4d1afba53dffd9cf89ede813feeaa9207fe9acf458526f0dd8b9279357663fcccf0b8bc52b1436b000000180000000000000017010000030000000100"/136], 0x88, 0x40080c0}, 0x0)

1.198658659s ago: executing program 1 (id=1373):
listen(0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010040000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, 0x0, 0x0)

1.185106823s ago: executing program 2 (id=1374):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
epoll_create1(0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x2, 0x4e22, @multicast2}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000440)="c93a75225b1cee3f95d7774173ecd6d04310cb48bc350516156f87088d9acac749096ee16604d55240714fc42fb56d67f9b5cc5f21fadda7c174cff1631c685f5fdbc9c1a12cafceb1711196550ac3c3d26042e8914fa342862912a407bcd9332ed6f4c7dc77a283b39719f86fad7893ea285ad6b231300efa0ef8dfe506c8bcf80c56bdc2757d57cbe1ae4a97c3447cb3b3f37484613b3beba002ecc496e1c3698f126be9a55ff801d40fe7159e809f2935a40fa9badcb8acee467fcc7a03f8cb0e1e3578e4bd9acf9b0e0cc01b99a77e5d6b9e0378d5bde53a71c5aeba4cf9dcce0c3dd51581b5a6a09b542023", 0xfffffe3e}, {&(0x7f0000000240)="77dd57682285b57f033d388494e4f889", 0x10}, {&(0x7f0000000300)="2b1eccbef1d06e73f73ab190a1bb0d1d656fc42cb11d0ad54e97903a2776f3211bc1c2835a5dbceed08ce40f891b2ffcb9b64f68c17ba506415a9e", 0x3b}], 0x1}, 0x0)
unshare(0x28000600)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x3, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x9b}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x10, 0x11}, @TCA_FQ_QUANTUM={0x8}]}}]}, 0x40}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="54010000", @ANYRES16=r3, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="0600cd00000000002f013300802009000802110000010802110000005050505050505f00ffff"], 0x154}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

1.094873584s ago: executing program 3 (id=1375):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r3, @ANYBLOB="059900f3ffffff111800128008000100677470000c000280050005"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendto$packet(r0, &(0x7f0000000740)='\x00', 0x1, 0x4c0c0, &(0x7f0000000300)={0x11, 0x86dd, r3}, 0x14)

1.094365895s ago: executing program 0 (id=1376):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x0, {0x0, 0x0, 0x1}, 0x1}, 0x18)
sendmsg$can_j1939(r0, &(0x7f0000001840)={&(0x7f0000001780)={0x1d, r1, 0x3, {0x0, 0xff, 0x4}}, 0x18, &(0x7f0000001800)={0x0, 0x25}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)
bind$alg(r2, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$802154_dgram(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000100)='\x00', 0x1}}, 0x40805)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000002, 0x52, r5, 0xffffe000)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r6, 0x84, 0x82, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec)
ioctl$sock_inet_tcp_SIOCATMARK(r3, 0x8905, &(0x7f0000000280))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r7=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETSNDBUF(r9, 0x400454d4, &(0x7f0000000000)=0x2)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000011c0)={0x28, r11, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x6, 0x22}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x2000010)
write$cgroup_subtree(r9, &(0x7f0000000b00)=ANY=[], 0xa)
ioctl$sock_SIOCINQ(r8, 0x541b, &(0x7f0000000040))
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1200000024000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000dd00"/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r12, <r13=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)=r7}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001080)='afs_make_fs_calli\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r13, &(0x7f00000007c0), 0x0}, 0x20)
syz_genetlink_get_family_id$batadv(&(0x7f0000001180), r3)

898.099447ms ago: executing program 1 (id=1377):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006067c09e8fe55a10a0015400400142603600e120800060000001001a8001600a4000a4003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

897.774735ms ago: executing program 2 (id=1378):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$xdp(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000a00)="09f7cca49a6a065d62284c1f7fa68677ed18dfb6a407fd4f50d722d1681d47e5ce6d5571580895967a9be001d9901d5053b18beff632845a3e458cedcd88c6506eda5bfd2d302ec435e456d8c33bd663393e15b1ee7b3f9f4e44ef8aef19a6dbb0fa13d3c477c2e9576f58ae4e2f205fdd2cac8aeb0150ba3525f133536bd4eee6785e48c80b5e97f35c9c9fcd01e025578e79c59fda79b64b0a7a022a25f983a764d4643493ef2c165eb39abf57b0706f9db7a3a12ab0b4e9df8b79cff44f52139b0a55fac6f118dc368e3cb52f87b95442c5d5bcc0bcbc19c4f1ec3336af24b370105be54585af81fde3bb6a48501805d167fa7a54700207fc933dc8d146c4843ee286b75f5c16c279e6450a9f1dd2fca2a17875a13d460a7b", 0x11a}], 0x1, 0x0, 0x500, 0x8000}, 0x80c1)

775.686418ms ago: executing program 3 (id=1379):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @loopback}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000400)={0x9, {{0x2, 0x0, @multicast2}}, 0x1}, 0x90)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x608, 0x0, 0x11, 0x148, 0x0, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x2f8, 0x360, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'team_slave_0\x00', {0x459, 0x0, 0x48, 0x0, 0x0, 0x3, 0x2}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x668)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x12, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004000000095"], &(0x7f00000003c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x71, 0x0, &(0x7f0000000440)=0x9b)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x11, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4}, &(0x7f0000000280), &(0x7f0000000340)}, 0x20)
ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000f00))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYRESDEC], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002cbd7000fddbdf252100000008000300", @ANYRES32=r8, @ANYBLOB="14002c8006"], 0x30}, 0x1, 0x0, 0x0, 0x20000010}, 0x40000)
sendmsg$NFT_BATCH(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRES64=r1], 0x6c}}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000780)=[@in6={0xa, 0x4e22, 0x9, @rand_addr=' \x01\x00', 0x5}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e20, 0x5, @loopback, 0xffffff00}, @in6={0xa, 0x4e22, 0x8003, @mcast1, 0x20004}, @in6={0xa, 0x4e22, 0xc, @mcast2, 0xfffffffb}, @in6={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x2b}, 0x10001}], 0x9c)
r9 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r9, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000711208000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0xa4}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$RDS_CANCEL_SENT_TO(r9, 0x114, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r5, 0x4004f506, &(0x7f0000000740))

632.220456ms ago: executing program 2 (id=1380):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc", 0xe)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$xdp(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000a00)="09f7cca49a6a065d62284c1f7fa68677ed18dfb6a407fd4f50d722d1681d47e5ce6d5571580895967a9be001d9901d5053b18beff632845a3e458cedcd88c6506eda5bfd2d302ec435e456d8c33bd663393e15b1ee7b3f9f4e44ef8aef19a6dbb0fa13d3c477c2e9576f58ae4e2f205fdd2cac8aeb0150ba3525f133536bd4eee6785e48c80b5e97f35c9c9fcd01e025578e79c59fda79b64b0a7a022a25f983a764d4643493ef2c165eb39abf57b0706f9db7a3a12ab0b4e9df8b79cff44f52139b0a55fac6f118dc368e3cb52f87b95442c5d5bcc0bcbc19c4f1ec3336af24b370105be54585af81fde3bb6a48501805d167fa7a54700207fc933dc8d146c4843ee286b75f5c16c279e6450a9f1dd2fca2a17875a13d460a7b", 0x11a}, {&(0x7f0000000300)="1d58abd4e1c5609f80ac578a46c5ccb3be7dc9fd65c3b305b6693a4b07ad08af54cdbb4ed814a8b5129adb8724dce77b541d7f7fa368220d349cd395e84adea7d015989a25f014c553e00baa3f1ab917c9b7c6b2bae0d77b2eef3edbbf835d29609e7f79267ed15861e844deeff1e520b5e643c729595d96dc040ffde6bbbf3ff60a3e1b3ebc912c41b03e35b4aa5af40dece5eb5fbb61ee6cea03e267870e1d2590726defdc85c9e1f784ccbd6494d5fffe68f1dadda66f32963ef785a5fe072517594e28397cdcceadae0fc9b181441247b3155f697010431f5a516b4af1e89d83511682c99ad9ca30a7c4f082", 0xee}], 0x2, 0x0, 0x0, 0x8000}, 0x80c1)

588.968966ms ago: executing program 0 (id=1381):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$xdp(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000a00)="09f7cca49a6a065d62284c1f7fa68677ed18dfb6a407fd4f50d722d1681d47e5ce6d5571580895967a9be001d9901d5053b18beff632845a3e458cedcd88c6506eda5bfd2d302ec435e456d8c33bd663393e15b1ee7b3f9f4e44ef8aef19a6dbb0fa13d3c477c2e957", 0x69}], 0x1, 0xff8d, 0x0, 0x8000}, 0x80c1)

511.890969ms ago: executing program 1 (id=1382):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
write$bt_hci(0xffffffffffffffff, 0x0, 0x138)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x0, 0xffffffa1, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)

504.998223ms ago: executing program 3 (id=1383):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0xe0, 0x10, 0x403, 0x0, 0x4, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_ALL_TARGETS={0x8, 0x1e, 0x1}]}}}, @IFLA_PROP_LIST={0xa4, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ipvlan1\x00'}, {0x14, 0x35, 'ipvlan0\x00'}, {0x14, 0x35, 'macsec0\x00'}, {0x14, 0x35, 'ip6tnl0\x00'}, {0x14, 0x35, 'sit0\x00'}, {0x14, 0x35, 'veth1_to_bridge\x00'}, {0x14, 0x35, 'wlan1\x00'}, {0x14, 0x35, 'gretap0\x00'}]}]}, 0xe0}, 0x1, 0x2000000000000000}, 0x0)

413.062913ms ago: executing program 0 (id=1384):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000fff008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

