last executing test programs:

22.207528921s ago: executing program 3 (id=2104):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'bond0\x00', <r1=>0x0})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth1_to_batadv\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'bridge0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c0000001d00070f000000000000000007000000", @ANYRES32=r5, @ANYBLOB="400003"], 0x1c}}, 0x0)
getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000380)={@rand_addr, <r7=>0x0}, &(0x7f0000000880)=0x14)
r8 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="00000000f3f00000009d6300000000", @ANYRESOCT=r3, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c", @ANYRES32, @ANYRES16=r4, @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x20040084}, 0x8800)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000008c0)={'team0\x00', <r9=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001440)={&(0x7f0000000b00)=ANY=[@ANYBLOB='p\a\x00\x00', @ANYRES16=0x0, @ANYBLOB="040129bd7000fcdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="ec01028038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000400000074000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000440004000e0005070700000005000cb001000080020001674300000009004bf600000000ff03008b170e000009000700090000000000040608000000000002000600000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004001800000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000100000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="84000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000005400040003000100040000000600a3000400000009000583ff01000001000f400300000000010a04db0d000001800700020000000900020f00000000f008800e51f700000100010461fffffff9ff060b0100000008000100", @ANYRES32=0x0, @ANYBLOB="a00002805c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c000400050000b005000000ff0740fa4b0e00000101035206000000f2ff0302ff7fffff01015a0951dc000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000200000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="800002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r1, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400e580000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="6401028038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400ffffff7f40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000800000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004005d000000080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000005000300030000000800040060d7000008000100", @ANYRES32=0x0, @ANYBLOB="0001028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400b311ffff08000600", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="400002803c000104240000000000000000000005000300060000000400040008000600"/60, @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="74010280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000900000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040001000080080007000000000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040029780000"], 0x770}, 0x1, 0x0, 0x0, 0x24000804}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0xa, 0x0, &(0x7f00000003c0)="452846938cebbd031f4d", 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$binfmt_script(r0, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
shutdown(r0, 0x0)
r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r11, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000001114000427bd7000ffdbdf25080001000000000008004f0003000000080003000000000008003e000400000008003e0001000000080003000400000008004a00000000000800010000000000"], 0x50}}, 0x6040000)
socket$netlink(0x10, 0x3, 0xe)

20.915426269s ago: executing program 3 (id=2114):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
unshare(0x2000400)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x34, 0x2, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80000)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0xd55c, @none, 0xde}, 0xe)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="01000000", @ANYRES16=r3, @ANYRES32=r2, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={0x0}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000200), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000004600000000010000000c0002000800000000000000100007"], 0x30}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r10, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="280000211873d669fd72ca7900", @ANYRES16=r11, @ANYBLOB="0100000000000000000002000000140001800d0001007564703a73797a3200000000"], 0x28}}, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000001c40)={0x34c, r11, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1b32016c}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7fffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x95e}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x20}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER={0x84, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x5, @mcast2, 0x8000}}, {0x14, 0x2, @in={0x2, 0x4e23, @empty}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @local}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_NET={0x4}, @TIPC_NLA_MEDIA={0x84, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x398ae60e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x50ee}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}]}]}, @TIPC_NLA_BEARER={0xe0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x911b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x4, @local, 0x6}}, {0x14, 0x2, @in={0x2, 0x4e22, @multicast2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x77c}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e22, @multicast2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffff6ca2}, @TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'syzkaller1\x00'}}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xd05e}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7e}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xff}]}, @TIPC_NLA_NODE={0xe8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xfffff800}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_ID={0xc8, 0x3, "9087e61550130e50718747bb0a148e3e37169cb557bb4d654d93aba7881ee50c1dad11226d661da9df42b9cc1bbeb8501392f167d535e43f9e00e40a6fdada23b4b34229a9ee8585c28fcf18216992839092cef47fa99a8217df53e258b77334e19d9cd98196265cb54017cfb253427070365028e9decf4bc476d9b47d4ab8544b58c34eb4942b61847d5f0b0eb097c9a69e9264855692727c61dee2c5dde908c606a3577fab012d757963a61637bae2eebe6c9bb9f515c62993a0b112b612fb4918b59b"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7c6f}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}]}]}, 0x34c}, 0x1, 0x0, 0x0, 0x48080}, 0x10)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000880)={0x4c, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16ad}], @NL80211_ATTR_FRAME={0x24, 0x33, @assoc_resp={{{}, {}, @device_a, @device_a, @from_mac=@device_b}, 0x0, 0x0, @default, @val, @void}}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x4c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

20.688164361s ago: executing program 3 (id=2117):
socket$kcm(0xa, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
sendmmsg$inet(r3, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
recvmmsg(r3, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/230, 0xe6}], 0x1}}], 0x1, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)="a2", 0x1}], 0x1}, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000c40)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="22003300d000000008021100000108021100000050505050505000000f04000000000000"], 0x40}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0xd5b, 0x8000, 0x0, 0xffffffffffffffff, 0x7fffffff}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="1802000000000000000000000000000085b1551db8000000a90000009500d04858e52e850000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r9, {0xb}, {}, {0x0, 0x5}}}, 0x24}}, 0x0)
unshare(0x20000400)
r10 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
connect$802154_dgram(r10, &(0x7f0000000040)={0x24, @long={0x2}}, 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r5, 0x58, &(0x7f0000000380)}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r5, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0}}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000140)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r12, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000b40)=ANY=[@ANYRES8=r6, @ANYRES32=r11, @ANYBLOB="0100000000000000001201998a2460110044", @ANYRESOCT, @ANYBLOB="0a00180003030303030300001c005a8018000480140005000000000000000000000000000000000019f5cf7b8b582d729b4774952e4aacb2e27441b273fd94e4243a2985e36ec24d8a2b93e459a8f4463f9def57f76229a5cae5f608141f87ae4f3fef05fe12711f8eacc2066cd87af3f6f6e3232896662c63cb11b964019f11d78b6a17"], 0x44}}, 0x20000010)

19.457355922s ago: executing program 3 (id=2130):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000010101010000000000004c0d0000000000040400"], 0x18}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000000080)="ce", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a800160020000140000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5c63bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc00"/216, 0xd8}], 0x1}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, 0x0, &(0x7f0000007240))
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r7, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x61b6}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r8, 0x1}, 0x1c}}, 0x0)

18.441595415s ago: executing program 3 (id=2140):
socket$inet(0xa, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000400)={0x0, 0x3000000, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, r2, 0xd9b2794f6a139537, 0x3e7, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={0x0, 0x254}}, 0x0)

18.026429245s ago: executing program 1 (id=2146):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="c0", 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x10010, r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000540)={0x0, 0x10, &(0x7f0000000500)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000580)=0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000440), 0x8)
r2 = socket$kcm(0x2b, 0x1, 0x0)
close(r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r6}]}, 0x20}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8b30, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x20, 0x10, 0x437, 0x7000000, 0x0, {0x0, 0x0, 0x0, r6, 0x192}}, 0x20}}, 0x0)

18.021750405s ago: executing program 3 (id=2147):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, 0x0, 0x0, 0x2, 0xdf, &(0x7f0000000500)=""/223}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x20, 0x0, 0x7, 0x201, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000000c0)={<r3=>r2, 0x2, 0xa6, 0x2})
accept4$llc(r3, 0x0, &(0x7f0000000180), 0x800) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000380), 0x5, r2}, 0x38) (async)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r4, 0x0) (async)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10) (async)
r6 = accept(r4, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x12, 0x4, 0x4, 0xa4}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000300), &(0x7f00000002c0)=@tcp6=r6, 0x3}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r2, &(0x7f00000004c0)="cb", &(0x7f0000000340)=""/126}, 0x20)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r9}, 0x10) (async)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) (async)
write$bt_hci(r10, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e000100020075"], 0x8) (async)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x24, 0x9, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)

17.632097197s ago: executing program 1 (id=2148):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000000140)=[{{&(0x7f0000000000)={0x25, 0x0, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@flowinfo={{0x14, 0x29, 0xb, 0x10000}}], 0x18}}], 0x1, 0x0)

17.52861258s ago: executing program 1 (id=2150):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000010101010000000000004c0d0000000000040400"], 0x18}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000000080)="ce", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a800160020000140000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5c63bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc00"/216, 0xd8}], 0x1}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, 0x0, &(0x7f0000007240))
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r6, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x61b6}]}, 0x38}}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r7, 0x1}, 0x1c}}, 0x0)

16.932982757s ago: executing program 1 (id=2153):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @local}, &(0x7f0000000300)=0x1c)
recvfrom$inet6(r2, &(0x7f0000000340)=""/7, 0x7, 0x2000, &(0x7f0000000380)={0xa, 0x4e24, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x81}, 0x1c)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r1, 0x200, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40804}, 0x4040010)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3000000078000100000000000000000007"], 0x30}}, 0x4801)
r3 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000100)=0x1c, 0x80800)
connect$inet6(r3, &(0x7f0000000140)={0xa, 0x4e21, 0x6, @private1, 0x4}, 0x1c)
close(0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bind$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000180)={r5, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x84)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000200)=0x8)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x85, &(0x7f0000000300)={r10, @in={{0x2, 0x0, @empty}}}, 0x90)

15.990855958s ago: executing program 1 (id=2163):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="18000000010101010000000000004c0d0000000000040400"], 0x18}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000000080)="ce", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a800160020000140000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5c63bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc00"/216, 0xd8}], 0x1}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, 0x0, &(0x7f0000007240))
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r6, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r7, 0x1}, 0x1c}}, 0x0)

15.376613607s ago: executing program 1 (id=2166):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r3, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
setsockopt$inet6_udp_int(r3, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
recvmmsg(r3, &(0x7f0000000040), 0x400000000000284, 0x3, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x9, @private2}]}, &(0x7f0000000180)=0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000240)=@filter={'filter\x00', 0x2, 0x4, 0x3f8, 0xffffffff, 0x0, 0x0, 0x1a0, 0xfeffffff, 0xffffffff, 0x328, 0x328, 0x328, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'bond_slave_0\x00'}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x5}}}, {{@ipv6={@rand_addr=' \x01\x00', @empty, [], [], 'sit0\x00', 'dvmrp0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@eui64={{0x28}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @loopback, @remote}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={r4, @in={{0x2, 0x0, @empty}}, 0x0, 0x4000, 0x0, 0xc, 0x26}, 0x9c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000200)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, @dev={0xfe, 0x80, '\x00', 0x25}, 0x401, 0x0, 0x0, 0x100, 0x3, 0x80000002})
pipe(&(0x7f00000003c0))
setsockopt$inet6_int(r5, 0x29, 0x1, &(0x7f0000000100)=0x8, 0x4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)={0x1c, 0x0, 0x0, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

2.970440975s ago: executing program 4 (id=2249):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB="84010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b800800090000000000080009000000000008000a000000000008000a000000000008000a000000000008000900000000000800090067f6b13308000a000000000008000a000000000008000900975b9b5e04000b801c000b800800090000000000080009005e2a2d7a080009000000000024000b80080009e6ff0000000800090000000000080009000000000008000900000000005c000b800800"], 0x184}}, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'xfrm0\x00'})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x0, <r3=>0x0}, 0x8)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="17090000000000000000010000000500070000000000080009000000000014002000ff00000000000000000000000000000108000a0000000000060002000100000014001f00000000000000000000000000000000004077baf58a15187ec1870f7f683b0e43378d0f790b0ca21c83df98c957d5c26b92a4e4fb3729ebb074bd3a955b41a49ff41e71ac74f4332924c63f841849803a0a1c7b9f7827895972a13f26694f1430418e32853f04adead2d5410dafacbef21cbe9f96e12882017fca88c78b457320a9c30b5717800559df2de06ef00656f409e8e33564f2afd79d2b7b0ad96cac87883c722e40e800c7267da2071deaa067d87759913e0ee7e14906738b29d9b82de2da0e0c48d5d1959d7d1c"], 0x5c}, 0x1, 0x620b}, 0x0)
r7 = socket$kcm(0x29, 0x7, 0x0)
r8 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000280)=0x10, 0x800)
ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f00000002c0)={r8})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x11, 0x6c}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, r3}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)

2.50412929s ago: executing program 4 (id=2253):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="d8000000180081064e81f782db4cb904021d0800fd027c05e8fe55a10a0006000140020203600e41b0000900ac0006031100000016000500000000000004015c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af26c8b7b55f4d2a6823a45f28fcb1d", 0xd8}], 0x1}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x70, 0x0, 0x9, 0x3, 0x0, 0x0, {}, [@NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x4, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x70}}, 0x0)

2.474966554s ago: executing program 2 (id=2254):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000095c0), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000009a00)={0x0, 0x0, &(0x7f00000099c0)={&(0x7f0000009940)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000671398a8b200000000000000010000002800018014"], 0x3c}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000d40)={0x0, 0x8, &(0x7f0000000080)={&(0x7f0000000c80)={0x20, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}]}]}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})
r3 = epoll_create1(0x0)
vmsplice(r3, &(0x7f0000001700)=[{0x0}, {0xfffffffffffffffd}], 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000300)='M', 0x0, 0x2}, 0x20)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000300)=ANY=[], 0x6)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000006c0)=""/214, 0xd6}, {&(0x7f0000000a00)=""/242, 0xf2}, {&(0x7f0000001140)=""/4050, 0xfd2}, {&(0x7f0000000240)=""/191, 0xbf}, {&(0x7f0000000500)=""/217, 0xd9}, {&(0x7f0000000040)=""/25, 0x19}, {&(0x7f0000000b00)=""/210, 0xd2}, {&(0x7f0000000300)=""/143, 0x8f}], 0x8}, 0x0)
r6 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0xffff8000)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
unshare(0x20040600)
socket$can_j1939(0x1d, 0x2, 0x7)
r8 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r8, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
ioctl$sock_TIOCINQ(r8, 0x541b, &(0x7f0000000200))
r9 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r9, 0x104, 0x7, &(0x7f0000000040)=0x3ff, 0x4)
connect$inet(r7, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)

2.263892945s ago: executing program 4 (id=2256):
unshare(0xe020600)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'macvtap0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000007b0001"], 0x20}}, 0x0)

2.1966005s ago: executing program 4 (id=2257):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x0, 0x300)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000010140)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='hybla\x00', 0x1e)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="0c000180080007"], 0x24}}, 0x0)
socket$packet(0x11, 0x0, 0x300)
bind$inet(r2, &(0x7f0000000140)={0x2, 0x0, @multicast2}, 0x10)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(r2, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES64=r0], 0x7c}, 0x1, 0x0, 0x0, 0x24000841}, 0x4000024)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, 0x7, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, 0x2c}}, 0x0)

2.12873501s ago: executing program 2 (id=2258):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
pipe(&(0x7f0000000240))
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x18}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
shutdown(r2, 0x1)
shutdown(r2, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000180)=0x6, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL802154_CMD_SET_CCA_MODE(r4, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x0, 0x93b, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c800}, 0x8801)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
splice(r7, 0x0, r9, 0x0, 0x8000f28, 0x0)
splice(r8, 0x0, r5, 0x0, 0x7f, 0xe)
write(r6, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
recvmmsg(r2, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'dvmrp1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000000c0)=@newqdisc={0x94, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x64, 0x2, {{}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x0, 0x7, 0x94e, 0x4}}]}]}}}]}, 0x94}}, 0x0)

2.04385708s ago: executing program 0 (id=2259):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@bridge_newvlan={0x24, 0x70, 0x4, 0x0, 0x0, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8}}]}, 0x24}}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@bridge_newvlan={0x24, 0x70, 0x4, 0x0, 0x0, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8}}]}, 0x24}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$SIOCSIFHWADDR(r0, 0x8b1a, &(0x7f0000000000)={'virt_wifi0\x00', @random="0200002000"})

1.874130425s ago: executing program 0 (id=2260):
r0 = socket$kcm(0x10, 0x5, 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030000000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r0, 0x5, 0x1, 0x31})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x42}, 0x10)
bind$tipc(r2, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10)
r4 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x83f}, 0x10)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
sendmsg$tipc(r2, &(0x7f0000001b40)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10, 0x0}, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x3)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "99ddf8a28736739d", "a482054a87de131d3dd3d97cb4989aef", "b1298550", "908869dda33d6364"}, 0x28)
sendfile(r1, r5, &(0x7f0000000100), 0x10001)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000080), 0x4)

1.55232146s ago: executing program 0 (id=2261):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000004e79da00000002000063000000000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc3, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff52}, 0x37)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000000201020000000000000000020000000800044000"/40], 0x28}}, 0x0)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, &(0x7f0000000040))
socket$inet_sctp(0x2, 0x0, 0x84)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x18, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000032c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000106600000008000300", @ANYRES32=r4, @ANYBLOB="08002600940900000800b70000000000"], 0x2c}}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, &(0x7f0000000180)=0x800, 0x4)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000640)={0x0, @in={{0x2, 0x4e20, @rand_addr=0x64010102}}, [0x0, 0x0, 0xffffffff, 0x7fff, 0x8, 0x1, 0xffffffffffffffff, 0x0, 0x200000000000, 0x8, 0x6efbee9a, 0x9, 0x7f23, 0x80000001, 0xd]}, &(0x7f0000000280)=0x100)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000140)='xen_mc_flush_reason\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000740)={'veth0_to_team\x00'})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000010003b15000000000000a42b92c60000", @ANYRES32=0x0, @ANYRESDEC=r4], 0x38}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd"], 0x0, 0x0, 0x11}, 0x90)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000004000000000010000000900010073797a300000000048000000030a01020000000000000000010000000900010073797a3000000000080007006e6174000900030073797a32000000001400048008000240ffffff9c080001"], 0x90}}, 0x0)
r9 = socket$inet(0x2, 0x3, 0x100)
setsockopt$inet_int(r9, 0x0, 0x22, &(0x7f0000000040), 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'macvlan0\x00', <r10=>0x0})
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000010000305000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="1501000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r10, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r10, @ANYBLOB], 0x44}}, 0x0)

865.94644ms ago: executing program 2 (id=2262):
r0 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000213, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)

862.474937ms ago: executing program 0 (id=2263):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x280, 0x0, 0x0, 0x148, 0x0, 0x148, 0x1e8, 0x240, 0x240, 0x1e8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x6}, 0x0, 0xe8, 0x150, 0x0, {}, [@common=@ttl={{0x28}}, @common=@inet=@multiport={{0x50}, {0x0, 0x20}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x87, 0x0, 0x0, 0x0, 0x58}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRES8=r1], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x403}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000f80)='mm_page_alloc\x00', r3}, 0x10)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3c0, 0x1e8, 0x1e8, 0xe8, 0x2d8, 0x2d8, 0x2d8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@uncond, 0xc0, 0x100, 0x0, {0x0, 0x1e03}}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "2c3bb27d9d5b379b853c7744b526e29755ec721db80fdb00f95f8a608b8d"}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x80}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x410)
unshare(0x22020600)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r4, 0x0, 0x2e, &(0x7f00000006c0)="170000000200020000ffbe8c5ee17688a2004400010100000057fc5ad90200fb6a880000d6c9db0000db15d088bd8b7002300e00d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c805bbf9315033bf79ac2dfc061f15003901cee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02d8e9e90539062a80e605007f71174ab498ff0b3e5a1b47b6df7b23ded2aa000000dab9aedfd67b6e0e713f7ccd2bd845fca7d5fa639e1b6316f8027d2e460f0e83ec5edaca555a7ea110b0e56ea9ca64a7d52b51", 0xfd61)
ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000440)=r3)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f00000007c0)=@assoc_value={<r6=>0x0}, &(0x7f00000000c0)=0x6)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x66, &(0x7f0000000100)={r6, 0x0, 0x0, 0x1, 0x6}, &(0x7f0000002380)=0x18)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f0000000680))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={0x0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000040)={0x18, 0x0, {0x3, @random="971cfc61a030", 'geneve0\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r2, 0x4008b100, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080488a8ffff0600270000000000"], 0x44}}, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r9, &(0x7f0000000180), 0x2000)
openat$cgroup_ro(r2, &(0x7f00000005c0)='blkio.bfq.sectors\x00', 0x7a05, 0x1700)