271.941736ms ago: executing program 2 (id=1385):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000180)="17a6c17d841938e6e65b494b9789a0a536ab9888be706fded307c548734f154caf5eff7fa05daef67fd1186c7f98b2dcd2f53772d1091ff7cd4f80e72f5d9e6f5cf8b23b8d7fb09e7bce44ca393590afce9c7bc48e49adff658348711f12ae92cfd84af4c03dfd7f2f64f9bfb4c1d1f07d3fb16b43a6526e21e39a5e9208c2788460f8183eb41371c01e845d9ab77bcbc723113f0b2ca67c0d462db1210b813ef701f56963527b3968686ac65ea180", 0xaf}, {&(0x7f0000000300)="a80beb59c328e05025240df1e2daca2e4bffe1f6f43cbdb1ab9a82148a853b818289f01b5f1897cfa15cafe67d83806353a3a40f7f981215bdb79ff98200d132cfdc720ae9617d7567a1b797611d0523b08f62e3cbc2e01d", 0x58}, {&(0x7f0000000100)="ccf086f46bb50f9d0016f7a087ab5b798b55ba02648fc0076aa811f07dd6a57c15ff0cc97f23b63de3c0b3", 0x2b}, {&(0x7f0000000380)="43133863ab7d3c19ed07f3837d294b9a", 0x10}, {&(0x7f00000003c0)="a78d26df6e12ec6f375ceb3c9062fea0275c80d4e2bce376c89ba352e2de0c540390372209430ce18a319bcdd41db3bd6f6404c8f4f0124c636d34db67cc115c37a3f2c0b499da6b5b98f19251bd11950bfd114ee741c0e2bb2d765786a4b0b38e34bfe7fdaa925ac25574c62cdbb1f420e8fcdfa74132953e147c5b4563145f935029e431fbcf0cc26d22a579f0ea158c5ce7079ae4c777c346e8d754d94b082c46868a52e8c5a6eff5", 0xaa}, {&(0x7f0000000480)="7baa5f367f1fb95e82d81d17250a93539f335bf68ed12755642800b92c89b6517c6acb419576e6bc5c29c5acf22a21d43a374927f6a90bbdabc91f29eef43cbff5fa72c0d9c6958b2e5aa263802e194c94606e541e41ddcccbf7c383f62caa4875d2aa59bf", 0x65}, {&(0x7f0000001b00)="f22b25561db7358727eb9e455e07185da02c53542e22a1b2ee36a1aaa1bad70902b33a53b5659942593c3ac6f9324431bdb5c3972ab0cc949ca5fb42198a0ad667355c8af2a245d9998c12758b6ee121b0bfc8a6b75e46734300db7a08260c0067c5a48da29544e0af508959011a52687b797c801dafa6b168fc8cb35f8b90083669a9172adf0b6179134abfbd0140ee4d4dfb90857ba0a36de792019fcf10afc98a30b5e1269fb3a50a1651ed1dfbb0fed80a0573108ec4a53f9b5176dd8161a368bb9a00000000000000057b015c750f6526d0bcfd8fa4ac85f65651190db0db93d7c29be31ab81ebb3c609a61ac9a1910caf001", 0xf5}, {&(0x7f0000000580)="bde890daf1ba6d86e19c83e59e27ae4bebe784035ff717bad76bd7d718b121fc6fafe37e838ba70314a765e0547ff947a5116ef3d18d158876e4cc4723477cf4b53a41e0575dbd64c41d2aa87bd8c8c449db9b46f8752fb761901536c0bd1c27375b1c3c76de3550d390f5517c16f870ad7888dd43c1cb7d8321b4cca85afdaf61ba48b83c04b1f35eef7c73910c9671fe394403e0f695ba032cc18c5941f16d2eafc28663149b067341c3314d2be9f7fbf3421cf6a4629001b3415847c297d9650ad5654519790e176b2d2f6a3211eddf8d616ee90c13f74d8c18", 0xdb}, {&(0x7f0000000a80)="732a42b97caf6d7d581ed241d13df3730bb8e8b250e6f613f7975b2b1affc5ae7b48f5ec53098573929ed5fabaef7d80154de89e72c175be8e8b399e0ce7ea671b9e5d384bf2383b5fe3cb34a37bcad865bad6db0a7b6f15dd6415aab363f1a2673b0887cc9b6a2914ba382a7201070a45278610fd97541e899916b83d13a55b7f09f7df1ab0c254ba93ccc024665fa5ee18f7441d8a5e1c58253ae81c513884b0dd38243ccfc61a16a4c98c4efa5332ace67408aa3e0bdb6a2d9ebe25fb934a6a184a1c51690e734a34ed5f22505d819756962e68ef0f1a6517713f8258a833e74620c0a0354617799dc74bda3702537f42a28434c45981d86e08892b06f500be404881f1e29d0358a857bce03752f54b3f21053c73dc17c5cdf17d9a9171dbd1fde40d086e9e2b9b1f83fa707806de0b1c754941efadef0ee8ccf89b6cddb322c0eea2767bc428f8e2409f384f4127a1e298907c7dafedfef60d7b00371770d4a8d461e5e1e3a5726757b7f08dfd7db4ddc67669ee4c29f1ba719770d00d11e6020f16eaee51c2a46a36999edc3a54a66bf17be37aa8d90e92ffa3983c1780a25ec8dac2a016061f6ccda0c870d132cb56efa6180d5cdba38d8896d47242d0266220b6e8019bc93f2e4ac967a1d35b0fb4f4e66249df3d2babc50395e30d7aa8cfb1b36bdfcd446b38a76690fe6fa1a395bea89ee3f61295fdbf7c188292ff02e1fdeb3d70c90b75375d85fdbc128c72bd798c85d1d932bd5cd518483a7944637aeee48ca087781e390eb4afe7bd5ad3ccf12629ff1301bc9dd2c453b83b9eb771274aae860826fd2653f927069fefa1014e50105f87d81f466e59b04fcfb451e49b1540eafa080cd137dfb8f4ab2328bc5a2448dcf5db3ccd9372b6b53b79c6aac91a80ef62dec7c7b42b86ee50235fcfa181d85fade04ddd094380894356f304a33d6e1bb607bcd9c7a21e63147d3b7839d35632b6f36b34178104ba13386dd4debc4283367095dcb7fb97db7d87f8ad721e4d3c20256356e788dc0dfc536507930f96259d9ad1f76ce96af489fc92a013cf3dcafb256aa621c4b8c983207fdcbafb7764fe0db75e890d776bb53ee577e9a729484c333914f5838191077da5bcd9caf693452367abbbf769a6bb109afaa956d49bbbed8f8f79910c571ba5a0f48d915b70178c9f84e8adfc550bbbe05af55b0e0808e19506b07e001d065e2fe9833f32ae63e08077034f9103451bf473e9d7891d02c0d5fd4ed17129cf7d200dca6393e70790fac0c703ebbd9347953bf30b092dde71c794c0509864a273e34e7118fd9c88a6c28e7c4192c2b0e5388c9520ba1e09b5fdca55c7da36d3e9260fda1fb439d7285bc2ec070e0137c716344a48aa8eac282a067428cca4ed638a07c45d0c9ffec49099ef85651761a3be578277893efeac2dd09b052682752b5a5a7bd57054d01a923847ea3589fc4f766e82d208d440a29a40f55d7fb93cdca1062dd1a9c5128c6184dd5c2454ec173299a23c14d5d171cf2daf51db772064df4cad1435a2e0262636f50a907bf9bf3a5f9d2b755282ad895e0000308e550e9ddd4532ccd8137e18f38bad3b13a9791ba97608110be0203c55904c890a47a995e2587578119520fae4b1fdb92e84a34a1233f463a6e8c32ecd851abb265b4bb8bc86a2911254dc971b8de75737544374319e82788474a8ed30e82d90627602c9d4a1d50ab426158635a90ebb8659fca6803422fbaa1414f5ee35a3bd4a7afe72df4fcb370d6d74f0df32fb161cc74d332c899cbdba7f4ca299dd700ea86e54a86294f1923f45bb86f473ba683b00b0a4932dd10826473b4faab94ba448c26923552ac5563f44d67e513b8c39fc41348914247b0ec9ea75e2480dba6921a8521ec6a83861b270a2693b171a466573b204f21bebde31c84bcc47fbaed3139b789bf45a158f735f390c136b776ce6cd3a8687856f7b180b4d920e770c3e43904f35f5746c9c572f48ccf84df9f2441ae2a33e392c1133fe24af7375be55d5d32597d7a38f647a328747167b8170c7e23ca5ae1895aa9af3eae2479a8e045e95832df771d130db64f51ff07f7931d67d6b76b3ab2bf20c75fb12d4061a378b037a0970e4c709023a0fd4bdf120605092103965eb58f9167f3508b030ca60b890ab9ba5448638456041da1fda6f32bf8ea7e13d824f0f9bf54385dbbc4df03c2426c07eb3e10be04ea2fe3bb1c74cdc10d89e6e9dd55402686fddf37a07302660cb3c4d71311a0d8e7a0fd2ce72d1cbc567a9a13d3277605e9d7204413d9cbb90ce0c7fc88b3fae4b5b8313313138cf6212e61ec763e9d015fa790170ea31a9c26e41b4592e348ea56cd1706a9b612b5ac2e8d73188426dc8fe767c49297113a9fa2e50526fcff259245ba57d05394e940e84340219e2e628bce64817ab10c5d68019ebe1e56dbe190cde6ef5d5a1aed7b12da30082dd11fba14baf3c0983797f124dce29243c882c6fdfc4d2c049bc2f4d8c3d65476df2c669dd59d8ad47bc9c4bcdbf087c6a4ef2165096988701b4fc04dc3a27bc0aaded4e72c24c6bd1a9c1577b82138c0335b07b782fe978d44a39caa7f4a1ae8c20f4449133de6e12c7da82b8ed39d5e2c277594e0fee9024f87393f8c5ea2eec99593014ec42dd1a3f206dc93e92cf72bd1be491e5beaa789d6c34623951d1b287ea9b053d5fd579fa39866711e41da32ea6944cb58da9e772de4c82662f67f81e0487b5de2ad4bd0a7d79889110933ab210313a8d968f8ee5c5aded4a3c31a0973d266b56535118d5c62f02df49928c422034cf51c08492de005c079f5a5dfe780cac1a557b341931fd0ca6a20f9cd90c5ac89999a82f4e9e5b225187fb3b573aacdce2558227951ce1c62430cdc9c1a07a0e8058db487529f842fae555b3175e38d55eeb249ce5973829fc4e0c58976fa20c3ef23b7e414f15370a26ad05987831c3507f492104d8c4433b8bbbabb1c62fc90283533fbfa4d814e8a34633eb61f77f097fd94f49b4a30f383c4b22734ddb344fee5c759ca8e601aa4b8da16a6700a1c04e33afe69cc32cb3151b5cb10129e8d6b705acb189d3d7f404e638200b9d8387c6bdbed0473e1a9af4984975879913598450fc9f8271271bc6c388f3995082357bca334b1fb3d22db6d67be0ecf2c13a9d878b207be7ad4ec9433362a23c9a35403cf12d544c411061ce8feba3e5dd1c85f1dd5f74f4e6e4d82a5209a20ad045e2c31a43f7988a73a4f7ca2db15e0781605abc752a2a66fb2749afb0ea5c60569704ec0d4baa122ddbcbc271306a174453c0c54bbc4965ccfcd0e96a9310eebb7bfbbff7c1626306344bea8dc5e81188234092dd33265181a0d2299d78300d22da309afc5befa5d4f020b181dd784815a106db0345b9804a60f956cf619b4ef69c592e1f5e006284bdd791d71be379d0a9c608f920676a2154c4a77ca546bb1bb52517738c0c8cc52dd9c9fb9765ec937657e1b743db36df842284e2ceb7ad009c616b3cc0ef3b66ae9536450f7de268f42542d0b853150c7e878802ca88f8ff997201865a014fbe32e6e7610836894fc3ea24640ba1cfa73fc9c6aeef2a9bbc4759afe8dded7d77f56b650519d3455ddb7251ff09a586d4afd598626bd7ca5ed5b173913c592d4544b9d6f1d01e2cb2171b96ca0ea8b2b28838c93a7ddc846cbf87daf749c9ef08dc98aaf5c55ca98764ab495d52e4b3ea016fa2243aa1ca660a4ad5afbff94b824e6a94ca1886b065fe23a6c4f49de98a29a3370fbab3d6343a3eec733b6fb5ce56b991c6726dda40321a9b7d34950b8932c3700a08df33f91acbcae0be63a3f6dcff756eac6f483e6ff5e5bb4ba0f42f0b61c52bf3166e6b6cc5a0965a5213732ba796d1be02079c5d11fe1423c19a86f350009d46b13d309ca40cdf93e5062b28db388a2cb35faf0445248b5a32f553a56b06f3fe8cbe4f0d82ba6ba2253bc33f893e4e4703841f0c43f931590509433b7d5ffe569c09c0270ebe71b2dbd23cab2bb684552d1167e660d2ef79e9a8f789781c782e6b546cef0849eb174fb9138017246d1f5bf9095e9de74eeb30adc8322fa24c0095a18c4a7eee41f6dd5857e1cc9d538342232bc1c6c0ffda25f472ccfe1b7e2679dd476aea31f26f07cbc556eb15687ad1f72af5ff8aa8bca13bb19f402324d76029553cf2125ddf979c3fd41c5136f219675739ada9fd0610e444c8069ded9eb992236f09f141abf074e450bce2a3a43b2c107248c9e64fdb9c736c8276f76d0cf9a4f68b315c158545585e84271c80c081e7f7a49d2c46fe065befd058ded0e7ce14d41bb8b097e6f7232d6f669e58eb1f35a6ee39fd46d905c0e6c46c0d05f50420817880ba21946bb7d971c36f7c3805fde66adf77c4c8e851c3342d810c4d2caadae8e72df1c8a8dade70d925afb7bb1856146c548ce7f7f8dc47c51498bb1740630d85c43c69a7a2349834bc2045f37cff9c7ef7e67cb2072d7a2e082b4da0f8dc3458fc59086b392ca2f0ec9d522cf46300b43f9a21b953fe1f269344fe3eb7b2cff7d371aca9184a4a35e98080e88e01864f644193829daf76408bd8bc8072a10f5c68f7519233af5dd0b6744f1f904715cee6de957b9d8888cc9c567b70664e5ebb055505a9f32dfd49e965474c2cbf910965f2200e781ccf8f30fbb4b99bb2c1855c90eaf4e35b653f044d19263d0abad704518b160384f29a59b4c6568cfb478594505a4d31677d952a0f0d9161317f8da37bbc1b5e07d90f0a20b969a1a1f349725ccbf4112cfcbe5a346bfc30f0ff73415fe71b4e46e563d8b16e07c89a107f0f7ac8ab37811a950d171cda24845d3fdfc945ace32093978b5929061b8bbe0d30d3b8b85d32e4fe83363db58759af24d1e502fff4b1481b1e57f1bf1bfdaceccc8f5334396b238d45ef3e089d54991de3031f74dc48ed96367e220d330df0c7454199eb64694ccac4cdfbe84139610f378decc45e31cadbf72f5296897b78073deeaa5ad1899df0466d4da56566d90678a791b749335122204a8e9d891ed1efe9fc8e60e2946e058149630bf3485bbe8b6c752ebde9f953debee03d9547fbfb82f5c57066bf67953f95e0d7c9d4c42dd56fedcebab4de74033609b188ed62dca228c1157ae32ff690caa1a060463f2090716226e3e184da8f420280d14ba8b00b28570a49bdac83bbc3d1a3aeb7d40ec6e9808991fbee279b031c3c5b9d0417617434fd8555e40213c35e27ed856b35d2f9bc097c9160650bd062e8906f40dc15998edddd658b6dcbd6120a152f6a0179b3864c108131372500067e6caad95d5a4cabc1a8757da9b77c729f0dcf8be7adc1f3a118de9854f5116ef3c476915d693ff825f00121b6794a5b46fa8a2fb8a25ea7fe59f1af313545ab0457345dac782450aa0293693aa3a1321d9e0f6e36317c7f2c0f59d5f9de3ecad6ad02a5c3b6ddffa8dd1ab9afc82ddd7084aa16e2da187163f8ef8c03ecba0547252790ca82da19e0fbb8fdc7da4a83367019f7c8cec3363a3249725ff245843d5321cb9bb07a66458249208928a868408a8b23ad01963e5a8f3c580537821a5d9ef53c685f2136b2f10e911837a8957d6eda2aa8931d8f93045f64ee23cc2c00c9e0cede919dedcd367850ba9977cd93d88fe2823bfcb5dc23c2c9631f39dddaa426af7a7c425ebdce2b163f4f41db2b03caeab9279ff98fe23c0c0803e0838d2bcbddbcbb667a51d4fddd1b8a33c7f54c749a62436b3eedd7381d400d6a097743a777fc47f693e1", 0x1000}, {&(0x7f0000000680)="f420744d4859f15140b097982df2ef2a9fb9c5ae652a8ed6b377cb67e3955b2399c7d9260b0f0f12dd50a2a15edaa8f6b1de1ac466ebfdb254d0847242ec96e0d27139606aadff2e0871149262144cda1d1269e80c554209e0c55d2318cea04ff4a955517786aee0570825a9232f7b9dff4708e5fd888686a5a3c707a51a", 0x7e}], 0xa, &(0x7f00000007c0)=ANY=[@ANYBLOB="70000000000000001701000002000000aa000000e332632312d84ceff166cf83a84f415a1d6bd1b7cdd0553309773355f5b9c46d8d4708005f4ff4c4d1afba53dffd9cf89ede813feeaa9207fe9acf458526f0dd8b9279357663fcccf0b8bc52b1436b000000180000000000000017010000030000000100"/136], 0x88, 0x40080c0}, 0x0)

261.883559ms ago: executing program 0 (id=1386):
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000004e00)=[{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)="607be25f2e", 0x5}], 0x1}], 0x1, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000400)="001d71d52a3879c9c7649475728f8a25a071a59c20c131e0364e8828e50cfb69d0561b1bf87522000e42847c81695082fb23c905f5713aa8cadb181f50020730a3af1cb5a2ec28f6a78f19956ad27fa369f8adf71664f8eaff", 0x59, 0x4044000, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000740)={'vcan0\x00'})
recvfrom$inet(0xffffffffffffffff, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
socket$caif_seqpacket(0x25, 0x5, 0x3)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r3, 0x400442c8, &(0x7f0000000540)=ANY=[@ANYRES32=r2])

117.307649ms ago: executing program 0 (id=1387):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="3800000055002f03000000000000000007000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32=0x0, @ANYBLOB="000000ce0f"], 0x38}, 0x1, 0x0, 0x0, 0x4008004}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001000)={&(0x7f0000000ec0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum={0x1}]}, {0x0, [0x5f, 0x2e, 0xe32b8cec5ab8c040]}}, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bind$alg(r1, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$xdp(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000a00)="09f7cca49a6a065d62284c1f7fa68677ed18dfb6a407fd4f50d722d1681d47e5ce6d5571580895967a9be001d9901d5053b18beff632845a3e458cedcd88c6506eda5bfd2d302ec435e456d8c33bd663393e15b1ee7b3f9f4e44ef8aef19a6dbb0fa13d3c477c2e957", 0x69}], 0x1, 0x0, 0x0, 0x8000}, 0x80c1)

0s ago: executing program 2 (id=1388):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@delnexthop={0x38, 0x69, 0x10, 0x70bd26, 0x25dfdbfe, {}, [{0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}, {0x8}]}, 0xfffffffffffffd7e}, 0x1, 0x0, 0x0, 0x40805}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@delnexthop={0x38, 0x69, 0x10, 0x70bd26, 0x25dfdbfe, {}, [{0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x1}, {0x8}]}, 0xfffffffffffffd7e}, 0x1, 0x0, 0x0, 0x40805}, 0x0)

kernel console output (not intermixed with test programs):

 process `syz.3.11'.
[   89.061318][ T5944] netlink: 'syz.4.10': attribute type 11 has an invalid length.
[   89.091079][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.110449][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.184351][ T5946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   89.263849][ T5956] netlink: 'syz.4.13': attribute type 11 has an invalid length.
[   89.289280][ T5836] Bluetooth: hci4: command tx timeout
[   89.292607][ T5956] netlink: 'syz.4.13': attribute type 11 has an invalid length.
[   89.346452][ T5956] netlink: 224 bytes leftover after parsing attributes in process `syz.4.13'.
[   89.366686][ T5836] Bluetooth: hci3: command tx timeout
[   89.372365][ T5834] Bluetooth: hci2: command tx timeout
[   89.372387][ T5844] Bluetooth: hci1: command tx timeout
[   89.380279][ T5834] Bluetooth: hci0: command tx timeout
[   89.506150][ T5946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   89.582337][ T5958] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   89.819048][ T5976] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   90.204973][ T5989] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.20'.
[   90.258020][ T5989] netlink: zone id is out of range
[   90.282911][ T5989] netlink: zone id is out of range
[   90.299468][ T5989] netlink: get zone limit has 8 unknown bytes
[   90.507715][ T5997] netlink: 68 bytes leftover after parsing attributes in process `syz.1.22'.
[   90.525192][ T5997] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22'.
[   90.878077][ T6011] netlink: 24 bytes leftover after parsing attributes in process `syz.0.25'.
[   91.009986][ T6009] xt_CT: No such helper "pptp"
[   91.377469][ T6020] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[   91.743503][ T6030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.30'.
[   91.781114][ T1207] cfg80211: failed to load regulatory.db
[   91.802945][ T6030] netlink: 24 bytes leftover after parsing attributes in process `syz.4.30'.
[   91.822320][ T6033] warning: `syz.2.29' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   92.287950][ T6049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.34'.
[   92.368600][ T6057] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   92.396632][ T6045] team0 (unregistering): Port device team_slave_0 removed
[   92.439598][ T6045] team0 (unregistering): Port device team_slave_1 removed
[   92.451773][ T6064] syz.3.36 uses obsolete (PF_INET,SOCK_PACKET)
[   92.954861][ T6061] vlan2: entered allmulticast mode
[   92.961250][ T6061] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[   93.238901][ T6092] Zero length message leads to an empty skb
[   93.828170][ T6125] __nla_validate_parse: 3 callbacks suppressed
[   93.828190][ T6125] netlink: 12 bytes leftover after parsing attributes in process `syz.1.48'.
[   93.981733][ T6129] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[   94.094954][ T6134] netlink: 12 bytes leftover after parsing attributes in process `syz.4.50'.
[   94.351317][ T6143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.55'.
[   94.365974][ T6143] openvswitch: netlink: nsh attribute has 5276 unknown bytes.
[   94.405748][ T6143] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   94.444698][ T6151] netlink: 24 bytes leftover after parsing attributes in process `syz.1.55'.
[   94.463100][ T6145] netlink: 20 bytes leftover after parsing attributes in process `syz.0.54'.
[   94.474473][ T6143] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   94.481900][ T6143] IPv6: NLM_F_CREATE should be set when creating new route
[   95.057934][ T6168] team0 (unregistering): Port device team_slave_0 removed
[   95.071909][ T6168] team0 (unregistering): Port device team_slave_1 removed
[   95.845820][ T6178] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   96.763669][ T6228] delete_channel: no stack
[   96.798951][ T6228] netlink: 4 bytes leftover after parsing attributes in process `syz.4.76'.
[   96.836620][ T6228] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   96.979113][ T6242] netlink: 12 bytes leftover after parsing attributes in process `syz.0.79'.
[   97.050146][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[   97.079390][ T6242] geneve2: entered promiscuous mode
[   97.299636][ T6253] netlink: 'syz.1.84': attribute type 21 has an invalid length.
[   97.314412][ T6253] netlink: 'syz.1.84': attribute type 1 has an invalid length.
[   97.345179][ T6255] netlink: 260 bytes leftover after parsing attributes in process `syz.4.85'.
[   97.385755][ T6257] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.86'.
[   97.428949][ T6257] netlink: zone id is out of range
[   97.434918][ T6257] netlink: zone id is out of range
[   97.479751][ T6257] netlink: get zone limit has 8 unknown bytes
[   97.532474][ T6266] netlink: 48 bytes leftover after parsing attributes in process `syz.1.89'.
[   97.661810][ T6274] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   97.868525][ T6289] RDS: rds_bind could not find a transport for 400:0:1200:0:1030:0:ffff:ffff, load rds_tcp or rds_rdma?
[   97.965993][ T6297] netlink: zone id is out of range
[   97.990701][ T6297] netlink: zone id is out of range
[   98.021410][ T6297] netlink: zone id is out of range
[   98.036130][ T6297] netlink: zone id is out of range
[   98.129563][ T6299] netlink: 'syz.4.98': attribute type 1 has an invalid length.
[   98.137638][ T6301] netlink: 'syz.1.99': attribute type 21 has an invalid length.
[   98.187207][ T6301] netlink: 'syz.1.99': attribute type 1 has an invalid length.
[   98.750789][ T6334] netlink: 'syz.2.113': attribute type 21 has an invalid length.
[   98.762367][ T6331] netdevsim netdevsim3: Direct firmware load for  failed with error -2
[   98.783730][ T6334] netlink: 'syz.2.113': attribute type 1 has an invalid length.
[   98.793799][ T6331] netdevsim netdevsim3: Falling back to sysfs fallback for: 
[   98.893873][ T6338] __nla_validate_parse: 8 callbacks suppressed
[   98.893894][ T6338] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.116'.
[   99.455102][ T6371] netlink: 24 bytes leftover after parsing attributes in process `syz.2.123'.
[   99.585133][ T6376] netlink: 'syz.0.126': attribute type 21 has an invalid length.
[   99.616357][ T6376] netlink: 'syz.0.126': attribute type 1 has an invalid length.
[  100.106504][ T6407] netlink: 4 bytes leftover after parsing attributes in process `syz.0.133'.
[  100.154677][ T6404] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.178229][ T6414] x_tables: duplicate underflow at hook 1
[  100.204721][ T6417] netlink: 4 bytes leftover after parsing attributes in process `syz.4.137'.
[  100.204751][ T6420] netlink: 'syz.4.137': attribute type 33 has an invalid length.
[  100.241874][ T6420] netlink: 152 bytes leftover after parsing attributes in process `syz.4.137'.
[  100.293199][ T6404] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.342479][ T6424] Driver unsupported XDP return value 0 on prog  (id 56) dev N/A, expect packet loss!
[  100.373689][ T6420] netlink: 152 bytes leftover after parsing attributes in process `syz.4.137'.
[  100.385030][ T6420] netlink: 152 bytes leftover after parsing attributes in process `syz.4.137'.
[  100.394829][ T6420] netlink: 152 bytes leftover after parsing attributes in process `syz.4.137'.
[  100.424652][ T6404] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.445043][ T6422] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  100.459303][ T6420] netlink: 152 bytes leftover after parsing attributes in process `syz.4.137'.
[  100.470390][ T6424] netlink: 44 bytes leftover after parsing attributes in process `syz.3.138'.
[  100.494414][ T6404] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.545672][ T6424] dvmrp0: entered allmulticast mode
[  100.664570][ T6404] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.765142][ T6404] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.788276][ T6439] net_ratelimit: 10 callbacks suppressed
[  100.788295][ T6439] netlink: zone id is out of range
[  100.805063][ T6439] netlink: del zone limit has 4 unknown bytes
[  100.842722][ T6404] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.918831][ T6404] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.359691][ T5924] IPVS: starting estimator thread 0...
[  101.365951][ T6462] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  101.462176][ T6458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.476453][ T6463] IPVS: using max 31 ests per chain, 74400 per kthread
[  101.495601][ T6458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.517478][ T6458] bond0 (unregistering): Released all slaves
[  102.649197][ T6480] openvswitch: netlink: Message has 8 unknown bytes.
[  102.902217][ T6472] geneve2: entered promiscuous mode
[  102.910685][ T6472] geneve2: entered allmulticast mode
[  103.090043][ T1207] IPVS: starting estimator thread 0...
[  103.202598][ T6487] IPVS: using max 29 ests per chain, 69600 per kthread
[  103.314522][ T6495] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  103.440736][ T6506] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  103.481257][ T6507] syzkaller0: entered promiscuous mode
[  103.496614][ T6507] syzkaller0: entered allmulticast mode
[  103.633538][ T6512] FAULT_INJECTION: forcing a failure.
[  103.633538][ T6512] name failslab, interval 1, probability 0, space 0, times 1
[  103.646385][ T6512] CPU: 1 UID: 0 PID: 6512 Comm: syz.4.164 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  103.646410][ T6512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.646426][ T6512] Call Trace:
[  103.646437][ T6512]  <TASK>
[  103.646446][ T6512]  dump_stack_lvl+0x189/0x250
[  103.646501][ T6512]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.646547][ T6512]  ? __pfx__printk+0x10/0x10
[  103.646575][ T6512]  ? __ip_dev_find+0x444/0x4e0
[  103.646601][ T6512]  should_fail_ex+0x414/0x560
[  103.646627][ T6512]  should_failslab+0xa8/0x100
[  103.646655][ T6512]  kmem_cache_alloc_noprof+0x73/0x3c0
[  103.646679][ T6512]  ? dst_alloc+0x105/0x170
[  103.646712][ T6512]  dst_alloc+0x105/0x170
[  103.646737][ T6512]  ? ip_check_mc_rcu+0x4c7/0x680
[  103.646764][ T6512]  ip_route_output_key_hash_rcu+0x140d/0x2330
[  103.646803][ T6512]  ? ip_route_output_key_hash+0xde/0x2e0
[  103.646831][ T6512]  ip_route_output_key_hash+0x1b9/0x2e0
[  103.646861][ T6512]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  103.646898][ T6512]  ? __asan_memset+0x22/0x50
[  103.646923][ T6512]  ip_route_output_flow+0x2a/0x150
[  103.646951][ T6512]  ip_tunnel_xmit+0x96b/0x2380
[  103.647004][ T6512]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  103.647036][ T6512]  ? gre_build_header+0x31c/0xa40
[  103.647072][ T6512]  ? __pfx_gre_build_header+0x10/0x10
[  103.647094][ T6512]  ? skb_network_protocol+0x508/0x760
[  103.647126][ T6512]  ? iptunnel_handle_offloads+0x2fd/0x630
[  103.647155][ T6512]  ipgre_xmit+0x89e/0xc50
[  103.647190][ T6512]  ? __pfx_ipgre_xmit+0x10/0x10
[  103.647228][ T6512]  dev_hard_start_xmit+0x2ff/0x880
[  103.647274][ T6512]  __dev_queue_xmit+0x1adf/0x3a70
[  103.647301][ T6512]  ? do_syscall_64+0xf6/0x210
[  103.647324][ T6512]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.647354][ T6512]  ? __dev_queue_xmit+0x27e/0x3a70
[  103.647401][ T6512]  ? __pfx___dev_queue_xmit+0x10/0x10
[  103.647444][ T6512]  ? rcu_is_watching+0x15/0xb0
[  103.647495][ T6512]  ? pskb_expand_head+0xc20/0x1290
[  103.647526][ T6512]  ? __bpf_redirect+0x56d/0xe40
[  103.647551][ T6512]  __bpf_tx_skb+0x18e/0x260
[  103.647581][ T6512]  bpf_clone_redirect+0x272/0x3d0
[  103.647611][ T6512]  bpf_prog_973cd02a7a0e8181+0x5f/0x64
[  103.647644][ T6512]  ? ktime_get+0x3e/0x1f0
[  103.647673][ T6512]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  103.647694][ T6512]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.647716][ T6512]  ? ktime_get+0x3e/0x1f0
[  103.647734][ T6512]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  103.647764][ T6512]  ? __local_bh_disable_ip+0xf1/0x190
[  103.647795][ T6512]  ? __pfx___cant_migrate+0x10/0x10
[  103.647812][ T6512]  ? __local_bh_enable_ip+0x12d/0x1c0
[  103.647842][ T6512]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  103.647877][ T6512]  ? bpf_test_timer_continue+0x136/0x350
[  103.647906][ T6512]  bpf_test_run+0x38b/0x830
[  103.647939][ T6512]  ? bpf_test_run+0x205/0x830
[  103.647968][ T6512]  ? __pfx_bpf_test_run+0x10/0x10
[  103.648018][ T6512]  ? slab_build_skb+0x273/0x3e0
[  103.648040][ T6512]  ? convert___skb_to_skb+0x3d/0x590
[  103.648063][ T6512]  bpf_prog_test_run_skb+0xb30/0x1560
[  103.648103][ T6512]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  103.648132][ T6512]  bpf_prog_test_run+0x2a9/0x340
[  103.648163][ T6512]  __sys_bpf+0x4a4/0x860
[  103.648190][ T6512]  ? __pfx___sys_bpf+0x10/0x10
[  103.648211][ T6512]  ? bpf_trace_run2+0x186/0x4b0
[  103.648265][ T6512]  __x64_sys_bpf+0x7c/0x90
[  103.648288][ T6512]  do_syscall_64+0xf6/0x210
[  103.648313][ T6512]  ? clear_bhb_loop+0x45/0xa0
[  103.648338][ T6512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.648357][ T6512] RIP: 0033:0x7f109e58e969
[  103.648374][ T6512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.648390][ T6512] RSP: 002b:00007f109f45f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  103.648433][ T6512] RAX: ffffffffffffffda RBX: 00007f109e7b5fa0 RCX: 00007f109e58e969
[  103.648446][ T6512] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  103.648458][ T6512] RBP: 00007f109f45f090 R08: 0000000000000000 R09: 0000000000000000
[  103.648469][ T6512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.648480][ T6512] R13: 0000000000000000 R14: 00007f109e7b5fa0 R15: 00007ffc19769858
[  103.648511][ T6512]  </TASK>
[  104.457057][ T6519] __nla_validate_parse: 130 callbacks suppressed
[  104.457080][ T6519] netlink: 12 bytes leftover after parsing attributes in process `syz.4.167'.
[  104.978190][ T6536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.172'.
[  105.001668][ T6538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.171'.
[  105.008132][ T6536] netlink: 20 bytes leftover after parsing attributes in process `syz.2.172'.
[  105.473994][ T6558] netlink: 28 bytes leftover after parsing attributes in process `syz.4.177'.
[  106.642877][ T6538] netlink: 21 bytes leftover after parsing attributes in process `syz.1.171'.
[  106.833838][ T6576] netlink: 12 bytes leftover after parsing attributes in process `syz.0.179'.
[  106.885388][ T6570] batman_adv: batadv0: Adding interface: gretap1
[  106.906367][ T6570] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  107.102239][ T6584] IPv6: addrconf: prefix option has invalid lifetime
[  107.132251][ T6584] raw_sendmsg: syz.2.183 forgot to set AF_INET. Fix it!
[  107.355094][ T6593] openvswitch: netlink: Port 10289156 exceeds max allowable 65535
[  107.703147][ T6604] syzkaller0: entered promiscuous mode
[  107.708846][ T6604] syzkaller0: entered allmulticast mode
[  108.023540][ T6612] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  108.715570][ T6642] netlink: 12 bytes leftover after parsing attributes in process `syz.1.203'.
[  108.748705][ T6645] netlink: 300 bytes leftover after parsing attributes in process `syz.4.202'.
[  110.199686][ T6632] bridge0: port 3(batadv1) entered blocking state
[  110.210175][ T6632] bridge0: port 3(batadv1) entered disabled state
[  110.220068][ T6632] batadv1: entered allmulticast mode
[  110.246310][ T6632] batadv1: entered promiscuous mode
[  110.360484][ T6649] netlink: 40 bytes leftover after parsing attributes in process `syz.1.204'.
[  110.447430][ T6666] netlink: 248 bytes leftover after parsing attributes in process `syz.3.208'.
[  110.559781][ T6669] tc_dump_action: action bad kind
[  110.590654][ T6669] netlink: 24 bytes leftover after parsing attributes in process `syz.1.209'.
[  110.619975][ T6673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.211'.
[  110.665438][ T6673] ipvlan3: entered allmulticast mode
[  110.700829][ T1078] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  110.710396][ T1078] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  110.726533][ T6673] veth0_vlan: entered allmulticast mode
[  110.935828][ T6682] netlink: 12 bytes leftover after parsing attributes in process `syz.4.214'.
[  110.960510][ T6683] netlink: 4 bytes leftover after parsing attributes in process `syz.3.215'.
[  111.230169][ T6683] hsr_slave_1 (unregistering): left promiscuous mode
[  111.413858][ T6708] netlink: 252 bytes leftover after parsing attributes in process `syz.4.221'.
[  111.917895][ T6728] FAULT_INJECTION: forcing a failure.
[  111.917895][ T6728] name failslab, interval 1, probability 0, space 0, times 0
[  111.977376][ T6728] CPU: 0 UID: 0 PID: 6728 Comm: syz.0.226 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  111.977404][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.977422][ T6728] Call Trace:
[  111.977429][ T6728]  <TASK>
[  111.977438][ T6728]  dump_stack_lvl+0x189/0x250
[  111.977474][ T6728]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.977502][ T6728]  ? __pfx__printk+0x10/0x10
[  111.977528][ T6728]  ? ref_tracker_alloc+0x318/0x460
[  111.977553][ T6728]  should_fail_ex+0x414/0x560
[  111.977578][ T6728]  should_failslab+0xa8/0x100
[  111.977606][ T6728]  kmem_cache_alloc_noprof+0x73/0x3c0
[  111.977629][ T6728]  ? skb_clone+0x212/0x3a0
[  111.977661][ T6728]  skb_clone+0x212/0x3a0
[  111.977692][ T6728]  __netlink_deliver_tap+0x404/0x850
[  111.977728][ T6728]  ? netlink_deliver_tap+0x2e/0x1b0
[  111.977752][ T6728]  netlink_deliver_tap+0x19c/0x1b0
[  111.977775][ T6728]  netlink_unicast+0x72f/0x8d0
[  111.977806][ T6728]  netlink_sendmsg+0x805/0xb30
[  111.977838][ T6728]  ? __pfx_netlink_sendmsg+0x10/0x10
[  111.977864][ T6728]  ? aa_sock_msg_perm+0x94/0x160
[  111.977887][ T6728]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  111.977909][ T6728]  ? __pfx_netlink_sendmsg+0x10/0x10
[  111.977931][ T6728]  __sock_sendmsg+0x219/0x270
[  111.977953][ T6728]  sock_write_iter+0x258/0x330
[  111.977985][ T6728]  ? __pfx_sock_write_iter+0x10/0x10
[  111.978026][ T6728]  ? __pfx_aa_file_perm+0x10/0x10
[  111.978057][ T6728]  do_iter_readv_writev+0x56b/0x7f0
[  111.978084][ T6728]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  111.978114][ T6728]  ? bpf_lsm_file_permission+0x9/0x20
[  111.978137][ T6728]  ? security_file_permission+0x75/0x290
[  111.978168][ T6728]  ? rw_verify_area+0x258/0x650
[  111.978193][ T6728]  vfs_writev+0x306/0x9a0
[  111.978218][ T6728]  ? vfs_write+0x8d8/0xa90
[  111.978247][ T6728]  ? __pfx_vfs_writev+0x10/0x10
[  111.978290][ T6728]  ? __fget_files+0x2a/0x420
[  111.978320][ T6728]  ? __fget_files+0x3a0/0x420
[  111.978343][ T6728]  ? __fget_files+0x2a/0x420
[  111.978376][ T6728]  do_writev+0x14d/0x2d0
[  111.978428][ T6728]  ? __pfx_do_writev+0x10/0x10
[  111.978459][ T6728]  ? do_syscall_64+0xba/0x210
[  111.978487][ T6728]  do_syscall_64+0xf6/0x210
[  111.978511][ T6728]  ? clear_bhb_loop+0x45/0xa0
[  111.978534][ T6728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.978552][ T6728] RIP: 0033:0x7f3a23d8e969
[  111.978570][ T6728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.978585][ T6728] RSP: 002b:00007f3a24b95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  111.978606][ T6728] RAX: ffffffffffffffda RBX: 00007f3a23fb5fa0 RCX: 00007f3a23d8e969
[  111.978619][ T6728] RDX: 0000000000000001 RSI: 0000200000000280 RDI: 0000000000000003
[  111.978631][ T6728] RBP: 00007f3a24b95090 R08: 0000000000000000 R09: 0000000000000000
[  111.978642][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.978652][ T6728] R13: 0000000000000000 R14: 00007f3a23fb5fa0 R15: 00007ffdd9fe97f8
[  111.978683][ T6728]  </TASK>
[  112.116624][ T6734] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[  112.130271][ T6735] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.227'.
[  112.346310][ T6735] netlink: zone id is out of range
[  112.356298][ T6735] netlink: zone id is out of range
[  112.361449][ T6735] netlink: get zone limit has 8 unknown bytes
[  112.900802][ T6753] netlink: 4 bytes leftover after parsing attributes in process `syz.4.231'.
[  113.713541][ T6734] team0: Port device team_slave_0 removed
[  113.923435][ T6739] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.138591][ T6739] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.320092][ T6739] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.475576][ T6784] validate_nla: 65 callbacks suppressed
[  114.475594][ T6784] netlink: 'syz.1.240': attribute type 1 has an invalid length.