760.092907ms ago: executing program 2 (id=2264):
socket$packet(0x11, 0x0, 0x300)
pipe(0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000096008a0000002700000085000000070000009500000000000000512ffc6b3aeecaf83c2a8e5e40c73e34ba46613270de1605f74ec973b52d74829a1aa532828747974bfaa9a5ff73d41103bc56b9b46d4765c5cf28d1aa4d3df9d7c009ffd59a52b36f1805cdbdfe4473eb4dbddf574cbbabc2658c472d10"], &(0x7f0000000680)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
recvmmsg(r0, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12100, 0x0)

706.97561ms ago: executing program 2 (id=2265):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
pipe(0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))
socket(0x10, 0x803, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0xffffff14, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r1], 0x50}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="500000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100030000000c0002001c0000000f00000008000500", @ANYRES32=r3], 0x50}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000040)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x1b)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="20fff00011000d04000000000800000000000000", @ANYRES32=r5], 0x20}, 0x1, 0x6}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)=ANY=[@ANYBLOB], 0xf8}}, 0x0)

511.897089ms ago: executing program 0 (id=2266):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$kcm(0x2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socket$inet6_sctp(0xa, 0x0, 0x84)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, 0x0, 0x0)
r1 = socket(0x2c, 0x803, 0x0)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x8920, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000580)={'syztnl2\x00', 0x0, 0x80de, 0x7800, 0x3, 0x7ff, {{0x9, 0x4, 0x3, 0x36, 0x24, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@lsrr={0x83, 0x3, 0x5c}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@empty, 0xc0f}]}]}}}}})
bpf$OBJ_GET_PROG(0x7, &(0x7f0000001240)=@generic={&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}, 0x18)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, 0xffffffffffffffff, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, 0x0)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000480)={'virt_wifi0\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$nl_route_sched(r2, 0x0, 0x0)

335.898374ms ago: executing program 4 (id=2267):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000095c0), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000009a00)={0x0, 0x0, &(0x7f00000099c0)={&(0x7f0000009940)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000671398a8b200000000000000010000002800018014037deed73d8f"], 0x3c}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000d40)={0x0, 0x8, &(0x7f0000000080)={&(0x7f0000000c80)={0x20, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}]}]}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})
r3 = epoll_create1(0x0)
vmsplice(r3, &(0x7f0000001700)=[{0x0}, {0xfffffffffffffffd}], 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000300)='M', 0x0, 0x2}, 0x20)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000300)=ANY=[], 0x6)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000006c0)=""/214, 0xd6}, {&(0x7f0000000a00)=""/242, 0xf2}, {&(0x7f0000001140)=""/4050, 0xfd2}, {&(0x7f0000000240)=""/191, 0xbf}, {&(0x7f0000000500)=""/217, 0xd9}, {&(0x7f0000000040)=""/25, 0x19}, {&(0x7f0000000b00)=""/210, 0xd2}, {&(0x7f0000000300)=""/143, 0x8f}], 0x8}, 0x0)
r6 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0xffff8000)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
unshare(0x20040600)
socket$can_j1939(0x1d, 0x2, 0x7)
r8 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r8, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
ioctl$sock_TIOCINQ(r8, 0x541b, &(0x7f0000000200))
r9 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r9, 0x104, 0x7, &(0x7f0000000040)=0x3ff, 0x4)
connect$inet(r7, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)

72.329892ms ago: executing program 4 (id=2268):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)
setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='vlan0\x00', 0x10)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000040)=0x80000001, 0x4)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1}, 0x48)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r2, 0x0, 0x20000000}, 0x20)
r3 = socket(0x840000000002, 0x3, 0xff)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="6c0000000001010400000000000000000200f4ff2300018014000180080001007f00000908e00000020c000280050001000000000008000200ac1e00010c000280050001000000000008000740000000000800058004000180a07bde1256000000"], 0x6c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000400a8000600200005400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db79826", 0x99}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[], 0x32600)
socket$alg(0x26, 0x5, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)={0x30, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "28c4"}]}, 0x30}}, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

67.052136ms ago: executing program 2 (id=2269):
r0 = socket$kcm(0x10, 0x5, 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030000000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r0, 0x5, 0x1, 0x31})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x42}, 0x10)
bind$tipc(r2, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x1}}, 0x10)
r4 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x83f}, 0x10)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
sendmsg$tipc(r2, &(0x7f0000001b40)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10, 0x0}, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x3)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "99ddf8a28736739d", "a482054a87de131d3dd3d97cb4989aef", "b1298550", "908869dda33d6364"}, 0x28)
sendfile(r1, r5, &(0x7f0000000100), 0x10001)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000080), 0x4)

0s ago: executing program 0 (id=2270):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x300, &(0x7f0000000200)={&(0x7f0000000640)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in6=@remote, @in6=@private1}, {@in6=@dev}, @in=@multicast2}}}, 0xf8}}, 0x0)

kernel console output (not intermixed with test programs):