[  114.492149][ T6739] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.507943][ T6786] FAULT_INJECTION: forcing a failure.
[  114.507943][ T6786] name failslab, interval 1, probability 0, space 0, times 0
[  114.536689][ T6786] CPU: 1 UID: 0 PID: 6786 Comm: syz.4.239 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  114.536719][ T6786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  114.536731][ T6786] Call Trace:
[  114.536739][ T6786]  <TASK>
[  114.536747][ T6786]  dump_stack_lvl+0x189/0x250
[  114.536783][ T6786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.536812][ T6786]  ? __pfx__printk+0x10/0x10
[  114.536837][ T6786]  ? __pfx___might_resched+0x10/0x10
[  114.536853][ T6786]  ? fs_reclaim_acquire+0x7d/0x100
[  114.536887][ T6786]  should_fail_ex+0x414/0x560
[  114.536912][ T6786]  should_failslab+0xa8/0x100
[  114.536940][ T6786]  __kmalloc_cache_noprof+0x70/0x3d0
[  114.536964][ T6786]  ? __inet_diag_dump_start+0x9d/0xa10
[  114.536997][ T6786]  __inet_diag_dump_start+0x9d/0xa10
[  114.537024][ T6786]  ? netlink_lookup+0x30/0x200
[  114.537042][ T6786]  ? netlink_lookup+0x30/0x200
[  114.537067][ T6786]  __netlink_dump_start+0x466/0x7e0
[  114.537096][ T6786]  inet_diag_handler_cmd+0x1bf/0x290
[  114.537133][ T6786]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  114.537160][ T6786]  ? __pfx_inet_diag_dump_start+0x10/0x10
[  114.537184][ T6786]  ? __pfx_inet_diag_dump+0x10/0x10
[  114.537208][ T6786]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  114.537241][ T6786]  ? sock_diag_lock_handler+0x19/0x290
[  114.537260][ T6786]  ? sock_diag_lock_handler+0x19/0x290
[  114.537302][ T6786]  sock_diag_rcv_msg+0x3d4/0x610
[  114.537327][ T6786]  netlink_rcv_skb+0x219/0x490
[  114.537350][ T6786]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  114.537371][ T6786]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  114.537415][ T6786]  ? netlink_deliver_tap+0x2e/0x1b0
[  114.537436][ T6786]  ? netlink_deliver_tap+0x2e/0x1b0
[  114.537464][ T6786]  netlink_unicast+0x758/0x8d0
[  114.537495][ T6786]  netlink_sendmsg+0x805/0xb30
[  114.537527][ T6786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.537554][ T6786]  ? aa_sock_msg_perm+0x94/0x160
[  114.537578][ T6786]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  114.537600][ T6786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.537623][ T6786]  __sock_sendmsg+0x219/0x270
[  114.537646][ T6786]  sock_write_iter+0x258/0x330
[  114.537678][ T6786]  ? __pfx_sock_write_iter+0x10/0x10
[  114.537718][ T6786]  ? __pfx_aa_file_perm+0x10/0x10
[  114.537749][ T6786]  do_iter_readv_writev+0x56b/0x7f0
[  114.537776][ T6786]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  114.537806][ T6786]  ? bpf_lsm_file_permission+0x9/0x20
[  114.537829][ T6786]  ? security_file_permission+0x75/0x290
[  114.537860][ T6786]  ? rw_verify_area+0x258/0x650
[  114.537885][ T6786]  vfs_writev+0x306/0x9a0
[  114.537910][ T6786]  ? vfs_write+0x8d8/0xa90
[  114.537939][ T6786]  ? __pfx_vfs_writev+0x10/0x10
[  114.537983][ T6786]  ? __fget_files+0x2a/0x420
[  114.538013][ T6786]  ? __fget_files+0x3a0/0x420
[  114.538037][ T6786]  ? __fget_files+0x2a/0x420
[  114.538072][ T6786]  do_writev+0x14d/0x2d0
[  114.538102][ T6786]  ? __pfx_do_writev+0x10/0x10
[  114.538139][ T6786]  ? do_syscall_64+0xba/0x210
[  114.538168][ T6786]  do_syscall_64+0xf6/0x210
[  114.538192][ T6786]  ? clear_bhb_loop+0x45/0xa0
[  114.538217][ T6786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.538235][ T6786] RIP: 0033:0x7f109e58e969
[  114.538253][ T6786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.538269][ T6786] RSP: 002b:00007f109f45f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  114.538288][ T6786] RAX: ffffffffffffffda RBX: 00007f109e7b5fa0 RCX: 00007f109e58e969
[  114.538302][ T6786] RDX: 0000000000000001 RSI: 0000200000000280 RDI: 0000000000000003
[  114.538314][ T6786] RBP: 00007f109f45f090 R08: 0000000000000000 R09: 0000000000000000
[  114.538325][ T6786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.538336][ T6786] R13: 0000000000000000 R14: 00007f109e7b5fa0 R15: 00007ffc19769858
[  114.538366][ T6786]  </TASK>
[  115.088432][ T6784] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.419380][ T6789] bond1: (slave veth3): Enslaving as an active interface with a down link
[  115.474950][ T6793] bond1: (slave veth0_to_bond): making interface the new active one
[  115.489182][ T6793] veth0_to_bond: entered promiscuous mode
[  115.500352][ T6793] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  115.684086][ T6739] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.771313][ T6739] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.811684][ T6739] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.952388][ T6832] __nla_validate_parse: 2 callbacks suppressed
[  115.952407][ T6832] netlink: 8 bytes leftover after parsing attributes in process `syz.1.251'.
[  115.972982][ T6739] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.984402][ T6832] netlink: 'syz.1.251': attribute type 5 has an invalid length.
[  116.000386][ T6832] netlink: 20 bytes leftover after parsing attributes in process `syz.1.251'.
[  116.013533][ T6837] netlink: 8 bytes leftover after parsing attributes in process `syz.1.251'.
[  116.052620][ T6832] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  116.083922][ T6832] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  116.095672][ T6832] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  116.106950][ T6841] netlink: 28 bytes leftover after parsing attributes in process `syz.1.251'.
[  116.109155][ T6840] netlink: 'syz.0.252': attribute type 3 has an invalid length.
[  116.132403][ T6832] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  116.132595][ T6844] netlink: 'syz.3.255': attribute type 1 has an invalid length.
[  116.141676][ T6832] geneve2: entered promiscuous mode
[  116.158848][ T6832] geneve2: entered allmulticast mode
[  116.466535][ T6857] netlink: 300 bytes leftover after parsing attributes in process `syz.1.258'.
[  116.485628][ T6855] gtp0: entered promiscuous mode
[  116.494355][ T6859] netlink: 224 bytes leftover after parsing attributes in process `syz.2.259'.
[  116.936972][ T6881] netlink: 'syz.0.264': attribute type 26 has an invalid length.
[  116.946871][ T6884] netlink: 'syz.3.267': attribute type 6 has an invalid length.
[  116.999344][ T6883] netlink: zone id is out of range
[  117.029667][ T6883] netlink: zone id is out of range
[  117.049083][ T6883] netlink: zone id is out of range
[  117.067515][ T6883] netlink: zone id is out of range
[  117.091525][ T6883] netlink: zone id is out of range
[  117.142057][ T6883] netlink: zone id is out of range
[  117.206445][ T6883] netlink: zone id is out of range
[  117.557350][ T6904] netlink: 300 bytes leftover after parsing attributes in process `syz.4.271'.
[  117.856740][ T6912] netlink: 8 bytes leftover after parsing attributes in process `syz.2.274'.
[  117.999927][ T6915] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.053344][ T6915] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.132489][ T6915] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.192108][ T6915] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.295409][ T6915] batman_adv: batadv0: Removing interface: gretap1
[  119.155143][ T6948] netlink: 'syz.4.281': attribute type 39 has an invalid length.
[  119.364391][ T6953] FAULT_INJECTION: forcing a failure.
[  119.364391][ T6953] name failslab, interval 1, probability 0, space 0, times 0
[  119.377154][ T6953] CPU: 1 UID: 0 PID: 6953 Comm: syz.2.283 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  119.377180][ T6953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.377196][ T6953] Call Trace:
[  119.377204][ T6953]  <TASK>
[  119.377212][ T6953]  dump_stack_lvl+0x189/0x250
[  119.377250][ T6953]  ? __pfx_dump_stack_lvl+0x10/0x10
[  119.377278][ T6953]  ? __pfx__printk+0x10/0x10
[  119.377305][ T6953]  ? __ip_dev_find+0x444/0x4e0
[  119.377331][ T6953]  should_fail_ex+0x414/0x560
[  119.377357][ T6953]  should_failslab+0xa8/0x100
[  119.377385][ T6953]  kmem_cache_alloc_noprof+0x73/0x3c0
[  119.377408][ T6953]  ? dst_alloc+0x105/0x170
[  119.377440][ T6953]  dst_alloc+0x105/0x170
[  119.377464][ T6953]  ? ip_check_mc_rcu+0x4c7/0x680
[  119.377490][ T6953]  ip_route_output_key_hash_rcu+0x140d/0x2330
[  119.377527][ T6953]  ? ip_route_output_key_hash+0xde/0x2e0
[  119.377555][ T6953]  ip_route_output_key_hash+0x1b9/0x2e0
[  119.377585][ T6953]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  119.377618][ T6953]  ? __asan_memset+0x22/0x50
[  119.377650][ T6953]  ip_route_output_flow+0x2a/0x150
[  119.377679][ T6953]  ip_tunnel_xmit+0x96b/0x2380
[  119.377731][ T6953]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  119.377755][ T6953]  ? gre_build_header+0x31c/0xa40
[  119.377790][ T6953]  ? __pfx_gre_build_header+0x10/0x10
[  119.377812][ T6953]  ? skb_network_protocol+0x508/0x760
[  119.377838][ T6953]  ? iptunnel_handle_offloads+0x2fd/0x630
[  119.377863][ T6953]  ipgre_xmit+0x89e/0xc50
[  119.377896][ T6953]  ? __pfx_ipgre_xmit+0x10/0x10
[  119.377934][ T6953]  dev_hard_start_xmit+0x2ff/0x880
[  119.377978][ T6953]  __dev_queue_xmit+0x1adf/0x3a70
[  119.378004][ T6953]  ? do_syscall_64+0xf6/0x210
[  119.378026][ T6953]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.378056][ T6953]  ? __dev_queue_xmit+0x27e/0x3a70
[  119.378101][ T6953]  ? __pfx___dev_queue_xmit+0x10/0x10
[  119.378144][ T6953]  ? rcu_is_watching+0x15/0xb0
[  119.378193][ T6953]  ? pskb_expand_head+0xc20/0x1290
[  119.378222][ T6953]  ? __bpf_redirect+0x56d/0xe40
[  119.378247][ T6953]  __bpf_tx_skb+0x18e/0x260
[  119.378275][ T6953]  bpf_clone_redirect+0x272/0x3d0
[  119.378304][ T6953]  bpf_prog_973cd02a7a0e8181+0x5f/0x64
[  119.378329][ T6953]  ? ktime_get+0x3e/0x1f0
[  119.378357][ T6953]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  119.378391][ T6953]  ? lockdep_hardirqs_on+0x9c/0x150
[  119.378413][ T6953]  ? ktime_get+0x3e/0x1f0
[  119.378429][ T6953]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  119.378457][ T6953]  ? __local_bh_disable_ip+0xf1/0x190
[  119.378486][ T6953]  ? __pfx___cant_migrate+0x10/0x10
[  119.378502][ T6953]  ? __local_bh_enable_ip+0x12d/0x1c0
[  119.378531][ T6953]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  119.378564][ T6953]  ? bpf_test_timer_continue+0x136/0x350
[  119.378590][ T6953]  bpf_test_run+0x38b/0x830
[  119.378621][ T6953]  ? bpf_test_run+0x205/0x830
[  119.378658][ T6953]  ? __pfx_bpf_test_run+0x10/0x10
[  119.378717][ T6953]  ? slab_build_skb+0x273/0x3e0
[  119.378761][ T6953]  ? convert___skb_to_skb+0x3d/0x590
[  119.378783][ T6953]  bpf_prog_test_run_skb+0xb30/0x1560
[  119.378826][ T6953]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  119.378847][ T6953]  bpf_prog_test_run+0x2a9/0x340
[  119.378876][ T6953]  __sys_bpf+0x4a4/0x860
[  119.378902][ T6953]  ? __pfx___sys_bpf+0x10/0x10
[  119.378940][ T6953]  ? ksys_write+0x1f0/0x250
[  119.378960][ T6953]  ? rcu_is_watching+0x15/0xb0
[  119.378999][ T6953]  __x64_sys_bpf+0x7c/0x90
[  119.379020][ T6953]  do_syscall_64+0xf6/0x210
[  119.379044][ T6953]  ? clear_bhb_loop+0x45/0xa0
[  119.379067][ T6953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.379085][ T6953] RIP: 0033:0x7f0395f8e969
[  119.379102][ T6953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.379135][ T6953] RSP: 002b:00007f0393df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  119.379156][ T6953] RAX: ffffffffffffffda RBX: 00007f03961b5fa0 RCX: 00007f0395f8e969
[  119.379170][ T6953] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[  119.379183][ T6953] RBP: 00007f0393df6090 R08: 0000000000000000 R09: 0000000000000000
[  119.379194][ T6953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  119.379205][ T6953] R13: 0000000000000000 R14: 00007f03961b5fa0 R15: 00007ffd0e2fbff8
[  119.379236][ T6953]  </TASK>
[  120.172047][ T6966] bridge_slave_0: left allmulticast mode
[  120.218802][ T6966] bridge_slave_0: left promiscuous mode
[  120.254778][ T6966] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.302054][ T6966] bridge_slave_1: left allmulticast mode
[  120.339838][ T6966] bridge_slave_1: left promiscuous mode
[  120.354455][ T6966] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.447770][ T6966] bond0: (slave bond_slave_0): Releasing backup interface
[  120.506430][ T6966] bond0: (slave bond_slave_1): Releasing backup interface
[  120.550317][ T6966] team0: Port device team_slave_0 removed
[  120.612944][ T6966] team0: Port device team_slave_1 removed
[  120.630873][ T6966] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.660146][ T6966] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.681801][ T6966] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.689862][ T6966] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.341361][ T7020] netlink: 'syz.2.298': attribute type 1 has an invalid length.
[  121.494452][ T7025] bond1: (slave gretap1): making interface the new active one
[  121.504909][ T7025] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  121.553862][ T7037] netlink: 388 bytes leftover after parsing attributes in process `syz.4.305'.
[  121.714630][ T1207] hid-generic 0005:0008:5505.0001: unknown main item tag 0x0
[  121.749317][ T1207] hid-generic 0005:0008:5505.0001: unknown main item tag 0x0
[  121.783583][ T1207] hid-generic 0005:0008:5505.0001: unknown main item tag 0x0
[  121.795930][ T1207] hid-generic 0005:0008:5505.0001: unknown main item tag 0x0
[  121.815245][ T1207] hid-generic 0005:0008:5505.0001: unknown main item tag 0x0
[  121.832357][ T7053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.309'.
[  121.842588][ T7053] netlink: 24 bytes leftover after parsing attributes in process `syz.2.309'.
[  121.904678][ T1207] hid-generic 0005:0008:5505.0001: unknown main item tag 0x0
[  121.951466][ T1207] hid-generic 0005:0008:5505.0001: unknown main item tag 0x1
[  121.974334][ T7057] netlink: 12 bytes leftover after parsing attributes in process `syz.1.311'.
[  122.004993][ T1207] hid-generic 0005:0008:5505.0001: hidraw0: BLUETOOTH HID v0.8b Device [syz1] on aa:aa:aa:aa:aa:aa
[  122.326626][ T7063] fido_id[7063]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci4/hci4:200/report_descriptor': No such file or directory
[  122.346075][ T7077] netlink: 12 bytes leftover after parsing attributes in process `syz.1.315'.
[  122.582991][ T7092] netlink: 11562 bytes leftover after parsing attributes in process `syz.3.318'.
[  122.823159][ T7100] netlink: 'syz.3.320': attribute type 1 has an invalid length.
[  122.866513][ T7100] netlink: 'syz.3.320': attribute type 11 has an invalid length.
[  122.883110][ T7104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.321'.
[  122.885614][ T7108] netlink: 'syz.1.319': attribute type 1 has an invalid length.
[  122.905976][ T7104] netlink: 12 bytes leftover after parsing attributes in process `syz.0.321'.
[  122.920508][ T7100] netlink: 220 bytes leftover after parsing attributes in process `syz.3.320'.
[  123.179060][ T7117] netlink: 300 bytes leftover after parsing attributes in process `syz.0.326'.
[  123.714270][ T7135] veth5: entered allmulticast mode
[  123.900928][ T7151] vxcan1: tx address claim with dlc 0
[  123.920290][ T7146] geneve2: entered promiscuous mode
[  124.093088][ T7162] tc_dump_action: action bad kind
[  124.261384][ T7166] netlink: 'syz.2.343': attribute type 16 has an invalid length.
[  124.293203][ T7166] netlink: 'syz.2.343': attribute type 17 has an invalid length.
[  124.295292][ T7170] FAULT_INJECTION: forcing a failure.
[  124.295292][ T7170] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  124.382710][ T7170] CPU: 1 UID: 0 PID: 7170 Comm: syz.4.345 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  124.382736][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  124.382746][ T7170] Call Trace:
[  124.382753][ T7170]  <TASK>
[  124.382761][ T7170]  dump_stack_lvl+0x189/0x250
[  124.382811][ T7170]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.382838][ T7170]  ? __pfx__printk+0x10/0x10
[  124.382870][ T7170]  should_fail_ex+0x414/0x560
[  124.382895][ T7170]  _copy_to_user+0x31/0xb0
[  124.382923][ T7170]  simple_read_from_buffer+0xe1/0x170
[  124.382953][ T7170]  proc_fail_nth_read+0x1df/0x250
[  124.382983][ T7170]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  124.383013][ T7170]  ? rw_verify_area+0x258/0x650
[  124.383032][ T7170]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  124.383061][ T7170]  vfs_read+0x1fd/0x980
[  124.383087][ T7170]  ? __pfx___mutex_lock+0x10/0x10
[  124.383119][ T7170]  ? __pfx_vfs_read+0x10/0x10
[  124.383141][ T7170]  ? __fget_files+0x2a/0x420
[  124.383170][ T7170]  ? __fget_files+0x3a0/0x420
[  124.383193][ T7170]  ? __fget_files+0x2a/0x420
[  124.383227][ T7170]  ksys_read+0x145/0x250
[  124.383250][ T7170]  ? __pfx_ksys_read+0x10/0x10
[  124.383275][ T7170]  ? do_syscall_64+0xba/0x210
[  124.383302][ T7170]  do_syscall_64+0xf6/0x210
[  124.383327][ T7170]  ? clear_bhb_loop+0x45/0xa0
[  124.383361][ T7170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.383378][ T7170] RIP: 0033:0x7f109e58d37c
[  124.383394][ T7170] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  124.383408][ T7170] RSP: 002b:00007f109f45f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  124.383427][ T7170] RAX: ffffffffffffffda RBX: 00007f109e7b5fa0 RCX: 00007f109e58d37c
[  124.383440][ T7170] RDX: 000000000000000f RSI: 00007f109f45f0a0 RDI: 0000000000000004
[  124.383450][ T7170] RBP: 00007f109f45f090 R08: 0000000000000000 R09: 0000000000000000
[  124.383461][ T7170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.383471][ T7170] R13: 0000000000000000 R14: 00007f109e7b5fa0 R15: 00007ffc19769858
[  124.383499][ T7170]  </TASK>
[  124.794447][ T7186] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  125.040993][ T7197] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  125.096063][ T7197] batadv_slave_1: entered promiscuous mode
[  125.105387][ T7197] batadv_slave_1: entered allmulticast mode
[  125.502669][ T7221] net_ratelimit: 349 callbacks suppressed
[  125.502689][ T7221] netlink: zone id is out of range
[  125.536772][ T7221] netlink: zone id is out of range
[  125.541943][ T7221] netlink: get zone limit has 8 unknown bytes
[  125.611044][ T7223] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.660100][ T7223] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  125.838571][ T7223] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.875784][ T7223] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  125.942693][ T7240] netlink: 'syz.4.368': attribute type 2 has an invalid length.
[  125.969912][ T7240] netlink: 'syz.4.368': attribute type 6 has an invalid length.
[  126.060857][ T7240] x_tables: duplicate underflow at hook 3
[  126.146024][ T7223] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.206448][ T7223] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  126.295558][ T7261] geneve2: entered promiscuous mode
[  126.304853][ T7261] geneve2: entered allmulticast mode
[  126.395225][ T7223] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.409641][ T7223] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  126.652757][ T7223] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  126.673637][ T7279] __nla_validate_parse: 16 callbacks suppressed
[  126.673662][ T7279] netlink: 880 bytes leftover after parsing attributes in process `syz.3.377'.
[  126.704103][ T7223] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  126.743632][ T7223] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  126.754737][ T7223] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  126.859576][ T7223] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  126.902561][ T7223] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  126.963601][ T7298] netlink: 4 bytes leftover after parsing attributes in process `syz.3.384'.
[  126.995533][ T7299] Unsupported ieee802154 address type: 0
[  127.045811][ T7223] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  127.068057][ T7223] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  127.272399][ T7314] xt_time: invalid argument - start or stop time greater than 23:59:59
[  127.440679][   T63] veth0_to_bond: left promiscuous mode
[  127.622390][ T7326] netlink: 32 bytes leftover after parsing attributes in process `syz.4.394'.
[  127.658774][ T7332] netlink: 'syz.1.393': attribute type 4 has an invalid length.
[  127.667878][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x4
[  127.676592][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.684028][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.692923][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.700416][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.707913][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x2
[  127.715979][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.723993][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.725171][ T7336] netlink: 12 bytes leftover after parsing attributes in process `syz.0.392'.
[  127.731840][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.749114][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.756690][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.764113][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.771812][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.779362][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.786891][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x0
[  127.794349][   T52] hid-generic 0005:0008:5505.0002: unknown main item tag 0x1
[  127.803153][ T7339] netlink: 8 bytes leftover after parsing attributes in process `syz.2.396'.
[  127.816715][ T7336] netlink: 28 bytes leftover after parsing attributes in process `syz.0.392'.
[  127.825667][ T7336] netlink: 28 bytes leftover after parsing attributes in process `syz.0.392'.
[  127.866006][   T52] hid-generic 0005:0008:5505.0002: hidraw0: BLUETOOTH HID v0.8b Device [syz1] on aa:aa:aa:aa:aa:aa
[  127.926766][ T7336] netlink: 44 bytes leftover after parsing attributes in process `syz.0.392'.
[  127.949753][ T7329] delete_channel: no stack
[  127.983605][ T7343] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.084624][ T7340] fido_id[7340]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci4/hci4:200/report_descriptor': No such file or directory
[  128.106071][ T7343] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.213242][ T7347] netlink: 'syz.4.399': attribute type 1 has an invalid length.
[  128.271164][ T7356] netlink: 12 bytes leftover after parsing attributes in process `syz.1.402'.
[  128.296081][ T7356] netlink: 'syz.1.402': attribute type 1 has an invalid length.
[  128.319791][ T7343] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.323712][ T7356] netlink: 'syz.1.402': attribute type 1 has an invalid length.
[  128.361543][ T7356] netlink: 'syz.1.402': attribute type 2 has an invalid length.
[  128.390746][ T7356] netlink: 68 bytes leftover after parsing attributes in process `syz.1.402'.
[  128.449073][ T7343] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.566198][ T7368] netlink: zone id is out of range
[  128.590286][ T7368] netlink: zone id is out of range
[  128.618716][ T7368] netlink: get zone limit has 8 unknown bytes
[  128.628044][ T7370] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  128.659044][ T7343] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.679154][ T7343] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.701454][ T7343] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.718300][ T7372] Bluetooth: MGMT ver 1.23
[  128.727510][ T7343] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.125241][ T7395] IPv6: sit1: Disabled Multicast RS
[  129.313531][ T7396] netem: change failed
[  129.554570][ T7410] tipc: Started in network mode
[  129.569909][ T7410] tipc: Node identity ac14140f, cluster identity 4711
[  129.598900][ T7410] tipc: New replicast peer: 255.255.255.255
[  129.618139][ T7410] tipc: Enabled bearer <udp:syz2>, priority 10
[  129.683923][ T7417] openvswitch: netlink: Message has 4 unknown bytes.
[  130.310248][ T7450] netlink: 'syz.3.430': attribute type 25 has an invalid length.
[  130.334299][ T7449] netlink: 'syz.3.430': attribute type 25 has an invalid length.
[  130.737500][ T5929] tipc: Node number set to 2886997007
[  130.793653][ T1341] tipc: Subscription rejected, illegal request
[  131.175710][ T7493] xt_recent: Unsupported userspace flags (00000061)
[  131.183158][ T5834] Bluetooth: hci4: link tx timeout
[  131.188250][ T7493] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  131.189019][ T5834] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  131.567771][ T5836] Bluetooth: hci4: link tx timeout
[  131.573037][ T5836] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  131.597537][ T5836] Bluetooth: hci4: link tx timeout
[  131.604056][ T5836] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  131.744955][ T5836] Bluetooth: hci4: link tx timeout
[  131.750264][ T5836] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  131.784826][   T30] audit: type=1804 audit(1747068906.532:2): pid=7513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.447" name="/newroot/84/cgroup.controllers" dev="tmpfs" ino=445 res=1 errno=0
[  131.790070][ T7517] netlink: 'syz.2.449': attribute type 12 has an invalid length.
[  131.814737][ T7517] __nla_validate_parse: 4 callbacks suppressed
[  131.814750][ T7517] netlink: 132 bytes leftover after parsing attributes in process `syz.2.449'.
[  131.818887][ T7513] netlink: 12 bytes leftover after parsing attributes in process `syz.0.447'.
[  131.886398][   T30] audit: type=1800 audit(1747068906.532:3): pid=7513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.447" name="cgroup.controllers" dev="tmpfs" ino=445 res=0 errno=0
[  132.096673][ T7529] netlink: 'syz.3.453': attribute type 3 has an invalid length.
[  132.136515][ T7532] netlink: 16 bytes leftover after parsing attributes in process `syz.1.454'.
[  132.172063][ T7537] netlink: 12 bytes leftover after parsing attributes in process `syz.0.455'.
[  132.213594][ T7532] netlink: 68 bytes leftover after parsing attributes in process `syz.1.454'.
[  132.246815][ T7532] netlink: 12 bytes leftover after parsing attributes in process `syz.1.454'.
[  132.278025][ T7537] geneve2: entered promiscuous mode
[  132.307126][ T7538] netlink: 56 bytes leftover after parsing attributes in process `syz.1.454'.
[  132.362158][ T7544] netlink: 8 bytes leftover after parsing attributes in process `syz.3.458'.
[  132.376520][ T7544] openvswitch: netlink: push_nsh: missing base or metadata attributes
[  132.456369][ T7544] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  132.564323][ T7558] netlink: 'syz.4.460': attribute type 2 has an invalid length.
[  132.592875][ T5836] Bluetooth: hci4: link tx timeout
[  132.598505][ T5836] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  132.608367][ T7558] xt_l2tp: unknown flags: 18
[  132.744720][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  132.756335][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  132.805496][ T7566] netlink: 'syz.2.461': attribute type 21 has an invalid length.
[  132.821050][ T7563] tipc: Started in network mode
[  132.825972][ T7563] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  132.908027][ T7563] tipc: Enabled bearer <udp:s>, priority 10
[  132.963687][ T7566] netlink: 'syz.2.461': attribute type 1 has an invalid length.
[  133.200982][ T7582] netlink: 32 bytes leftover after parsing attributes in process `syz.0.469'.
[  133.230419][ T7586] netlink: 8 bytes leftover after parsing attributes in process `syz.2.470'.
[  133.287240][ T5834] Bluetooth: hci4: command 0x0406 tx timeout
[  133.323271][ T7586] openvswitch: netlink: nsh attribute has 2338 unknown bytes.
[  133.332605][ T7586] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  133.460651][ T7592] geneve3: entered promiscuous mode
[  133.595211][ T7599] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  133.632927][ T7600] netlink: 'syz.0.475': attribute type 4 has an invalid length.
[  133.670107][ T7602] netlink: 'syz.0.475': attribute type 4 has an invalid length.
[  133.702708][ T7604] netlink: 'syz.0.475': attribute type 4 has an invalid length.
[  133.839518][ T7618] netlink: 'syz.3.481': attribute type 21 has an invalid length.
[  133.916478][   T24] tipc: Node number set to 4269801488
[  134.296578][ T7644] ip6gre1: entered allmulticast mode
[  134.483420][ T7644] syz.2.488 (7644) used greatest stack depth: 17704 bytes left
[  135.102780][ T7690] netlink: 'syz.2.500': attribute type 1 has an invalid length.
[  135.301471][ T7690] 8021q: adding VLAN 0 to HW filter on device bond2
[  135.350776][ T7695] bond2: (slave veth0_to_bond): making interface the new active one
[  135.381086][ T7695] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  135.419704][ T7700] bond2: (slave veth9): Enslaving as an active interface with a down link
[  136.070341][ T7739] netlink: 'syz.4.511': attribute type 21 has an invalid length.
[  136.681297][ T7767] FAULT_INJECTION: forcing a failure.
[  136.681297][ T7767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.700777][ T7769] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  136.746355][ T7767] CPU: 1 UID: 0 PID: 7767 Comm: syz.2.520 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  136.746382][ T7767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  136.746393][ T7767] Call Trace:
[  136.746401][ T7767]  <TASK>
[  136.746409][ T7767]  dump_stack_lvl+0x189/0x250
[  136.746441][ T7767]  ? __lock_acquire+0xaac/0xd20
[  136.746471][ T7767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.746499][ T7767]  ? __pfx__printk+0x10/0x10
[  136.746519][ T7767]  ? __might_fault+0xb0/0x130
[  136.746555][ T7767]  should_fail_ex+0x414/0x560
[  136.746580][ T7767]  _copy_from_user+0x2d/0xb0
[  136.746607][ T7767]  ___sys_sendmsg+0x158/0x2a0
[  136.746636][ T7767]  ? __pfx____sys_sendmsg+0x10/0x10
[  136.746708][ T7767]  ? __fget_files+0x2a/0x420
[  136.746733][ T7767]  ? __fget_files+0x3a0/0x420
[  136.746768][ T7767]  __x64_sys_sendmsg+0x19b/0x260
[  136.746798][ T7767]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  136.746840][ T7767]  ? do_syscall_64+0xba/0x210
[  136.746869][ T7767]  do_syscall_64+0xf6/0x210
[  136.746894][ T7767]  ? clear_bhb_loop+0x45/0xa0
[  136.746919][ T7767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.746937][ T7767] RIP: 0033:0x7f0395f8e969
[  136.746953][ T7767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.746969][ T7767] RSP: 002b:00007f0393df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.746990][ T7767] RAX: ffffffffffffffda RBX: 00007f03961b5fa0 RCX: 00007f0395f8e969
[  136.747003][ T7767] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[  136.747015][ T7767] RBP: 00007f0393df6090 R08: 0000000000000000 R09: 0000000000000000
[  136.747027][ T7767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.747039][ T7767] R13: 0000000000000000 R14: 00007f03961b5fa0 R15: 00007ffd0e2fbff8
[  136.747069][ T7767]  </TASK>
[  137.009339][ T7780] netlink: 'syz.3.525': attribute type 4 has an invalid length.
[  137.017073][ T7780] __nla_validate_parse: 12 callbacks suppressed
[  137.017470][ T7780] netlink: 36 bytes leftover after parsing attributes in process `syz.3.525'.
[  137.104890][ T7782] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.220150][ T7785] team_slave_1: entered promiscuous mode
[  137.241564][ T7785] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  137.265357][ T7785] team0: Device macvtap1 is already an upper device of the team interface
[  137.309057][ T7785] team_slave_1: left promiscuous mode
[  137.402020][ T7802] netlink: 16 bytes leftover after parsing attributes in process `syz.4.532'.
[  137.435346][ T7782] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.490188][ T7805] syzkaller0: tun_chr_ioctl cmd 1074025677
[  137.496700][ T7805] syzkaller0: linktype set to 768
[  137.502980][ T7805] Cannot find set identified by id 3 to match
[  137.638262][ T7819] FAULT_INJECTION: forcing a failure.
[  137.638262][ T7819] name failslab, interval 1, probability 0, space 0, times 0
[  137.640574][ T7818] netlink: 4 bytes leftover after parsing attributes in process `syz.1.537'.
[  137.661558][ T7819] CPU: 1 UID: 0 PID: 7819 Comm: syz.0.536 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  137.661580][ T7819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.661590][ T7819] Call Trace:
[  137.661597][ T7819]  <TASK>
[  137.661604][ T7819]  dump_stack_lvl+0x189/0x250
[  137.661636][ T7819]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.661661][ T7819]  ? __pfx__printk+0x10/0x10
[  137.661683][ T7819]  ? __pfx___might_resched+0x10/0x10
[  137.661704][ T7819]  should_fail_ex+0x414/0x560
[  137.661725][ T7819]  should_failslab+0xa8/0x100
[  137.661745][ T7819]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  137.661764][ T7819]  ? __alloc_skb+0x112/0x2d0
[  137.661785][ T7819]  __alloc_skb+0x112/0x2d0
[  137.661804][ T7819]  netlink_sendmsg+0x5c6/0xb30
[  137.661837][ T7819]  ? __pfx_netlink_sendmsg+0x10/0x10
[  137.661857][ T7819]  ? aa_sock_msg_perm+0x94/0x160
[  137.661877][ T7819]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  137.661893][ T7819]  ? __pfx_netlink_sendmsg+0x10/0x10
[  137.661911][ T7819]  __sock_sendmsg+0x219/0x270
[  137.661929][ T7819]  ____sys_sendmsg+0x505/0x830
[  137.661955][ T7819]  ? __pfx_____sys_sendmsg+0x10/0x10
[  137.661983][ T7819]  ? import_iovec+0x74/0xa0
[  137.662007][ T7819]  ___sys_sendmsg+0x21f/0x2a0
[  137.662030][ T7819]  ? __pfx____sys_sendmsg+0x10/0x10
[  137.662084][ T7819]  ? __fget_files+0x2a/0x420
[  137.662105][ T7819]  ? __fget_files+0x3a0/0x420
[  137.662136][ T7819]  __x64_sys_sendmsg+0x19b/0x260
[  137.662163][ T7819]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  137.662200][ T7819]  ? do_syscall_64+0xba/0x210
[  137.662225][ T7819]  do_syscall_64+0xf6/0x210
[  137.662247][ T7819]  ? clear_bhb_loop+0x45/0xa0
[  137.662269][ T7819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.662285][ T7819] RIP: 0033:0x7f3a23d8e969
[  137.662300][ T7819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.662315][ T7819] RSP: 002b:00007f3a24b74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  137.662334][ T7819] RAX: ffffffffffffffda RBX: 00007f3a23fb6080 RCX: 00007f3a23d8e969
[  137.662347][ T7819] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[  137.662358][ T7819] RBP: 00007f3a24b74090 R08: 0000000000000000 R09: 0000000000000000
[  137.662369][ T7819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.662378][ T7819] R13: 0000000000000000 R14: 00007f3a23fb6080 R15: 00007ffdd9fe97f8
[  137.662404][ T7819]  </TASK>
[  137.932359][ T7823] netlink: 12 bytes leftover after parsing attributes in process `syz.1.537'.
[  137.988094][ T7782] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.058441][ T7782] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.083507][ T7829] netlink: 300 bytes leftover after parsing attributes in process `syz.0.538'.
[  138.367648][ T7782] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.389720][ T7840] netlink: 68 bytes leftover after parsing attributes in process `syz.4.544'.
[  138.408830][ T7840] netlink: 156 bytes leftover after parsing attributes in process `syz.4.544'.
[  138.437719][ T7782] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.516129][ T7846] netlink: 4 bytes leftover after parsing attributes in process `syz.3.546'.
[  138.519056][ T7782] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.573427][ T7846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.546'.
[  138.596149][ T7851] netlink: 12 bytes leftover after parsing attributes in process `syz.0.547'.
[  138.612820][ T7782] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.887316][ T7862] IPVS: set_ctl: invalid protocol: 12 224.0.0.1:0
[  139.114822][ T7876] netlink: 'syz.1.558': attribute type 21 has an invalid length.
[  139.199515][ T7878] netlink: 'syz.2.560': attribute type 1 has an invalid length.
[  139.284425][ T7878] 8021q: adding VLAN 0 to HW filter on device bond3
[  139.324678][ T7878] bond3: (slave gretap2): making interface the new active one
[  139.346462][ T7886] netlink: 'syz.1.563': attribute type 1 has an invalid length.
[  139.368583][ T7878] bond3: (slave gretap2): Enslaving as an active interface with an up link
[  139.394046][ T7885] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.449700][ T7886] 8021q: adding VLAN 0 to HW filter on device bond2
[  139.469724][ T7883] bond3: entered allmulticast mode
[  139.475116][ T7883] gretap2: entered allmulticast mode
[  139.545782][ T7885] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.674696][ T7885] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.768715][ T7885] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.787673][ T7903] FAULT_INJECTION: forcing a failure.
[  139.787673][ T7903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.812623][ T7903] CPU: 1 UID: 0 PID: 7903 Comm: syz.4.569 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  139.812649][ T7903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.812660][ T7903] Call Trace:
[  139.812667][ T7903]  <TASK>
[  139.812675][ T7903]  dump_stack_lvl+0x189/0x250
[  139.812704][ T7903]  ? __lock_acquire+0xaac/0xd20
[  139.812734][ T7903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.812761][ T7903]  ? __pfx__printk+0x10/0x10
[  139.812780][ T7903]  ? __might_fault+0xb0/0x130
[  139.812815][ T7903]  should_fail_ex+0x414/0x560
[  139.812839][ T7903]  _copy_from_iter+0x1db/0x15a0
[  139.812874][ T7903]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  139.812893][ T7903]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  139.812935][ T7903]  ? __pfx__copy_from_iter+0x10/0x10
[  139.812960][ T7903]  ? __build_skb_around+0x257/0x3e0
[  139.812988][ T7903]  ? netlink_sendmsg+0x642/0xb30
[  139.813008][ T7903]  ? skb_put+0x11b/0x210
[  139.813035][ T7903]  netlink_sendmsg+0x6b2/0xb30
[  139.813066][ T7903]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.813092][ T7903]  ? aa_sock_msg_perm+0x94/0x160
[  139.813115][ T7903]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  139.813137][ T7903]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.813160][ T7903]  __sock_sendmsg+0x219/0x270
[  139.813181][ T7903]  ____sys_sendmsg+0x505/0x830
[  139.813213][ T7903]  ? __pfx_____sys_sendmsg+0x10/0x10
[  139.813249][ T7903]  ? import_iovec+0x74/0xa0
[  139.813279][ T7903]  ___sys_sendmsg+0x21f/0x2a0
[  139.813307][ T7903]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.813370][ T7903]  ? __fget_files+0x2a/0x420
[  139.813395][ T7903]  ? __fget_files+0x3a0/0x420
[  139.813431][ T7903]  __x64_sys_sendmsg+0x19b/0x260
[  139.813458][ T7903]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  139.813499][ T7903]  ? do_syscall_64+0xba/0x210
[  139.813526][ T7903]  do_syscall_64+0xf6/0x210
[  139.813550][ T7903]  ? clear_bhb_loop+0x45/0xa0
[  139.813574][ T7903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.813602][ T7903] RIP: 0033:0x7f109e58e969
[  139.813620][ T7903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.813637][ T7903] RSP: 002b:00007f109f45f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.813657][ T7903] RAX: ffffffffffffffda RBX: 00007f109e7b5fa0 RCX: 00007f109e58e969
[  139.813672][ T7903] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[  139.813684][ T7903] RBP: 00007f109f45f090 R08: 0000000000000000 R09: 0000000000000000
[  139.813696][ T7903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.813707][ T7903] R13: 0000000000000000 R14: 00007f109e7b5fa0 R15: 00007ffc19769858
[  139.813738][ T7903]  </TASK>
[  140.211639][ T7915] netlink: 'syz.1.573': attribute type 21 has an invalid length.
[  140.302720][ T7885] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.418991][ T7885] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.532563][ T7885] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.591473][ T7885] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.861453][ T7949] syz_tun: entered allmulticast mode
[  140.911414][ T7948] syz_tun: left allmulticast mode
[  140.932733][ T7964] sctp: [Deprecated]: syz.2.590 (pid 7964) Use of int in max_burst socket option deprecated.
[  140.932733][ T7964] Use struct sctp_assoc_value instead
[  141.279510][ T7979] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.405565][ T7979] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.627854][ T7979] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.728745][ T7979] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.259418][ T8050] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  142.744974][ T7979] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  142.791956][ T7979] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  142.822274][ T7979] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.858007][ T7979] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.920810][ T8089] __nla_validate_parse: 6 callbacks suppressed
[  142.920830][ T8089] netlink: 12 bytes leftover after parsing attributes in process `syz.0.627'.