027659][ T9072] RSP: 002b:00007f05997ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  213.038828][ T9072] RAX: ffffffffffffffda RBX: 00007f0599f03f60 RCX: 00007f0599d75a19
[  213.050662][ T9072] RDX: 000000000000000d RSI: 0000000020000080 RDI: 0000000000000004
[  213.062440][ T9072] RBP: 00007f05997ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  213.072483][ T9072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.082799][ T9072] R13: 000000000000000b R14: 00007f0599f03f60 R15: 00007ffef41f3048
[  213.092911][ T9072]  </TASK>
[  213.626786][ T9092] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1188'.
[  213.701006][ T9095] netlink: 'syz.3.1188': attribute type 8 has an invalid length.
[  213.738817][ T9095] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1188'.
[  213.860045][ T9103] netlink: 'syz.0.1193': attribute type 1 has an invalid length.
[  213.879101][ T9103] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1193'.
[  213.945965][ T9102] ip6t_REJECT: ECHOREPLY is not supported
[  213.959627][ T9105] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1195'.
[  213.980420][ T9105] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1195'.
[  213.994844][ T9105] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1195'.
[  214.220457][ T4486] Bluetooth: hci3: command 0x0405 tx timeout
[  214.430213][ T9113] syzkaller0: entered promiscuous mode
[  214.436485][ T9113] syzkaller0: entered allmulticast mode
[  214.702744][ T9120] Bluetooth: MGMT ver 1.22
[  214.906659][ T9114] infiniband syz1: set down
[  214.924254][ T9114] infiniband syz1: added syzkaller0
[  215.082978][ T9114] RDS/IB: syz1: added
[  215.089232][ T9114] smc: adding ib device syz1 with port count 1
[  215.137410][ T9114] smc:    ib device syz1 port 1 has pnetid SYZ0 (user defined)
[  217.125090][ T9111] bridge_slave_1: entered allmulticast mode
[  217.138569][ T9111] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  217.194058][   T35] smc: removing ib device syz1
[  217.216530][ T9135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1203'.
[  217.240808][ T9135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1203'.
[  217.559840][ T9143] ip6t_REJECT: ECHOREPLY is not supported
[  217.962285][ T9114] rdma_rxe: rxe_newlink: failed to add syzkaller0
[  217.994638][ T9157] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1208'.
[  218.247723][ T9165] FAULT_INJECTION: forcing a failure.
[  218.247723][ T9165] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  218.339775][ T9165] CPU: 0 PID: 9165 Comm: syz.4.1212 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  218.352848][ T9165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  218.364612][ T9165] Call Trace:
[  218.368903][ T9165]  <TASK>
[  218.372305][ T9165]  dump_stack_lvl+0x241/0x360
[  218.378748][ T9165]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.385906][ T9165]  ? __pfx__printk+0x10/0x10
[  218.390678][ T9165]  should_fail_ex+0x3b0/0x4e0
[  218.396816][ T9165]  prepare_alloc_pages+0x1da/0x5d0
[  218.402372][ T9165]  __alloc_pages_noprof+0x166/0x6c0
[  218.408230][ T9165]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  218.414832][ T9165]  alloc_pages_mpol_noprof+0x3e8/0x680
[  218.422803][ T9165]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  218.432432][ T9165]  ? alloc_pages_noprof+0xef/0x170
[  218.440162][ T9165]  get_free_pages_noprof+0xc/0x30
[  218.447375][ T9165]  kasan_populate_vmalloc_pte+0x38/0xe0
[  218.454480][ T9165]  __apply_to_page_range+0x8a8/0xe50
[  218.462141][ T9165]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  218.470354][ T9165]  ? __pfx___apply_to_page_range+0x10/0x10
[  218.478460][ T9165]  ? do_raw_spin_unlock+0x13c/0x8b0
[  218.484823][ T9165]  ? kmem_cache_alloc_node_noprof+0x1c4/0x320
[  218.492229][ T9165]  alloc_vmap_area+0x1d41/0x23e0
[  218.499381][ T9165]  ? __pfx_alloc_vmap_area+0x10/0x10
[  218.505439][ T9165]  ? __kasan_kmalloc+0x98/0xb0
[  218.510397][ T9165]  ? kmalloc_node_trace_noprof+0x1d3/0x300
[  218.517057][ T9165]  ? __get_vm_area_node+0x113/0x270
[  218.522827][ T9165]  ? array_map_alloc+0x285/0x720
[  218.528833][ T9165]  __get_vm_area_node+0x1a9/0x270
[  218.534986][ T9165]  __vmalloc_node_range_noprof+0x3bc/0x1460
[  218.543373][ T9165]  ? array_map_alloc+0x285/0x720
[  218.549279][ T9165]  ? mark_lock+0x9a/0x350
[  218.555636][ T9165]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  218.562909][ T9165]  ? apparmor_capable+0x138/0x1b0
[  218.568433][ T9165]  ? bpf_lsm_capable+0x9/0x10
[  218.574438][ T9165]  ? security_capable+0x90/0xb0
[  218.579974][ T9165]  bpf_map_area_alloc+0xfc/0x120
[  218.584975][ T9165]  ? array_map_alloc+0x285/0x720
[  218.590179][ T9165]  array_map_alloc+0x285/0x720
[  218.595461][ T9165]  ? __lock_acquire+0x1f91/0x1fd0
[  218.606027][ T9165]  map_create+0x90c/0x1200
[  218.611402][ T9165]  ? security_bpf+0x87/0xb0
[  218.616691][ T9165]  __sys_bpf+0x6d1/0x810
[  218.621312][ T9165]  ? __pfx___sys_bpf+0x10/0x10
[  218.626299][ T9165]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  218.632953][ T9165]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  218.642583][ T9165]  ? do_syscall_64+0x100/0x230
[  218.647791][ T9165]  __x64_sys_bpf+0x7c/0x90
[  218.657931][ T9165]  do_syscall_64+0xf3/0x230
[  218.664413][ T9165]  ? clear_bhb_loop+0x35/0x90
[  218.669859][ T9165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.676118][ T9165] RIP: 0033:0x7fd803f75a19
[  218.681111][ T9165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.702856][ T9165] RSP: 002b:00007fd804d54048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  218.711817][ T9165] RAX: ffffffffffffffda RBX: 00007fd804104038 RCX: 00007fd803f75a19
[  218.721822][ T9165] RDX: 0000000000000048 RSI: 0000000020000000 RDI: 0000000000000000
[  218.730789][ T9165] RBP: 00007fd804d540a0 R08: 0000000000000000 R09: 0000000000000000
[  218.741276][ T9165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  218.749929][ T9165] R13: 000000000000006e R14: 00007fd804104038 R15: 00007ffed85b4808
[  218.760957][ T9165]  </TASK>
[  219.041529][ T9181] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1218'.
[  219.123418][ T9185] ip6t_REJECT: ECHOREPLY is not supported
[  219.188060][ T9190] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1220'.
[  219.301431][ T9194] FAULT_INJECTION: forcing a failure.
[  219.301431][ T9194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.359953][ T9194] CPU: 0 PID: 9194 Comm: syz.3.1222 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  219.372196][ T9194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  219.388548][ T9194] Call Trace:
[  219.391996][ T9194]  <TASK>
[  219.397110][ T9194]  dump_stack_lvl+0x241/0x360
[  219.402732][ T9194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.410300][ T9194]  ? __pfx__printk+0x10/0x10
[  219.416991][ T9194]  ? __pfx_lock_release+0x10/0x10
[  219.424069][ T9194]  should_fail_ex+0x3b0/0x4e0
[  219.429107][ T9194]  _copy_from_user+0x2f/0xe0
[  219.435656][ T9194]  csum_and_copy_from_iter_full+0x1fe/0x1df0
[  219.442589][ T9194]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[  219.450554][ T9194]  ? trace_kmalloc+0x1f/0xd0
[  219.455668][ T9194]  ? kmalloc_node_track_caller_noprof+0x242/0x440
[  219.462830][ T9194]  ? __build_skb_around+0x245/0x3d0
[  219.468386][ T9194]  ip_generic_getfrag+0x158/0x310
[  219.474452][ T9194]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  219.480915][ T9194]  ? raw6_getfrag+0x104/0x350
[  219.486680][ T9194]  ? skb_put+0x114/0x1f0
[  219.491890][ T9194]  __ip6_append_data+0x3047/0x4070
[  219.499084][ T9194]  ? __pfx_raw6_getfrag+0x10/0x10
[  219.506734][ T9194]  ? __pfx___ip6_append_data+0x10/0x10
[  219.513017][ T9194]  ? ip6_setup_cork+0x9fd/0xfb0
[  219.520014][ T9194]  ip6_append_data+0x264/0x3a0
[  219.526180][ T9194]  ? __pfx_raw6_getfrag+0x10/0x10
[  219.532168][ T9194]  rawv6_sendmsg+0x18f1/0x23c0
[  219.537271][ T9194]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  219.542642][ T9194]  ? aa_sk_perm+0x967/0xab0
[  219.547933][ T9194]  ? __pfx_lock_release+0x10/0x10
[  219.554765][ T9194]  ? inet_sendmsg+0x330/0x390
[  219.559936][ T9194]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  219.566814][ T9194]  ? security_socket_sendmsg+0x87/0xb0
[  219.572675][ T9194]  __sock_sendmsg+0x1a6/0x270
[  219.579242][ T9194]  sock_write_iter+0x2dd/0x400
[  219.584686][ T9194]  ? __pfx_sock_write_iter+0x10/0x10
[  219.592152][ T9194]  do_iter_readv_writev+0x5a4/0x800
[  219.598039][ T9194]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  219.604161][ T9194]  ? bpf_lsm_file_permission+0x9/0x10
[  219.610093][ T9194]  ? security_file_permission+0x7f/0xa0
[  219.616749][ T9194]  ? rw_verify_area+0x1d2/0x6b0
[  219.623194][ T9194]  vfs_writev+0x37c/0xbb0
[  219.628377][ T9194]  ? __pfx_lock_acquire+0x10/0x10
[  219.634693][ T9194]  ? __pfx_vfs_writev+0x10/0x10
[  219.641010][ T9194]  ? vfs_write+0x7c4/0xc90
[  219.646970][ T9194]  ? __fget_files+0x29/0x470
[  219.653108][ T9194]  do_writev+0x1b1/0x350
[  219.658900][ T9194]  ? __pfx_do_writev+0x10/0x10
[  219.663976][ T9194]  ? do_syscall_64+0x100/0x230
[  219.669390][ T9194]  ? do_syscall_64+0xb6/0x230
[  219.678329][ T9194]  do_syscall_64+0xf3/0x230
[  219.686371][ T9194]  ? clear_bhb_loop+0x35/0x90
[  219.692235][ T9194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.700818][ T9194] RIP: 0033:0x7fed9fd75a19
[  219.707149][ T9194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.734381][ T9194] RSP: 002b:00007feda0a9b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  219.745501][ T9194] RAX: ffffffffffffffda RBX: 00007fed9ff03f60 RCX: 00007fed9fd75a19
[  219.755863][ T9194] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[  219.767180][ T9194] RBP: 00007feda0a9b0a0 R08: 0000000000000000 R09: 0000000000000000
[  219.776483][ T9194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  219.786142][ T9194] R13: 000000000000000b R14: 00007fed9ff03f60 R15: 00007fff218fbec8
[  219.795628][ T9194]  </TASK>
[  219.931947][ T9199] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1225'.
[  220.109145][ T9203] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1227'.
[  220.128287][ T9203] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1227'.
[  220.148851][ T9203] netlink: 'syz.3.1227': attribute type 5 has an invalid length.
[  220.166042][ T9203] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1227'.
[  220.213268][ T9209] tipc: Started in network mode
[  220.287185][ T9209] tipc: Node identity 9a22289eacfd, cluster identity 4711
[  220.305957][ T9209] tipc: Enabled bearer <eth:xfrm0>, priority 0
[  220.820104][ T9225] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1233'.
[  220.897303][ T9225] vxcan5: entered promiscuous mode
[  220.972115][ T9231] ip6t_REJECT: ECHOREPLY is not supported
[  221.029363][ T9225] pim6reg1: entered promiscuous mode
[  221.041703][ T9225] pim6reg1: entered allmulticast mode
[  221.316086][ T5107] tipc: Node number set to 920594590
[  221.809514][ T9258] macsec1: entered promiscuous mode
[  221.821533][ T9263] netlink: 'syz.0.1245': attribute type 6 has an invalid length.
[  221.841900][ T9261] netlink: 'syz.3.1242': attribute type 8 has an invalid length.
[  221.854662][ T9258] macsec1: entered allmulticast mode
[  221.891070][ T9258] batadv0: entered allmulticast mode
[  221.992742][ T9270] ip6t_REJECT: ECHOREPLY is not supported
[  222.401679][ T9282] __nla_validate_parse: 5 callbacks suppressed
[  222.401715][ T9282] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1253'.
[  222.666434][ T9284] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1254'.
[  222.886197][ T9308] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1262'.
[  222.942247][ T9308] netlink: 'syz.2.1262': attribute type 4 has an invalid length.
[  223.020365][ T9309] ip6t_REJECT: ECHOREPLY is not supported
[  223.786138][ T9335] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1271'.
[  223.883679][ T9338] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1273'.
[  223.949173][ T9338] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1273'.
[  224.290705][ T9346] ip6t_REJECT: ECHOREPLY is not supported
[  224.647382][ T9372] netlink: 252 bytes leftover after parsing attributes in process `syz.0.1286'.
[  224.752668][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1286'.
[  225.166525][ T9394] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1290'.
[  225.337564][ T9396] tap0: tun_chr_ioctl cmd 1074025677
[  225.355797][ T9403] ip6t_REJECT: ECHOREPLY is not supported
[  225.376249][ T9402] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1293'.
[  225.386638][ T9396] tap0: linktype set to 780
[  225.406797][ T9402] netlink: 'syz.4.1293': attribute type 5 has an invalid length.
[  225.427550][ T9402] tipc: Enabled bearer <eth:xfrm0>, priority 0
[  225.992814][ T9423] tipc: Started in network mode
[  226.023381][ T9423] tipc: Node identity ac1414aa, cluster identity 4711
[  226.088847][ T9423] tipc: Enabled bearer <udp:syz2>, priority 10
[  226.292204][ T9438] netlink: 'syz.1.1303': attribute type 10 has an invalid length.
[  226.601391][ T9445] ip6t_REJECT: ECHOREPLY is not supported
[  226.660082][ T9448] vxcan6: entered promiscuous mode
[  226.669853][ T9448] vxcan6: entered allmulticast mode
[  226.945414][ T9456] vxcan3: entered promiscuous mode
[  226.988741][ T9461] FAULT_INJECTION: forcing a failure.
[  226.988741][ T9461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.038766][ T9461] CPU: 1 PID: 9461 Comm: syz.2.1313 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  227.052248][ T9461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  227.066888][ T9461] Call Trace:
[  227.073534][ T9461]  <TASK>
[  227.076787][ T9461]  dump_stack_lvl+0x241/0x360
[  227.082622][ T9461]  ? __pfx_dump_stack_lvl+0x10/0x10
[  227.088963][ T9461]  ? __pfx__printk+0x10/0x10
[  227.090967][   T57] tipc: Node number set to 2886997162
[  227.094733][ T9461]  ? __pfx_lock_release+0x10/0x10
[  227.094786][ T9461]  should_fail_ex+0x3b0/0x4e0
[  227.094828][ T9461]  _copy_to_user+0x2f/0xb0
[  227.129539][ T9461]  sk_getsockopt+0x2657/0x3890
[  227.135072][ T9461]  ? __pfx_sk_getsockopt+0x10/0x10
[  227.151802][ T9461]  ? __pfx___might_resched+0x10/0x10
[  227.158409][ T9461]  ? __lock_acquire+0x1346/0x1fd0
[  227.165885][ T9461]  ? __pfx_aa_sk_perm+0x10/0x10
[  227.172403][ T9461]  ? __pfx_lock_acquire+0x10/0x10
[  227.178894][ T9461]  ? aa_sock_opt_perm+0x79/0x120
[  227.188084][ T9461]  do_sock_getsockopt+0x270/0x850
[  227.193573][ T9461]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  227.202749][ T9461]  ? __fget_files+0x3f6/0x470
[  227.208120][ T9461]  __sys_getsockopt+0x271/0x330
[  227.214886][ T9461]  ? __pfx___sys_getsockopt+0x10/0x10
[  227.222015][ T9461]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  227.232228][ T9461]  ? do_syscall_64+0x100/0x230
[  227.239133][ T9461]  __x64_sys_getsockopt+0xb5/0xd0
[  227.248367][ T9461]  do_syscall_64+0xf3/0x230
[  227.253379][ T9461]  ? clear_bhb_loop+0x35/0x90
[  227.259836][ T9456] pim6reg1: entered promiscuous mode
[  227.260714][ T9461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.260773][ T9461] RIP: 0033:0x7f825c375a19
[  227.266904][ T9456] pim6reg1: entered allmulticast mode
[  227.273879][ T9461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.273910][ T9461] RSP: 002b:00007f825d0c7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  227.273936][ T9461] RAX: ffffffffffffffda RBX: 00007f825c503f60 RCX: 00007f825c375a19
[  227.273954][ T9461] RDX: 000000000000001c RSI: 0000000000000001 RDI: 0000000000000003
[  227.273968][ T9461] RBP: 00007f825d0c70a0 R08: 0000000020000080 R09: 0000000000000000
[  227.274002][ T9461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.274016][ T9461] R13: 000000000000000b R14: 00007f825c503f60 R15: 00007ffd2da2e858
[  227.274051][ T9461]  </TASK>
[  227.664007][ T9479] netlink: 'syz.0.1316': attribute type 1 has an invalid length.
[  227.760793][ T9479] __nla_validate_parse: 6 callbacks suppressed
[  227.760818][ T9479] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1316'.
[  227.983601][ T9494] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1318'.
[  228.160838][ T9498] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1320'.
[  228.257394][ T9498] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1320'.
[  228.298065][ T9498] netlink: 'syz.0.1320': attribute type 5 has an invalid length.
[  228.333573][ T9498] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1320'.
[  228.353587][ T9501] ip6t_REJECT: ECHOREPLY is not supported
[  228.368805][ T9504] tipc: Enabled bearer <eth:xfrm0>, priority 0
[  228.745812][ T9514] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1326'.
[  228.909116][ T9529] netlink: 'syz.3.1327': attribute type 4 has an invalid length.
[  228.966305][ T9530] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  229.386965][ T9537] tipc: Enabled bearer <udp:syz2>, priority 10
[  229.477761][ T9537] netlink: 'syz.3.1331': attribute type 1 has an invalid length.
[  229.532927][ T9537] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1331'.
[  229.562303][ T9537] netlink: 'syz.3.1331': attribute type 2 has an invalid length.
[  229.615443][ T9541] ip6t_REJECT: ECHOREPLY is not supported
[  229.922021][ T9559] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1339'.
[  229.937394][ T9557] netlink: 'syz.1.1338': attribute type 1 has an invalid length.
[  229.979510][ T9557] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1338'.
[  230.190840][ T9571] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1344'.
[  230.253798][ T9571] macsec2: entered allmulticast mode
[  230.280102][ T9576] netlink: 'syz.3.1344': attribute type 1 has an invalid length.
[  230.662353][ T9590] ip6t_REJECT: ECHOREPLY is not supported
[  231.445906][ T9628] ip6t_REJECT: ECHOREPLY is not supported
[  231.684883][ T9644] FAULT_INJECTION: forcing a failure.
[  231.684883][ T9644] name failslab, interval 1, probability 0, space 0, times 0
[  231.728968][ T9644] CPU: 0 PID: 9644 Comm: syz.0.1370 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  231.744123][ T9644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  231.755672][ T9644] Call Trace:
[  231.762639][ T9644]  <TASK>
[  231.767889][ T9644]  dump_stack_lvl+0x241/0x360
[  231.774083][ T9644]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.782513][ T9644]  ? __pfx__printk+0x10/0x10
[  231.788998][ T9644]  ? __pfx___might_resched+0x10/0x10
[  231.795857][ T9644]  should_fail_ex+0x3b0/0x4e0
[  231.801208][ T9644]  should_failslab+0x9/0x20
[  231.806408][ T9644]  __kmalloc_node_noprof+0xdf/0x440
[  231.811942][ T9644]  ? __vmalloc_node_range_noprof+0x5dd/0x1460
[  231.819050][ T9644]  __vmalloc_node_range_noprof+0x5dd/0x1460
[  231.826084][ T9644]  ? mark_lock+0x9a/0x350
[  231.831747][ T9644]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  231.840855][ T9644]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.848465][ T9644]  __vmalloc_noprof+0x79/0x90
[  231.855322][ T9644]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.862271][ T9644]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  231.869787][ T9644]  ? bpf_prog_alloc+0x28/0x1b0
[  231.876084][ T9644]  bpf_prog_alloc+0x3a/0x1b0
[  231.880989][ T9644]  bpf_prog_load+0x7f7/0x20f0
[  231.889337][ T9644]  ? __pfx_bpf_prog_load+0x10/0x10
[  231.907433][ T9644]  ? __pfx___might_resched+0x10/0x10
[  231.914533][ T9644]  ? __might_fault+0xc6/0x120
[  231.929388][ T9644]  ? bpf_lsm_bpf+0x9/0x10
[  231.934602][ T9644]  ? security_bpf+0x87/0xb0
[  231.941310][ T9644]  __sys_bpf+0x4ee/0x810
[  231.948682][ T9644]  ? __pfx___sys_bpf+0x10/0x10
[  231.954052][ T9644]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  231.960916][ T9644]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  231.969605][ T9644]  ? do_syscall_64+0x100/0x230
[  231.974652][ T9644]  __x64_sys_bpf+0x7c/0x90
[  231.988408][ T9644]  do_syscall_64+0xf3/0x230
[  231.994985][ T9644]  ? clear_bhb_loop+0x35/0x90
[  232.010653][ T9644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.024342][ T9644] RIP: 0033:0x7f0599d75a19
[  232.029656][ T9644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.064568][ T9644] RSP: 002b:00007f05997ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  232.076099][ T9644] RAX: ffffffffffffffda RBX: 00007f0599f03f60 RCX: 00007f0599d75a19
[  232.087439][ T9644] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  232.098062][ T9644] RBP: 00007f05997ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  232.116389][ T9644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.126767][ T9644] R13: 000000000000000b R14: 00007f0599f03f60 R15: 00007ffef41f3048
[  232.140657][ T9644]  </TASK>
[  232.151434][ T9644] syz.0.1370: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  232.172083][ T9644] CPU: 1 PID: 9644 Comm: syz.0.1370 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  232.186452][ T9644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  232.197224][ T9644] Call Trace:
[  232.201341][ T9644]  <TASK>
[  232.204736][ T9644]  dump_stack_lvl+0x241/0x360
[  232.214358][ T9644]  ? __pfx_dump_stack_lvl+0x10/0x10
[  232.220935][ T9644]  ? __pfx__printk+0x10/0x10
[  232.225731][ T9644]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  232.233196][ T9644]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  232.244747][ T9644]  warn_alloc+0x278/0x410
[  232.250289][ T9644]  ? __pfx___might_resched+0x10/0x10
[  232.255978][ T9644]  ? __pfx_warn_alloc+0x10/0x10
[  232.261084][ T9644]  ? rcu_is_watching+0x15/0xb0
[  232.266480][ T9644]  ? trace_kmalloc+0x1f/0xd0
[  232.272207][ T9644]  ? __vmalloc_node_range_noprof+0x5dd/0x1460
[  232.282250][ T9644]  __vmalloc_node_range_noprof+0x69f/0x1460
[  232.289125][ T9644]  ? mark_lock+0x9a/0x350
[  232.295590][ T9644]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  232.311447][ T9644]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  232.327671][ T9644]  __vmalloc_noprof+0x79/0x90
[  232.334087][ T9644]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  232.343244][ T9644]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  232.350713][ T9644]  ? bpf_prog_alloc+0x28/0x1b0
[  232.360845][ T9644]  bpf_prog_alloc+0x3a/0x1b0
[  232.367796][ T9644]  bpf_prog_load+0x7f7/0x20f0
[  232.374633][ T9644]  ? __pfx_bpf_prog_load+0x10/0x10
[  232.390845][ T9644]  ? __pfx___might_resched+0x10/0x10
[  232.402552][ T9644]  ? __might_fault+0xc6/0x120
[  232.408275][ T9644]  ? bpf_lsm_bpf+0x9/0x10
[  232.414294][ T9644]  ? security_bpf+0x87/0xb0
[  232.422898][ T9644]  __sys_bpf+0x4ee/0x810
[  232.430245][ T9644]  ? __pfx___sys_bpf+0x10/0x10
[  232.435983][ T9644]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  232.448949][ T9644]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  232.461611][ T9644]  ? do_syscall_64+0x100/0x230
[  232.468861][ T9644]  __x64_sys_bpf+0x7c/0x90
[  232.475657][ T9644]  do_syscall_64+0xf3/0x230
[  232.481182][ T9644]  ? clear_bhb_loop+0x35/0x90
[  232.488218][ T9644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.497920][ T9644] RIP: 0033:0x7f0599d75a19
[  232.502627][ T9644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.536965][ T9644] RSP: 002b:00007f05997ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  232.546458][ T9644] RAX: ffffffffffffffda RBX: 00007f0599f03f60 RCX: 00007f0599d75a19
[  232.556884][ T9644] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  232.568282][ T9644] RBP: 00007f05997ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  232.577619][ T9644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.588869][ T9644] R13: 000000000000000b R14: 00007f0599f03f60 R15: 00007ffef41f3048
[  232.598827][ T9644]  </TASK>
[  232.792622][ T9650] FAULT_INJECTION: forcing a failure.
[  232.792622][ T9650] name failslab, interval 1, probability 0, space 0, times 0
[  232.804840][ T9644] Mem-Info:
[  232.853484][ T9650] CPU: 0 PID: 9650 Comm: syz.3.1372 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  232.859453][ T9644] active_anon:3619 inactive_anon:0 isolated_anon:0
[  232.859453][ T9644]  active_file:1919 inactive_file:38194 isolated_file:0
[  232.859453][ T9644]  unevictable:768 dirty:302 writeback:0
[  232.859453][ T9644]  slab_reclaimable:9225 slab_unreclaimable:97477
[  232.859453][ T9644]  mapped:13571 shmem:1284 pagetables:697
[  232.859453][ T9644]  sec_pagetables:0 bounce:0
[  232.859453][ T9644]  kernel_misc_reclaimable:0
[  232.859453][ T9644]  free:1402269 free_pcp:831 free_cma:0
[  232.870407][ T9650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  232.870464][ T9650] Call Trace:
[  232.870478][ T9650]  <TASK>
[  232.870490][ T9650]  dump_stack_lvl+0x241/0x360
[  232.870536][ T9650]  ? __pfx_dump_stack_lvl+0x10/0x10
[  232.870573][ T9650]  ? __pfx__printk+0x10/0x10
[  232.870612][ T9650]  ? __lock_acquire+0x1346/0x1fd0
[  232.870643][ T9650]  should_fail_ex+0x3b0/0x4e0
[  232.870679][ T9650]  ? __alloc_skb+0x1c3/0x440
[  232.870711][ T9650]  should_failslab+0x9/0x20
[  232.870744][ T9650]  kmem_cache_alloc_node_noprof+0x71/0x320
[  232.870788][ T9650]  __alloc_skb+0x1c3/0x440
[  232.870821][ T9650]  ? __pfx___alloc_skb+0x10/0x10
[  232.870849][ T9650]  ? km_report+0x180/0x240
[  233.068649][ T9650]  ? __pfx_lock_release+0x10/0x10
[  233.078254][ T9650]  xfrm_alloc_compat+0x1b6/0x1680
[  233.086218][ T9650]  ? xfrm_get_translator+0x19/0x240
[  233.095706][ T9650]  dump_one_state+0x282/0x3f0
[  233.106135][ T9650]  xfrm_alloc_userspi+0x91d/0xdf0
[  233.115731][ T9650]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  233.123948][ T9650]  ? __nla_parse+0x40/0x60
[  233.129273][ T9650]  xfrm_user_rcv_msg+0x75d/0xa80
[  233.135789][ T9650]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  233.141853][ T9650]  ? __mutex_trylock_common+0x183/0x2e0
[  233.148458][ T9650]  ? __pfx___might_resched+0x10/0x10
[  233.156154][ T9650]  netlink_rcv_skb+0x1e3/0x430
[  233.161251][ T9650]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  233.166955][ T9650]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  233.177820][ T9650]  xfrm_netlink_rcv+0x79/0x90
[  233.188986][ T9650]  netlink_unicast+0x7ea/0x980
[  233.194206][ T9650]  ? __pfx_netlink_unicast+0x10/0x10
[  233.200754][ T9650]  ? __virt_addr_valid+0x183/0x530
[  233.207203][ T9650]  ? __check_object_size+0x49c/0x900
[  233.212883][ T9650]  ? bpf_lsm_netlink_send+0x9/0x10
[  233.218838][ T9650]  netlink_sendmsg+0x8db/0xcb0
[  233.224347][ T9650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.231089][ T9650]  ? __import_iovec+0x536/0x820
[  233.241039][ T9650]  ? aa_sock_msg_perm+0x91/0x160
[  233.246275][ T9650]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  233.252075][ T9650]  ? security_socket_sendmsg+0x87/0xb0
[  233.259798][ T9650]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.265216][ T9650]  __sock_sendmsg+0x221/0x270
[  233.274318][ T9650]  ____sys_sendmsg+0x525/0x7d0
[  233.284498][ T9650]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.291086][ T9650]  __sys_sendmsg+0x2b0/0x3a0
[  233.296868][ T9650]  ? __pfx___sys_sendmsg+0x10/0x10
[  233.302395][ T9650]  ? vfs_write+0x7c4/0xc90
[  233.308560][ T9650]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  233.316088][ T9650]  ? do_syscall_64+0x100/0x230
[  233.321958][ T9650]  ? do_syscall_64+0xb6/0x230
[  233.328391][ T9650]  do_syscall_64+0xf3/0x230
[  233.334537][ T9650]  ? clear_bhb_loop+0x35/0x90
[  233.345472][ T9650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.352291][ T9650] RIP: 0033:0x7fed9fd75a19
[  233.360749][ T9650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.386666][ T9650] RSP: 002b:00007feda0a9b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.399127][ T9650] RAX: ffffffffffffffda RBX: 00007fed9ff03f60 RCX: 00007fed9fd75a19
[  233.408136][ T9650] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000003
[  233.422262][ T9650] RBP: 00007feda0a9b0a0 R08: 0000000000000000 R09: 0000000000000000
[  233.433635][ T9650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  233.443822][ T9650] R13: 000000000000000b R14: 00007fed9ff03f60 R15: 00007fff218fbec8
[  233.453092][ T9650]  </TASK>
[  233.474292][ T9644] Node 0 active_anon:14512kB inactive_anon:0kB active_file:7676kB inactive_file:152696kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:54324kB dirty:1208kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10184kB pagetables:2788kB sec_pagetables:0kB all_unreclaimable? no
[  233.539179][ T9644] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  233.613187][ T9644] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  233.671208][ T9644] lowmem_reserve[]: 0 2571 2571 0 0
[  233.678987][ T9644] Node 0 DMA32 free:1651052kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:14472kB inactive_anon:0kB active_file:7676kB inactive_file:152384kB unevictable:1536kB writepending:1208kB present:3129332kB managed:2659864kB mlocked:0kB bounce:0kB free_pcp:1524kB local_pcp:612kB free_cma:0kB
[  233.789471][ T9644] lowmem_reserve[]: 0 0 0 0 0
[  233.837005][ T9644] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:312kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  233.892239][ T9664] __nla_validate_parse: 4 callbacks suppressed
[  233.892266][ T9664] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1378'.
[  233.917693][ T9644] lowmem_reserve[]: 0 0 0 0 0
[  233.934029][ T9644] Node 1 Normal free:3945608kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB
[  233.948060][ T9671] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.1382'.
[  234.029920][ T9644] lowmem_reserve[]: 0 0 0 0 0
[  234.038606][ T9644] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  234.077417][ T9672] ip6t_REJECT: ECHOREPLY is not supported
[  234.087415][ T9644] Node 0 DMA32: 139*4kB (UME) 247*8kB (UME) 174*16kB (UME) 294*32kB (UM) 287*64kB (UME) 156*128kB (UME) 82*256kB (UM) 47*512kB (UME) 14*1024kB (UM) 6*2048kB (UME) 372*4096kB (M) = 1648452kB
[  234.168115][ T9644] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  234.173319][ T9680] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  234.245460][ T9644] Node 1 Normal: 0*4kB 1*8kB (U) 0*16kB 2*32kB (U) 5*64kB (UM) 4*128kB (U) 5*256kB (UM) 4*512kB (UM) 1*1024kB (U) 2*2048kB (U) 961*4096kB (M) = 3945608kB
[  234.322807][ T9644] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  234.371480][ T9644] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  234.408509][ T9644] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  234.446108][ T9644] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  234.479958][ T9644] 41369 total pagecache pages
[  234.484886][ T9644] 0 pages in swap cache
[  234.497439][ T9644] Free swap  = 124996kB
[  234.517826][ T9644] Total swap = 124996kB
[  234.527760][ T9644] 2097051 pages RAM
[  234.534187][ T9690] FAULT_INJECTION: forcing a failure.
[  234.534187][ T9690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.559975][ T9644] 0 pages HighMem/MovableOnly
[  234.574057][ T9644] 400875 pages reserved
[  234.582829][ T9690] CPU: 0 PID: 9690 Comm: syz.1.1386 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  234.595930][ T9690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  234.606555][ T9690] Call Trace:
[  234.610456][ T9690]  <TASK>
[  234.614036][ T9690]  dump_stack_lvl+0x241/0x360
[  234.620271][ T9690]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.627049][ T9690]  ? __pfx__printk+0x10/0x10
[  234.632680][ T9690]  ? snprintf+0xda/0x120
[  234.637691][ T9690]  should_fail_ex+0x3b0/0x4e0
[  234.648879][ T9690]  _copy_to_user+0x2f/0xb0
[  234.655220][ T9690]  simple_read_from_buffer+0xca/0x150
[  234.664542][ T9690]  proc_fail_nth_read+0x1e9/0x250
[  234.669932][ T9690]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.675849][ T9690]  ? rw_verify_area+0x520/0x6b0
[  234.681570][ T9690]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.687755][ T9690]  vfs_read+0x204/0xbc0
[  234.692593][ T9690]  ? __pfx_lock_release+0x10/0x10
[  234.698873][ T9690]  ? __pfx_vfs_read+0x10/0x10
[  234.701388][ T9696] netlink: 'syz.3.1387': attribute type 30 has an invalid length.
[  234.706631][ T9690]  ? __fget_files+0x29/0x470
[  234.706713][ T9690]  ? __fget_files+0x3f6/0x470
[  234.706757][ T9690]  ksys_read+0x1a0/0x2c0
[  234.706792][ T9690]  ? __pfx_ksys_read+0x10/0x10
[  234.706819][ T9690]  ? do_syscall_64+0x100/0x230
[  234.706843][ T9690]  ? do_syscall_64+0xb6/0x230
[  234.706867][ T9690]  do_syscall_64+0xf3/0x230
[  234.706889][ T9690]  ? clear_bhb_loop+0x35/0x90
[  234.772968][ T9690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.779543][ T9690] RIP: 0033:0x7f78d1f744fc
[  234.784115][ T9690] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  234.803395][ T9644] 0 pages cma reserved
[  234.810766][ T9690] RSP: 002b:00007f78d2ddf040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  234.810806][ T9690] RAX: ffffffffffffffda RBX: 00007f78d2103f60 RCX: 00007f78d1f744fc
[  234.810823][ T9690] RDX: 000000000000000f RSI: 00007f78d2ddf0b0 RDI: 0000000000000004
[  234.810840][ T9690] RBP: 00007f78d2ddf0a0 R08: 0000000000000000 R09: 0000000000000000
[  234.810855][ T9690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  234.810870][ T9690] R13: 000000000000000b R14: 00007f78d2103f60 R15: 00007ffe640afea8
[  234.810904][ T9690]  </TASK>
[  235.128613][ T9710] ip6t_REJECT: ECHOREPLY is not supported
[  235.226635][ T9714] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1395'.
[  235.235058][ T9718] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.1396'.
[  235.480566][ T9727] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1399'.
[  235.648014][ T9741] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.980972][ T9755] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1407'.
[  236.029999][ T9753] ip6t_REJECT: ECHOREPLY is not supported
[  236.034522][ T9758] ip6t_REJECT: ECHOREPLY is not supported
[  236.364574][ T9775] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.407366][ T9774] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.1414'.
[  236.437746][ T9769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.490991][ T9778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.525439][ T9778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.917475][ T9798] ip6t_REJECT: ECHOREPLY is not supported
[  237.905943][ T9856] ip6t_REJECT: ECHOREPLY is not supported
[  237.971327][ T9857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.005644][ T9857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.096741][ T9858] ip6t_REJECT: ECHOREPLY is not supported
[  238.168774][ T9862] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1441'.
[  238.455234][ T9873] netlink: 'syz.2.1444': attribute type 29 has an invalid length.
[  238.475944][ T9873] netlink: 'syz.2.1444': attribute type 29 has an invalid length.
[  238.508615][ T9877] netlink: 'syz.2.1444': attribute type 29 has an invalid length.
[  238.546537][ T9878] IPVS: set_ctl: invalid protocol: 92 172.30.8.2:20003
[  238.590574][ T9878] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1445'.
[  238.676802][ T9880] sctp: [Deprecated]: syz.4.1446 (pid 9880) Use of struct sctp_assoc_value in delayed_ack socket option.
[  238.676802][ T9880] Use struct sctp_sack_info instead
[  238.768789][ T9879] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1446'.
[  238.880707][ T9892] ip6t_REJECT: ECHOREPLY is not supported
[  238.910492][ T9893] ip6t_REJECT: ECHOREPLY is not supported
[  239.114426][ T9900] sctp: [Deprecated]: syz.0.1453 (pid 9900) Use of int in max_burst socket option.
[  239.114426][ T9900] Use struct sctp_assoc_value instead
[  239.306368][ T9909] netlink: 202920 bytes leftover after parsing attributes in process `syz.1.1455'.
[  239.584749][ T9914] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1457'.
[  239.677120][ T9917] FAULT_INJECTION: forcing a failure.
[  239.677120][ T9917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.720428][ T9917] CPU: 1 PID: 9917 Comm: syz.2.1458 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  239.734352][ T9917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  239.750753][ T9917] Call Trace:
[  239.755142][ T9917]  <TASK>
[  239.758398][ T9917]  dump_stack_lvl+0x241/0x360
[  239.763461][ T9917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.769715][ T9917]  ? __pfx__printk+0x10/0x10
[  239.775677][ T9917]  ? __pfx_lock_release+0x10/0x10
[  239.783646][ T9917]  should_fail_ex+0x3b0/0x4e0
[  239.791636][ T9917]  _copy_from_iter+0x1f6/0x1960
[  239.798507][ T9917]  ? __virt_addr_valid+0x183/0x530
[  239.807106][ T9917]  ? skb_set_owner_w+0x238/0x3e0
[  239.815359][ T9917]  ? __pfx__copy_from_iter+0x10/0x10
[  239.823297][ T9917]  ? __pfx__copy_from_iter+0x10/0x10
[  239.829626][ T9917]  ? page_copy_sane+0x154/0x260
[  239.837720][ T9917]  copy_page_from_iter+0x7a/0x100
[  239.847740][ T9917]  skb_copy_datagram_from_iter+0x2d8/0x6c0
[  239.854192][ T9917]  tun_get_user+0xe9e/0x4560
[  239.859650][ T9917]  ? __pfx_tun_get_user+0x10/0x10
[  239.868151][ T9917]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  239.875326][ T9917]  ? tun_get+0x1e/0x2f0
[  239.881940][ T9917]  ? tun_get+0x1e/0x2f0
[  239.890632][ T9917]  ? tun_get+0x27d/0x2f0
[  239.897093][ T9917]  tun_chr_write_iter+0x113/0x1f0
[  239.904499][ T9917]  vfs_write+0xa72/0xc90
[  239.910030][ T9917]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  239.917267][ T9917]  ? __pfx_vfs_write+0x10/0x10
[  239.922565][ T9917]  ksys_write+0x1a0/0x2c0
[  239.929073][ T9917]  ? __pfx_ksys_write+0x10/0x10
[  239.935670][ T9917]  ? do_syscall_64+0x100/0x230
[  239.943766][ T9917]  ? do_syscall_64+0xb6/0x230
[  239.949488][ T9917]  do_syscall_64+0xf3/0x230
[  239.954708][ T9917]  ? clear_bhb_loop+0x35/0x90
[  239.963160][ T9917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.973713][ T9917] RIP: 0033:0x7f825c375a19
[  239.980116][ T9917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.002352][ T9917] RSP: 002b:00007f825d0c7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  240.014907][ T9917] RAX: ffffffffffffffda RBX: 00007f825c503f60 RCX: 00007f825c375a19
[  240.029824][ T9917] RDX: 000000000000fdef RSI: 00000000200003c0 RDI: 0000000000000003
[  240.043776][ T9917] RBP: 00007f825d0c70a0 R08: 0000000000000000 R09: 0000000000000000
[  240.055362][ T9917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  240.068467][ T9917] R13: 000000000000000b R14: 00007f825c503f60 R15: 00007ffd2da2e858
[  240.080049][ T9917]  </TASK>
[  240.187948][ T9924] ip6t_REJECT: ECHOREPLY is not supported
[  240.188047][ T9925] ip6t_REJECT: ECHOREPLY is not supported
[  240.484215][ T9932] netlink: 'syz.2.1465': attribute type 10 has an invalid length.
[  240.501537][ T9932] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1465'.
[  240.528952][ T9932] ipvlan1: entered promiscuous mode
[  240.556293][ T9932] ipvlan1: entered allmulticast mode
[  240.576434][ T9937] sctp: [Deprecated]: syz.1.1466 (pid 9937) Use of int in max_burst socket option.
[  240.576434][ T9937] Use struct sctp_assoc_value instead
[  240.589914][ T9932] veth0_vlan: entered allmulticast mode
[  240.681963][ T9932] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  240.760991][ T9935] netlink: 'syz.2.1465': attribute type 10 has an invalid length.
[  240.815815][ T9935] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1465'.
[  240.868412][ T9935] bond0: (slave batadv0): Releasing backup interface
[  240.892409][ T9935] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  240.935547][ T9938] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1467'.
[  241.097524][ T9948] sctp: [Deprecated]: syz.4.1468 (pid 9948) Use of struct sctp_assoc_value in delayed_ack socket option.
[  241.097524][ T9948] Use struct sctp_sack_info instead
[  241.202457][ T9948] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1468'.
[  241.290641][ T9953] ip6t_REJECT: ECHOREPLY is not supported
[  241.721524][ T9967] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  241.795810][ T9967] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.847254][ T9969] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.884081][ T9969] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.965277][ T9971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1478'.
[  242.109642][ T9982] sctp: [Deprecated]: syz.2.1480 (pid 9982) Use of int in max_burst socket option.
[  242.109642][ T9982] Use struct sctp_assoc_value instead
[  243.238140][T10007] ip6t_REJECT: ECHOREPLY is not supported
[  243.248044][T10011] sctp: [Deprecated]: syz.0.1487 (pid 10011) Use of struct sctp_assoc_value in delayed_ack socket option.
[  243.248044][T10011] Use struct sctp_sack_info instead
[  243.304094][T10011] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1487'.
[  243.569566][T10027] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1495'.
[  243.585382][T10026] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1494'.
[  243.716180][T10040] sctp: [Deprecated]: syz.1.1498 (pid 10040) Use of int in max_burst socket option.
[  243.716180][T10040] Use struct sctp_assoc_value instead
[  243.997130][T10050] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  244.167340][T10054] ip6t_REJECT: ECHOREPLY is not supported
[  244.715765][T10079] __nla_validate_parse: 1 callbacks suppressed
[  244.715792][T10079] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1507'.
[  244.855523][T10081] netlink: 4100 bytes leftover after parsing attributes in process `syz.1.1509'.
[  245.064820][T10087] sctp: [Deprecated]: syz.0.1511 (pid 10087) Use of struct sctp_assoc_value in delayed_ack socket option.
[  245.064820][T10087] Use struct sctp_sack_info instead
[  245.107533][T10092] FAULT_INJECTION: forcing a failure.
[  245.107533][T10092] name failslab, interval 1, probability 0, space 0, times 0
[  245.137164][T10087] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1511'.