[  142.942986][ T8089] geneve2: entered promiscuous mode
[  143.039373][ T8087] netlink: 11 bytes leftover after parsing attributes in process `syz.4.626'.
[  143.222792][ T8102] netlink: 300 bytes leftover after parsing attributes in process `syz.0.632'.
[  143.440518][ T8115] tipc: Failed to remove unknown binding: 66,1,1/2886997007:1484711881/1484711883
[  143.569894][ T8118] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  143.580045][ T8118] netdevsim netdevsim1 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  143.630471][ T8125] netlink: 12 bytes leftover after parsing attributes in process `syz.0.641'.
[  143.645458][ T8087] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  143.653512][ T8125] geneve2: entered promiscuous mode
[  143.722126][ T8118] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  143.746629][ T8118] netdevsim netdevsim1 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  143.856734][ T8118] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  143.892693][ T8118] netdevsim netdevsim1 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  143.982912][ T8118] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  143.995451][ T8118] netdevsim netdevsim1 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  144.011684][ T8145] netlink: 300 bytes leftover after parsing attributes in process `syz.2.646'.
[  144.194441][ T8118] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  144.214609][ T8118] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  144.267160][ T8118] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  144.285251][ T8118] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  144.316646][ T8118] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  144.324939][ T8118] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  144.348998][ T8118] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  144.357259][ T8118] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  144.450976][ T8167] netlink: 'syz.4.653': attribute type 21 has an invalid length.
[  144.461192][ T8167] netlink: 168 bytes leftover after parsing attributes in process `syz.4.653'.
[  144.659112][ T8177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.655'.
[  144.723329][ T8182] netlink: 12 bytes leftover after parsing attributes in process `syz.2.657'.
[  144.926545][ T8190] netlink: 300 bytes leftover after parsing attributes in process `syz.3.660'.
[  145.113053][ T8201] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.177536][ T8206] netlink: 'syz.4.666': attribute type 21 has an invalid length.
[  145.183584][ T8207] netlink: 'syz.2.665': attribute type 1 has an invalid length.
[  145.211291][ T8206] netlink: 168 bytes leftover after parsing attributes in process `syz.4.666'.
[  145.260967][ T8207] 8021q: adding VLAN 0 to HW filter on device bond4
[  145.278664][ T8201] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.402685][ T8211] 8021q: adding VLAN 0 to HW filter on device bond4
[  145.433105][ T8211] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  145.449545][ T8211] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  145.646952][ T8207] veth11: entered promiscuous mode
[  145.696150][ T8207] bond4: (slave veth11): Enslaving as an active interface with a down link
[  145.729983][ T8201] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.758692][ T8214] 8021q: adding VLAN 0 to HW filter on device bond4
[  145.815275][ T8201] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.913076][ T8235] netlink: zone id is out of range
[  145.918585][ T8235] netlink: zone id is out of range
[  145.923903][ T8235] netlink: get zone limit has 8 unknown bytes
[  146.017955][ T8201] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.030481][ T8238] netlink: 'syz.2.676': attribute type 18 has an invalid length.
[  146.045618][ T8238] netlink: 'syz.2.676': attribute type 24 has an invalid length.
[  146.055328][ T8239] netlink: 'syz.2.676': attribute type 24 has an invalid length.
[  146.071104][ T8201] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.154915][ T8201] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.224610][ T8201] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.354675][ T8263] FAULT_INJECTION: forcing a failure.
[  146.354675][ T8263] name failslab, interval 1, probability 0, space 0, times 0
[  146.369986][ T8263] CPU: 0 UID: 0 PID: 8263 Comm: syz.2.684 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  146.370011][ T8263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.370021][ T8263] Call Trace:
[  146.370028][ T8263]  <TASK>
[  146.370036][ T8263]  dump_stack_lvl+0x189/0x250
[  146.370078][ T8263]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.370104][ T8263]  ? __pfx__printk+0x10/0x10
[  146.370128][ T8263]  ? __pfx___might_resched+0x10/0x10
[  146.370144][ T8263]  ? fs_reclaim_acquire+0x7d/0x100
[  146.370175][ T8263]  should_fail_ex+0x414/0x560
[  146.370198][ T8263]  should_failslab+0xa8/0x100
[  146.370223][ T8263]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  146.370246][ T8263]  ? __alloc_skb+0x112/0x2d0
[  146.370270][ T8263]  __alloc_skb+0x112/0x2d0
[  146.370295][ T8263]  netlink_ack+0x146/0xa50
[  146.370311][ T8263]  ? __pfx_genl_rcv_msg+0x10/0x10
[  146.370334][ T8263]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  146.370354][ T8263]  ? __pfx_nl80211_post_doit+0x10/0x10
[  146.370375][ T8263]  ? ref_tracker_free+0x63a/0x7d0
[  146.370392][ T8263]  ? __copy_skb_header+0xa7/0x550
[  146.370426][ T8263]  netlink_rcv_skb+0x2a0/0x490
[  146.370446][ T8263]  ? __pfx_genl_rcv_msg+0x10/0x10
[  146.370472][ T8263]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  146.370513][ T8263]  ? down_read+0x1ad/0x2e0
[  146.370539][ T8263]  genl_rcv+0x28/0x40
[  146.370561][ T8263]  netlink_unicast+0x758/0x8d0
[  146.370589][ T8263]  netlink_sendmsg+0x805/0xb30
[  146.370619][ T8263]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.370643][ T8263]  ? aa_sock_msg_perm+0x94/0x160
[  146.370664][ T8263]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  146.370684][ T8263]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.370704][ T8263]  __sock_sendmsg+0x219/0x270
[  146.370725][ T8263]  ____sys_sendmsg+0x505/0x830
[  146.370753][ T8263]  ? __pfx_____sys_sendmsg+0x10/0x10
[  146.370786][ T8263]  ? import_iovec+0x74/0xa0
[  146.370814][ T8263]  ___sys_sendmsg+0x21f/0x2a0
[  146.370839][ T8263]  ? __pfx____sys_sendmsg+0x10/0x10
[  146.370899][ T8263]  ? __fget_files+0x2a/0x420
[  146.370922][ T8263]  ? __fget_files+0x3a0/0x420
[  146.370955][ T8263]  __x64_sys_sendmsg+0x19b/0x260
[  146.370981][ T8263]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  146.371022][ T8263]  ? do_syscall_64+0xba/0x210
[  146.371048][ T8263]  do_syscall_64+0xf6/0x210
[  146.371078][ T8263]  ? clear_bhb_loop+0x45/0xa0
[  146.371101][ T8263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.371117][ T8263] RIP: 0033:0x7f0395f8e969
[  146.371144][ T8263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.371158][ T8263] RSP: 002b:00007f0393df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.371175][ T8263] RAX: ffffffffffffffda RBX: 00007f03961b5fa0 RCX: 00007f0395f8e969
[  146.371187][ T8263] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[  146.371197][ T8263] RBP: 00007f0393df6090 R08: 0000000000000000 R09: 0000000000000000
[  146.371207][ T8263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.371234][ T8263] R13: 0000000000000000 R14: 00007f03961b5fa0 R15: 00007ffd0e2fbff8
[  146.371263][ T8263]  </TASK>
[  146.448718][ T8269] netlink: 'syz.1.685': attribute type 21 has an invalid length.
[  146.841191][ T8276] geneve2: entered promiscuous mode
[  147.071630][ T8286] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.168137][ T8291] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  147.175419][ T8291] IPv6: NLM_F_CREATE should be set when creating new route
[  147.182707][ T8291] IPv6: NLM_F_CREATE should be set when creating new route
[  147.201815][ T8291] openvswitch: netlink: IP tunnel TTL not specified.
[  147.234080][ T8286] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.395551][ T8286] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.441416][ T8312] netlink: 'syz.2.701': attribute type 21 has an invalid length.
[  147.624976][ T8286] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.655423][ T8323] veth1_to_team: entered promiscuous mode
[  147.663501][ T8324] veth0: entered promiscuous mode
[  147.723953][ T8321] veth0: left promiscuous mode
[  147.737760][ T8321] veth1_to_team: left promiscuous mode
[  147.909708][ T8286] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.992282][ T8340] __nla_validate_parse: 11 callbacks suppressed
[  147.992298][ T8340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.709'.
[  148.026839][ T8286] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.101524][ T8286] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.179225][ T8286] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.280997][ T8353] SET target dimension over the limit!
[  148.487329][ T8368] netlink: 44 bytes leftover after parsing attributes in process `syz.4.715'.
[  148.531911][ T8368] netlink: 43 bytes leftover after parsing attributes in process `syz.4.715'.
[  148.565425][ T8368] netlink: 'syz.4.715': attribute type 5 has an invalid length.
[  148.597949][ T8368] netlink: 43 bytes leftover after parsing attributes in process `syz.4.715'.
[  148.995388][ T8388] openvswitch: netlink: Tunnel attr 303 out of range max 16
[  149.028905][ T8388] netlink: 'syz.2.722': attribute type 1 has an invalid length.
[  149.264995][ T8403] netlink: 9 bytes leftover after parsing attributes in process `syz.1.726'.
[  149.289754][ T8406] netlink: 300 bytes leftover after parsing attributes in process `syz.4.727'.
[  149.317443][ T8407] netlink: 8 bytes leftover after parsing attributes in process `syz.2.728'.
[  149.343407][ T8403] gretap0: entered promiscuous mode
[  149.357578][ T8409] netlink: 12 bytes leftover after parsing attributes in process `syz.1.726'.
[  149.719497][ T8427] xt_cgroup: path and classid specified
[  149.761641][ T8429] netlink: 24 bytes leftover after parsing attributes in process `syz.3.736'.
[  149.916550][ T8441] netlink: 12 bytes leftover after parsing attributes in process `syz.0.740'.
[  150.390719][ T8458] xt_TPROXY: Can be used only with -p tcp or -p udp
[  150.617540][ T8476] xt_CT: You must specify a L4 protocol and not use inversions on it
[  150.824258][ T8480] IPVS: length: 8 != 1152
[  150.833001][ T8486] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551585)
[  150.858769][ T8486] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[  151.572622][ T8525] validate_nla: 1 callbacks suppressed
[  151.572639][ T8525] netlink: 'syz.4.774': attribute type 21 has an invalid length.
[  151.895762][ T8544] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[  151.987486][ T8536] bond4: entered promiscuous mode
[  151.993423][ T8536] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  152.118616][ T8536] bond4: left promiscuous mode
[  152.547434][ T8584] netlink: 'syz.4.792': attribute type 21 has an invalid length.
[  153.072763][ T8591] team0 (unregistering): Port device team_slave_0 removed
[  153.086633][ T8591] team0 (unregistering): Port device team_slave_1 removed
[  153.123859][ T8598] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[  153.292461][ T8620] IPVS: set_ctl: invalid protocol: 58 0.0.0.0:20000
[  153.406407][ T8623] netlink: 'syz.2.808': attribute type 21 has an invalid length.
[  153.668118][ T8644] __nla_validate_parse: 14 callbacks suppressed
[  153.668137][ T8644] netlink: 300 bytes leftover after parsing attributes in process `syz.4.815'.
[  153.684700][ T8642] netlink: 16 bytes leftover after parsing attributes in process `syz.2.816'.
[  153.716490][ T8647] vlan0: entered promiscuous mode
[  153.766710][ T8637] vlan0: left promiscuous mode
[  153.947804][ T8656] netlink: 'syz.3.821': attribute type 142 has an invalid length.
[  154.021223][ T8662] netlink: 'syz.3.821': attribute type 10 has an invalid length.
[  154.089296][ T8665] netlink: 'syz.2.825': attribute type 21 has an invalid length.
[  154.185115][ T8654] team0 (unregistering): Port device team_slave_1 removed
[  154.219459][ T8662] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.227263][ T8662] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.244170][ T8662] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.251444][ T8662] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.259648][ T8662] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.263091][ T8673] netlink: 300 bytes leftover after parsing attributes in process `syz.4.828'.
[  154.266833][ T8662] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.272716][ T8662] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  154.462848][ T8681] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2
[  154.772535][ T8700] netlink: 28 bytes leftover after parsing attributes in process `syz.1.840'.
[  154.801453][ T8705] netlink: 300 bytes leftover after parsing attributes in process `syz.0.842'.
[  155.341534][ T8735] dvmrp0: left allmulticast mode
[  155.381095][ T8738] netlink: 300 bytes leftover after parsing attributes in process `syz.1.856'.
[  155.397339][ T8736] xt_connbytes: Forcing CT accounting to be enabled
[  155.450495][ T8744] x_tables: duplicate underflow at hook 2
[  155.481487][ T8743] ÿ
: renamed from vcan0 (while UP)
[  155.488800][ T8741] netlink: 'syz.2.855': attribute type 6 has an invalid length.
[  155.509956][ T8741] netlink: 96 bytes leftover after parsing attributes in process `syz.2.855'.
[  155.546724][ T8741] 8021q: VLANs not supported on ip_vti0
[  156.010816][ T8775] gtp0: entered promiscuous mode
[  156.076725][ T8785] netlink: 300 bytes leftover after parsing attributes in process `syz.0.871'.
[  156.122478][ T8787] netlink: 'syz.2.872': attribute type 10 has an invalid length.
[  156.232637][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.4.873'.
[  156.442942][ T8799] netlink: 248 bytes leftover after parsing attributes in process `syz.4.878'.
[  156.901984][ T8822] gtp0: entered promiscuous mode
[  156.960585][ T8829] geneve3: entered promiscuous mode
[  157.186575][ T8833] IPVS: Unknown mcast interface: nr0
[  157.314378][ T8844] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.414522][ T8844] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.470359][ T8854] netlink: 'syz.3.896': attribute type 12 has an invalid length.
[  157.478783][ T8854] netlink: 'syz.3.896': attribute type 29 has an invalid length.
[  157.486146][ T8855] netlink: 'syz.4.895': attribute type 1 has an invalid length.
[  157.512333][ T8855] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[  157.528171][ T8844] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.621894][ T8844] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.690329][ T8867] netlink: zone id is out of range
[  157.716005][ T8867] netlink: zone id is out of range
[  157.730739][ T8867] netlink: get zone limit has 8 unknown bytes
[  157.837122][ T8844] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.912537][ T8844] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.990238][ T8844] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.105191][ T8876] gtp0: entered promiscuous mode
[  158.171769][ T8844] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.326780][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.944644][ T8924] gtp0: entered promiscuous mode
[  159.108413][ T8937] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.256017][ T8937] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.268185][ T8948] __nla_validate_parse: 11 callbacks suppressed
[  159.268203][ T8948] netlink: 300 bytes leftover after parsing attributes in process `syz.0.924'.
[  159.316041][ T8945] netlink: 36 bytes leftover after parsing attributes in process `syz.1.923'.
[  159.353075][ T8950] netlink: 12 bytes leftover after parsing attributes in process `syz.4.926'.
[  159.439276][ T8937] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.514745][ T8937] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.753571][ T8937] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.759446][ T8972] netlink: 20 bytes leftover after parsing attributes in process `syz.0.934'.
[  159.828671][ T8937] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.894790][ T8937] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.952010][ T8937] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.044505][ T8982] FAULT_INJECTION: forcing a failure.
[  160.044505][ T8982] name failslab, interval 1, probability 0, space 0, times 0
[  160.119602][ T8982] CPU: 1 UID: 0 PID: 8982 Comm: syz.0.938 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  160.119623][ T8982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  160.119632][ T8982] Call Trace:
[  160.119639][ T8982]  <TASK>
[  160.119645][ T8982]  dump_stack_lvl+0x189/0x250
[  160.119675][ T8982]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.119699][ T8982]  ? __pfx__printk+0x10/0x10
[  160.119721][ T8982]  ? __pfx___might_resched+0x10/0x10
[  160.119735][ T8982]  ? fs_reclaim_acquire+0x7d/0x100
[  160.119763][ T8982]  should_fail_ex+0x414/0x560
[  160.119783][ T8982]  should_failslab+0xa8/0x100
[  160.119807][ T8982]  __kmalloc_noprof+0xcb/0x4f0
[  160.119825][ T8982]  ? kfree+0x4d/0x440
[  160.119841][ T8982]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  160.119865][ T8982]  tomoyo_realpath_from_path+0xe3/0x5d0
[  160.119887][ T8982]  ? tomoyo_domain+0xda/0x130
[  160.119911][ T8982]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  160.119937][ T8982]  tomoyo_path_number_perm+0x1e8/0x5a0
[  160.119965][ T8982]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  160.120007][ T8982]  ? __lock_acquire+0xaac/0xd20
[  160.120046][ T8982]  ? __fget_files+0x2a/0x420
[  160.120071][ T8982]  ? __fget_files+0x3a0/0x420
[  160.120090][ T8982]  ? __fget_files+0x2a/0x420
[  160.120115][ T8982]  security_file_ioctl+0xcb/0x2d0
[  160.120142][ T8982]  __se_sys_ioctl+0x47/0x170
[  160.120160][ T8982]  do_syscall_64+0xf6/0x210
[  160.120183][ T8982]  ? clear_bhb_loop+0x45/0xa0
[  160.120203][ T8982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.120219][ T8982] RIP: 0033:0x7f3a23d8e969
[  160.120234][ T8982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.120247][ T8982] RSP: 002b:00007f3a24b95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.120263][ T8982] RAX: ffffffffffffffda RBX: 00007f3a23fb5fa0 RCX: 00007f3a23d8e969
[  160.120273][ T8982] RDX: 0000200000000440 RSI: 00000000800442d2 RDI: 0000000000000004
[  160.120284][ T8982] RBP: 00007f3a24b95090 R08: 0000000000000000 R09: 0000000000000000
[  160.120294][ T8982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.120303][ T8982] R13: 0000000000000000 R14: 00007f3a23fb5fa0 R15: 00007ffdd9fe97f8
[  160.120326][ T8982]  </TASK>
[  160.120333][ T8982] ERROR: Out of memory at tomoyo_realpath_from_path.
[  160.243629][ T8988] netlink: 300 bytes leftover after parsing attributes in process `syz.4.942'.
[  160.906536][ T9027] netlink: 24 bytes leftover after parsing attributes in process `syz.2.949'.
[  160.999826][ T9027] netlink: 'syz.2.949': attribute type 21 has an invalid length.
[  161.008015][ T9027] netlink: 128 bytes leftover after parsing attributes in process `syz.2.949'.
[  161.019206][ T9027] netlink: 'syz.2.949': attribute type 5 has an invalid length.
[  161.049867][ T9022] xt_CT: No such helper "snmp_trap"
[  161.079741][ T9027] netlink: 3 bytes leftover after parsing attributes in process `syz.2.949'.
[  161.585773][ T9057] netlink: 4 bytes leftover after parsing attributes in process `syz.3.958'.
[  161.737763][ T9067] xt_hashlimit: size too large, truncated to 1048576
[  161.781012][ T9068] netlink: 248 bytes leftover after parsing attributes in process `syz.0.961'.
[  161.805779][ T9070] xt_hashlimit: size too large, truncated to 1048576
[  161.895417][ T9074] netlink: 'syz.0.961': attribute type 4 has an invalid length.
[  162.099125][ T9081] FAULT_INJECTION: forcing a failure.
[  162.099125][ T9081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.135414][ T9081] CPU: 1 UID: 0 PID: 9081 Comm: syz.4.965 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  162.135441][ T9081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  162.135452][ T9081] Call Trace:
[  162.135459][ T9081]  <TASK>
[  162.135467][ T9081]  dump_stack_lvl+0x189/0x250
[  162.135498][ T9081]  ? __lock_acquire+0xaac/0xd20
[  162.135529][ T9081]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.135556][ T9081]  ? __pfx__printk+0x10/0x10
[  162.135576][ T9081]  ? __might_fault+0xb0/0x130
[  162.135612][ T9081]  should_fail_ex+0x414/0x560
[  162.135636][ T9081]  _copy_from_user+0x2d/0xb0
[  162.135663][ T9081]  do_bnep_sock_ioctl+0x2bf/0x640
[  162.135692][ T9081]  ? __pfx_do_bnep_sock_ioctl+0x10/0x10
[  162.135723][ T9081]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  162.135756][ T9081]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  162.135788][ T9081]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  162.135829][ T9081]  sock_do_ioctl+0xd9/0x300
[  162.135874][ T9081]  ? __pfx_sock_do_ioctl+0x10/0x10
[  162.135902][ T9081]  ? __lock_acquire+0xaac/0xd20
[  162.135939][ T9081]  sock_ioctl+0x576/0x790
[  162.135968][ T9081]  ? __pfx_sock_ioctl+0x10/0x10
[  162.135998][ T9081]  ? __fget_files+0x3a0/0x420
[  162.136020][ T9081]  ? __fget_files+0x2a/0x420
[  162.136046][ T9081]  ? bpf_lsm_file_ioctl+0x9/0x20
[  162.136068][ T9081]  ? __pfx_sock_ioctl+0x10/0x10
[  162.136094][ T9081]  __se_sys_ioctl+0xf9/0x170
[  162.136115][ T9081]  do_syscall_64+0xf6/0x210
[  162.136137][ T9081]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  162.136153][ T9081]  ? clear_bhb_loop+0x45/0xa0
[  162.136174][ T9081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.136219][ T9081] RIP: 0033:0x7f109e58e969
[  162.136235][ T9081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.136251][ T9081] RSP: 002b:00007f109f45f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.136271][ T9081] RAX: ffffffffffffffda RBX: 00007f109e7b5fa0 RCX: 00007f109e58e969
[  162.136284][ T9081] RDX: 0000200000000440 RSI: 00000000800442d2 RDI: 0000000000000004
[  162.136296][ T9081] RBP: 00007f109f45f090 R08: 0000000000000000 R09: 0000000000000000
[  162.136308][ T9081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.136318][ T9081] R13: 0000000000000000 R14: 00007f109e7b5fa0 R15: 00007ffc19769858
[  162.136359][ T9081]  </TASK>
[  162.263789][ T9083] netlink: 'syz.1.966': attribute type 10 has an invalid length.
[  162.395499][ T9083] batman_adv: batadv0: Adding interface: wlan0
[  162.402351][ T9083] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.428678][ T9083] batman_adv: batadv0: Interface activated: wlan0
[  163.006127][ T9117] FAULT_INJECTION: forcing a failure.
[  163.006127][ T9117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.042364][ T9117] CPU: 0 UID: 0 PID: 9117 Comm: syz.1.977 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  163.042392][ T9117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.042403][ T9117] Call Trace:
[  163.042411][ T9117]  <TASK>
[  163.042419][ T9117]  dump_stack_lvl+0x189/0x250
[  163.042454][ T9117]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.042482][ T9117]  ? __pfx__printk+0x10/0x10
[  163.042514][ T9117]  should_fail_ex+0x414/0x560
[  163.042556][ T9117]  _copy_to_user+0x31/0xb0
[  163.042585][ T9117]  bnep_get_connlist+0x106/0x270
[  163.042613][ T9117]  ? __pfx_bnep_get_connlist+0x10/0x10
[  163.042651][ T9117]  do_bnep_sock_ioctl+0x32d/0x640
[  163.042680][ T9117]  ? __pfx_do_bnep_sock_ioctl+0x10/0x10
[  163.042711][ T9117]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  163.042744][ T9117]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  163.042777][ T9117]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  163.042820][ T9117]  sock_do_ioctl+0xd9/0x300
[  163.042853][ T9117]  ? __pfx_sock_do_ioctl+0x10/0x10
[  163.042884][ T9117]  ? __lock_acquire+0xaac/0xd20
[  163.042925][ T9117]  sock_ioctl+0x576/0x790
[  163.042972][ T9117]  ? __pfx_sock_ioctl+0x10/0x10
[  163.043005][ T9117]  ? __fget_files+0x3a0/0x420
[  163.043029][ T9117]  ? __fget_files+0x2a/0x420
[  163.043058][ T9117]  ? bpf_lsm_file_ioctl+0x9/0x20
[  163.043083][ T9117]  ? __pfx_sock_ioctl+0x10/0x10
[  163.043111][ T9117]  __se_sys_ioctl+0xf9/0x170
[  163.043134][ T9117]  do_syscall_64+0xf6/0x210
[  163.043168][ T9117]  ? clear_bhb_loop+0x45/0xa0
[  163.043193][ T9117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.043211][ T9117] RIP: 0033:0x7fb43a58e969
[  163.043228][ T9117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.043244][ T9117] RSP: 002b:00007fb43b4c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.043265][ T9117] RAX: ffffffffffffffda RBX: 00007fb43a7b5fa0 RCX: 00007fb43a58e969
[  163.043279][ T9117] RDX: 0000200000000440 RSI: 00000000800442d2 RDI: 0000000000000004
[  163.043291][ T9117] RBP: 00007fb43b4c3090 R08: 0000000000000000 R09: 0000000000000000
[  163.043303][ T9117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.043314][ T9117] R13: 0000000000000000 R14: 00007fb43a7b5fa0 R15: 00007ffc0b4bda38
[  163.043346][ T9117]  </TASK>
[  163.700404][ T9143] FAULT_INJECTION: forcing a failure.
[  163.700404][ T9143] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.735754][ T9143] CPU: 1 UID: 0 PID: 9143 Comm: syz.4.988 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  163.735780][ T9143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.735790][ T9143] Call Trace:
[  163.735797][ T9143]  <TASK>
[  163.735805][ T9143]  dump_stack_lvl+0x189/0x250
[  163.735833][ T9143]  ? __lock_acquire+0xaac/0xd20
[  163.735861][ T9143]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.735886][ T9143]  ? __pfx__printk+0x10/0x10
[  163.735904][ T9143]  ? __might_fault+0xb0/0x130
[  163.735937][ T9143]  should_fail_ex+0x414/0x560
[  163.735960][ T9143]  _copy_from_user+0x2d/0xb0
[  163.735984][ T9143]  __sys_connect+0x123/0x440
[  163.736005][ T9143]  ? __fget_files+0x3a0/0x420
[  163.736028][ T9143]  ? __pfx___sys_connect+0x10/0x10
[  163.736089][ T9143]  __x64_sys_connect+0x7a/0x90
[  163.736112][ T9143]  do_syscall_64+0xf6/0x210
[  163.736137][ T9143]  ? clear_bhb_loop+0x45/0xa0
[  163.736160][ T9143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.736179][ T9143] RIP: 0033:0x7f109e58e969
[  163.736198][ T9143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.736214][ T9143] RSP: 002b:00007f109f45f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  163.736244][ T9143] RAX: ffffffffffffffda RBX: 00007f109e7b5fa0 RCX: 00007f109e58e969
[  163.736257][ T9143] RDX: 000000000000000e RSI: 0000200000000080 RDI: 0000000000000004
[  163.736267][ T9143] RBP: 00007f109f45f090 R08: 0000000000000000 R09: 0000000000000000
[  163.736277][ T9143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.736287][ T9143] R13: 0000000000000000 R14: 00007f109e7b5fa0 R15: 00007ffc19769858
[  163.736342][ T9143]  </TASK>
[  164.132506][ T9160] FAULT_INJECTION: forcing a failure.
[  164.132506][ T9160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.230327][ T9160] CPU: 0 UID: 0 PID: 9160 Comm: syz.3.993 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  164.230357][ T9160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  164.230368][ T9160] Call Trace:
[  164.230377][ T9160]  <TASK>
[  164.230385][ T9160]  dump_stack_lvl+0x189/0x250
[  164.230421][ T9160]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.230449][ T9160]  ? __pfx__printk+0x10/0x10
[  164.230482][ T9160]  should_fail_ex+0x414/0x560
[  164.230507][ T9160]  _copy_to_user+0x31/0xb0
[  164.230537][ T9160]  do_bnep_sock_ioctl+0x4c5/0x640
[  164.230567][ T9160]  ? __pfx_do_bnep_sock_ioctl+0x10/0x10
[  164.230599][ T9160]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  164.230632][ T9160]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  164.230664][ T9160]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  164.230706][ T9160]  sock_do_ioctl+0xd9/0x300
[  164.230739][ T9160]  ? __pfx_sock_do_ioctl+0x10/0x10
[  164.230771][ T9160]  ? __lock_acquire+0xaac/0xd20
[  164.230812][ T9160]  sock_ioctl+0x576/0x790
[  164.230843][ T9160]  ? __pfx_sock_ioctl+0x10/0x10
[  164.230876][ T9160]  ? __fget_files+0x3a0/0x420
[  164.230901][ T9160]  ? __fget_files+0x2a/0x420
[  164.230929][ T9160]  ? bpf_lsm_file_ioctl+0x9/0x20
[  164.230954][ T9160]  ? __pfx_sock_ioctl+0x10/0x10
[  164.230982][ T9160]  __se_sys_ioctl+0xf9/0x170
[  164.231014][ T9160]  do_syscall_64+0xf6/0x210
[  164.231040][ T9160]  ? clear_bhb_loop+0x45/0xa0
[  164.231065][ T9160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.231083][ T9160] RIP: 0033:0x7fbcb598e969
[  164.231100][ T9160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.231117][ T9160] RSP: 002b:00007fbcb671a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.231137][ T9160] RAX: ffffffffffffffda RBX: 00007fbcb5bb5fa0 RCX: 00007fbcb598e969
[  164.231151][ T9160] RDX: 0000200000000440 RSI: 00000000800442d2 RDI: 0000000000000004
[  164.231163][ T9160] RBP: 00007fbcb671a090 R08: 0000000000000000 R09: 0000000000000000
[  164.231175][ T9160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.231186][ T9160] R13: 0000000000000000 R14: 00007fbcb5bb5fa0 R15: 00007ffeaf6a3d08
[  164.231217][ T9160]  </TASK>
[  164.474796][ T9167] __nla_validate_parse: 4 callbacks suppressed
[  164.474814][ T9167] netlink: 12 bytes leftover after parsing attributes in process `syz.1.996'.
[  164.519875][ T9167] geneve3: entered promiscuous mode
[  165.014569][ T9194] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1004'.
[  165.042770][ T9197] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1005'.
[  165.396974][ T9221] netlink: 'syz.4.1014': attribute type 11 has an invalid length.
[  165.417318][ T9221] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1014'.
[  165.509823][ T9227] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1016'.
[  165.519570][ T9227] netlink: zone id is out of range
[  165.532888][ T9227] netlink: zone id is out of range
[  165.563922][ T9227] netlink: get zone limit has 8 unknown bytes
[  165.885742][ T9242] FAULT_INJECTION: forcing a failure.
[  165.885742][ T9242] name failslab, interval 1, probability 0, space 0, times 0
[  165.941254][ T9242] CPU: 1 UID: 0 PID: 9242 Comm: syz.4.1021 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  165.941280][ T9242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  165.941292][ T9242] Call Trace:
[  165.941299][ T9242]  <TASK>
[  165.941307][ T9242]  dump_stack_lvl+0x189/0x250
[  165.941343][ T9242]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.941381][ T9242]  ? __pfx__printk+0x10/0x10
[  165.941402][ T9242]  ? __pfx___might_resched+0x10/0x10
[  165.941418][ T9242]  ? fs_reclaim_acquire+0x7d/0x100
[  165.941449][ T9242]  should_fail_ex+0x414/0x560
[  165.941473][ T9242]  should_failslab+0xa8/0x100
[  165.941498][ T9242]  __kmalloc_noprof+0xcb/0x4f0
[  165.941518][ T9242]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  165.941544][ T9242]  ? sock_kmalloc+0xd6/0x160
[  165.941574][ T9242]  sock_kmalloc+0xd6/0x160
[  165.941601][ T9242]  hash_sendmsg+0x666/0x11d0
[  165.941642][ T9242]  ? __pfx_hash_sendmsg+0x10/0x10
[  165.941664][ T9242]  __sock_sendmsg+0x219/0x270
[  165.941684][ T9242]  ____sys_sendmsg+0x505/0x830
[  165.941713][ T9242]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.941746][ T9242]  ? import_iovec+0x74/0xa0
[  165.941774][ T9242]  ___sys_sendmsg+0x21f/0x2a0
[  165.941799][ T9242]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.941868][ T9242]  ? __fget_files+0x2a/0x420
[  165.941890][ T9242]  ? __fget_files+0x3a0/0x420
[  165.941924][ T9242]  __x64_sys_sendmsg+0x19b/0x260
[  165.941950][ T9242]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  165.941991][ T9242]  ? do_syscall_64+0xba/0x210
[  165.942016][ T9242]  do_syscall_64+0xf6/0x210
[  165.942038][ T9242]  ? clear_bhb_loop+0x45/0xa0
[  165.942060][ T9242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.942076][ T9242] RIP: 0033:0x7f109e58e969
[  165.942092][ T9242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.942106][ T9242] RSP: 002b:00007f109f45f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.942124][ T9242] RAX: ffffffffffffffda RBX: 00007f109e7b5fa0 RCX: 00007f109e58e969
[  165.942137][ T9242] RDX: 00000000000080c1 RSI: 0000200000000240 RDI: 0000000000000004
[  165.942148][ T9242] RBP: 00007f109f45f090 R08: 0000000000000000 R09: 0000000000000000
[  165.942158][ T9242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.942168][ T9242] R13: 0000000000000000 R14: 00007f109e7b5fa0 R15: 00007ffc19769858
[  165.942198][ T9242]  </TASK>
[  166.327659][ T9255] netlink: 876 bytes leftover after parsing attributes in process `syz.2.1027'.
[  166.551704][ T9268] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1030'.
[  166.620145][ T9268] netlink: zone id is out of range
[  166.630252][ T9268] netlink: zone id is out of range
[  166.640366][ T9268] netlink: get zone limit has 8 unknown bytes
[  167.009834][ T9292] netlink: 'syz.0.1038': attribute type 2 has an invalid length.
[  167.496474][ T9315] netlink: 876 bytes leftover after parsing attributes in process `syz.0.1044'.
[  167.573494][ T9314] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.654356][ T9325] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1047'.
[  167.709833][ T9325] netlink: zone id is out of range
[  167.725333][ T9325] netlink: zone id is out of range
[  167.769581][ T9314] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.776288][ T9325] netlink: get zone limit has 8 unknown bytes
[  167.992911][ T9314] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.171880][ T9314] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.250400][ T9349] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1052'.
[  168.426573][ T9350] syzkaller1: entered promiscuous mode
[  168.432151][ T9350] syzkaller1: entered allmulticast mode
[  168.540266][ T9314] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.634141][ T9314] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.770941][ T9314] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.872434][ T9314] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.027424][ T9384] xt_ecn: cannot match TCP bits for non-tcp packets
[  169.848275][ T9424] __nla_validate_parse: 2 callbacks suppressed
[  169.848296][ T9424] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1075'.
[  170.064369][ T9435] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1078'.
[  170.373097][ T9448] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1081'.
[  170.680756][ T9464] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1085'.
[  170.861066][ T9476] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1088'.
[  170.873139][ T9476] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1088'.
[  170.971101][ T9482] netlink: 'syz.1.1091': attribute type 29 has an invalid length.
[  171.231161][ T9498] netlink: 'syz.1.1097': attribute type 21 has an invalid length.
[  171.239425][ T9498] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1097'.
[  171.543243][ T9508] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1100'.
[  171.646517][ T9512] netlink: 71 bytes leftover after parsing attributes in process `syz.1.1101'.
[  171.647924][ T9510] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1101'.
[  171.957392][ T9529] netlink: 'syz.2.1108': attribute type 5 has an invalid length.
[  171.970564][ T9531] netlink: 'syz.2.1108': attribute type 5 has an invalid length.
[  172.506006][ T9559] netlink: zone id is out of range
[  172.519580][ T9559] netlink: zone id is out of range
[  172.524863][ T9559] netlink: get zone limit has 8 unknown bytes
[  172.647089][ T9564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  173.275785][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  173.285210][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  173.296362][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  173.307471][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  173.320180][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  173.377302][ T9590] xt_socket: unknown flags 0x50
[  173.539002][ T9592] syzkaller1: entered promiscuous mode
[  173.544530][ T9592] syzkaller1: entered allmulticast mode
[  173.605519][ T9597] xt_time: invalid argument - start or stop time greater than 23:59:59
[  174.285324][ T9582] chnl_net:caif_netlink_parms(): no params data found
[  174.327168][ T9585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.652732][ T9624] geneve3: entered promiscuous mode
[  174.802582][ T9628] bridge0: port 1(batadv1) entered blocking state
[  174.811473][ T9628] bridge0: port 1(batadv1) entered disabled state
[  174.818251][ T9628] batadv1: entered allmulticast mode
[  174.825358][ T9628] batadv1: entered promiscuous mode
[  174.841184][ T9582] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.866359][ T9582] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.873780][ T9582] bridge_slave_0: entered allmulticast mode
[  174.891814][ T9582] bridge_slave_0: entered promiscuous mode
[  174.991921][ T9582] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.006416][ T9582] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.016880][ T9641] __nla_validate_parse: 39 callbacks suppressed
[  175.016897][ T9641] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1145'.
[  175.047132][ T9582] bridge_slave_1: entered allmulticast mode
[  175.055395][ T9582] bridge_slave_1: entered promiscuous mode
[  175.287959][ T9582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.306297][   T13] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  175.315559][   T13] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  175.344641][ T9582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.367124][ T5836] Bluetooth: hci2: command tx timeout
[  175.705399][ T9582] team0: Port device team_slave_0 added
[  175.733528][ T9582] team0: Port device team_slave_1 added
[  175.861682][ T9679] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1154'.
[  175.867808][ T9676] pim6reg: entered allmulticast mode
[  175.943737][ T9684] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1155'.
[  175.962922][ T9680] pim6reg: left allmulticast mode
[  176.000994][ T9684] geneve2: entered promiscuous mode
[  176.098643][ T9582] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.114818][ T9582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.146233][ T9582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.163927][ T9582] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.171494][ T9582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.203197][ T9582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.418111][ T9582] hsr_slave_0: entered promiscuous mode
[  176.450370][ T9582] hsr_slave_1: entered promiscuous mode
[  176.459727][ T9582] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  176.488992][ T9582] Cannot create hsr debugfs directory
[  176.721650][ T9721] netlink: 'syz.1.1164': attribute type 4 has an invalid length.
[  176.775810][ T9716] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.850919][ T9727] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1167'.
[  176.906970][ T9732] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  176.960587][ T9582] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.994474][ T9734] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1170'.
[  177.065837][ T9582] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.131585][ T9738] netlink: 'syz.1.1172': attribute type 3 has an invalid length.
[  177.143958][ T9740] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1173'.
[  177.153713][ T9738] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1172'.
[  177.194256][ T9740] geneve3: entered promiscuous mode
[  177.235484][ T9582] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.302055][ T9745] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1175'.
[  177.337702][ T9582] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.430797][ T9752] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1178'.
[  177.449046][ T5836] Bluetooth: hci2: command tx timeout
[  177.460464][ T9745] team0: Mode changed to "loadbalance"
[  177.467507][ T9752] netlink: 'syz.3.1178': attribute type 2 has an invalid length.
[  177.475266][ T9752] netlink: 'syz.3.1178': attribute type 1 has an invalid length.
[  177.520295][ T9754] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1179'.
[  177.652746][ T9758] SET target dimension over the limit!
[  177.810224][ T9582] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  177.853376][ T9582] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  177.875129][ T9582] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  177.888199][ T9582] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  178.094865][ T9783] geneve2: entered promiscuous mode
[  178.170715][ T9582] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.285481][ T9582] 8021q: adding VLAN 0 to HW filter on device team0