[  245.161667][T10095] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1514'.
[  245.166240][T10092] CPU: 0 PID: 10092 Comm: syz.2.1513 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  245.182808][T10092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  245.193805][T10092] Call Trace:
[  245.197668][T10092]  <TASK>
[  245.201475][T10092]  dump_stack_lvl+0x241/0x360
[  245.208282][T10092]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.215437][T10092]  ? __pfx__printk+0x10/0x10
[  245.224041][T10092]  ? ref_tracker_alloc+0x332/0x490
[  245.230032][T10092]  should_fail_ex+0x3b0/0x4e0
[  245.235544][T10092]  ? skb_clone+0x20c/0x390
[  245.241590][T10096] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1514'.
[  245.241946][T10092]  should_failslab+0x9/0x20
[  245.260827][T10092]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  245.268207][T10092]  skb_clone+0x20c/0x390
[  245.273545][T10092]  __netlink_deliver_tap+0x3cc/0x7c0
[  245.280060][T10092]  ? netlink_deliver_tap+0x2e/0x1b0
[  245.286739][T10092]  netlink_deliver_tap+0x19d/0x1b0
[  245.293407][T10092]  netlink_unicast+0x7b8/0x980
[  245.300604][T10092]  ? __pfx_netlink_unicast+0x10/0x10
[  245.308111][T10092]  ? __virt_addr_valid+0x183/0x530
[  245.313451][T10092]  ? __check_object_size+0x49c/0x900
[  245.322796][T10092]  ? bpf_lsm_netlink_send+0x9/0x10
[  245.328751][T10092]  netlink_sendmsg+0x8db/0xcb0
[  245.334523][T10092]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.342401][T10092]  ? __import_iovec+0x536/0x820
[  245.348497][T10092]  ? aa_sock_msg_perm+0x91/0x160
[  245.355889][T10092]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  245.363225][T10092]  ? security_socket_sendmsg+0x87/0xb0
[  245.372302][T10092]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.381039][T10092]  __sock_sendmsg+0x221/0x270
[  245.388335][T10092]  ____sys_sendmsg+0x525/0x7d0
[  245.395272][T10092]  ? __pfx_____sys_sendmsg+0x10/0x10
[  245.403207][T10092]  __sys_sendmsg+0x2b0/0x3a0
[  245.408532][T10092]  ? __pfx___sys_sendmsg+0x10/0x10
[  245.417886][T10092]  ? vfs_write+0x7c4/0xc90
[  245.426669][T10092]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  245.434547][T10092]  ? do_syscall_64+0x100/0x230
[  245.440153][T10092]  ? do_syscall_64+0xb6/0x230
[  245.445413][T10092]  do_syscall_64+0xf3/0x230
[  245.450588][T10092]  ? clear_bhb_loop+0x35/0x90
[  245.456432][T10092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.464212][T10092] RIP: 0033:0x7f825c375a19
[  245.470359][T10092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.496125][T10092] RSP: 002b:00007f825d0c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.505949][T10092] RAX: ffffffffffffffda RBX: 00007f825c503f60 RCX: 00007f825c375a19
[  245.516209][T10092] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  245.527130][T10092] RBP: 00007f825d0c70a0 R08: 0000000000000000 R09: 0000000000000000
[  245.537461][T10092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.553167][T10092] R13: 000000000000000b R14: 00007f825c503f60 R15: 00007ffd2da2e858
[  245.565729][T10092]  </TASK>
[  245.774858][T10112] sctp: [Deprecated]: syz.3.1519 (pid 10112) Use of int in max_burst socket option.
[  245.774858][T10112] Use struct sctp_assoc_value instead
[  246.087031][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.140929][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.364144][T10139] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1527'.
[  246.397321][T10139] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1527'.
[  246.424706][T10139] sctp: [Deprecated]: syz.2.1527 (pid 10139) Use of struct sctp_assoc_value in delayed_ack socket option.
[  246.424706][T10139] Use struct sctp_sack_info instead
[  246.772197][T10156] netlink: 'syz.4.1533': attribute type 29 has an invalid length.
[  246.842911][T10156] netlink: 'syz.4.1533': attribute type 29 has an invalid length.
[  246.893140][T10161] netlink: 'syz.4.1533': attribute type 29 has an invalid length.
[  246.929005][T10162] netlink: 'syz.1.1536': attribute type 8 has an invalid length.
[  247.153994][T10170] FAULT_INJECTION: forcing a failure.
[  247.153994][T10170] name failslab, interval 1, probability 0, space 0, times 0
[  247.188536][T10170] CPU: 0 PID: 10170 Comm: syz.3.1539 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  247.205999][T10170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  247.219274][T10170] Call Trace:
[  247.223149][T10170]  <TASK>
[  247.226442][T10170]  dump_stack_lvl+0x241/0x360
[  247.236107][T10170]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.246852][T10170]  ? __pfx__printk+0x10/0x10
[  247.252533][T10170]  should_fail_ex+0x3b0/0x4e0
[  247.262889][T10170]  ? sctp_add_bind_addr+0x89/0x3a0
[  247.270933][T10170]  should_failslab+0x9/0x20
[  247.276747][T10170]  kmalloc_trace_noprof+0x6c/0x2c0
[  247.288317][T10170]  sctp_add_bind_addr+0x89/0x3a0
[  247.297001][T10170]  sctp_copy_local_addr_list+0x311/0x500
[  247.306311][T10170]  ? sctp_copy_local_addr_list+0xab/0x500
[  247.314369][T10170]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  247.324978][T10170]  ? sctp_v6_is_any+0x60/0x70
[  247.330344][T10170]  sctp_bind_addr_copy+0xad/0x3b0
[  247.338458][T10170]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  247.345564][T10170]  sctp_connect_new_asoc+0x2f3/0x6c0
[  247.354151][T10170]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  247.365841][T10170]  ? sctp_sendmsg+0xbb9/0x3520
[  247.372080][T10170]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  247.383391][T10170]  ? security_sctp_bind_connect+0x90/0xb0
[  247.391193][T10170]  sctp_sendmsg+0x219a/0x3520
[  247.396812][T10170]  ? __pfx_sctp_sendmsg+0x10/0x10
[  247.402163][T10170]  ? __pfx_aa_sk_perm+0x10/0x10
[  247.407188][T10170]  ? inet_sendmsg+0x330/0x390
[  247.412382][T10170]  __sock_sendmsg+0x1a6/0x270
[  247.422328][T10170]  __sys_sendto+0x3a4/0x4f0
[  247.431277][T10170]  ? __pfx___sys_sendto+0x10/0x10
[  247.438557][T10170]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  247.446903][T10170]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  247.460336][T10170]  __x64_sys_sendto+0xde/0x100
[  247.469681][T10170]  do_syscall_64+0xf3/0x230
[  247.476062][T10170]  ? clear_bhb_loop+0x35/0x90
[  247.481634][T10170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.490447][T10170] RIP: 0033:0x7fed9fd75a19
[  247.497232][T10170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.539683][T10170] RSP: 002b:00007feda0a9b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  247.552608][T10170] RAX: ffffffffffffffda RBX: 00007fed9ff03f60 RCX: 00007fed9fd75a19
[  247.565502][T10170] RDX: 000000000000fee4 RSI: 0000000020847fff RDI: 0000000000000003
[  247.574928][T10170] RBP: 00007feda0a9b0a0 R08: 000000002005ffe4 R09: 000000000000001c
[  247.590438][T10170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  247.602148][T10170] R13: 000000000000000b R14: 00007fed9ff03f60 R15: 00007fff218fbec8
[  247.612753][T10170]  </TASK>
[  247.895785][T10185] sctp: [Deprecated]: syz.4.1544 (pid 10185) Use of int in max_burst socket option.
[  247.895785][T10185] Use struct sctp_assoc_value instead
[  247.951730][T10187] syz_tun: entered promiscuous mode
[  247.998740][T10190] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  248.073843][T10182] syz_tun: left promiscuous mode
[  248.129268][T10195] netlink: 'syz.2.1548': attribute type 29 has an invalid length.
[  248.170580][T10195] netlink: 'syz.2.1548': attribute type 29 has an invalid length.
[  248.233071][T10200] netlink: 'syz.2.1548': attribute type 29 has an invalid length.
[  248.538739][T10209] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1550'.
[  249.076363][T10238] batadv0: entered promiscuous mode
[  249.307920][T10245] sctp: [Deprecated]: syz.1.1561 (pid 10245) Use of int in max_burst socket option.
[  249.307920][T10245] Use struct sctp_assoc_value instead
[  249.359856][T10247] netlink: 'syz.2.1562': attribute type 29 has an invalid length.
[  249.385150][T10247] netlink: 'syz.2.1562': attribute type 29 has an invalid length.
[  249.432252][T10254] netlink: 'syz.2.1562': attribute type 29 has an invalid length.
[  249.495737][T10249] delete_channel: no stack
[  249.663279][T10260] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  249.672393][T10260] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  250.042108][T10284] syz_tun: entered promiscuous mode
[  250.174543][T10286] ip6t_REJECT: ECHOREPLY is not supported
[  250.202748][T10282] syz_tun: left promiscuous mode
[  250.340369][T10298] sctp: [Deprecated]: syz.3.1579 (pid 10298) Use of int in max_burst socket option.
[  250.340369][T10298] Use struct sctp_assoc_value instead
[  250.905130][T10316] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1582'.
[  251.408408][T10331] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1587'.
[  251.463943][T10334] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1589'.
[  251.492715][    C1] Unknown status report in ack skb
[  251.635292][T10326] veth0_vlan: left promiscuous mode
[  251.893961][T10349] validate_nla: 3 callbacks suppressed
[  251.893987][T10349] netlink: 'syz.1.1592': attribute type 29 has an invalid length.
[  251.929597][T10347] syz_tun: entered promiscuous mode
[  251.960054][T10349] netlink: 'syz.1.1592': attribute type 29 has an invalid length.
[  251.980973][T10325] delete_channel: no stack
[  252.012717][T10354] netlink: 'syz.1.1592': attribute type 29 has an invalid length.
[  252.137417][T10345] syz_tun: left promiscuous mode
[  252.196876][T10361] sctp: [Deprecated]: syz.3.1595 (pid 10361) Use of int in max_burst socket option.
[  252.196876][T10361] Use struct sctp_assoc_value instead
[  253.097062][T10416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1611'.
[  253.375175][T10422] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1611'.
[  253.476007][T10416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1611'.
[  253.518232][T10431] sctp: [Deprecated]: syz.3.1614 (pid 10431) Use of int in max_burst socket option.
[  253.518232][T10431] Use struct sctp_assoc_value instead
[  253.682599][T10437] FAULT_INJECTION: forcing a failure.
[  253.682599][T10437] name failslab, interval 1, probability 0, space 0, times 0
[  253.718183][T10440] netlink: 'syz.0.1617': attribute type 10 has an invalid length.
[  253.750554][T10437] CPU: 0 PID: 10437 Comm: syz.2.1616 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  253.762444][T10437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  253.774534][T10437] Call Trace:
[  253.777351][T10440] team0: Device hsr_slave_0 failed to register rx_handler
[  253.779324][T10437]  <TASK>
[  253.779341][T10437]  dump_stack_lvl+0x241/0x360
[  253.797740][T10437]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.804240][T10437]  ? __pfx__printk+0x10/0x10
[  253.809766][T10437]  ? __pfx___might_resched+0x10/0x10
[  253.817291][T10437]  should_fail_ex+0x3b0/0x4e0
[  253.822914][T10437]  ? skb_clone+0x20c/0x390
[  253.828012][T10437]  should_failslab+0x9/0x20
[  253.833903][T10437]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  253.840339][T10437]  skb_clone+0x20c/0x390
[  253.846227][T10437]  nfnetlink_rcv+0x575/0x2a80
[  253.852247][T10437]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.859622][T10437]  ? __local_bh_enable_ip+0x168/0x200
[  253.866661][T10437]  ? __local_bh_enable_ip+0x168/0x200
[  253.873504][T10437]  ? __dev_queue_xmit+0x2d2/0x3d30
[  253.881415][T10437]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  253.890427][T10437]  ? __dev_queue_xmit+0x2d2/0x3d30
[  253.897536][T10437]  ? __dev_queue_xmit+0x16c9/0x3d30
[  253.904019][T10437]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  253.910197][T10437]  ? __dev_queue_xmit+0x2d2/0x3d30
[  253.916349][T10437]  ? ref_tracker_free+0x643/0x7e0
[  253.925979][T10437]  ? __asan_memcpy+0x40/0x70
[  253.931335][T10437]  ? __pfx_ref_tracker_free+0x10/0x10
[  253.939735][T10437]  ? netlink_deliver_tap+0x2e/0x1b0
[  253.945940][T10437]  ? skb_clone+0x240/0x390
[  253.950610][T10437]  ? __pfx_lock_release+0x10/0x10
[  253.956928][T10437]  ? __netlink_deliver_tap+0x77e/0x7c0
[  253.963927][T10437]  ? netlink_deliver_tap+0x2e/0x1b0
[  253.973972][T10437]  netlink_unicast+0x7ea/0x980
[  253.982621][T10437]  ? __pfx_netlink_unicast+0x10/0x10
[  253.988994][T10437]  ? __virt_addr_valid+0x183/0x530
[  253.995265][T10437]  ? __check_object_size+0x49c/0x900
[  254.001115][T10437]  ? bpf_lsm_netlink_send+0x9/0x10
[  254.007419][T10437]  netlink_sendmsg+0x8db/0xcb0
[  254.015174][T10437]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.022091][T10437]  ? __import_iovec+0x536/0x820
[  254.029069][T10437]  ? aa_sock_msg_perm+0x91/0x160
[  254.036716][T10437]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  254.043413][T10437]  ? security_socket_sendmsg+0x87/0xb0
[  254.051834][T10437]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.059950][T10437]  __sock_sendmsg+0x221/0x270
[  254.065428][T10437]  ____sys_sendmsg+0x525/0x7d0
[  254.070443][T10437]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.080434][T10437]  __sys_sendmsg+0x2b0/0x3a0
[  254.086479][T10437]  ? __pfx___sys_sendmsg+0x10/0x10
[  254.093396][T10437]  ? vfs_write+0x7c4/0xc90
[  254.100372][T10437]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  254.108852][T10437]  ? do_syscall_64+0x100/0x230
[  254.114364][T10437]  ? do_syscall_64+0xb6/0x230
[  254.121269][T10437]  do_syscall_64+0xf3/0x230
[  254.128925][T10437]  ? clear_bhb_loop+0x35/0x90
[  254.135008][T10437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.143248][T10437] RIP: 0033:0x7f825c375a19
[  254.149042][T10437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.175722][T10437] RSP: 002b:00007f825d0c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.189022][T10437] RAX: ffffffffffffffda RBX: 00007f825c503f60 RCX: 00007f825c375a19
[  254.199626][T10437] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  254.208432][T10437] RBP: 00007f825d0c70a0 R08: 0000000000000000 R09: 0000000000000000
[  254.217771][T10437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.230332][T10437] R13: 000000000000000b R14: 00007f825c503f60 R15: 00007ffd2da2e858
[  254.240236][T10437]  </TASK>
[  254.714580][T10459] FAULT_INJECTION: forcing a failure.
[  254.714580][T10459] name failslab, interval 1, probability 0, space 0, times 0
[  254.810200][T10459] CPU: 1 PID: 10459 Comm: syz.3.1623 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  254.823701][T10459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  254.835635][T10459] Call Trace:
[  254.839850][T10459]  <TASK>
[  254.847353][T10459]  dump_stack_lvl+0x241/0x360
[  254.853294][T10459]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.859225][T10459]  ? __pfx__printk+0x10/0x10
[  254.864929][T10459]  ? __pfx___might_resched+0x10/0x10
[  254.873020][T10459]  ? __lock_acquire+0x1346/0x1fd0
[  254.879550][T10459]  should_fail_ex+0x3b0/0x4e0
[  254.884657][T10459]  ? __d_alloc+0x31/0x700
[  254.890826][T10459]  should_failslab+0x9/0x20
[  254.898006][T10459]  kmem_cache_alloc_lru_noprof+0x71/0x2b0
[  254.909337][T10459]  __d_alloc+0x31/0x700
[  254.914467][T10459]  d_alloc_parallel+0xdf/0x1600
[  254.921820][T10459]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.929940][T10459]  ? __d_lookup+0x85/0x7e0
[  254.935314][T10459]  ? __d_lookup+0x85/0x7e0
[  254.942249][T10459]  ? __pfx_d_alloc_parallel+0x10/0x10
[  254.949185][T10459]  ? __d_lookup+0x727/0x7e0
[  254.956043][T10459]  path_openat+0x92f/0x35f0
[  254.961005][T10459]  ? __lock_acquire+0x1346/0x1fd0
[  254.966972][T10459]  ? __pfx_path_openat+0x10/0x10
[  254.973033][T10459]  do_filp_open+0x235/0x490
[  254.978895][T10459]  ? __pfx_do_filp_open+0x10/0x10
[  254.984625][T10459]  ? __pfx_kfree_link+0x10/0x10
[  254.992520][T10459]  ? _raw_spin_unlock+0x28/0x50
[  254.998583][T10459]  ? alloc_fd+0x5a1/0x640
[  255.005205][T10459]  do_sys_openat2+0x13e/0x1d0
[  255.012226][T10459]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  255.018703][T10459]  ? __pfx_do_sys_openat2+0x10/0x10
[  255.024206][T10459]  ? __fget_files+0x3f6/0x470
[  255.030727][T10459]  __x64_sys_openat+0x247/0x2a0
[  255.037673][T10459]  ? __pfx___x64_sys_openat+0x10/0x10
[  255.044429][T10459]  ? do_syscall_64+0x100/0x230
[  255.050211][T10459]  ? do_syscall_64+0xb6/0x230
[  255.055776][T10459]  do_syscall_64+0xf3/0x230
[  255.062730][T10459]  ? clear_bhb_loop+0x35/0x90
[  255.069506][T10459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.077488][T10459] RIP: 0033:0x7fed9fd74450
[  255.084658][T10459] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44
[  255.111357][T10459] RSP: 002b:00007feda0a9af70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  255.121491][T10459] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fed9fd74450
[  255.131860][T10459] RDX: 0000000000000000 RSI: 00007fed9fde3609 RDI: 00000000ffffff9c
[  255.142426][T10459] RBP: 00007fed9fde3609 R08: 0000000000000000 R09: 0000000000000000
[  255.155327][T10459] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  255.166786][T10459] R13: 000000000000000b R14: 00007fed9ff03f60 R15: 00007fff218fbec8
[  255.176481][T10459]  </TASK>
[  255.461272][T10486] sctp: [Deprecated]: syz.4.1631 (pid 10486) Use of int in max_burst socket option.
[  255.461272][T10486] Use struct sctp_assoc_value instead
[  256.063113][T10516] ieee802154 phy0 wpan0: encryption failed: -90
[  256.391019][T10530] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  256.567772][T10541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1646'.
[  256.631661][T10546] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1648'.
[  256.701717][T10549] netlink: 'syz.4.1650': attribute type 8 has an invalid length.
[  257.037895][T10566] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1654'.
[  257.259145][T10574] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1658'.
[  257.286618][T10574] bridge0: entered promiscuous mode
[  257.296316][T10574] macvtap1: entered promiscuous mode
[  257.302741][T10574] macvtap1: entered allmulticast mode
[  257.309063][T10574] bridge0: entered allmulticast mode
[  257.594434][T10588] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1661'.
[  257.666393][T10592] netlink: 'syz.1.1663': attribute type 1 has an invalid length.
[  257.758268][T10598] bond2: (slave gre1): The slave device specified does not support setting the MAC address
[  257.773863][T10598] bond2: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  257.789352][T10598] bond2: (slave gre1): making interface the new active one
[  257.799247][T10598] bond2: (slave gre1): Enslaving as an active interface with an up link
[  257.910276][T10604] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1667'.
[  258.026672][T10611] sctp: [Deprecated]: syz.2.1669 (pid 10611) Use of int in max_burst socket option.
[  258.026672][T10611] Use struct sctp_assoc_value instead
[  258.190658][T10625] sctp: [Deprecated]: syz.1.1671 (pid 10625) Use of int in max_burst socket option.
[  258.190658][T10625] Use struct sctp_assoc_value instead
[  258.564619][T10642] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1678'.
[  258.673903][T10644] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1676'.
[  259.912861][T10680] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1689'.
[  259.949132][T10684] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1687'.
[  259.959896][T10685] sctp: [Deprecated]: syz.1.1690 (pid 10685) Use of int in max_burst socket option.
[  259.959896][T10685] Use struct sctp_assoc_value instead
[  260.326058][T10693] netlink: 'syz.3.1692': attribute type 2 has an invalid length.
[  260.349787][T10693] netlink: 'syz.3.1692': attribute type 1 has an invalid length.
[  261.429159][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  261.451101][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  261.518659][T10732] veth1_macvtap: left promiscuous mode
[  261.578097][T10732] __nla_validate_parse: 3 callbacks suppressed
[  261.578123][T10732] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1705'.
[  261.621452][T10738] sctp: [Deprecated]: syz.2.1708 (pid 10738) Use of int in max_burst socket option.
[  261.621452][T10738] Use struct sctp_assoc_value instead
[  261.654163][T10732] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  261.678808][T10741] sctp: [Deprecated]: syz.3.1709 (pid 10741) Use of int in max_burst socket option.
[  261.678808][T10741] Use struct sctp_assoc_value instead
[  261.877506][T10749] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1710'.
[  262.133735][T10756] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1713'.
[  262.782116][T10776] tun0: tun_chr_ioctl cmd 2147767506
[  262.901979][T10772] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1718'.
[  263.093127][T10789] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1725'.
[  263.175832][T10792] sctp: [Deprecated]: syz.4.1727 (pid 10792) Use of int in max_burst socket option.
[  263.175832][T10792] Use struct sctp_assoc_value instead
[  263.959339][T10818] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1735'.
[  263.990163][T10824] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1738'.
[  264.365088][T10835] sctp: [Deprecated]: syz.3.1742 (pid 10835) Use of int in max_burst socket option.
[  264.365088][T10835] Use struct sctp_assoc_value instead
[  264.669572][T10854] FAULT_INJECTION: forcing a failure.
[  264.669572][T10854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.691795][T10854] CPU: 0 PID: 10854 Comm: syz.3.1746 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  264.710581][T10854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  264.722876][T10854] Call Trace:
[  264.726204][T10854]  <TASK>
[  264.729906][T10854]  dump_stack_lvl+0x241/0x360
[  264.736523][T10854]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.742059][T10854]  ? __pfx__printk+0x10/0x10
[  264.748578][T10854]  ? snprintf+0xda/0x120
[  264.755896][T10854]  should_fail_ex+0x3b0/0x4e0
[  264.764210][T10854]  _copy_to_user+0x2f/0xb0
[  264.769318][T10854]  simple_read_from_buffer+0xca/0x150
[  264.775998][T10854]  proc_fail_nth_read+0x1e9/0x250
[  264.782394][T10854]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.788884][T10854]  ? rw_verify_area+0x520/0x6b0
[  264.794424][T10854]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.800727][T10854]  vfs_read+0x204/0xbc0
[  264.805582][T10854]  ? __pfx_lock_release+0x10/0x10
[  264.811720][T10854]  ? __pfx_vfs_read+0x10/0x10
[  264.818377][T10854]  ? __fget_files+0x29/0x470
[  264.824157][T10854]  ? __fget_files+0x3f6/0x470
[  264.831210][T10854]  ksys_read+0x1a0/0x2c0
[  264.836051][T10854]  ? __pfx_ksys_read+0x10/0x10
[  264.841668][T10854]  ? rcu_is_watching+0x15/0xb0
[  264.847385][T10854]  ? trace_sys_enter+0x1f/0xd0
[  264.854055][T10854]  do_syscall_64+0xf3/0x230
[  264.860615][T10854]  ? clear_bhb_loop+0x35/0x90
[  264.865957][T10854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.873049][T10854] RIP: 0033:0x7fed9fd744fc
[  264.878043][T10854] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  264.905959][T10854] RSP: 002b:00007feda0a9b040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  264.918029][T10854] RAX: ffffffffffffffda RBX: 00007fed9ff03f60 RCX: 00007fed9fd744fc
[  264.927902][T10854] RDX: 000000000000000f RSI: 00007feda0a9b0b0 RDI: 0000000000000005
[  264.938795][T10854] RBP: 00007feda0a9b0a0 R08: 0000000000000000 R09: 0000000000000000
[  264.949280][T10854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.960083][T10854] R13: 000000000000000b R14: 00007fed9ff03f60 R15: 00007fff218fbec8
[  264.970392][T10854]  </TASK>
[  265.218318][T10871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1751'.
[  265.537255][T10887] sctp: [Deprecated]: syz.2.1756 (pid 10887) Use of int in max_burst socket option.
[  265.537255][T10887] Use struct sctp_assoc_value instead
[  265.714860][T10890] netlink: 'syz.0.1759': attribute type 4 has an invalid length.
[  265.753910][T10890] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1759'.
[  266.114914][T10907] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1763'.
[  266.170057][T10910] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma?
[  266.267469][T10914] sctp: [Deprecated]: syz.2.1765 (pid 10914) Use of int in max_burst socket option.
[  266.267469][T10914] Use struct sctp_assoc_value instead
[  266.716521][T10932] __nla_validate_parse: 1 callbacks suppressed
[  266.716547][T10932] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1771'.
[  266.989369][T10942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1773'.
[  267.338156][T10942] netlink: 'syz.3.1773': attribute type 21 has an invalid length.
[  267.371377][T10942] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1773'.
[  267.424862][T10960] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1776'.
[  267.440969][T10947] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1773'.
[  268.337246][T10992] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1790'.
[  268.665371][T10999] sctp: [Deprecated]: syz.0.1791 (pid 10999) Use of struct sctp_assoc_value in delayed_ack socket option.
[  268.665371][T10999] Use struct sctp_sack_info instead
[  269.508414][T11017] sctp: [Deprecated]: syz.1.1800 (pid 11017) Use of int in max_burst socket option.
[  269.508414][T11017] Use struct sctp_assoc_value instead
[  269.541518][T11014] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.567612][T11020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1801'.
[  269.648624][T11026] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  270.687651][T11054] xt_hashlimit: max too large, truncated to 1048576
[  270.895469][T11065] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1813'.
[  271.310798][T11087] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1820'.
[  271.627826][T11101] ip6t_REJECT: ECHOREPLY is not supported
[  271.632178][T11102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1827'.
[  271.778977][T11105] xt_hashlimit: max too large, truncated to 1048576
[  272.283159][T11124] __nla_validate_parse: 2 callbacks suppressed
[  272.283183][T11124] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1835'.
[  272.339388][T11125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1833'.
[  272.454955][T11125] bridge_slave_1: left allmulticast mode
[  272.504763][T11125] bridge_slave_1: left promiscuous mode
[  272.547663][T11125] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.615805][T11125] bridge_slave_0: left allmulticast mode
[  272.642227][T11125] bridge_slave_0: left promiscuous mode
[  272.667055][T11125] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.746685][T11125] bridge0 (unregistering): left allmulticast mode
[  272.877099][T11134] netlink: 'syz.0.1837': attribute type 10 has an invalid length.
[  272.909897][T11134] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1837'.
[  272.945601][T11134] team0: Port device virt_wifi0 added
[  272.972283][T11135] netlink: 'syz.4.1835': attribute type 21 has an invalid length.
[  272.990116][T11135] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1835'.
[  273.031006][T11127] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1835'.
[  273.163786][T11143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1838'.
[  273.555416][T11155] netlink: 'syz.0.1844': attribute type 11 has an invalid length.
[  273.782923][T11162] ip6t_REJECT: ECHOREPLY is not supported
[  274.048216][T11180] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1848'.
[  274.449313][T11197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1856'.
[  274.688090][T11197] netlink: 'syz.0.1856': attribute type 21 has an invalid length.
[  274.755659][T11197] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1856'.
[  274.807535][T11197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1856'.
[  274.955173][T11211] sch_fq: defrate 0 ignored.
[  274.966541][T11211] vcan0: tx address claim with different name
[  275.136905][T11218] netlink: 'syz.3.1861': attribute type 11 has an invalid length.
[  275.913388][T11247] syz.2.1871[11247] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  275.914793][T11247] syz.2.1871[11247] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  275.984424][T11249] vxcan1: entered promiscuous mode
[  276.216660][T11252] netlink: 'syz.4.1874': attribute type 11 has an invalid length.
[  276.521687][T11254] netlink: 'syz.3.1875': attribute type 21 has an invalid length.
[  276.666347][T11263] vxcan3: entered promiscuous mode
[  276.843722][T11268] sch_fq: defrate 0 ignored.
[  277.332368][T11282] __nla_validate_parse: 13 callbacks suppressed
[  277.332392][T11282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1884'.
[  277.612755][T11291] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1887'.
[  277.678281][T11293] netlink: 'syz.0.1888': attribute type 11 has an invalid length.
[  277.754484][T11298] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1887'.
[  277.784372][T11288] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1885'.
[  278.158735][T11312] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1894'.
[  278.331064][T11319] FAULT_INJECTION: forcing a failure.
[  278.331064][T11319] name failslab, interval 1, probability 0, space 0, times 0
[  278.356062][T11319] CPU: 0 PID: 11319 Comm: syz.4.1896 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  278.368535][T11319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  278.382933][T11319] Call Trace:
[  278.387058][T11319]  <TASK>
[  278.390648][T11319]  dump_stack_lvl+0x241/0x360
[  278.399206][T11319]  ? __pfx_dump_stack_lvl+0x10/0x10
[  278.409019][T11319]  ? __pfx__printk+0x10/0x10
[  278.415485][T11319]  ? ref_tracker_alloc+0x332/0x490
[  278.425905][T11319]  should_fail_ex+0x3b0/0x4e0
[  278.431332][T11319]  ? skb_clone+0x20c/0x390
[  278.436257][T11319]  should_failslab+0x9/0x20
[  278.442018][T11319]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  278.449783][T11319]  skb_clone+0x20c/0x390
[  278.455319][T11319]  __netlink_deliver_tap+0x3cc/0x7c0
[  278.460705][T11319]  ? netlink_deliver_tap+0x2e/0x1b0
[  278.467441][T11319]  netlink_deliver_tap+0x19d/0x1b0
[  278.473793][T11319]  netlink_unicast+0x7b8/0x980
[  278.482195][T11319]  ? __pfx_netlink_unicast+0x10/0x10
[  278.490091][T11319]  ? __virt_addr_valid+0x183/0x530
[  278.495645][T11319]  ? __check_object_size+0x49c/0x900
[  278.499124][T11312] netlink: 'syz.0.1894': attribute type 21 has an invalid length.
[  278.502490][T11319]  ? bpf_lsm_netlink_send+0x9/0x10
[  278.502541][T11319]  netlink_sendmsg+0x8db/0xcb0
[  278.502592][T11319]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.534898][T11319]  ? __import_iovec+0x536/0x820
[  278.541501][T11319]  ? aa_sock_msg_perm+0x91/0x160
[  278.543266][T11312] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1894'.
[  278.547751][T11319]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  278.564578][T11319]  ? security_socket_sendmsg+0x87/0xb0
[  278.571303][T11319]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.578332][T11319]  __sock_sendmsg+0x221/0x270
[  278.585891][T11319]  ____sys_sendmsg+0x525/0x7d0
[  278.592072][T11319]  ? __pfx_____sys_sendmsg+0x10/0x10
[  278.599620][T11319]  __sys_sendmsg+0x2b0/0x3a0
[  278.605347][T11319]  ? __pfx___sys_sendmsg+0x10/0x10
[  278.611090][T11319]  ? vfs_write+0x7c4/0xc90
[  278.615896][T11319]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  278.624612][T11319]  ? do_syscall_64+0x100/0x230
[  278.629967][T11319]  ? do_syscall_64+0xb6/0x230
[  278.635590][T11319]  do_syscall_64+0xf3/0x230
[  278.641227][T11319]  ? clear_bhb_loop+0x35/0x90
[  278.646270][T11319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.652385][T11319] RIP: 0033:0x7fd803f75a19
[  278.658667][T11319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.681275][T11319] RSP: 002b:00007fd804d75048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.691640][T11319] RAX: ffffffffffffffda RBX: 00007fd804103f60 RCX: 00007fd803f75a19
[  278.704114][T11319] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  278.713331][T11319] RBP: 00007fd804d750a0 R08: 0000000000000000 R09: 0000000000000000
[  278.724577][T11319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.735017][T11319] R13: 000000000000000b R14: 00007fd804103f60 R15: 00007ffed85b4808
[  278.744092][T11319]  </TASK>
[  278.757954][T11319] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1896'.
[  278.803023][T11312] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1894'.
[  278.911569][T11324] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1895'.
[  279.197901][T11340] netlink: 'syz.3.1900': attribute type 4 has an invalid length.
[  279.260179][T11337] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1898'.
[  279.298211][T11344] netlink: 'syz.3.1900': attribute type 4 has an invalid length.
[  279.672573][T11361] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  279.944890][T11367] netlink: 'syz.3.1905': attribute type 3 has an invalid length.
[  281.024010][T11410] FAULT_INJECTION: forcing a failure.
[  281.024010][T11410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.094656][T11410] CPU: 0 PID: 11410 Comm: syz.1.1917 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  281.106157][T11410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  281.118804][T11410] Call Trace:
[  281.122717][T11410]  <TASK>
[  281.129089][T11410]  dump_stack_lvl+0x241/0x360
[  281.134641][T11410]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.141824][T11410]  ? __pfx__printk+0x10/0x10
[  281.147092][T11410]  ? __pfx_lock_release+0x10/0x10
[  281.153668][T11410]  should_fail_ex+0x3b0/0x4e0
[  281.160931][T11410]  _copy_from_iter+0x1f6/0x1960
[  281.166476][T11410]  ? __virt_addr_valid+0x183/0x530
[  281.173885][T11410]  ? skb_set_owner_w+0x238/0x3e0
[  281.179418][T11410]  ? __pfx__copy_from_iter+0x10/0x10
[  281.185234][T11410]  ? __pfx__copy_from_iter+0x10/0x10
[  281.191142][T11410]  ? page_copy_sane+0x154/0x260
[  281.197738][T11410]  copy_page_from_iter+0x7a/0x100
[  281.203093][T11410]  skb_copy_datagram_from_iter+0x2d8/0x6c0
[  281.208981][T11410]  packet_sendmsg+0x3edd/0x6150
[  281.214204][T11410]  ? __pfx___might_resched+0x10/0x10
[  281.221292][T11410]  ? aa_sk_perm+0x967/0xab0
[  281.229330][T11410]  ? __pfx_packet_sendmsg+0x10/0x10
[  281.234972][T11410]  ? __fget_files+0x29/0x470
[  281.242070][T11410]  ? aa_sock_msg_perm+0x91/0x160
[  281.247362][T11410]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  281.253126][T11410]  ? security_socket_sendmsg+0x87/0xb0
[  281.261344][T11410]  ? __pfx_packet_sendmsg+0x10/0x10
[  281.268434][T11410]  __sock_sendmsg+0x221/0x270
[  281.277268][T11410]  __sys_sendto+0x3a4/0x4f0
[  281.286568][T11410]  ? __pfx___sys_sendto+0x10/0x10
[  281.292300][T11410]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  281.299417][T11410]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  281.307457][T11410]  __x64_sys_sendto+0xde/0x100
[  281.314205][T11410]  do_syscall_64+0xf3/0x230
[  281.321279][T11410]  ? clear_bhb_loop+0x35/0x90
[  281.326357][T11410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.337023][T11410] RIP: 0033:0x7f78d1f75a19
[  281.343929][T11410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.370501][T11410] RSP: 002b:00007f78d2ddf048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  281.382002][T11410] RAX: ffffffffffffffda RBX: 00007f78d2103f60 RCX: 00007f78d1f75a19
[  281.391918][T11410] RDX: 000000000000fce0 RSI: 00000000200002c0 RDI: 0000000000000003
[  281.401009][T11410] RBP: 00007f78d2ddf0a0 R08: 0000000020000140 R09: 0000000000000014
[  281.409509][T11410] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000002
[  281.418741][T11410] R13: 000000000000000b R14: 00007f78d2103f60 R15: 00007ffe640afea8
[  281.432778][T11410]  </TASK>
[  281.752281][T11425] IPv6: NLM_F_REPLACE set, but no existing node found!
[  281.768848][T11427] FAULT_INJECTION: forcing a failure.
[  281.768848][T11427] name failslab, interval 1, probability 0, space 0, times 0
[  281.804667][T11425] IPVS: rr: TCP 172.20.20.170:0 - no destination available
[  281.829955][T11427] CPU: 0 PID: 11427 Comm: syz.0.1922 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  281.840999][T11427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  281.853361][T11427] Call Trace:
[  281.857401][T11427]  <TASK>
[  281.860841][T11427]  dump_stack_lvl+0x241/0x360
[  281.866190][T11427]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.872236][T11427]  ? __pfx__printk+0x10/0x10
[  281.878855][T11427]  ? ref_tracker_alloc+0x332/0x490
[  281.888566][T11427]  should_fail_ex+0x3b0/0x4e0
[  281.895614][T11427]  ? skb_clone+0x20c/0x390
[  281.900592][T11427]  should_failslab+0x9/0x20
[  281.906199][T11427]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  281.912584][T11427]  skb_clone+0x20c/0x390
[  281.918313][T11427]  __netlink_deliver_tap+0x3cc/0x7c0
[  281.924470][T11427]  ? netlink_deliver_tap+0x2e/0x1b0
[  281.930538][T11427]  netlink_deliver_tap+0x19d/0x1b0
[  281.938209][T11427]  netlink_unicast+0x7b8/0x980
[  281.947212][T11427]  ? __pfx_netlink_unicast+0x10/0x10
[  281.953596][T11427]  ? __virt_addr_valid+0x183/0x530
[  281.959360][T11427]  ? __check_object_size+0x49c/0x900
[  281.965687][T11427]  ? bpf_lsm_netlink_send+0x9/0x10
[  281.973390][T11427]  netlink_sendmsg+0x8db/0xcb0
[  281.986503][T11427]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.994015][T11427]  ? __import_iovec+0x536/0x820
[  282.000366][T11427]  ? aa_sock_msg_perm+0x91/0x160
[  282.005704][T11427]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  282.012182][T11427]  ? security_socket_sendmsg+0x87/0xb0
[  282.020299][T11427]  ? __pfx_netlink_sendmsg+0x10/0x10
[  282.027870][T11427]  __sock_sendmsg+0x221/0x270
[  282.034491][T11427]  ____sys_sendmsg+0x525/0x7d0
[  282.042795][T11427]  ? __pfx_____sys_sendmsg+0x10/0x10
[  282.049446][T11427]  __sys_sendmsg+0x2b0/0x3a0
[  282.054937][T11427]  ? __pfx___sys_sendmsg+0x10/0x10
[  282.061397][T11427]  ? vfs_write+0x7c4/0xc90
[  282.067820][T11427]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  282.078112][T11427]  ? do_syscall_64+0x100/0x230
[  282.087414][T11427]  ? do_syscall_64+0xb6/0x230
[  282.093088][T11427]  do_syscall_64+0xf3/0x230
[  282.099492][T11427]  ? clear_bhb_loop+0x35/0x90
[  282.105197][T11427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.112729][T11427] RIP: 0033:0x7f0599d75a19
[  282.121382][T11427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.149972][T11427] RSP: 002b:00007f05997ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  282.164698][T11427] RAX: ffffffffffffffda RBX: 00007f0599f03f60 RCX: 00007f0599d75a19
[  282.175221][T11427] RDX: 0000000000000000 RSI: 0000000020001200 RDI: 0000000000000004
[  282.184089][T11427] RBP: 00007f05997ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  282.193431][T11427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.203067][T11427] R13: 000000000000000b R14: 00007f0599f03f60 R15: 00007ffef41f3048
[  282.218766][T11427]  </TASK>
[  282.253634][T11427] sch_fq: defrate 0 ignored.
[  282.416112][T11437] rdma_rxe: rxe_newlink: failed to add lo
[  282.502000][T11439] netlink: 'syz.0.1927': attribute type 29 has an invalid length.
[  282.548257][T11439] netlink: 'syz.0.1927': attribute type 29 has an invalid length.
[  282.576863][T11444] __nla_validate_parse: 17 callbacks suppressed
[  282.576891][T11444] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1929'.
[  282.607746][T11439] netlink: 'syz.0.1927': attribute type 29 has an invalid length.
[  282.950485][T11444] netlink: 'syz.2.1929': attribute type 21 has an invalid length.
[  282.984895][T11444] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1929'.
[  283.034106][T11444] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1929'.
[  283.119491][T11461] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  283.281174][T11463] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1934'.
[  283.381182][T11469] FAULT_INJECTION: forcing a failure.
[  283.381182][T11469] name failslab, interval 1, probability 0, space 0, times 0
[  283.436080][T11469] CPU: 1 PID: 11469 Comm: syz.0.1937 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  283.452726][T11469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  283.464933][T11469] Call Trace:
[  283.468323][T11469]  <TASK>
[  283.473320][T11469]  dump_stack_lvl+0x241/0x360
[  283.478863][T11469]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.485087][T11469]  ? __pfx__printk+0x10/0x10
[  283.490025][T11469]  should_fail_ex+0x3b0/0x4e0
[  283.495382][T11469]  ? __alloc_skb+0x1c3/0x440
[  283.500649][T11469]  should_failslab+0x9/0x20
[  283.506369][T11469]  kmem_cache_alloc_node_noprof+0x71/0x320
[  283.513829][T11469]  __alloc_skb+0x1c3/0x440
[  283.525732][T11469]  ? trace_contention_end+0x3c/0x120
[  283.531814][T11469]  ? __pfx___alloc_skb+0x10/0x10
[  283.537175][T11469]  ? __local_bh_enable_ip+0x168/0x200
[  283.540989][T11474] sctp: [Deprecated]: syz.2.1940 (pid 11474) Use of int in max_burst socket option.
[  283.540989][T11474] Use struct sctp_assoc_value instead
[  283.543308][T11469]  ? hci_sock_sendmsg+0x604/0x11c0
[  283.571860][T11469]  ? lockdep_hardirqs_on+0x99/0x150
[  283.578707][T11469]  hci_mgmt_cmd+0x1c1/0x11d0
[  283.585655][T11469]  hci_sock_sendmsg+0x7a5/0x11c0
[  283.593710][T11469]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  283.602035][T11469]  ? aa_sock_msg_perm+0x91/0x160
[  283.607871][T11469]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  283.626790][T11469]  ? security_socket_sendmsg+0x87/0xb0
[  283.633451][T11469]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  283.643514][T11469]  __sock_sendmsg+0x221/0x270
[  283.652093][T11469]  sock_write_iter+0x2dd/0x400
[  283.659009][T11469]  ? __pfx_sock_write_iter+0x10/0x10
[  283.666921][T11469]  ? bpf_lsm_file_permission+0x9/0x10
[  283.676930][T11469]  ? security_file_permission+0x7f/0xa0