[  178.321089][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.328988][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.434532][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.441764][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.679658][ T9582] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  178.709122][ T5836] block nbd0: Receive control failed (result -32)
[  178.717827][ T5834] block nbd1: Receive control failed (result -32)
[  179.254643][ T9835] geneve2: entered promiscuous mode
[  179.401099][ T9582] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.528173][ T5834] Bluetooth: hci2: command tx timeout
[  179.562486][ T9850] netlink: 'syz.1.1209': attribute type 21 has an invalid length.
[  180.054120][ T9874] __nla_validate_parse: 14 callbacks suppressed
[  180.054139][ T9874] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1216'.
[  180.162415][ T9882] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1218'.
[  180.331595][ T9895] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1222'.
[  180.365723][ T9895] geneve3: entered promiscuous mode
[  180.469476][ T9582] veth0_vlan: entered promiscuous mode
[  180.509120][ T9582] veth1_vlan: entered promiscuous mode
[  180.575589][ T9582] veth0_macvtap: entered promiscuous mode
[  180.613344][ T9582] veth1_macvtap: entered promiscuous mode
[  180.670214][ T9582] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.710190][ T9904] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1226'.
[  180.723189][ T9582] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.754763][ T9582] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.784641][ T9582] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.804421][ T9582] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.826240][ T9582] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.938953][ T9914] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1231'.
[  181.009832][ T9913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1230'.
[  181.023315][ T9913] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1230'.
[  181.035943][ T9913] netlink: 'syz.2.1230': attribute type 7 has an invalid length.
[  181.062045][ T9920] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1230'.
[  181.073355][ T9920] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1230'.
[  181.082861][ T9920] netlink: 'syz.2.1230': attribute type 7 has an invalid length.
[  181.295627][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.314913][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.367797][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.375651][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.470963][ T9934] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1236'.
[  181.534153][ T9934] geneve2: entered promiscuous mode
[  181.588404][ T9938] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  182.030580][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.208323][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.385236][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.588319][ T9972] netlink: 'syz.1.1246': attribute type 21 has an invalid length.
[  182.888117][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.062048][ T9982] geneve3: entered promiscuous mode
[  183.313886][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  183.326695][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  183.339996][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  183.367737][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  183.386672][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  183.537858][T10014] netlink: 'syz.0.1260': attribute type 21 has an invalid length.
[  183.667690][   T13] bridge_slave_1: left allmulticast mode
[  183.673557][   T13] bridge_slave_1: left promiscuous mode
[  183.690233][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.747500][   T13] bridge_slave_0: left allmulticast mode
[  183.753204][   T13] bridge_slave_0: left promiscuous mode
[  183.793741][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.847132][ T1207] page_pool_release_retry() stalled pool shutdown: id 27, 1 inflight 60 sec
[  184.623187][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  184.644087][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  184.661401][   T13] bond0 (unregistering): Released all slaves
[  184.990815][T10054] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  185.026123][T10054] netdevsim netdevsim1 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  185.245188][T10070] __nla_validate_parse: 9 callbacks suppressed
[  185.245207][T10070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1276'.
[  185.293554][T10054] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  185.312958][T10054] netdevsim netdevsim1 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  185.338953][T10075] netlink: 'syz.2.1277': attribute type 21 has an invalid length.
[  185.422385][T10054] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  185.456015][T10054] netdevsim netdevsim1 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  185.521531][T10075] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1277'.
[  185.533548][ T5834] Bluetooth: hci2: command tx timeout
[  185.680080][T10054] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  185.698243][T10054] netdevsim netdevsim1 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  185.911798][   T13] hsr_slave_0: left promiscuous mode
[  185.963682][   T13] hsr_slave_1: left promiscuous mode
[  185.971595][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.982731][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.998487][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.016243][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.046798][   T13] veth1_macvtap: left promiscuous mode
[  186.052585][   T13] veth0_macvtap: left promiscuous mode
[  186.066879][   T13] veth1_vlan: left promiscuous mode
[  186.072469][   T13] veth0_vlan: left promiscuous mode
[  186.769841][   T13] team0 (unregistering): Port device team_slave_1 removed
[  186.807868][   T13] team0 (unregistering): Port device team_slave_0 removed
[  187.177466][T10116] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  187.244929][T10054] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  187.329966][T10054] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  187.345623][T10122] netlink: 300 bytes leftover after parsing attributes in process `syz.0.1289'.
[  187.393409][T10054] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  187.426493][T10054] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  187.454782][T10126] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1290'.
[  187.515478][T10054] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  187.557158][T10054] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  187.581897][T10001] chnl_net:caif_netlink_parms(): no params data found
[  187.606672][ T5834] Bluetooth: hci2: command tx timeout
[  187.721212][T10054] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  187.775256][T10054] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  188.108650][T10151] netlink: 'syz.2.1300': attribute type 21 has an invalid length.
[  188.390443][T10158] bridge_slave_1: default FDB implementation only supports local addresses
[  188.554046][T10001] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.601321][T10001] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.623740][T10001] bridge_slave_0: entered allmulticast mode
[  188.638236][T10001] bridge_slave_0: entered promiscuous mode
[  188.672849][T10001] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.698461][T10001] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.724130][T10001] bridge_slave_1: entered allmulticast mode
[  188.761232][T10001] bridge_slave_1: entered promiscuous mode
[  189.089931][T10195] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1312'.
[  189.151137][T10001] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.178320][T10194] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.219330][T10001] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.318025][T10194] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.449854][T10194] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.500661][T10001] team0: Port device team_slave_0 added
[  189.545222][T10001] team0: Port device team_slave_1 added
[  189.564333][T10194] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.584686][T10211] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1318'.
[  189.687946][ T5834] Bluetooth: hci2: command tx timeout
[  189.729170][T10001] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.743974][T10001] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.835488][T10001] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.868907][T10001] batman_adv: batadv0: Adding interface: batadv_slave_1
[  189.875899][T10001] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.946489][T10001] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.008216][T10194] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.055059][T10231] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1325'.
[  190.068729][T10194] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.104299][T10194] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.143570][T10231] geneve3: entered promiscuous mode
[  190.215147][T10194] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.255890][T10237] netlink: 300 bytes leftover after parsing attributes in process `syz.0.1327'.
[  190.295464][T10001] hsr_slave_0: entered promiscuous mode
[  190.315090][T10001] hsr_slave_1: entered promiscuous mode
[  190.352733][T10001] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  190.382384][T10001] Cannot create hsr debugfs directory
[  190.497264][T10245] netlink: 1760 bytes leftover after parsing attributes in process `syz.1.1330'.
[  190.894276][T10261] netlink: 'syz.1.1335': attribute type 21 has an invalid length.
[  191.002580][T10261] netlink: 'syz.1.1335': attribute type 6 has an invalid length.
[  191.031858][T10264] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1336'.
[  191.766473][ T5834] Bluetooth: hci2: command tx timeout
[  191.775487][T10293] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1346'.
[  191.815182][T10295] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.867343][T10293] geneve3: entered promiscuous mode
[  192.024371][T10295] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.192142][T10308] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1352'.
[  192.239807][T10295] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.344740][T10308] 0·: renamed from hsr_slave_1 (while UP)
[  192.359966][T10308] 0·: entered allmulticast mode
[  192.374199][T10308] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  192.455639][T10295] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.666709][T10323] netlink: 'syz.1.1356': attribute type 21 has an invalid length.
[  192.795489][T10295] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.909216][T10295] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.976495][T10295] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.044386][T10001] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  193.085393][T10295] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.107209][T10001] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  193.160206][T10001] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  193.225238][T10001] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  193.251916][T10346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1363'.
[  193.427543][T10346] geneve2: entered promiscuous mode
[  193.591962][T10364] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1370'.
[  193.861813][T10001] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.935449][    C0] Unknown status report in ack skb
[  193.957447][T10001] 8021q: adding VLAN 0 to HW filter on device team0
[  193.975343][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.996673][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.036774][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.043945][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.061615][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.070285][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.103129][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.110345][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.133945][ T1078] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.134133][T10383] netlink: 'syz.1.1377': attribute type 21 has an invalid length.
[  194.151381][ T1078] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.186875][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  194.193388][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  194.279850][ T1078] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.321326][T10001] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  194.328758][ T1078] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.372896][T10389] xt_hashlimit: invalid interval
[  194.450692][   T36] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  194.551697][ T1322] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.561537][T10397] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  194.593077][ T1322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.618170][T10397] netdevsim netdevsim1 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  194.627629][T10401] netlink: 'syz.3.1383': attribute type 30 has an invalid length.
[  194.655677][ T1322] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.669812][ T1322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.802208][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.856314][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.878500][T10397] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  194.911463][   T53] ------------[ cut here ]------------
[  194.917412][   T53] WARNING: CPU: 0 PID: 53 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3ca/0x440
[  194.927471][   T53] Modules linked in:
[  194.931591][   T53] CPU: 0 UID: 0 PID: 53 Comm: kworker/u8:3 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  194.943691][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.953860][   T53] Workqueue: cfg80211 cfg80211_event_work
[  194.959705][   T53] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[  194.965930][   T53] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 32 62 09 f7 90 0f 0b 90 eb bd e8 27 62 09 f7 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 17 62 09 f7 90 0f 0b 90 e9 de fd
[  194.986006][   T53] RSP: 0018:ffffc90000bf7980 EFLAGS: 00010293
[  194.992542][   T53] RAX: ffffffff8ab66e29 RBX: dffffc0000000000 RCX: ffff88801daabc00
[  195.000630][   T53] RDX: 0000000000000000 RSI: ffffffff8d74ac7a RDI: ffffffff8bc1d260
[  195.008723][   T53] RBP: ffffc90000bf7a58 R08: ffffffff8f7ed277 R09: 1ffffffff1efda4e
[  195.016769][   T53] R10: dffffc0000000000 R11: fffffbfff1efda4f R12: ffff8880273e4d90
[  195.024996][   T53] R13: 1ffff9200017ef38 R14: ffff88805b6bb338 R15: 0000000000000006
[  195.031459][T10397] netdevsim netdevsim1 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  195.033004][   T53] FS:  0000000000000000(0000) GS:ffff8881260cc000(0000) knlGS:0000000000000000
[  195.051957][   T53] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  195.058658][   T53] CR2: 00007f3a23db6700 CR3: 0000000039bce000 CR4: 00000000003526f0
[  195.066737][   T53] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  195.074732][   T53] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  195.082762][   T53] Call Trace:
[  195.086064][   T53]  <TASK>
[  195.089050][   T53]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.094283][   T53]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  195.100358][   T53]  ? cfg80211_event_work+0x24/0x60
[  195.105515][   T53]  ? __pfx___mutex_lock+0x10/0x10
[  195.110610][   T53]  cfg80211_process_wdev_events+0x38a/0x4f0
[  195.116596][   T53]  cfg80211_process_rdev_events+0xa1/0x110
[  195.122426][   T53]  cfg80211_event_work+0x2c/0x60
[  195.128306][   T53]  ? process_scheduled_works+0x9ec/0x17a0
[  195.134073][   T53]  process_scheduled_works+0xadb/0x17a0
[  195.139862][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  195.145917][   T53]  worker_thread+0x8a0/0xda0
[  195.150623][   T53]  kthread+0x70e/0x8a0
[  195.154734][   T53]  ? __pfx_worker_thread+0x10/0x10
[  195.159982][   T53]  ? __pfx_kthread+0x10/0x10
[  195.164600][   T53]  ? __pfx_kthread+0x10/0x10
[  195.169257][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  195.174491][   T53]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.179769][   T53]  ? __pfx_kthread+0x10/0x10
[  195.184406][   T53]  ret_from_fork+0x4b/0x80
[  195.188929][   T53]  ? __pfx_kthread+0x10/0x10
[  195.193553][   T53]  ret_from_fork_asm+0x1a/0x30
[  195.198422][   T53]  </TASK>
[  195.201488][   T53] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  195.208782][   T53] CPU: 0 UID: 0 PID: 53 Comm: kworker/u8:3 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  195.220772][   T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.230855][   T53] Workqueue: cfg80211 cfg80211_event_work
[  195.236616][   T53] Call Trace:
[  195.239937][   T53]  <TASK>
[  195.242893][   T53]  dump_stack_lvl+0x99/0x250
[  195.247528][   T53]  ? __asan_memcpy+0x40/0x70
[  195.252150][   T53]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.257406][   T53]  ? __pfx__printk+0x10/0x10
[  195.262038][   T53]  panic+0x2db/0x790
[  195.265973][   T53]  ? __pfx_panic+0x10/0x10
[  195.270417][   T53]  ? show_trace_log_lvl+0x4fb/0x550
[  195.275637][   T53]  ? ret_from_fork_asm+0x1a/0x30
[  195.280587][   T53]  __warn+0x31b/0x4b0
[  195.284578][   T53]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  195.290152][   T53]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  195.295729][   T53]  report_bug+0x2be/0x4f0
[  195.300061][   T53]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  195.305611][   T53]  ? __cfg80211_ibss_joined+0x3ca/0x440
[  195.311167][   T53]  ? __cfg80211_ibss_joined+0x3cc/0x440
[  195.316747][   T53]  handle_bug+0x84/0x160
[  195.321004][   T53]  exc_invalid_op+0x1a/0x50
[  195.325518][   T53]  asm_exc_invalid_op+0x1a/0x20
[  195.330370][   T53] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440
[  195.336553][   T53] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 32 62 09 f7 90 0f 0b 90 eb bd e8 27 62 09 f7 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 17 62 09 f7 90 0f 0b 90 e9 de fd
[  195.356168][   T53] RSP: 0018:ffffc90000bf7980 EFLAGS: 00010293
[  195.362253][   T53] RAX: ffffffff8ab66e29 RBX: dffffc0000000000 RCX: ffff88801daabc00
[  195.370223][   T53] RDX: 0000000000000000 RSI: ffffffff8d74ac7a RDI: ffffffff8bc1d260
[  195.378200][   T53] RBP: ffffc90000bf7a58 R08: ffffffff8f7ed277 R09: 1ffffffff1efda4e
[  195.386177][   T53] R10: dffffc0000000000 R11: fffffbfff1efda4f R12: ffff8880273e4d90
[  195.394154][   T53] R13: 1ffff9200017ef38 R14: ffff88805b6bb338 R15: 0000000000000006
[  195.402142][   T53]  ? __cfg80211_ibss_joined+0x3c9/0x440
[  195.407707][   T53]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.412914][   T53]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  195.418811][   T53]  ? cfg80211_event_work+0x24/0x60
[  195.423937][   T53]  ? __pfx___mutex_lock+0x10/0x10
[  195.428972][   T53]  cfg80211_process_wdev_events+0x38a/0x4f0
[  195.434884][   T53]  cfg80211_process_rdev_events+0xa1/0x110
[  195.440704][   T53]  cfg80211_event_work+0x2c/0x60
[  195.445825][   T53]  ? process_scheduled_works+0x9ec/0x17a0
[  195.451553][   T53]  process_scheduled_works+0xadb/0x17a0
[  195.457144][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  195.463175][   T53]  worker_thread+0x8a0/0xda0
[  195.467817][   T53]  kthread+0x70e/0x8a0
[  195.471904][   T53]  ? __pfx_worker_thread+0x10/0x10
[  195.477024][   T53]  ? __pfx_kthread+0x10/0x10
[  195.481639][   T53]  ? __pfx_kthread+0x10/0x10
[  195.486232][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  195.491426][   T53]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.496623][   T53]  ? __pfx_kthread+0x10/0x10
[  195.501214][   T53]  ret_from_fork+0x4b/0x80
[  195.505625][   T53]  ? __pfx_kthread+0x10/0x10
[  195.510212][   T53]  ret_from_fork_asm+0x1a/0x30
[  195.514987][   T53]  </TASK>
[  195.518138][   T53] Kernel Offset: disabled
[  195.522463][   T53] Rebooting in 86400 seconds..