[  283.690089][T11469]  vfs_write+0xa72/0xc90
[  283.697822][T11469]  ? __pfx_sock_write_iter+0x10/0x10
[  283.704164][T11469]  ? __pfx_vfs_write+0x10/0x10
[  283.710410][T11469]  ksys_write+0x1a0/0x2c0
[  283.716763][T11469]  ? __pfx_ksys_write+0x10/0x10
[  283.724342][T11469]  ? do_syscall_64+0x100/0x230
[  283.730019][T11469]  ? do_syscall_64+0xb6/0x230
[  283.735920][T11469]  do_syscall_64+0xf3/0x230
[  283.752359][T11469]  ? clear_bhb_loop+0x35/0x90
[  283.760309][T11469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.769331][T11469] RIP: 0033:0x7f0599d75a19
[  283.775270][T11469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.811947][T11469] RSP: 002b:00007f05997ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  283.824782][T11469] RAX: ffffffffffffffda RBX: 00007f0599f03f60 RCX: 00007f0599d75a19
[  283.835670][T11469] RDX: 000000000000000d RSI: 0000000020000080 RDI: 0000000000000004
[  283.845897][T11469] RBP: 00007f05997ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  283.857757][T11469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.866593][T11469] R13: 000000000000000b R14: 00007f0599f03f60 R15: 00007ffef41f3048
[  283.876580][T11469]  </TASK>
[  283.906211][T11484] netlink: 'syz.4.1943': attribute type 29 has an invalid length.
[  283.954128][T11484] netlink: 'syz.4.1943': attribute type 29 has an invalid length.
[  283.983966][T11484] netlink: 'syz.4.1943': attribute type 29 has an invalid length.
[  284.099020][T11490] netlink: 'syz.2.1946': attribute type 29 has an invalid length.
[  284.144747][T11490] netlink: 'syz.2.1946': attribute type 29 has an invalid length.
[  284.193565][T11502] netlink: 'syz.2.1946': attribute type 29 has an invalid length.
[  284.871263][T11522] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1954'.
[  285.947890][T11539] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1957'.
[  286.320723][T11551] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1962'.
[  287.486746][T11582] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1974'.
[  287.884495][T11587] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  289.128325][T11621] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1985'.
[  289.213336][T11621] xfrm1: entered promiscuous mode
[  289.269852][T11621] xfrm1: entered allmulticast mode
[  289.612219][T11627] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1987'.
[  289.773824][T11633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1988'.
[  290.716661][T11659] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1998'.
[  290.990323][T11666] xt_CT: You must specify a L4 protocol and not use inversions on it
[  291.144508][T11674] ip6t_REJECT: ECHOREPLY is not supported
[  291.145529][T11669] veth4: entered allmulticast mode
[  291.522881][T11683] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2005'.
[  291.892662][T11694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2008'.
[  292.305521][T11704] FAULT_INJECTION: forcing a failure.
[  292.305521][T11704] name failslab, interval 1, probability 0, space 0, times 0
[  292.323341][T11704] CPU: 1 PID: 11704 Comm: syz.4.2011 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  292.335990][T11704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  292.349865][T11704] Call Trace:
[  292.355742][T11704]  <TASK>
[  292.360390][T11704]  dump_stack_lvl+0x241/0x360
[  292.369412][T11704]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.378512][T11704]  ? __pfx__printk+0x10/0x10
[  292.385012][T11704]  should_fail_ex+0x3b0/0x4e0
[  292.389838][T11704]  ? __alloc_skb+0x1c3/0x440
[  292.395739][T11704]  should_failslab+0x9/0x20
[  292.400870][T11704]  kmem_cache_alloc_node_noprof+0x71/0x320
[  292.408592][T11704]  __alloc_skb+0x1c3/0x440
[  292.414048][T11704]  ? ip_generic_getfrag+0x1d5/0x310
[  292.419972][T11704]  ? __pfx___alloc_skb+0x10/0x10
[  292.426293][T11704]  ? raw6_getfrag+0x104/0x350
[  292.431945][T11704]  ? skb_put+0x114/0x1f0
[  292.437188][T11704]  __ip6_append_data+0x2ba6/0x4070
[  292.445985][T11704]  ? __pfx_raw6_getfrag+0x10/0x10
[  292.453015][T11704]  ? __pfx___ip6_append_data+0x10/0x10
[  292.459431][T11704]  ? ip6_setup_cork+0x9fd/0xfb0
[  292.466200][T11704]  ip6_append_data+0x264/0x3a0
[  292.472781][T11704]  ? __pfx_raw6_getfrag+0x10/0x10
[  292.481742][T11704]  rawv6_sendmsg+0x18f1/0x23c0
[  292.490013][T11704]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  292.496803][T11704]  ? aa_sk_perm+0x967/0xab0
[  292.503082][T11704]  ? __pfx_lock_release+0x10/0x10
[  292.509814][T11704]  ? inet_sendmsg+0x330/0x390
[  292.515778][T11704]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  292.524798][T11704]  ? security_socket_sendmsg+0x87/0xb0
[  292.531256][T11704]  __sock_sendmsg+0x1a6/0x270
[  292.537058][T11704]  sock_write_iter+0x2dd/0x400
[  292.542075][T11704]  ? __pfx_sock_write_iter+0x10/0x10
[  292.548989][T11704]  do_iter_readv_writev+0x5a4/0x800
[  292.559278][T11704]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  292.567256][T11704]  ? bpf_lsm_file_permission+0x9/0x10
[  292.573909][T11704]  ? security_file_permission+0x7f/0xa0
[  292.580483][T11704]  ? rw_verify_area+0x1d2/0x6b0
[  292.587450][T11704]  vfs_writev+0x37c/0xbb0
[  292.594418][T11704]  ? __pfx_lock_acquire+0x10/0x10
[  292.600933][T11704]  ? __pfx_vfs_writev+0x10/0x10
[  292.611835][T11704]  ? vfs_write+0x7c4/0xc90
[  292.617300][T11704]  ? __fget_files+0x29/0x470
[  292.623028][T11704]  do_writev+0x1b1/0x350
[  292.628127][T11704]  ? __pfx_do_writev+0x10/0x10
[  292.634269][T11704]  ? do_syscall_64+0x100/0x230
[  292.644308][T11704]  ? do_syscall_64+0xb6/0x230
[  292.650700][T11704]  do_syscall_64+0xf3/0x230
[  292.655615][T11704]  ? clear_bhb_loop+0x35/0x90
[  292.663267][T11704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.670107][T11704] RIP: 0033:0x7fd803f75a19
[  292.675455][T11704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.710504][T11704] RSP: 002b:00007fd804d75048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  292.722074][T11704] RAX: ffffffffffffffda RBX: 00007fd804103f60 RCX: 00007fd803f75a19
[  292.733936][T11704] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003
[  292.742576][T11704] RBP: 00007fd804d750a0 R08: 0000000000000000 R09: 0000000000000000
[  292.754210][T11704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  292.768752][T11704] R13: 000000000000000b R14: 00007fd804103f60 R15: 00007ffed85b4808
[  292.785136][T11704]  </TASK>
[  293.517341][T11730] ip6t_REJECT: ECHOREPLY is not supported
[  293.829198][T11745] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2022'.
[  293.886043][T11744] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2021'.
[  294.168731][T11754] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2024'.
[  294.618627][T11765] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2029'.
[  294.692673][T11769] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2031'.
[  294.730025][T11769] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2031'.
[  294.731781][T11771] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2032'.
[  294.830147][T11771] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2032'.
[  294.856300][T11772] (unnamed net_device) (uninitialized): option ad_select: invalid value (253)
[  295.176531][T11784] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2036'.
[  295.361088][T11790] ip6t_REJECT: ECHOREPLY is not supported
[  295.568152][T11800] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2042'.
[  295.593302][T11799] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2043'.
[  295.629944][T11799] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2043'.
[  296.812406][T11853] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  296.878639][T11860] ip6t_REJECT: ECHOREPLY is not supported
[  297.105892][T11873] FAULT_INJECTION: forcing a failure.
[  297.105892][T11873] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  297.141104][T11873] CPU: 1 PID: 11873 Comm: syz.3.2065 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  297.153279][T11873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  297.172339][T11873] Call Trace:
[  297.177792][T11873]  <TASK>
[  297.181404][T11873]  dump_stack_lvl+0x241/0x360
[  297.191820][T11873]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.197883][T11873]  ? __pfx__printk+0x10/0x10
[  297.202903][T11873]  should_fail_ex+0x3b0/0x4e0
[  297.208550][T11873]  prepare_alloc_pages+0x1da/0x5d0
[  297.215656][T11873]  __alloc_pages_noprof+0x166/0x6c0
[  297.222540][T11873]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  297.233215][T11873]  ? rcu_is_watching+0x15/0xb0
[  297.241102][T11873]  ? __build_skb_around+0x245/0x3d0
[  297.249807][T11873]  alloc_pages_mpol_noprof+0x3e8/0x680
[  297.256144][T11873]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  297.269548][T11873]  ? validate_chain+0x11e/0x5900
[  297.275689][T11873]  ? __pfx_lock_acquire+0x10/0x10
[  297.283829][T11873]  ? alloc_pages_noprof+0xef/0x170
[  297.291281][T11873]  alloc_skb_with_frags+0x21c/0x770
[  297.303455][T11873]  sock_alloc_send_pskb+0x91a/0xa60
[  297.311589][T11873]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  297.318452][T11873]  ? __pfx_lock_acquire+0x10/0x10
[  297.328435][T11873]  ? aa_file_perm+0x137/0xf60
[  297.333521][T11873]  ? __pfx_lock_release+0x10/0x10
[  297.342103][T11873]  tun_get_user+0xcce/0x4560
[  297.349907][T11873]  ? __pfx_tun_get_user+0x10/0x10
[  297.357908][T11873]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  297.364659][T11873]  ? tun_get+0x1e/0x2f0
[  297.369671][T11873]  ? tun_get+0x1e/0x2f0
[  297.374508][T11873]  ? tun_get+0x27d/0x2f0
[  297.382061][T11873]  tun_chr_write_iter+0x113/0x1f0
[  297.387980][T11873]  vfs_write+0xa72/0xc90
[  297.393369][T11873]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  297.401290][T11873]  ? __pfx_vfs_write+0x10/0x10
[  297.407858][T11873]  ksys_write+0x1a0/0x2c0
[  297.412787][T11873]  ? __pfx_ksys_write+0x10/0x10
[  297.418346][T11873]  ? do_syscall_64+0x100/0x230
[  297.427194][T11873]  ? do_syscall_64+0xb6/0x230
[  297.433220][T11873]  do_syscall_64+0xf3/0x230
[  297.438250][T11873]  ? clear_bhb_loop+0x35/0x90
[  297.445246][T11873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.452948][T11873] RIP: 0033:0x7fed9fd7459f
[  297.458293][T11873] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  297.484216][T11873] RSP: 002b:00007feda0a9b010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  297.494947][T11873] RAX: ffffffffffffffda RBX: 00007fed9ff03f60 RCX: 00007fed9fd7459f
[  297.503977][T11873] RDX: 000000000000fdef RSI: 00000000200003c0 RDI: 00000000000000c8
[  297.515131][T11873] RBP: 00007feda0a9b0a0 R08: 0000000000000000 R09: 0000000000000000
[  297.532620][T11873] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000001
[  297.542019][T11873] R13: 000000000000000b R14: 00007fed9ff03f60 R15: 00007fff218fbec8
[  297.553018][T11873]  </TASK>
[  297.953041][T11891] bond2 (unregistering): Released all slaves
[  298.154245][T11899] FAULT_INJECTION: forcing a failure.
[  298.154245][T11899] name failslab, interval 1, probability 0, space 0, times 0
[  298.206107][T11899] CPU: 1 PID: 11899 Comm: syz.0.2075 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  298.219489][T11899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  298.235322][T11899] Call Trace:
[  298.242906][T11899]  <TASK>
[  298.246604][T11899]  dump_stack_lvl+0x241/0x360
[  298.251789][T11899]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.259751][T11899]  ? __pfx__printk+0x10/0x10
[  298.265982][T11899]  should_fail_ex+0x3b0/0x4e0
[  298.271925][T11899]  ? vm_area_alloc+0x24/0x1d0
[  298.277729][T11899]  should_failslab+0x9/0x20
[  298.284772][T11899]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  298.293089][T11899]  ? mas_find+0x950/0xbb0
[  298.297579][T11899]  vm_area_alloc+0x24/0x1d0
[  298.303666][T11899]  mmap_region+0xc3d/0x2090
[  298.311634][T11899]  ? security_file_alloc+0x28/0x130
[  298.322518][T11899]  ? __lock_acquire+0x1346/0x1fd0
[  298.330907][T11899]  ? __pfx_mmap_region+0x10/0x10
[  298.338069][T11899]  ? cap_mmap_addr+0x163/0x2c0
[  298.345705][T11899]  ? __get_unmapped_area+0x2f0/0x360
[  298.353897][T11899]  do_mmap+0x8ad/0xfa0
[  298.365257][T11899]  ? __pfx_do_mmap+0x10/0x10
[  298.370822][T11899]  ? __pfx_ima_file_mmap+0x10/0x10
[  298.378800][T11899]  vm_mmap_pgoff+0x1dd/0x3d0
[  298.387299][T11899]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  298.393483][T11899]  ? hugetlb_file_setup+0x3dc/0x5c0
[  298.401031][T11899]  ksys_mmap_pgoff+0x544/0x720
[  298.407269][T11899]  do_syscall_64+0xf3/0x230
[  298.412729][T11899]  ? clear_bhb_loop+0x35/0x90
[  298.424761][T11899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.432463][T11899] RIP: 0033:0x7f0599d75a19
[  298.439179][T11899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.468238][T11899] RSP: 002b:00007f05997ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  298.482062][T11899] RAX: ffffffffffffffda RBX: 00007f0599f03f60 RCX: 00007f0599d75a19
[  298.495394][T11899] RDX: 0000000000000023 RSI: 00000000001e9000 RDI: 0000000020000000
[  298.505271][T11899] RBP: 00007f05997ff0a0 R08: ffffffffffffffff R09: 0000000000000000
[  298.520908][T11899] R10: 000200000006c832 R11: 0000000000000246 R12: 0000000000000002
[  298.530624][T11899] R13: 000000000000000b R14: 00007f0599f03f60 R15: 00007ffef41f3048
[  298.543177][T11899]  </TASK>
[  298.794343][T11923] ip6t_REJECT: ECHOREPLY is not supported
[  299.235941][T11934] __nla_validate_parse: 12 callbacks suppressed
[  299.236153][T11934] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2085'.
[  299.611164][T11939] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2086'.
[  299.661799][T11939] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2086'.
[  299.930788][T11957] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2094'.
[  300.062858][T11963] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2096'.
[  300.099597][T11965] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2096'.
[  300.138409][T11963] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2096'.
[  300.245585][T11973] ip6t_REJECT: ECHOREPLY is not supported
[  300.298425][T11968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2095'.
[  300.710545][T11992] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2105'.
[  300.765487][T11995] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2105'.
[  301.788979][T12011] netlink: 'syz.2.2112': attribute type 21 has an invalid length.
[  302.101211][T12022] ip6t_REJECT: ECHOREPLY is not supported
[  302.303984][T12036] FAULT_INJECTION: forcing a failure.
[  302.303984][T12036] name failslab, interval 1, probability 0, space 0, times 0
[  302.358402][T12038] ip6t_REJECT: ECHOREPLY is not supported
[  302.364308][T12036] CPU: 1 PID: 12036 Comm: syz.0.2119 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  302.384723][T12036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  302.395187][T12036] Call Trace:
[  302.399153][T12036]  <TASK>
[  302.402961][T12036]  dump_stack_lvl+0x241/0x360
[  302.409540][T12036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.415805][T12036]  ? __pfx__printk+0x10/0x10
[  302.421527][T12036]  should_fail_ex+0x3b0/0x4e0
[  302.427216][T12036]  ? sctp_add_bind_addr+0x89/0x3a0
[  302.434988][T12036]  should_failslab+0x9/0x20
[  302.442178][T12036]  kmalloc_trace_noprof+0x6c/0x2c0
[  302.449024][T12036]  sctp_add_bind_addr+0x89/0x3a0
[  302.456213][T12036]  sctp_copy_local_addr_list+0x311/0x500
[  302.463513][T12036]  ? sctp_copy_local_addr_list+0xab/0x500
[  302.471981][T12036]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  302.479484][T12036]  ? sctp_v4_is_any+0x35/0x60
[  302.485386][T12036]  sctp_bind_addr_copy+0xad/0x3b0
[  302.492841][T12036]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  302.501249][T12036]  sctp_connect_new_asoc+0x2f3/0x6c0
[  302.507578][T12036]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  302.515551][T12036]  ? sctp_sendmsg+0xbb9/0x3520
[  302.523088][T12036]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  302.529434][T12036]  ? security_sctp_bind_connect+0x90/0xb0
[  302.536960][T12036]  sctp_sendmsg+0x219a/0x3520
[  302.543141][T12036]  ? __pfx_sctp_sendmsg+0x10/0x10
[  302.549880][T12036]  ? __pfx_aa_sk_perm+0x10/0x10
[  302.555187][T12036]  ? inet_sendmsg+0x330/0x390
[  302.562379][T12036]  __sock_sendmsg+0x1a6/0x270
[  302.569080][T12036]  ____sys_sendmsg+0x525/0x7d0
[  302.573933][T12036]  ? __pfx_____sys_sendmsg+0x10/0x10
[  302.580248][T12036]  __sys_sendmmsg+0x3b2/0x740
[  302.585525][T12036]  ? __pfx___sys_sendmmsg+0x10/0x10
[  302.594165][T12036]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  302.601923][T12036]  ? ksys_write+0x23e/0x2c0
[  302.609414][T12036]  ? __pfx_lock_release+0x10/0x10
[  302.614902][T12036]  ? vfs_write+0x7c4/0xc90
[  302.620433][T12036]  ? __mutex_unlock_slowpath+0x21d/0x750
[  302.627484][T12036]  ? __pfx_vfs_write+0x10/0x10
[  302.632973][T12036]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  302.641948][T12036]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  302.650337][T12036]  ? do_syscall_64+0x100/0x230
[  302.656345][T12036]  __x64_sys_sendmmsg+0xa0/0xb0
[  302.668820][T12036]  do_syscall_64+0xf3/0x230
[  302.674118][T12036]  ? clear_bhb_loop+0x35/0x90
[  302.682152][T12036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.690401][T12036] RIP: 0033:0x7f0599d75a19
[  302.696388][T12036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.728321][T12036] RSP: 002b:00007f05997ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  302.743071][T12036] RAX: ffffffffffffffda RBX: 00007f0599f03f60 RCX: 00007f0599d75a19
[  302.752124][T12036] RDX: 0000000000000002 RSI: 0000000020001d80 RDI: 0000000000000003
[  302.764719][T12036] RBP: 00007f05997ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  302.775403][T12036] R10: 00000000000040c4 R11: 0000000000000246 R12: 0000000000000002
[  302.784723][T12036] R13: 000000000000000b R14: 00007f0599f03f60 R15: 00007ffef41f3048
[  302.794221][T12036]  </TASK>
[  303.012224][T12050] xt_l2tp: wrong L2TP version: 0
[  303.163329][T12060] netlink: 'syz.4.2126': attribute type 8 has an invalid length.
[  303.605477][T12081] ip6t_REJECT: ECHOREPLY is not supported
[  304.279114][T12106] ip6t_REJECT: ECHOREPLY is not supported
[  304.474194][T12121] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  304.587683][T12127] __nla_validate_parse: 17 callbacks suppressed
[  304.587707][T12127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2145'.
[  304.795559][T12132] Bluetooth: MGMT ver 1.22
[  304.873332][T12133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  304.904980][T12133] batadv_slave_0: entered promiscuous mode
[  305.309036][T12142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2150'.
[  305.334464][T12144] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2151'.
[  305.396544][T12145] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2149'.
[  305.621321][T12152] netlink: 'syz.1.2150': attribute type 21 has an invalid length.
[  305.646178][T12152] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2150'.
[  305.851746][T12157] ip6t_REJECT: ECHOREPLY is not supported
[  306.234580][T12165] netlink: 'syz.0.2155': attribute type 4 has an invalid length.
[  306.259359][T12166] ip6t_REJECT: ECHOREPLY is not supported
[  306.716226][T12190] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2162'.
[  306.799253][T12196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2163'.
[  306.920077][T12200] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2165'.
[  307.015030][T12204] netlink: 'syz.1.2163': attribute type 21 has an invalid length.
[  307.030477][T12204] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2163'.
[  307.047842][T12205] netlink: 'syz.2.2165': attribute type 21 has an invalid length.
[  307.083459][T12205] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2165'.
[  307.468723][T12216] ip6t_REJECT: ECHOREPLY is not supported
[  307.513306][T12217] netlink: 'syz.0.2167': attribute type 4 has an invalid length.
[  307.989404][T12233] netlink: 'syz.0.2172': attribute type 3 has an invalid length.
[  308.843886][ T4486] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  308.856070][ T4486] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  308.870297][ T4486] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  308.894893][ T4486] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  308.907474][ T4486] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  308.917123][ T4486] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  309.164768][   T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.386430][   T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.605873][   T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.768642][   T46] team0: Port device netdevsim0 removed
[  309.779010][T12283] FAULT_INJECTION: forcing a failure.
[  309.779010][T12283] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.802563][   T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.820843][T12283] CPU: 0 PID: 12283 Comm: syz.2.2189 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  309.833861][T12283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  309.847645][T12283] Call Trace:
[  309.851579][T12283]  <TASK>
[  309.854639][T12283]  dump_stack_lvl+0x241/0x360
[  309.860898][T12283]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.868722][T12283]  ? __pfx__printk+0x10/0x10
[  309.874618][T12283]  ? __pfx_lock_release+0x10/0x10
[  309.880324][T12283]  ? __lock_acquire+0x1346/0x1fd0
[  309.887139][T12283]  should_fail_ex+0x3b0/0x4e0
[  309.893332][T12283]  _copy_from_user+0x2f/0xe0
[  309.898930][T12283]  kstrtouint_from_user+0xc6/0x190
[  309.906648][T12283]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  309.912947][T12283]  ? __pfx_lock_acquire+0x10/0x10
[  309.920088][T12283]  proc_fail_nth_write+0xaa/0x2d0
[  309.926647][T12283]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  309.933655][T12283]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  309.940665][T12283]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  309.949935][T12283]  vfs_write+0x2a2/0xc90
[  309.954457][T12283]  ? __pfx_vfs_write+0x10/0x10
[  309.961921][T12283]  ? __fget_files+0x29/0x470
[  309.968315][T12283]  ? __fget_files+0x3f6/0x470
[  309.974794][T12283]  ksys_write+0x1a0/0x2c0
[  309.980559][T12283]  ? __pfx_ksys_write+0x10/0x10
[  309.988617][T12283]  ? do_syscall_64+0x100/0x230
[  309.995605][T12283]  ? do_syscall_64+0xb6/0x230
[  310.002766][T12283]  do_syscall_64+0xf3/0x230
[  310.007738][T12283]  ? clear_bhb_loop+0x35/0x90
[  310.013499][T12283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.025710][T12283] RIP: 0033:0x7f825c37459f
[  310.032814][T12283] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  310.059260][T12283] RSP: 002b:00007f825d0c7040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  310.069714][T12283] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f825c37459f
[  310.080587][T12283] RDX: 0000000000000001 RSI: 00007f825d0c70b0 RDI: 0000000000000004
[  310.092331][T12283] RBP: 00007f825d0c70a0 R08: 0000000000000000 R09: 0000000000000000
[  310.107981][T12283] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  310.120365][T12283] R13: 000000000000000b R14: 00007f825c503f60 R15: 00007ffd2da2e858
[  310.130600][T12283]  </TASK>
[  310.905411][T12300] __nla_validate_parse: 4 callbacks suppressed
[  310.905436][T12300] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2196'.
[  310.964317][T12302] netlink: 'syz.2.2197': attribute type 29 has an invalid length.
[  311.010473][ T4486] Bluetooth: hci2: command tx timeout
[  311.356712][   T46] bond2 (unregistering): (slave gre1): Releasing backup interface
[  311.644652][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  311.676698][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  311.695061][   T46] bond0 (unregistering): Released all slaves
[  311.867487][   T46] bond1 (unregistering): Released all slaves
[  311.890714][   T46] bond2 (unregistering): Released all slaves
[  311.914016][T12302] netlink: 'syz.2.2197': attribute type 29 has an invalid length.
[  312.273056][   T46] tipc: Disabling bearer <udp:syz2>
[  312.294335][   T46] tipc: Left network mode
[  312.413233][T12251] chnl_net:caif_netlink_parms(): no params data found
[  312.669171][T12339] tc_dump_action: action bad kind
[  312.691027][T12344] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2207'.
[  312.734050][T12348] gtp0: entered promiscuous mode
[  312.873800][T12352] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2209'.
[  312.958752][T12251] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.992181][T12251] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.014232][T12251] bridge_slave_0: entered allmulticast mode
[  313.033009][T12359] netlink: 'syz.2.2211': attribute type 29 has an invalid length.
[  313.044931][T12251] bridge_slave_0: entered promiscuous mode
[  313.085172][T12251] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.100578][ T4486] Bluetooth: hci2: command tx timeout
[  313.108202][T12251] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.131435][T12251] bridge_slave_1: entered allmulticast mode
[  313.144631][T12251] bridge_slave_1: entered promiscuous mode
[  313.165790][T12359] netlink: 'syz.2.2211': attribute type 29 has an invalid length.
[  313.311634][T12363] netlink: 'syz.2.2211': attribute type 29 has an invalid length.
[  313.364875][T12251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.409413][T12251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.428285][T12371] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2215'.
[  313.601404][T12371] netlink: 'syz.0.2215': attribute type 3 has an invalid length.
[  313.623087][T12371] netlink: 'syz.0.2215': attribute type 7 has an invalid length.
[  313.665793][T12374] team1: Mode "" not found
[  313.781745][T12371] : entered promiscuous mode
[  313.831897][   T46] hsr_slave_0: left promiscuous mode
[  313.846843][   T46] hsr_slave_1: left promiscuous mode
[  313.859966][T12385] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2218'.
[  313.880199][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.886760][T12385] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2218'.
[  313.912475][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.949949][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.061326][   T46] veth0_macvtap: left promiscuous mode
[  314.080062][   T46] veth1_vlan: left promiscuous mode
[  314.089462][   T46] veth0_vlan: left promiscuous mode
[  314.452762][T12402] ip6t_REJECT: ECHOREPLY is not supported
[  314.618156][   T46] pimreg (unregistering): left allmulticast mode
[  314.738880][   T64] smc: removing ib device syz0
[  315.180984][ T4486] Bluetooth: hci2: command tx timeout
[  315.483329][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  315.500649][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  315.517251][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  315.531210][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  315.540464][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  315.548557][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  315.954555][   T46] team0 (unregistering): Port device team_slave_1 removed
[  316.068394][   T46] team0 (unregistering): Port device team_slave_0 removed
[  316.628048][T12251] team0: Port device team_slave_0 added
[  316.696423][T12251] team0: Port device team_slave_1 added
[  316.903543][T12251] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.926811][T12251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.989819][T12251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  317.037723][T12251] batman_adv: batadv0: Adding interface: batadv_slave_1
[  317.050389][T12251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  317.114796][T12251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  317.249872][ T4486] Bluetooth: hci2: command tx timeout
[  317.267534][T12433] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2230'.
[  317.294266][T12433] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2230'.
[  317.636431][T12251] hsr_slave_0: entered promiscuous mode
[  317.652867][ T4486] Bluetooth: hci5: command tx timeout
[  317.687699][T12251] hsr_slave_1: entered promiscuous mode
[  317.719412][T12251] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  317.740677][T12251] Cannot create hsr debugfs directory
[  317.987823][   T46] IPVS: stop unused estimator thread 0...
[  318.439039][T12457] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2236'.
[  318.483762][T12457] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  318.547500][T12466] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2239'.
[  318.558428][T12466] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2239'.
[  318.781643][T12417] chnl_net:caif_netlink_parms(): no params data found
[  318.871526][T12477] netlink: 'syz.2.2244': attribute type 29 has an invalid length.
[  319.003586][T12477] netlink: 'syz.2.2244': attribute type 29 has an invalid length.
[  319.083147][T12480] netlink: 'syz.2.2244': attribute type 29 has an invalid length.
[  319.271840][T12490] FAULT_INJECTION: forcing a failure.
[  319.271840][T12490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.309920][T12490] CPU: 0 PID: 12490 Comm: syz.4.2247 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  319.327651][T12490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  319.344544][T12490] Call Trace:
[  319.350793][T12490]  <TASK>
[  319.355244][T12490]  dump_stack_lvl+0x241/0x360
[  319.360990][T12490]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.366724][T12490]  ? __pfx__printk+0x10/0x10
[  319.372574][T12490]  ? __pfx_lock_release+0x10/0x10
[  319.381768][T12490]  should_fail_ex+0x3b0/0x4e0
[  319.387058][T12490]  _copy_from_user+0x2f/0xe0
[  319.393918][T12490]  copy_msghdr_from_user+0xae/0x680
[  319.400243][T12490]  ? __pfx___might_resched+0x10/0x10
[  319.406044][T12490]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  319.414647][T12490]  ? __might_fault+0xaa/0x120
[  319.420358][T12490]  do_recvmmsg+0x40f/0xae0
[  319.425018][T12490]  ? __pfx_lock_release+0x10/0x10
[  319.430976][T12490]  ? __pfx_do_recvmmsg+0x10/0x10
[  319.438896][T12490]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  319.448253][T12490]  ? ksys_write+0x23e/0x2c0
[  319.453780][T12490]  ? __pfx_lock_release+0x10/0x10
[  319.462013][T12490]  ? vfs_write+0x7c4/0xc90
[  319.467748][T12490]  ? __mutex_unlock_slowpath+0x21d/0x750
[  319.474550][T12490]  ? __fget_files+0x3f6/0x470
[  319.480688][T12490]  __x64_sys_recvmmsg+0x199/0x250
[  319.486187][T12490]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  319.492788][T12490]  ? do_syscall_64+0x100/0x230
[  319.498581][T12490]  ? do_syscall_64+0xb6/0x230
[  319.505307][T12490]  do_syscall_64+0xf3/0x230
[  319.510475][T12490]  ? clear_bhb_loop+0x35/0x90
[  319.518766][T12490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.527132][T12490] RIP: 0033:0x7fd803f75a19
[  319.532714][T12490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.557622][T12490] RSP: 002b:00007fd804d75048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  319.569257][T12490] RAX: ffffffffffffffda RBX: 00007fd804103f60 RCX: 00007fd803f75a19
[  319.579259][T12490] RDX: 0000000000000414 RSI: 0000000020000840 RDI: 0000000000000003
[  319.588327][T12490] RBP: 00007fd804d750a0 R08: 0000000000000000 R09: 0000000000000000
[  319.597138][T12490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.608214][T12490] R13: 000000000000000b R14: 00007fd804103f60 R15: 00007ffed85b4808
[  319.618703][T12490]  </TASK>
[  319.660053][T12417] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.669401][T12417] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.710318][T12417] bridge_slave_0: entered allmulticast mode
[  319.719383][T12417] bridge_slave_0: entered promiscuous mode
[  319.731201][ T4486] Bluetooth: hci5: command tx timeout
[  319.769969][T12417] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.780613][T12417] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.791628][T12417] bridge_slave_1: entered allmulticast mode
[  319.803527][T12417] bridge_slave_1: entered promiscuous mode
[  319.873842][T12497] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2249'.
[  319.917965][T12497] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2249'.
[  320.020350][T12417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.046142][T12251] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  320.077796][T12251] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  320.110133][T12417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  320.258392][T12251] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  320.281174][T12511] netlink: 'syz.2.2254': attribute type 29 has an invalid length.
[  320.311525][T12507] netlink: 'syz.4.2253': attribute type 6 has an invalid length.
[  320.312798][T12512] netlink: 'syz.4.2253': attribute type 1 has an invalid length.
[  320.361625][T12417] team0: Port device team_slave_0 added
[  320.380938][T12511] netlink: 'syz.2.2254': attribute type 29 has an invalid length.
[  320.398053][T12514] netlink: 'syz.0.2255': attribute type 29 has an invalid length.
[  320.414752][T12251] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  320.449242][T12417] team0: Port device team_slave_1 added
[  320.472299][T12515] netlink: 'syz.2.2254': attribute type 29 has an invalid length.
[  320.498502][T12514] netlink: 'syz.0.2255': attribute type 29 has an invalid length.
[  320.603683][T12417] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.626343][T12417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.692398][T12417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  320.749599][T12417] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.774101][T12417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.823520][T12417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.295407][T12417] hsr_slave_0: entered promiscuous mode
[  321.336996][T12417] hsr_slave_1: entered promiscuous mode
[  321.365863][T12417] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  321.389846][T12417] Cannot create hsr debugfs directory
[  321.462270][T12539] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2261'.
[  321.573018][T12539] macsec2: entered promiscuous mode
[  321.578461][T12539] macvlan0: entered promiscuous mode
[  321.603247][T12539] macvlan0: left promiscuous mode
[  321.831443][ T4486] Bluetooth: hci5: command tx timeout
[  321.963165][T12554] cannot load conntrack support for proto=3
[  321.995623][T12251] 8021q: adding VLAN 0 to HW filter on device bond0
[  322.089215][T12251] 8021q: adding VLAN 0 to HW filter on device team0
[  322.153355][ T5107] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.162346][ T5107] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.541576][ T5107] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.553604][ T5107] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.775801][   T11] ------------[ cut here ]------------
[  322.782654][   T11] WARNING: CPU: 0 PID: 11 at net/wireless/sme.c:846 __cfg80211_connect_result+0x19ea/0x21d0
[  322.796153][   T11] Modules linked in:
[  322.801315][   T11] CPU: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  322.813412][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  322.825472][   T11] Workqueue: cfg80211 cfg80211_event_work
[  322.832626][   T11] RIP: 0010:__cfg80211_connect_result+0x19ea/0x21d0
[  322.840639][   T11] Code: a3 00 89 c3 31 ff 89 c6 e8 93 87 b3 f6 85 db 74 29 e8 fa af 99 f6 84 c0 74 27 e8 41 83 b3 f6 e9 84 00 00 00 e8 37 83 b3 f6 90 <0f> 0b 90 4c 89 ff 4c 89 f6 e8 68 23 00 00 eb 91 e8 21 83 b3 f6 eb
[  322.873159][   T11] RSP: 0018:ffffc900001079e0 EFLAGS: 00010293
[  322.875042][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  322.882530][   T11] RAX: ffffffff8ae2a4e9 RBX: 0000000000000000 RCX: ffff888016ec3c00
[  322.900562][   T11] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  322.911356][   T11] RBP: ffffc90000107b00 R08: ffffffff8ae2a0b9 R09: 1ffffffff25f5ebd
[  322.922906][   T11] R10: dffffc0000000000 R11: fffffbfff25f5ebe R12: ffff88802a39f098
[  322.932925][   T11] R13: dffffc0000000000 R14: ffff88802a39f018 R15: ffff888026742000
[  322.939354][T12417] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  322.943186][   T11] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  322.943218][   T11] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  322.943238][   T11] CR2: 0000000020f5dfe4 CR3: 000000005d498000 CR4: 00000000003506f0
[  322.943262][   T11] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  322.943279][   T11] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  322.943298][   T11] Call Trace:
[  322.943310][   T11]  <TASK>
[  322.943323][   T11]  ? __warn+0x163/0x4e0
[  322.943359][   T11]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  322.943398][   T11]  ? report_bug+0x2b3/0x500
[  322.943432][   T11]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  322.943474][   T11]  ? handle_bug+0x3e/0x70
[  322.943499][   T11]  ? exc_invalid_op+0x1a/0x50
[  322.943527][   T11]  ? asm_exc_invalid_op+0x1a/0x20
[  322.943574][   T11]  ? __cfg80211_connect_result+0x15b9/0x21d0
[  322.943608][   T11]  ? __cfg80211_connect_result+0x19e9/0x21d0
[  322.943647][   T11]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  322.943718][   T11]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  322.943759][   T11]  ? lockdep_hardirqs_on+0x99/0x150
[  322.943803][   T11]  cfg80211_process_wdev_events+0x356/0x510
[  322.943846][   T11]  cfg80211_process_rdev_events+0xac/0x110
[  323.016053][T12417] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.020602][   T11]  ? process_scheduled_works+0x945/0x1830
[  323.020645][   T11]  cfg80211_event_work+0x2f/0x40
[  323.020685][   T11]  process_scheduled_works+0xa2c/0x1830
[  323.020755][   T11]  ? __pfx_process_scheduled_works+0x10/0x10
[  323.020793][   T11]  ? assign_work+0x364/0x3d0
[  323.020827][   T11]  worker_thread+0x86d/0xd50
[  323.020872][   T11]  ? __kthread_parkme+0x169/0x1d0
[  323.020906][   T11]  ? __pfx_worker_thread+0x10/0x10
[  323.020934][   T11]  kthread+0x2f0/0x390
[  323.020964][   T11]  ? __pfx_worker_thread+0x10/0x10
[  323.020990][   T11]  ? __pfx_kthread+0x10/0x10
[  323.176518][   T11]  ret_from_fork+0x4b/0x80
[  323.181538][   T11]  ? __pfx_kthread+0x10/0x10
[  323.187832][   T11]  ret_from_fork_asm+0x1a/0x30
[  323.194509][   T11]  </TASK>
[  323.197849][   T11] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  323.206414][   T11] CPU: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.10.0-rc7-syzkaller-00276-g0a1868b93fad #0
[  323.219041][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  323.230053][   T11] Workqueue: cfg80211 cfg80211_event_work
[  323.236880][   T11] Call Trace:
[  323.240451][   T11]  <TASK>
[  323.243431][   T11]  dump_stack_lvl+0x241/0x360
[  323.248154][   T11]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.253387][   T11]  ? __pfx__printk+0x10/0x10
[  323.258736][   T11]  ? vscnprintf+0x5d/0x90
[  323.265181][   T11]  panic+0x349/0x860
[  323.271023][   T11]  ? __warn+0x172/0x4e0
[  323.275691][   T11]  ? __pfx_panic+0x10/0x10
[  323.280693][   T11]  ? ret_from_fork_asm+0x1a/0x30
[  323.286174][   T11]  __warn+0x346/0x4e0
[  323.291427][   T11]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  323.301366][   T11]  report_bug+0x2b3/0x500
[  323.307152][   T11]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  323.315492][   T11]  handle_bug+0x3e/0x70
[  323.320224][   T11]  exc_invalid_op+0x1a/0x50
[  323.325632][   T11]  asm_exc_invalid_op+0x1a/0x20
[  323.330977][   T11] RIP: 0010:__cfg80211_connect_result+0x19ea/0x21d0
[  323.339633][   T11] Code: a3 00 89 c3 31 ff 89 c6 e8 93 87 b3 f6 85 db 74 29 e8 fa af 99 f6 84 c0 74 27 e8 41 83 b3 f6 e9 84 00 00 00 e8 37 83 b3 f6 90 <0f> 0b 90 4c 89 ff 4c 89 f6 e8 68 23 00 00 eb 91 e8 21 83 b3 f6 eb
[  323.364508][   T11] RSP: 0018:ffffc900001079e0 EFLAGS: 00010293
[  323.372977][   T11] RAX: ffffffff8ae2a4e9 RBX: 0000000000000000 RCX: ffff888016ec3c00
[  323.381420][   T11] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  323.389811][   T11] RBP: ffffc90000107b00 R08: ffffffff8ae2a0b9 R09: 1ffffffff25f5ebd
[  323.399934][   T11] R10: dffffc0000000000 R11: fffffbfff25f5ebe R12: ffff88802a39f098
[  323.409014][   T11] R13: dffffc0000000000 R14: ffff88802a39f018 R15: ffff888026742000
[  323.420608][   T11]  ? __cfg80211_connect_result+0x15b9/0x21d0
[  323.430213][   T11]  ? __cfg80211_connect_result+0x19e9/0x21d0
[  323.438813][   T11]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  323.445914][   T11]  ? lockdep_hardirqs_on+0x99/0x150
[  323.453334][   T11]  cfg80211_process_wdev_events+0x356/0x510
[  323.460888][   T11]  cfg80211_process_rdev_events+0xac/0x110
[  323.467152][   T11]  ? process_scheduled_works+0x945/0x1830
[  323.479688][   T11]  cfg80211_event_work+0x2f/0x40
[  323.484937][   T11]  process_scheduled_works+0xa2c/0x1830
[  323.492903][   T11]  ? __pfx_process_scheduled_works+0x10/0x10
[  323.501596][   T11]  ? assign_work+0x364/0x3d0
[  323.508878][   T11]  worker_thread+0x86d/0xd50
[  323.516506][   T11]  ? __kthread_parkme+0x169/0x1d0
[  323.522321][   T11]  ? __pfx_worker_thread+0x10/0x10
[  323.528457][   T11]  kthread+0x2f0/0x390
[  323.533072][   T11]  ? __pfx_worker_thread+0x10/0x10
[  323.539090][   T11]  ? __pfx_kthread+0x10/0x10
[  323.544426][   T11]  ret_from_fork+0x4b/0x80
[  323.550057][   T11]  ? __pfx_kthread+0x10/0x10
[  323.556315][   T11]  ret_from_fork_asm+0x1a/0x30
[  323.562011][   T11]  </TASK>
[  323.566238][   T11] Kernel Offset: disabled
[  323.572186][   T11] Rebooting in 86400 seconds..